From 9de77b327d39cff5ed6660ec53b58ba0eea18e5a Mon Sep 17 00:00:00 2001 From: xiaojunnuo Date: Fri, 20 Sep 2024 11:11:25 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20=E4=BC=98=E5=8C=96=E4=B8=BB=E6=9C=BA?= =?UTF-8?q?=E7=99=BB=E5=BD=95=E5=A4=B1=E8=B4=A5=E6=8F=90=E7=A4=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../certd-server/src/plugins/plugin-host/lib/ssh.ts | 11 ++++++++++- .../plugin-host/plugin/copy-to-local/index.ts | 13 ++++++++----- .../plugin-host/plugin/host-shell-execute/index.ts | 2 +- .../plugin-host/plugin/upload-to-host/index.ts | 6 +++--- 4 files changed, 22 insertions(+), 10 deletions(-) diff --git a/packages/ui/certd-server/src/plugins/plugin-host/lib/ssh.ts b/packages/ui/certd-server/src/plugins/plugin-host/lib/ssh.ts index f24da216..5533e2fa 100644 --- a/packages/ui/certd-server/src/plugins/plugin-host/lib/ssh.ts +++ b/packages/ui/certd-server/src/plugins/plugin-host/lib/ssh.ts @@ -286,7 +286,16 @@ export class SshClient { async _call(options: { connectConf: SshAccess; callable: any }): Promise { const { connectConf, callable } = options; const conn = new AsyncSsh2Client(connectConf, this.logger); - await conn.connect(); + try { + await conn.connect(); + } catch (e: any) { + if (e.message?.indexOf('All configured authentication methods failed') > -1) { + this.logger.error(e); + throw new Error('登录失败,请检查用户名/密码/密钥是否正确'); + } + throw e; + } + try { return await callable(conn); } finally { diff --git a/packages/ui/certd-server/src/plugins/plugin-host/plugin/copy-to-local/index.ts b/packages/ui/certd-server/src/plugins/plugin-host/plugin/copy-to-local/index.ts index 3cebb713..d07f24da 100644 --- a/packages/ui/certd-server/src/plugins/plugin-host/plugin/copy-to-local/index.ts +++ b/packages/ui/certd-server/src/plugins/plugin-host/plugin/copy-to-local/index.ts @@ -8,6 +8,7 @@ import path from 'path'; name: 'CopyToLocal', title: '复制到本机', icon: 'solar:copy-bold-duotone', + desc: '实际上是复制证书到docker容器内的某个路径,需要做目录映射到宿主机', group: pluginGroups.host.key, default: { strategy: { @@ -18,7 +19,7 @@ import path from 'path'; export class CopyCertToLocalPlugin extends AbstractTaskPlugin { @TaskInput({ title: '证书保存路径', - helper: '需要有写入权限,路径要包含文件名,文件名不能用*?!等特殊符号\n推荐使用相对路径,将写入与数据库同级目录,无需映射,例如:./tmp/cert.pem', + helper: '路径要包含文件名,文件名不能用*?!等特殊符号' + '\n推荐使用相对路径,将写入与数据库同级目录,无需映射,例如:./tmp/cert.pem', component: { placeholder: './tmp/cert.pem', }, @@ -26,7 +27,7 @@ export class CopyCertToLocalPlugin extends AbstractTaskPlugin { crtPath!: string; @TaskInput({ title: '私钥保存路径', - helper: '需要有写入权限,路径要包含文件名,文件名不能用*?!等特殊符号\n推荐使用相对路径,将写入与数据库同级目录,无需映射,例如:./tmp/cert.key', + helper: '路径要包含文件名,文件名不能用*?!等特殊符号\n推荐使用相对路径,将写入与数据库同级目录,无需映射,例如:./tmp/cert.key', component: { placeholder: './tmp/cert.key', }, @@ -35,7 +36,7 @@ export class CopyCertToLocalPlugin extends AbstractTaskPlugin { @TaskInput({ title: 'PFX证书保存路径', - helper: '需要有写入权限,路径要包含文件名,文件名不能用*?!等特殊符号\n推荐使用相对路径,将写入与数据库同级目录,无需映射,例如:./tmp/cert.pfx', + helper: '用于IIS证书部署,路径要包含文件名,文件名不能用*?!等特殊符号\n推荐使用相对路径,将写入与数据库同级目录,无需映射,例如:./tmp/cert.pfx', component: { placeholder: './tmp/cert.pfx', }, @@ -45,7 +46,7 @@ export class CopyCertToLocalPlugin extends AbstractTaskPlugin { @TaskInput({ title: 'DER证书保存路径', helper: - '需要有写入权限,路径要包含文件名,文件名不能用*?!等特殊符号\n推荐使用相对路径,将写入与数据库同级目录,无需映射,例如:./tmp/cert.der\n.der和.cer是相同的东西,改个后缀名即可', + '用户Apache证书部署,路径要包含文件名,文件名不能用*?!等特殊符号\n推荐使用相对路径,将写入与数据库同级目录,无需映射,例如:./tmp/cert.der\n.der和.cer是相同的东西,改个后缀名即可', component: { placeholder: './tmp/cert.der 或 ./tmp/cert.cer', }, @@ -124,7 +125,9 @@ export class CopyCertToLocalPlugin extends AbstractTaskPlugin { this.hostDerPath = derPath; } this.logger.info('请注意,如果使用的是相对路径,那么文件就在你的数据库同级目录下,默认是/data/certd/下面'); - this.logger.info('请注意,如果使用的是绝对路径,文件在容器内的目录下,你需要给容器做目录映射才能复制到宿主机'); + this.logger.info( + '请注意,如果使用的是绝对路径,文件在容器内的目录下,你需要给容器做目录映射才能复制到宿主机,需要在docker-compose.yaml中配置主机目录映射: volumes: /你宿主机的路径:/任务配置的证书路径' + ); }; await certReader.readCertFile({ logger: this.logger, handle }); diff --git a/packages/ui/certd-server/src/plugins/plugin-host/plugin/host-shell-execute/index.ts b/packages/ui/certd-server/src/plugins/plugin-host/plugin/host-shell-execute/index.ts index 06ba96a9..3be6679d 100644 --- a/packages/ui/certd-server/src/plugins/plugin-host/plugin/host-shell-execute/index.ts +++ b/packages/ui/certd-server/src/plugins/plugin-host/plugin/host-shell-execute/index.ts @@ -4,7 +4,7 @@ import { SshClient } from '../../lib/ssh.js'; @IsTaskPlugin({ name: 'hostShellExecute', title: '执行远程主机脚本命令', - icon:"tabler:brand-powershell", + icon: 'tabler:brand-powershell', group: pluginGroups.host.key, input: {}, default: { diff --git a/packages/ui/certd-server/src/plugins/plugin-host/plugin/upload-to-host/index.ts b/packages/ui/certd-server/src/plugins/plugin-host/plugin/upload-to-host/index.ts index ee32610e..8065bb18 100644 --- a/packages/ui/certd-server/src/plugins/plugin-host/plugin/upload-to-host/index.ts +++ b/packages/ui/certd-server/src/plugins/plugin-host/plugin/upload-to-host/index.ts @@ -7,7 +7,7 @@ import { SshAccess } from '../../access/index.js'; @IsTaskPlugin({ name: 'uploadCertToHost', title: '上传证书到主机', - icon:"line-md:uploading-loop", + icon: 'line-md:uploading-loop', group: pluginGroups.host.key, desc: '也支持复制证书到本机', default: { @@ -36,7 +36,7 @@ export class UploadCertToHostPlugin extends AbstractTaskPlugin { @TaskInput({ title: 'PFX证书保存路径', - helper: '需要有写入权限,路径要包含私钥文件名,文件名不能用*?!等特殊符号,例如:/tmp/cert.pfx', + helper: '用于IIS证书部署,需要有写入权限,路径要包含私钥文件名,文件名不能用*?!等特殊符号,例如:/tmp/cert.pfx', component: { placeholder: '/root/deploy/nginx/cert.pfx', }, @@ -45,7 +45,7 @@ export class UploadCertToHostPlugin extends AbstractTaskPlugin { @TaskInput({ title: 'DER证书保存路径', - helper: '需要有写入权限,路径要包含私钥文件名,文件名不能用*?!等特殊符号,例如:/tmp/cert.der', + helper: '用于Apache证书部署,需要有写入权限,路径要包含私钥文件名,文件名不能用*?!等特殊符号,例如:/tmp/cert.der', component: { placeholder: '/root/deploy/nginx/cert.der', },