mirror of https://github.com/certd/certd
Merge remote-tracking branch 'origin/v2-dev' into v2-dev
xiaojunnuo
commit
ddd70ab8ce
36
README.md
36
README.md
|
|
@ -5,7 +5,6 @@ Certd 是一个免费全自动申请和自动部署更新SSL证书的管理系
|
|||
|
||||
关键字:证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具
|
||||
|
||||
|
||||
## 一、特性
|
||||
本项目不仅支持证书申请过程自动化,还可以自动化部署更新证书,让你的证书永不过期。
|
||||
|
||||
|
|
@ -28,25 +27,34 @@ https://certd.handsfree.work/
|
|||
> 注意数据将不定期清理,不定期停止定时任务,生产使用请自行部署
|
||||
> 包含敏感信息,务必自己本地部署进行生产使用
|
||||
|
||||
|
||||
|
||||
## 三、使用教程
|
||||
|
||||
更多教程请访问文档网站 [certd.docmirror.cn](https://certd.docmirror.cn/)
|
||||
仅需3步,让你的证书永不过期
|
||||
|
||||
### 1. 创建证书流水线
|
||||
|
||||
|
||||
本案例演示,如何配置自动申请证书,并部署到阿里云CDN,然后快要到期前自动更新证书并重新部署
|
||||
> 添加成功后,就可以直接运行流水线申请证书了
|
||||
|
||||
### 2. 添加部署任务
|
||||
当然我们一般需要把证书部署到应用上,certd支持海量的部署插件,您可以根据自身实际情况进行选择,比如部署到Nginx、阿里云、腾讯云、K8S、CDN、宝塔、1Panel等等
|
||||
|
||||
此处演示部署证书到主机的nginx上
|
||||
|
||||
|
||||
### 3. 定时运行
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓
|
||||
-------> [点我查看详细使用步骤演示](./step.md) <--------
|
||||
↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑
|
||||
|
||||
当前支持的部署插件列表
|
||||
|
||||
更多教程请访问文档网站 [certd.docmirror.cn](https://certd.docmirror.cn/)
|
||||
|
||||
|
||||
|
||||
## 四、私有化部署
|
||||
|
||||
|
|
@ -54,10 +62,10 @@ https://certd.handsfree.work/
|
|||
|
||||
您可以根据实际情况从如下方式中选择一种方式进行私有化部署:
|
||||
|
||||
1. [宝塔面板方式部署](./install/baota/)
|
||||
2. [1Panel面板方式部署](./install/1panel/)
|
||||
2. [Docker方式部署](./install/docker/)
|
||||
3. [源码方式部署](./install/source/)
|
||||
1. [宝塔面板方式部署](https://certd.docmirror.cn/guide/install/docker/)
|
||||
2. [1Panel面板方式部署](https://certd.docmirror.cn/guide/install/1panel/)
|
||||
3. [Docker方式部署](https://certd.docmirror.cn/guide/install/docker/)
|
||||
4. [源码方式部署](https://certd.docmirror.cn/guide/install/source/)
|
||||
|
||||
#### Docker镜像说明:
|
||||
* 国内镜像地址:
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
21:59
|
||||
1
|
||||
|
|
|
|||
|
|
@ -98,6 +98,7 @@ export default defineConfig({
|
|||
{ text: "忘记密码", link: "/guide/use/forgotpasswd/" },
|
||||
{ text: "数据备份", link: "/guide/use/backup/" },
|
||||
{ text: "Certd本身的证书更新", link: "/guide/use/https/index.md" },
|
||||
{ text: "js脚本插件使用", link: "/guide/use/custom-script/index.md" },
|
||||
{ text: "如何贡献代码", link: "/guide/development/index.md" },
|
||||
]
|
||||
},
|
||||
|
|
|
|||
|
|
@ -0,0 +1,80 @@
|
|||
# 自定义脚本插件
|
||||
|
||||
## 1. 介绍
|
||||
|
||||
自定义脚本插件是一个通用的插件,可以通过编写脚本来实现各种功能,例如:调用第三方API、执行系统命令、发送邮件等。
|
||||
|
||||
## 2. 使用示例
|
||||
```js
|
||||
const certPem = this.ctx.self.cert.crt
|
||||
const certKey = this.ctx.self.cert.key
|
||||
|
||||
//axios发起http请求上传证书
|
||||
const res = await this.ctx.http.request({
|
||||
url:"your_cert_deploy_url",
|
||||
method:"post",
|
||||
data:{
|
||||
crt : certPem,
|
||||
key : certKey
|
||||
}
|
||||
})
|
||||
this.ctx.logger.info("上传成功",res.data)
|
||||
|
||||
|
||||
```
|
||||
## 3. API
|
||||
下面是`ctx`对象的`typescript`类型定义
|
||||
|
||||
```ts
|
||||
|
||||
type ctx = {
|
||||
CertReader: typeof CertReader;
|
||||
self: CustomScriptPlugin;
|
||||
//流水线定义
|
||||
pipeline: Pipeline;
|
||||
//步骤定义
|
||||
step: Step;
|
||||
//日志
|
||||
logger: Logger;
|
||||
//当前步骤输入参数跟上一次执行比较是否有变化
|
||||
inputChanged: boolean;
|
||||
//授权获取服务
|
||||
accessService: IAccessService;
|
||||
//邮件服务
|
||||
emailService: IEmailService;
|
||||
//cname记录服务
|
||||
cnameProxyService: ICnameProxyService;
|
||||
//插件配置服务
|
||||
pluginConfigService: IPluginConfigService;
|
||||
//流水线上下文
|
||||
pipelineContext: IContext;
|
||||
//用户上下文
|
||||
userContext: IContext;
|
||||
//http请求客户端
|
||||
http: HttpClient; // http.request(AxiosConfig)
|
||||
//文件存储
|
||||
fileStore: FileStore;
|
||||
//上一次执行结果状态
|
||||
lastStatus?: Runnable;
|
||||
//用户取消信号
|
||||
signal: AbortSignal;
|
||||
//工具类
|
||||
utils: typeof utils;
|
||||
//用户信息
|
||||
user: UserInfo;
|
||||
}
|
||||
|
||||
type CertInfo = {
|
||||
crt:string; //fullchain证书,即 cert.pem, cert.crt
|
||||
key:string; // 私钥
|
||||
ic: string; //中间证书
|
||||
pfx: string;//PFX证书,base64编码
|
||||
der: string;//DER证书,base64编码
|
||||
}
|
||||
|
||||
type CustomScriptPlugin = {
|
||||
//可以获取证书
|
||||
cert: CertInfo
|
||||
}
|
||||
|
||||
```
|
||||
Binary file not shown.
|
After Width: | Height: | Size: 163 KiB |
|
|
@ -140,6 +140,9 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
|
|||
await utils.sp.spawn({
|
||||
cmd: `tar -zxvf ./tools/linux/lego_linux_${platform}.tar.gz -C ./tools/linux/`,
|
||||
});
|
||||
await utils.sp.spawn({
|
||||
cmd: `chmod +x ./tools/linux/*`,
|
||||
});
|
||||
this.logger.info("解压lego成功");
|
||||
} else {
|
||||
const zip = new JSZip();
|
||||
|
|
|
|||
|
|
@ -13,11 +13,10 @@ RUN cd /workspace/certd-server && pnpm install && npm run build-on-docker
|
|||
|
||||
FROM node:18-alpine
|
||||
RUN apk add --no-cache openssl
|
||||
# RUN apk add --no-cache openjdk11-jdk
|
||||
RUN apk add --no-cache openjdk8
|
||||
WORKDIR /app/
|
||||
COPY --from=builder /workspace/certd-server/ /app/
|
||||
#RUN cd /app/tools/linux/ && ls -lh && tar -zxvf lego_linux_amd64.tar.gz
|
||||
RUN chmod +x /app/tools/linux/*
|
||||
|
||||
|
||||
ENV TZ=Asia/Shanghai
|
||||
ENV NODE_ENV=production
|
||||
|
|
|
|||
Loading…
Reference in New Issue