perf: 腾讯云dns provider 支持腾讯云的accessId

2024-06-26 18:36:11 +08:00 · 2024-06-26 18:36:11 +08:00 · e0eb3a4413
parent ae0f16bf35
commit e0eb3a4413
8 changed files with 135 additions and 19 deletions
--- a/doc/tencent/dnspod-token.png
+++ b/doc/tencent/dnspod-token.png
--- a/doc/tencent/tencent-access.png
+++ b/doc/tencent/tencent-access.png
--- a/doc/tencent/tencent.md
+++ b/doc/tencent/tencent.md
@ -0,0 +1,16 @@
 # 腾讯云
 ## DNSPOD 授权设置
 目前腾讯云管理的域名的dns暂时只支持从DNSPOD进行设置    
 打开 https://console.dnspod.cn/account/token/apikey    
 然后按如下方式获取DNSPOD的授权
 ![](./dnspod-token.png)
 ## 腾讯云API密钥设置
 腾讯云其他部署需要API密钥，需要在腾讯云控制台进行设置   
 打开 https://console.cloud.tencent.com/cam/capi   
 然后按如下方式获取腾讯云的API密钥    
 ![](./tencent-access.png)
--- a/packages/core/acme-client/src/auto.js
+++ b/packages/core/acme-client/src/auto.js
@ -4,6 +4,7 @@
 const { readCsrDomains } = require('./crypto');
 const { log } = require('./logger');
 const { wait } = require('./wait');
 const defaultOpts = {
    csr: null,
@ -118,7 +119,18 @@ module.exports = async function(client, userOpts) {
            let recordItem = null;
            try {
                recordItem = await opts.challengeCreateFn(authz, challenge, keyAuthorization);
-
+                log(`[auto] [${d}] challengeCreateFn success`);
                log(`[auto] [${d}] add challengeRemoveFn()`);
                clearTasks.push(async () => {
                    /* Trigger challengeRemoveFn(), suppress errors */
                    log(`[auto] [${d}] Trigger challengeRemoveFn()`);
                    try {
                        await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordItem);
                    }
                    catch (e) {
                        log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
                    }
                });
                // throw new Error('测试异常');
                /* Challenge verification */
                if (opts.skipChallengeVerification === true) {
@ -140,19 +152,6 @@ module.exports = async function(client, userOpts) {
                log(`[auto] [${d}] challengeCreateFn threw error: ${e.message}`);
                throw e;
            }
            finally {
                log(`[auto] [${d}] add challengeRemoveFn()`);
                clearTasks.push(async () => {
                    /* Trigger challengeRemoveFn(), suppress errors */
                    log(`[auto] [${d}] Trigger challengeRemoveFn()`);
                    try {
                        await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordItem);
                    }
                    catch (e) {
                        log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
                    }
                });
            }
        }
        catch (e) {
            /* Deactivate pending authz when unable to complete challenge */
@ -186,14 +185,21 @@ module.exports = async function(client, userOpts) {
        return promise;
    }
-    // function runPromisePa(tasks) {
+    async function runPromisePa(tasks) {
-    //     return Promise.all(tasks.map((task) => task()));
+        const results = [];
-    // }
+        // eslint-disable-next-line no-await-in-loop,no-restricted-syntax
        for (const task of tasks) {
            results.push(task());
            // eslint-disable-next-line no-await-in-loop
            await wait(30000);
        }
        return Promise.all(results);
    }
    try {
        log('开始challenge');
-        await runAllPromise(challengePromises);
+        await runPromisePa(challengePromises);
        log('challenge结束');
--- a/packages/core/acme-client/src/wait.js
+++ b/packages/core/acme-client/src/wait.js
@ -0,0 +1,9 @@
 async function wait(ms) {
    return new Promise((resolve) => {
        setTimeout(resolve, ms);
    });
 }
 module.exports = {
    wait
 };
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
@ -45,7 +45,7 @@ export class AcmeService {
      directoryUrl: isTest ? acme.directory.letsencrypt.staging : acme.directory.letsencrypt.production,
      accountKey: conf.key,
      accountUrl: conf.accountUrl,
-      backoffAttempts: 20,
+      backoffAttempts: 60,
      backoffMin: 5000,
      backoffMax: 10000,
    });
--- a/packages/ui/certd-server/package.json
+++ b/packages/ui/certd-server/package.json
@ -62,6 +62,7 @@
    "ssh2": "^0.8.9",
    "svg-captcha": "^1.4.0",
    "tencentcloud-sdk-nodejs": "^4.0.44",
    "tencentcloud-sdk-nodejs-dnspod": "^4.0.866",
    "typeorm": "^0.3.11"
  },
  "devDependencies": {
--- a/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/tencent-dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/tencent-dns-provider.ts
@ -0,0 +1,84 @@
 import {Autowire, HttpClient, ILogger} from "@certd/pipeline";
 import {AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions} from "@certd/plugin-cert";
 import {TencentAccess} from "../access";
 import tencentcloud from 'tencentcloud-sdk-nodejs/index';
 const DnspodClient = tencentcloud.dnspod.v20210323.Client;
@IsDnsProvider({
  name: 'tencent',
  title: '腾讯云',
  desc: '腾讯云域名DNS解析提供者',
  accessType: 'tencent',
 })
 export class TencentDnsProvider extends AbstractDnsProvider {
  @Autowire()
  http!: HttpClient;
  @Autowire()
  access!: TencentAccess;
  @Autowire()
  logger!: ILogger;
  client!: any;
  endpoint = 'dnspod.tencentcloudapi.com';
  async onInstance() {
    const clientConfig = {
      credential: this.access,
      region: "",
      profile: {
        httpProfile: {
          endpoint: this.endpoint,
        },
      },
    };
 // 实例化要请求产品的client对象,clientProfile是可选的
    this.client = new DnspodClient(clientConfig);
  }
  async createRecord(options: CreateRecordOptions): Promise<any> {
    const { fullRecord, value, type,domain } = options;
    this.logger.info('添加域名解析：', fullRecord, value);
    const rr = fullRecord.replace('.' + domain, '');
    const params = {
      "Domain": domain,
      "RecordType": type,
      "RecordLine": "默认",
      "Value": value,
      "SubDomain": rr
    };
    const ret = await this.client.CreateRecord(params)
    /*
    {
 		"RecordId": 162,
 		"RequestId": "ab4f1426-ea15-42ea-8183-dc1b44151166"
 	}
     */
    this.logger.info(
      '添加域名解析成功:',
      fullRecord,
      value,
      JSON.stringify(ret)
    );
    return ret;
  }
  async removeRecord(options: RemoveRecordOptions<any>) {
    const { fullRecord, value, domain,record } = options;
    const params = {
      "Domain": domain,
      "RecordId": record.RecordId
    };
    const ret = await this.client.DeleteRecord(params)
    this.logger.info('删除域名解析成功:', fullRecord, value);
    return ret;
  }
 }
 new TencentDnsProvider();