github
/
certd
mirror of https://github.com/certd/certd
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'v2-dev' into v2

pull/409/head
xiaojunnuo 2025-04-27 02:01:28 +08:00
parent 918ea59b9a 5cd61c4c02
commit f933fb705c
89 changed files with 2455 additions and 633 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
CHANGELOG.md
View File

@ -3,6 +3,24 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
### Bug Fixes
* 服务器时间获取不准确的bug ([5d10cbf](https://github.com/certd/certd/commit/5d10cbf18daf94a90a7551641a3b13e3c5fec611))
* 修复复制流水线无效的bug ([3df20a9](https://github.com/certd/certd/commit/3df20a924f32970b052e2588ea20de095f0ea693))
* 修复http上传方式无法清除记录文件的bug ([72a7b51](https://github.com/certd/certd/commit/72a7b51d479602b2c54c6c3ac8d8a0dcb9664e73))
* 修复token过期后疯狂打印token过期信息的bug ([50a5fa1](https://github.com/certd/certd/commit/50a5fa15bb240a125bbc91d2ce1ff3c835888a77))
### Performance Improvements
* 从域名的soa获取主域名子域名托管无需额外配置 ([a586a92](https://github.com/certd/certd/commit/a586a92d5e32ea846ac37be52a7ad8c328d89966))
* 七牛oss支持删除过期备份 ([b7113bd](https://github.com/certd/certd/commit/b7113bda2378116d6c116dc583f563cce7cf9f00))
* 数据库备份支持oss ([308d460](https://github.com/certd/certd/commit/308d4600efe2002f199c33b4594d3071784e58ea))
* 支持阿里云中文域名申请 ([b3468cf](https://github.com/certd/certd/commit/b3468cf7f28228d7c9cf68de6b5a9bbeb67f2c6d))
* 支持反向代理增加contextPath路径 ([0088929](https://github.com/certd/certd/commit/0088929622160cc922995de9a563e8061686ff34))
* 支持中文域名 ([162ebfd](https://github.com/certd/certd/commit/162ebfd4e0c25727efb33952d3bbf7420a02e2c3))
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
### Performance Improvements

2
build.trigger
View File

@ -1 +1 @@
22:32
01:58

18
docs/guide/changelogs/CHANGELOG.md
View File

@ -3,6 +3,24 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
### Bug Fixes
* 服务器时间获取不准确的bug ([5d10cbf](https://github.com/certd/certd/commit/5d10cbf18daf94a90a7551641a3b13e3c5fec611))
* 修复复制流水线无效的bug ([3df20a9](https://github.com/certd/certd/commit/3df20a924f32970b052e2588ea20de095f0ea693))
* 修复http上传方式无法清除记录文件的bug ([72a7b51](https://github.com/certd/certd/commit/72a7b51d479602b2c54c6c3ac8d8a0dcb9664e73))
* 修复token过期后疯狂打印token过期信息的bug ([50a5fa1](https://github.com/certd/certd/commit/50a5fa15bb240a125bbc91d2ce1ff3c835888a77))
### Performance Improvements
* 从域名的soa获取主域名子域名托管无需额外配置 ([a586a92](https://github.com/certd/certd/commit/a586a92d5e32ea846ac37be52a7ad8c328d89966))
* 七牛oss支持删除过期备份 ([b7113bd](https://github.com/certd/certd/commit/b7113bda2378116d6c116dc583f563cce7cf9f00))
* 数据库备份支持oss ([308d460](https://github.com/certd/certd/commit/308d4600efe2002f199c33b4594d3071784e58ea))
* 支持阿里云中文域名申请 ([b3468cf](https://github.com/certd/certd/commit/b3468cf7f28228d7c9cf68de6b5a9bbeb67f2c6d))
* 支持反向代理增加contextPath路径 ([0088929](https://github.com/certd/certd/commit/0088929622160cc922995de9a563e8061686ff34))
* 支持中文域名 ([162ebfd](https://github.com/certd/certd/commit/162ebfd4e0c25727efb33952d3bbf7420a02e2c3))
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
### Performance Improvements

5
docs/guide/install/docker/index.md
View File

@ -55,6 +55,11 @@ https://your_server_ip:7002
## 二、升级
::: warning
如果您是第一次升级certd版本切记切记先备份一下数据
:::
### 如果使用固定版本号
1. 修改`docker-compose.yaml`中的镜像版本号
2. 运行`docker compose up -d` 即可

5
docs/guide/install/source/index.md
View File

@ -44,6 +44,11 @@ kill -9 $(lsof -t -i:7001)
./start.sh
```
::: warning
升级certd版本前切记切记先备份一下数据
:::
## 三、数据备份
> 数据默认保存在 `./packages/ui/certd-server/data` 目录下
> 建议配置一条[数据库备份流水线](../../use/backup/) 自动备份

4
docs/guide/install/upgrade.md
View File

@ -8,5 +8,9 @@
3. [1Panel面板方式部署升级](./1panel/#三、升级)
4. [源码方式部署](./source/#二、升级)
::: warning
如果您是第一次升级certd版本切记切记先备份一下数据
:::
## 升级日志
[CHANGELOG](../changelogs/CHANGELOG.md)

2
lerna.json
View File

@ -9,5 +9,5 @@
}
},
"npmClient": "pnpm",
"version": "1.33.7"
"version": "1.33.8"
}

11
packages/core/acme-client/CHANGELOG.md
View File

@ -3,6 +3,17 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/publishlab/node-acme-client/compare/v1.33.7...v1.33.8) (2025-04-26)
### Bug Fixes
* 修复http上传方式无法清除记录文件的bug ([72a7b51](https://github.com/publishlab/node-acme-client/commit/72a7b51d479602b2c54c6c3ac8d8a0dcb9664e73))
### Performance Improvements
* 从域名的soa获取主域名子域名托管无需额外配置 ([a586a92](https://github.com/publishlab/node-acme-client/commit/a586a92d5e32ea846ac37be52a7ad8c328d89966))
* 七牛oss支持删除过期备份 ([b7113bd](https://github.com/publishlab/node-acme-client/commit/b7113bda2378116d6c116dc583f563cce7cf9f00))
## [1.33.7](https://github.com/publishlab/node-acme-client/compare/v1.33.6...v1.33.7) (2025-04-22)
**Note:** Version bump only for package @certd/acme-client

9
packages/core/acme-client/package.json
View File

@ -3,7 +3,7 @@
"description": "Simple and unopinionated ACME client",
"private": false,
"author": "nmorsman",
"version": "1.33.7",
"version": "1.33.8",
"type": "module",
"module": "scr/index.js",
"main": "src/index.js",
@ -18,7 +18,7 @@
"types"
],
"dependencies": {
"@certd/basic": "^1.33.7",
"@certd/basic": "^1.33.8",
"@peculiar/x509": "^1.11.0",
"asn1js": "^3.0.5",
"axios": "^1.7.2",
@ -26,7 +26,8 @@
"http-proxy-agent": "^7.0.2",
"https-proxy-agent": "^7.0.5",
"lodash-es": "^4.17.21",
"node-forge": "^1.3.1"
"node-forge": "^1.3.1",
"punycode": "^2.3.1"
},
"devDependencies": {
"@types/node": "^20.14.10",
@ -67,5 +68,5 @@
"bugs": {
"url": "https://github.com/publishlab/node-acme-client/issues"
},
"gitHead": "a188385817e8dbd270dbdbf7f86a5b812884cf59"
"gitHead": "9b420ad33ff4c36fc99d643c18be9ec7e29f220d"
}

4
packages/core/acme-client/src/auto.js
View File

@ -117,12 +117,12 @@ export default async (client, userOpts) => {
log(`[auto] [${d}] Trigger challengeCreateFn()`);
try {
const { recordReq, recordRes, dnsProvider, challenge, keyAuthorization } = await opts.challengeCreateFn(authz, keyAuthorizationGetter);
const { recordReq, recordRes, dnsProvider, challenge, keyAuthorization ,httpUploader} = await opts.challengeCreateFn(authz, keyAuthorizationGetter);
clearTasks.push(async () => {
/* Trigger challengeRemoveFn(), suppress errors */
log(`[auto] [${d}] Trigger challengeRemoveFn()`);
try {
await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider);
await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider,httpUploader);
} catch (e) {
log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
}

2
packages/core/acme-client/src/index.js
View File

@ -46,3 +46,5 @@ export * from './axios.js'
export * from './logger.js'
export * from './verify.js'
export * from './error.js'
export * from './util.js'

1
packages/core/acme-client/src/util.js
View File

@ -340,5 +340,6 @@ export {
formatResponseError,
getAuthoritativeDnsResolver,
retrieveTlsAlpnCertificate,
resolveDomainBySoaRecord
};

6
packages/core/acme-client/types/index.d.ts vendored
View File

@ -59,7 +59,7 @@ export interface ClientExternalAccountBindingOptions {
export interface ClientAutoOptions {
csr: CsrBuffer | CsrString;
challengeCreateFn: (authz: Authorization, keyAuthorization: (challenge:rfc8555.Challenge)=>Promise<string>) => Promise<{recordReq?:any,recordRes?:any,dnsProvider?:any,challenge: rfc8555.Challenge,keyAuthorization:string}>;
challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string,recordReq:any, recordRes:any,dnsProvider:any) => Promise<any>;
challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string,recordReq:any, recordRes:any,dnsProvider:any,httpUploader:any) => Promise<any>;
email?: string;
termsOfServiceAgreed?: boolean;
skipChallengeVerification?: boolean;
@ -204,4 +204,6 @@ export function setLogger(fn: (message: any, ...args: any[]) => void): void;
export function walkTxtRecord(record: any): Promise<string[]>;
export const CancelError: typeof CancelError;
export const CancelError: typeof CancelError;
export function resolveDomainBySoaRecord(domain: string): Promise<string>;

137
packages/core/acme-client/types/index.test-d.js
View File

@ -1,137 +0,0 @@
"use strict";
/**
* acme-client type definition tests
*/
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __generator = (this && this.__generator) || function (thisArg, body) {
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) {
if (f) throw new TypeError("Generator is already executing.");
while (g && (g = 0, op[0] && (_ = 0)), _) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) {
case 0: case 1: t = op; break;
case 4: _.label++; return { value: op[1], done: false };
case 5: _.label++; y = op[1]; op = [0]; continue;
case 7: op = _.ops.pop(); _.trys.pop(); continue;
default:
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
if (t[2]) _.ops.pop();
_.trys.pop(); continue;
}
op = body.call(thisArg, _);
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
}
};
Object.defineProperty(exports, "__esModule", { value: true });
var acme = require("acme-client");
(function () { return __awaiter(void 0, void 0, void 0, function () {
var accountKey, client, order, authorizations, authorization, challenge, _a, certKey, certCsr;
return __generator(this, function (_b) {
switch (_b.label) {
case 0: return [4 /*yield*/, acme.crypto.createPrivateKey()];
case 1:
accountKey = _b.sent();
client = new acme.Client({
accountKey: accountKey,
directoryUrl: acme.directory.letsencrypt.staging
});
/* Account */
return [4 /*yield*/, client.createAccount({
termsOfServiceAgreed: true,
contact: ['mailto:test@example.com']
})];
case 2:
/* Account */
_b.sent();
return [4 /*yield*/, client.createOrder({
identifiers: [
{ type: 'dns', value: 'example.com' },
{ type: 'dns', value: '*.example.com' },
]
})];
case 3:
order = _b.sent();
return [4 /*yield*/, client.getOrder(order)];
case 4:
_b.sent();
return [4 /*yield*/, client.getAuthorizations(order)];
case 5:
authorizations = _b.sent();
authorization = authorizations[0];
challenge = authorization.challenges[0];
return [4 /*yield*/, client.getChallengeKeyAuthorization(challenge)];
case 6:
_b.sent();
return [4 /*yield*/, client.verifyChallenge(authorization, challenge)];
case 7:
_b.sent();
return [4 /*yield*/, client.completeChallenge(challenge)];
case 8:
_b.sent();
return [4 /*yield*/, client.waitForValidStatus(challenge)];
case 9:
_b.sent();
return [4 /*yield*/, acme.crypto.createCsr({
commonName: 'example.com',
altNames: ['example.com', '*.example.com']
})];
case 10:
_a = _b.sent(), certKey = _a[0], certCsr = _a[1];
return [4 /*yield*/, client.finalizeOrder(order, certCsr)];
case 11:
_b.sent();
return [4 /*yield*/, client.getCertificate(order)];
case 12:
_b.sent();
return [4 /*yield*/, client.getCertificate(order, 'DST Root CA X3')];
case 13:
_b.sent();
/* Auto */
return [4 /*yield*/, client.auto({
csr: certCsr,
challengeCreateFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
return [2 /*return*/];
}); }); },
challengeRemoveFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
return [2 /*return*/];
}); }); }
})];
case 14:
/* Auto */
_b.sent();
return [4 /*yield*/, client.auto({
csr: certCsr,
email: 'test@example.com',
termsOfServiceAgreed: false,
skipChallengeVerification: false,
challengePriority: ['http-01', 'dns-01'],
preferredChain: 'DST Root CA X3',
challengeCreateFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
return [2 /*return*/];
}); }); },
challengeRemoveFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
return [2 /*return*/];
}); }); }
})];
case 15:
_b.sent();
return [2 /*return*/];
}
});
}); })();

4
packages/core/basic/CHANGELOG.md
View File

@ -3,6 +3,10 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
**Note:** Version bump only for package @certd/basic
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
### Performance Improvements

2
packages/core/basic/build.md
View File

@ -1 +1 @@
22:12
01:54

4
packages/core/basic/package.json
View File

@ -1,7 +1,7 @@
{
"name": "@certd/basic",
"private": false,
"version": "1.33.7",
"version": "1.33.8",
"type": "module",
"main": "./dist/index.js",
"module": "./dist/index.js",
@ -44,5 +44,5 @@
"tslib": "^2.8.1",
"typescript": "^5.4.2"
},
"gitHead": "a188385817e8dbd270dbdbf7f86a5b812884cf59"
"gitHead": "9b420ad33ff4c36fc99d643c18be9ec7e29f220d"
}

4
packages/core/pipeline/CHANGELOG.md
View File

@ -3,6 +3,10 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
**Note:** Version bump only for package @certd/pipeline
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
**Note:** Version bump only for package @certd/pipeline

8
packages/core/pipeline/package.json
View File

@ -1,7 +1,7 @@
{
"name": "@certd/pipeline",
"private": false,
"version": "1.33.7",
"version": "1.33.8",
"type": "module",
"main": "./dist/index.js",
"module": "./dist/index.js",
@ -16,8 +16,8 @@
"test": "mocha --loader=ts-node/esm"
},
"dependencies": {
"@certd/basic": "^1.33.7",
"@certd/plus-core": "^1.33.7",
"@certd/basic": "^1.33.8",
"@certd/plus-core": "^1.33.8",
"dayjs": "^1.11.7",
"lodash-es": "^4.17.21",
"reflect-metadata": "^0.1.13"
@ -43,5 +43,5 @@
"tslib": "^2.8.1",
"typescript": "^5.4.2"
},
"gitHead": "a188385817e8dbd270dbdbf7f86a5b812884cf59"
"gitHead": "9b420ad33ff4c36fc99d643c18be9ec7e29f220d"
}

4
packages/libs/lib-huawei/CHANGELOG.md
View File

@ -3,6 +3,10 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
**Note:** Version bump only for package @certd/lib-huawei
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
**Note:** Version bump only for package @certd/lib-huawei

4
packages/libs/lib-huawei/package.json
View File

@ -1,7 +1,7 @@
{
"name": "@certd/lib-huawei",
"private": false,
"version": "1.33.7",
"version": "1.33.8",
"main": "./dist/bundle.js",
"module": "./dist/bundle.js",
"types": "./dist/d/index.d.ts",
@ -23,5 +23,5 @@
"prettier": "^2.8.8",
"tslib": "^2.8.1"
},
"gitHead": "a188385817e8dbd270dbdbf7f86a5b812884cf59"
"gitHead": "9b420ad33ff4c36fc99d643c18be9ec7e29f220d"
}

4
packages/libs/lib-iframe/CHANGELOG.md
View File

@ -3,6 +3,10 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
**Note:** Version bump only for package @certd/lib-iframe
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
**Note:** Version bump only for package @certd/lib-iframe

4
packages/libs/lib-iframe/package.json
View File

@ -1,7 +1,7 @@
{
"name": "@certd/lib-iframe",
"private": false,
"version": "1.33.7",
"version": "1.33.8",
"type": "module",
"main": "./dist/index.js",
"module": "./dist/index.js",
@ -30,5 +30,5 @@
"tslib": "^2.8.1",
"typescript": "^5.4.2"
},
"gitHead": "a188385817e8dbd270dbdbf7f86a5b812884cf59"
"gitHead": "9b420ad33ff4c36fc99d643c18be9ec7e29f220d"
}

4
packages/libs/lib-jdcloud/CHANGELOG.md
View File

@ -3,6 +3,10 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
**Note:** Version bump only for package @certd/jdcloud
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
**Note:** Version bump only for package @certd/jdcloud

4
packages/libs/lib-jdcloud/package.json
View File

@ -1,6 +1,6 @@
{
"name": "@certd/jdcloud",
"version": "1.33.7",
"version": "1.33.8",
"description": "jdcloud openApi sdk",
"main": "./dist/bundle.js",
"module": "./dist/bundle.js",
@ -60,5 +60,5 @@
"fetch"
]
},
"gitHead": "a188385817e8dbd270dbdbf7f86a5b812884cf59"
"gitHead": "9b420ad33ff4c36fc99d643c18be9ec7e29f220d"
}

4
packages/libs/lib-k8s/CHANGELOG.md
View File

@ -3,6 +3,10 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
**Note:** Version bump only for package @certd/lib-k8s
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
**Note:** Version bump only for package @certd/lib-k8s

6
packages/libs/lib-k8s/package.json
View File

@ -1,7 +1,7 @@
{
"name": "@certd/lib-k8s",
"private": false,
"version": "1.33.7",
"version": "1.33.8",
"type": "module",
"main": "./dist/index.js",
"module": "./dist/index.js",
@ -16,7 +16,7 @@
"preview": "vite preview"
},
"dependencies": {
"@certd/basic": "^1.33.7",
"@certd/basic": "^1.33.8",
"@kubernetes/client-node": "0.21.0"
},
"devDependencies": {
@ -31,5 +31,5 @@
"tslib": "^2.8.1",
"typescript": "^5.4.2"
},
"gitHead": "a188385817e8dbd270dbdbf7f86a5b812884cf59"
"gitHead": "9b420ad33ff4c36fc99d643c18be9ec7e29f220d"
}

4
packages/libs/lib-server/CHANGELOG.md
View File

@ -3,6 +3,10 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
**Note:** Version bump only for package @certd/lib-server
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
**Note:** Version bump only for package @certd/lib-server

12
packages/libs/lib-server/package.json
View File

@ -1,6 +1,6 @@
{
"name": "@certd/lib-server",
"version": "1.33.7",
"version": "1.33.8",
"description": "midway with flyway, sql upgrade way ",
"private": false,
"type": "module",
@ -27,10 +27,10 @@
],
"license": "AGPL",
"dependencies": {
"@certd/acme-client": "^1.33.7",
"@certd/basic": "^1.33.7",
"@certd/pipeline": "^1.33.7",
"@certd/plus-core": "^1.33.7",
"@certd/acme-client": "^1.33.8",
"@certd/basic": "^1.33.8",
"@certd/pipeline": "^1.33.8",
"@certd/plus-core": "^1.33.8",
"@midwayjs/cache": "~3.14.0",
"@midwayjs/core": "~3.20.3",
"@midwayjs/i18n": "~3.20.3",
@ -61,5 +61,5 @@
"typeorm": "^0.3.11",
"typescript": "^5.4.2"
},
"gitHead": "a188385817e8dbd270dbdbf7f86a5b812884cf59"
"gitHead": "9b420ad33ff4c36fc99d643c18be9ec7e29f220d"
}

4
packages/libs/midway-flyway-js/CHANGELOG.md
View File

@ -3,6 +3,10 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
**Note:** Version bump only for package @certd/midway-flyway-js
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
**Note:** Version bump only for package @certd/midway-flyway-js

4
packages/libs/midway-flyway-js/package.json
View File

@ -1,6 +1,6 @@
{
"name": "@certd/midway-flyway-js",
"version": "1.33.7",
"version": "1.33.8",
"description": "midway with flyway, sql upgrade way ",
"private": false,
"type": "module",
@ -46,5 +46,5 @@
"typeorm": "^0.3.11",
"typescript": "^5.4.2"
},
"gitHead": "a188385817e8dbd270dbdbf7f86a5b812884cf59"
"gitHead": "9b420ad33ff4c36fc99d643c18be9ec7e29f220d"
}

13
packages/plugins/plugin-cert/CHANGELOG.md
View File

@ -3,6 +3,19 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
### Bug Fixes
* 修复http上传方式无法清除记录文件的bug ([72a7b51](https://github.com/certd/certd/commit/72a7b51d479602b2c54c6c3ac8d8a0dcb9664e73))
### Performance Improvements
* 从域名的soa获取主域名子域名托管无需额外配置 ([a586a92](https://github.com/certd/certd/commit/a586a92d5e32ea846ac37be52a7ad8c328d89966))
* 数据库备份支持oss ([308d460](https://github.com/certd/certd/commit/308d4600efe2002f199c33b4594d3071784e58ea))
* 支持阿里云中文域名申请 ([b3468cf](https://github.com/certd/certd/commit/b3468cf7f28228d7c9cf68de6b5a9bbeb67f2c6d))
* 支持中文域名 ([162ebfd](https://github.com/certd/certd/commit/162ebfd4e0c25727efb33952d3bbf7420a02e2c3))
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
**Note:** Version bump only for package @certd/plugin-cert

13
packages/plugins/plugin-cert/package.json
View File

@ -1,7 +1,7 @@
{
"name": "@certd/plugin-cert",
"private": false,
"version": "1.33.7",
"version": "1.33.8",
"type": "module",
"main": "./dist/index.js",
"types": "./dist/index.d.ts",
@ -15,15 +15,16 @@
"preview": "vite preview"
},
"dependencies": {
"@certd/acme-client": "^1.33.7",
"@certd/basic": "^1.33.7",
"@certd/pipeline": "^1.33.7",
"@certd/plugin-lib": "^1.33.7",
"@certd/acme-client": "^1.33.8",
"@certd/basic": "^1.33.8",
"@certd/pipeline": "^1.33.8",
"@certd/plugin-lib": "^1.33.8",
"@google-cloud/publicca": "^1.3.0",
"dayjs": "^1.11.7",
"jszip": "^3.10.1",
"lodash-es": "^4.17.21",
"psl": "^1.9.0",
"punycode": "^2.3.1",
"rimraf": "^5.0.5"
},
"devDependencies": {
@ -41,5 +42,5 @@
"tslib": "^2.8.1",
"typescript": "^5.4.2"
},
"gitHead": "a188385817e8dbd270dbdbf7f86a5b812884cf59"
"gitHead": "9b420ad33ff4c36fc99d643c18be9ec7e29f220d"
}

2
packages/plugins/plugin-cert/src/dns-provider/api.ts
View File

@ -35,6 +35,8 @@ export interface IDnsProvider<T = any> {
createRecord(options: CreateRecordOptions): Promise<T>;
removeRecord(options: RemoveRecordOptions<T>): Promise<void>;
setCtx(ctx: DnsProviderContext): void;
//中文域名是否需要punycode转码如果返回True则使用punycode来添加解析记录否则使用中文域名添加解析记录
usePunyCode(): boolean;
}
export interface ISubDomainsGetter {

4
packages/plugins/plugin-cert/src/dns-provider/base.ts
View File

@ -8,6 +8,10 @@ export abstract class AbstractDnsProvider<T = any> implements IDnsProvider<T> {
http!: HttpClient;
logger!: ILogger;
usePunyCode(): boolean {
return false;
}
setCtx(ctx: DnsProviderContext) {
this.ctx = ctx;
this.logger = ctx.logger;

40
packages/plugins/plugin-cert/src/dns-provider/domain-parser.ts
View File

@ -1,6 +1,8 @@
import { IDomainParser, ISubDomainsGetter } from "./api";
//@ts-ignore
import psl from "psl";
import { resolveDomainBySoaRecord } from "@certd/acme-client";
import { logger, utils } from "@certd/basic";
export class DomainParser implements IDomainParser {
subDomainsGetter: ISubDomainsGetter;
@ -17,16 +19,38 @@ export class DomainParser implements IDomainParser {
}
async parse(fullDomain: string) {
const subDomains = await this.subDomainsGetter.getSubDomains();
if (subDomains && subDomains.length > 0) {
for (const subDomain of subDomains) {
if (fullDomain.endsWith(subDomain)) {
//找到子域名托管
return subDomain;
}
logger.info(`查找主域名:${fullDomain}`);
const cacheKey = `domain_parse:${fullDomain}`;
const value = utils.cache.get(cacheKey);
if (value) {
logger.info(`从缓存获取到主域名:${fullDomain}->${value}`);
return value;
}
try {
const mainDomain = await resolveDomainBySoaRecord(fullDomain);
if (mainDomain) {
utils.cache.set(cacheKey, mainDomain, {
ttl: 2 * 60 * 1000,
});
logger.info(`获取到主域名:${fullDomain}->${mainDomain}`);
return mainDomain;
}
} catch (e) {
logger.error("从SOA获取主域名失败", e.message);
}
return this.parseDomain(fullDomain);
// const subDomains = await this.subDomainsGetter.getSubDomains();
// if (subDomains && subDomains.length > 0) {
// for (const subDomain of subDomains) {
// if (fullDomain.endsWith(subDomain)) {
// //找到子域名托管
// return subDomain;
// }
// }
// }
const res = this.parseDomain(fullDomain);
logger.info(`从psl获取主域名:${fullDomain}->${res}`);
return res;
}
}

33
packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
View File

@ -6,8 +6,8 @@ import { Challenge } from "@certd/acme-client/types/rfc8555";
import { IContext } from "@certd/pipeline";
import { ILogger, utils } from "@certd/basic";
import { IDnsProvider, IDomainParser } from "../../dns-provider/index.js";
import { HttpChallengeUploader } from "./uploads/api.js";
import punycode from "node:punycode";
import { IOssClient } from "@certd/plugin-lib";
export type CnameVerifyPlan = {
type?: string;
domain: string;
@ -18,7 +18,7 @@ export type CnameVerifyPlan = {
export type HttpVerifyPlan = {
type: string;
domain: string;
httpUploader: HttpChallengeUploader;
httpUploader: IOssClient;
};
export type DomainVerifyPlan = {
@ -35,7 +35,6 @@ export type DomainsVerifyPlan = {
export type Providers = {
dnsProvider?: IDnsProvider;
domainsVerifyPlan?: DomainsVerifyPlan;
httpUploader?: HttpChallengeUploader;
};
export type CertInfo = {
@ -184,7 +183,7 @@ export class AcmeService {
return authz.challenges.find((c: any) => c.type === type);
};
const doHttpVerify = async (challenge: any, httpUploader: HttpChallengeUploader) => {
const doHttpVerify = async (challenge: any, httpUploader: IOssClient) => {
const keyAuthorization = await keyAuthorizationGetter(challenge);
this.logger.info("http校验");
const filePath = `.well-known/acme-challenge/${challenge.token}`;
@ -203,14 +202,16 @@ export class AcmeService {
this.logger.info("dns校验");
const keyAuthorization = await keyAuthorizationGetter(challenge);
const mainDomain = dnsProvider.usePunyCode() ? domain : punycode.toUnicode(domain);
fullRecord = dnsProvider.usePunyCode() ? fullRecord : punycode.toUnicode(fullRecord);
const recordValue = keyAuthorization;
let hostRecord = fullRecord.replace(`${domain}`, "");
let hostRecord = fullRecord.replace(`${mainDomain}`, "");
if (hostRecord.endsWith(".")) {
hostRecord = hostRecord.substring(0, hostRecord.length - 1);
}
const recordReq = {
domain,
domain: mainDomain,
fullRecord,
hostRecord,
type: "TXT",
@ -286,7 +287,7 @@ export class AcmeService {
* @returns {Promise}
*/
async challengeRemoveFn(authz: any, challenge: any, keyAuthorization: string, recordReq: any, recordRes: any, dnsProvider?: IDnsProvider, httpUploader?: HttpChallengeUploader) {
async challengeRemoveFn(authz: any, challenge: any, keyAuthorization: string, recordReq: any, recordRes: any, dnsProvider?: IDnsProvider, httpUploader?: IOssClient) {
this.logger.info("执行清理");
/* http-01 */
@ -321,9 +322,16 @@ export class AcmeService {
isTest?: boolean;
privateKeyType?: string;
}): Promise<CertInfo> {
const { email, isTest, domains, csrInfo, dnsProvider, domainsVerifyPlan, httpUploader } = options;
const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan } = options;
const client: acme.Client = await this.getAcmeClient(email, isTest);
let domains = options.domains;
const encodingDomains = [];
for (const domain of domains) {
encodingDomains.push(punycode.toASCII(domain));
}
domains = encodingDomains;
/* Create CSR */
const { commonName, altNames } = this.buildCommonNameByDomains(domains);
let privateKey = null;
@ -361,14 +369,13 @@ export class AcmeService {
privateKey
);
if (dnsProvider == null && domainsVerifyPlan == null && httpUploader == null) {
throw new Error("dnsProvider 、 domainsVerifyPlan 、 httpUploader不能都为空");
if (dnsProvider == null && domainsVerifyPlan == null) {
throw new Error("dnsProvider 、 domainsVerifyPlan不能都为空");
}
const providers: Providers = {
dnsProvider,
domainsVerifyPlan,
httpUploader,
};
/* 自动申请证书 */
const crt = await client.auto({
@ -383,7 +390,7 @@ export class AcmeService {
): Promise<{ recordReq?: any; recordRes?: any; dnsProvider?: any; challenge: Challenge; keyAuthorization: string }> => {
return await this.challengeCreateFn(authz, keyAuthorizationGetter, providers);
},
challengeRemoveFn: async (authz: acme.Authorization, challenge: Challenge, keyAuthorization: string, recordReq: any, recordRes: any, dnsProvider: IDnsProvider): Promise<any> => {
challengeRemoveFn: async (authz: acme.Authorization, challenge: Challenge, keyAuthorization: string, recordReq: any, recordRes: any, dnsProvider: IDnsProvider, httpUploader: IOssClient): Promise<any> => {
return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider, httpUploader);
},
signal: this.options.signal,

3
packages/plugins/plugin-cert/src/plugin/cert-plugin/base-convert.ts
View File

@ -27,8 +27,7 @@ export abstract class CertApplyBaseConvertPlugin extends AbstractTaskPlugin {
"1、支持多个域名打到一个证书上例如 foo.com*.foo.com*.bar.com\n" +
"2、子域名被通配符包含的不要填写例如www.foo.com已经被*.foo.com包含不要填写www.foo.com\n" +
"3、泛域名只能通配*号那一级(*.foo.com的证书不能用于xxx.yyy.foo.com、不能用于foo.com\n" +
"4、输入一个空格之后再输入下一个\n" +
"5、如果你配置了子域托管解析请先[设置托管子域名](#/certd/pipeline/subDomain)",
"4、输入一个空格之后再输入下一个",
})
domains!: string[];

5
packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
View File

@ -9,8 +9,8 @@ import { CertReader } from "./cert-reader.js";
import { CertApplyBasePlugin } from "./base.js";
import { GoogleClient } from "../../libs/google.js";
import { EabAccess } from "../../access";
import { httpChallengeUploaderFactory } from "./uploads/factory.js";
import { DomainParser } from "../../dns-provider/domain-parser.js";
import { ossClientFactory } from "@certd/plugin-lib";
export * from "./base.js";
export type { CertInfo };
export * from "./cert-reader.js";
@ -115,6 +115,7 @@ HTTP文件验证不支持泛域名需要配置网站文件上传`,
})
dnsProviderType!: string;
// dns解析授权类型,勿删
dnsProviderAccessType!: string;
@TaskInput({
@ -446,7 +447,7 @@ HTTP文件验证不支持泛域名需要配置网站文件上传`,
rootDir = rootDir + "/";
}
this.logger.info("上传方式", httpRecord.httpUploaderType);
const httpUploader = await httpChallengeUploaderFactory.createUploaderByType(httpRecord.httpUploaderType, {
const httpUploader = await ossClientFactory.createOssClientByType(httpRecord.httpUploaderType, {
access,
rootDir: rootDir,
ctx: httpUploaderContext,

35
packages/plugins/plugin-cert/src/plugin/cert-plugin/uploads/api.ts
View File

@ -1,35 +0,0 @@
import { IAccessService } from "@certd/pipeline";
import { ILogger, utils } from "@certd/basic";
export type HttpChallengeUploader = {
upload: (fileName: string, fileContent: Buffer) => Promise<void>;
remove: (fileName: string) => Promise<void>;
};
export type HttpChallengeUploadContext = {
accessService: IAccessService;
logger: ILogger;
utils: typeof utils;
};
export abstract class BaseHttpChallengeUploader<A> implements HttpChallengeUploader {
rootDir: string;
access: A = null;
logger: ILogger;
utils: typeof utils;
ctx: HttpChallengeUploadContext;
protected constructor(opts: { rootDir: string; access: A }) {
this.rootDir = opts.rootDir;
this.access = opts.access;
}
async setCtx(ctx: any) {
// set context
this.ctx = ctx;
this.logger = ctx.logger;
this.utils = ctx.utils;
}
abstract remove(fileName: string): Promise<void>;
abstract upload(fileName: string, fileContent: Buffer): Promise<void>;
}

39
packages/plugins/plugin-cert/src/plugin/cert-plugin/uploads/impls/alioss.ts
View File

@ -1,39 +0,0 @@
import { BaseHttpChallengeUploader } from "../api.js";
import { AliossAccess, AliyunAccess } from "@certd/plugin-lib";
import { AliossClient } from "@certd/plugin-lib";
export class AliossHttpChallengeUploader extends BaseHttpChallengeUploader<AliossAccess> {
async upload(filePath: string, fileContent: Buffer) {
const aliyunAccess = await this.ctx.accessService.getById<AliyunAccess>(this.access.accessId);
const client = new AliossClient({
access: aliyunAccess,
bucket: this.access.bucket,
region: this.access.region,
});
const key = this.rootDir + filePath;
this.logger.info(`开始上传文件: ${key}`);
await client.uploadFile(key, fileContent);
this.logger.info(`校验文件上传成功: ${filePath}`);
}
async remove(filePath: string) {
const key = this.rootDir + filePath;
// remove file from alioss
const client = await this.getAliossClient();
await client.removeFile(key);
this.logger.info(`文件删除成功: ${key}`);
}
private async getAliossClient() {
const aliyunAccess = await this.ctx.accessService.getById<AliyunAccess>(this.access.accessId);
const client = new AliossClient({
access: aliyunAccess,
bucket: this.access.bucket,
region: this.access.region,
});
await client.init();
return client;
}
}

41
packages/plugins/plugin-cert/src/plugin/cert-plugin/uploads/impls/ftp.ts
View File

@ -1,41 +0,0 @@
import { BaseHttpChallengeUploader } from "../api.js";
import { FtpAccess, FtpClient } from "@certd/plugin-lib";
import path from "path";
import os from "os";
import fs from "fs";
export class FtpHttpChallengeUploader extends BaseHttpChallengeUploader<FtpAccess> {
async upload(filePath: string, fileContent: Buffer) {
const client = new FtpClient({
access: this.access,
logger: this.logger,
});
await client.connect(async (client) => {
const tmpFilePath = path.join(os.tmpdir(), "cert", "http", filePath);
const dir = path.dirname(tmpFilePath);
if (!fs.existsSync(dir)) {
fs.mkdirSync(dir, { recursive: true });
}
fs.writeFileSync(tmpFilePath, fileContent);
try {
// Write file to temp path
const path = this.rootDir + filePath;
await client.upload(path, tmpFilePath);
} finally {
// Remove temp file
fs.unlinkSync(tmpFilePath);
}
});
}
async remove(filePath: string) {
const client = new FtpClient({
access: this.access,
logger: this.logger,
});
await client.connect(async (client) => {
const path = this.rootDir + filePath;
await client.client.remove(path);
});
}
}

31
packages/plugins/plugin-cert/src/plugin/cert-plugin/uploads/impls/qiniuoss.ts
View File

@ -1,31 +0,0 @@
import { BaseHttpChallengeUploader } from "../api.js";
import { QiniuOssAccess, QiniuClient, QiniuAccess } from "@certd/plugin-lib";
export class QiniuOssHttpChallengeUploader extends BaseHttpChallengeUploader<QiniuOssAccess> {
async upload(filePath: string, fileContent: Buffer) {
const qiniuAccess = await this.ctx.accessService.getById<QiniuAccess>(this.access.accessId);
const client = new QiniuClient({
access: qiniuAccess,
logger: this.logger,
http: this.ctx.utils.http,
});
if (this.rootDir.endsWith("/")) {
this.rootDir = this.rootDir.slice(0, -1);
}
await client.uploadFile(this.access.bucket, this.rootDir + filePath, fileContent);
}
async remove(filePath: string) {
const qiniuAccess = await this.ctx.accessService.getById<QiniuAccess>(this.access.accessId);
const client = new QiniuClient({
access: qiniuAccess,
logger: this.logger,
http: this.ctx.utils.http,
});
if (this.rootDir.endsWith("/")) {
this.rootDir = this.rootDir.slice(0, -1);
}
await client.removeFile(this.access.bucket, this.rootDir + filePath);
}
}

51
packages/plugins/plugin-cert/src/plugin/cert-plugin/uploads/impls/sftp.ts
View File

@ -1,51 +0,0 @@
import { BaseHttpChallengeUploader } from "../api.js";
import { SshAccess, SshClient } from "@certd/plugin-lib";
import path from "path";
import os from "os";
import fs from "fs";
import { SftpAccess } from "@certd/plugin-lib";
export class SftpHttpChallengeUploader extends BaseHttpChallengeUploader<SftpAccess> {
async upload(filePath: string, fileContent: Buffer) {
const tmpFilePath = path.join(os.tmpdir(), "cert", "http", filePath);
// Write file to temp path
const dir = path.dirname(tmpFilePath);
if (!fs.existsSync(dir)) {
fs.mkdirSync(dir, { recursive: true });
}
fs.writeFileSync(tmpFilePath, fileContent);
const access = await this.ctx.accessService.getById<SshAccess>(this.access.sshAccess);
const key = this.rootDir + filePath;
try {
const client = new SshClient(this.logger);
await client.uploadFiles({
connectConf: access,
mkdirs: true,
transports: [
{
localPath: tmpFilePath,
remotePath: key,
},
],
opts: {
mode: this.access?.fileMode ?? undefined,
},
});
} finally {
// Remove temp file
fs.unlinkSync(tmpFilePath);
}
}
async remove(filePath: string) {
const access = await this.ctx.accessService.getById<SshAccess>(this.access.sshAccess);
const client = new SshClient(this.logger);
const key = this.rootDir + filePath;
await client.removeFiles({
connectConf: access,
files: [key],
});
}
}

28
packages/plugins/plugin-cert/src/plugin/cert-plugin/uploads/impls/tencentcos.ts
View File

@ -1,28 +0,0 @@
import { BaseHttpChallengeUploader } from "../api.js";
import { TencentAccess, TencentCosAccess, TencentCosClient } from "@certd/plugin-lib";
export class TencentCosHttpChallengeUploader extends BaseHttpChallengeUploader<TencentCosAccess> {
async upload(filePath: string, fileContent: Buffer) {
const access = await this.ctx.accessService.getById<TencentAccess>(this.access.accessId);
const client = new TencentCosClient({
access: access,
logger: this.logger,
region: this.access.region,
bucket: this.access.bucket,
});
const key = this.rootDir + filePath;
await client.uploadFile(key, fileContent);
}
async remove(filePath: string) {
const access = await this.ctx.accessService.getById<TencentAccess>(this.access.accessId);
const client = new TencentCosClient({
access: access,
logger: this.logger,
region: this.access.region,
bucket: this.access.bucket,
});
const key = this.rootDir + filePath;
await client.removeFile(key);
}
}

11
packages/plugins/plugin-lib/CHANGELOG.md
View File

@ -3,6 +3,17 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
### Bug Fixes
* 修复http上传方式无法清除记录文件的bug ([72a7b51](https://github.com/certd/certd/commit/72a7b51d479602b2c54c6c3ac8d8a0dcb9664e73))
### Performance Improvements
* 七牛oss支持删除过期备份 ([b7113bd](https://github.com/certd/certd/commit/b7113bda2378116d6c116dc583f563cce7cf9f00))
* 数据库备份支持oss ([308d460](https://github.com/certd/certd/commit/308d4600efe2002f199c33b4594d3071784e58ea))
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
### Performance Improvements

11
packages/plugins/plugin-lib/package.json
View File

@ -1,7 +1,7 @@
{
"name": "@certd/plugin-lib",
"private": false,
"version": "1.33.7",
"version": "1.33.8",
"type": "module",
"main": "./dist/index.js",
"types": "./dist/index.d.ts",
@ -16,10 +16,11 @@
},
"dependencies": {
"@alicloud/pop-core": "^1.7.10",
"@certd/basic": "^1.33.7",
"@certd/pipeline": "^1.33.7",
"@aws-sdk/client-s3": "^3.787.0",
"@certd/basic": "^1.33.8",
"@certd/pipeline": "^1.33.8",
"@kubernetes/client-node": "0.21.0",
"ali-oss": "^6.21.0",
"ali-oss": "^6.22.0",
"basic-ftp": "^5.0.5",
"cos-nodejs-sdk-v5": "^2.14.6",
"dayjs": "^1.11.7",
@ -48,5 +49,5 @@
"tslib": "^2.8.1",
"typescript": "^5.4.2"
},
"gitHead": "a188385817e8dbd270dbdbf7f86a5b812884cf59"
"gitHead": "9b420ad33ff4c36fc99d643c18be9ec7e29f220d"
}

23
packages/plugins/plugin-lib/src/aliyun/lib/oss-client.ts
View File

@ -1,4 +1,4 @@
import { AliyunAccess } from "../access";
import { AliyunAccess } from "../access/index.js";
export class AliossClient {
access: AliyunAccess;
@ -52,7 +52,7 @@ export class AliossClient {
}
}
async uploadFile(filePath: string, content: Buffer) {
async uploadFile(filePath: string, content: Buffer | string) {
await this.init();
return await this.client.put(filePath, content);
}
@ -61,4 +61,23 @@ export class AliossClient {
await this.init();
return await this.client.delete(filePath);
}
async downloadFile(key: string, savePath: string) {
await this.init();
return await this.client.get(key, savePath);
}
async listDir(dirKey: string) {
await this.init();
const res = await this.client.listV2({
prefix: dirKey,
// max-keys: 100,
// continuation-token: "token",
// delimiter: "/",
// marker: "marker",
// encoding-type: "url",
});
return res.objects;
}
}

20
packages/plugins/plugin-lib/src/ftp/client.ts
View File

@ -11,7 +11,7 @@ export class FtpClient {
this.logger = opts.logger;
}
async connect(callback: (client: FtpClient) => Promise<void>) {
async connect(callback: (client: FtpClient) => Promise<any>) {
const ftp = await import("basic-ftp");
const Client = ftp.Client;
const client = new Client();
@ -21,7 +21,7 @@ export class FtpClient {
this.logger.info("FTP连接成功");
this.client = client;
try {
await callback(this);
return await callback(this);
} finally {
if (client) {
client.close();
@ -44,4 +44,20 @@ export class FtpClient {
this.logger.info(`开始删除文件${filePath}`);
await this.client.remove(filePath, true);
}
async listDir(dir: string): Promise<any[]> {
if (!dir) {
return [];
}
if (!dir.endsWith("/")) {
dir = dir + "/";
}
this.logger.info(`开始列出目录${dir}`);
return await this.client.list(dir);
}
async download(filePath: string, savePath: string): Promise<void> {
this.logger.info(`开始下载文件${filePath} -> ${savePath}`);
await this.client.downloadTo(savePath, filePath);
}
}

2
packages/plugins/plugin-lib/src/index.ts
View File

@ -5,3 +5,5 @@ export * from "./ftp/index.js";
export * from "./tencent/index.js";
export * from "./qiniu/index.js";
export * from "./ctyun/index.js";
export * from "./oss/index.js";
export * from "./s3/index.js";

90
packages/plugins/plugin-lib/src/oss/api.ts Normal file
View File

@ -0,0 +1,90 @@
import { IAccessService } from "@certd/pipeline";
import { ILogger, utils } from "@certd/basic";
import dayjs from "dayjs";
export type OssClientRemoveByOpts = {
dir?: string;
//删除多少天前的文件
beforeDays?: number;
};
export type OssFileItem = {
//文件全路径
path: string;
size: number;
//毫秒时间戳
lastModified: number;
};
export type IOssClient = {
upload: (fileName: string, fileContent: Buffer) => Promise<void>;
remove: (fileName: string, opts?: { joinRootDir?: boolean }) => Promise<void>;
download: (fileName: string, savePath: string) => Promise<void>;
removeBy: (removeByOpts: OssClientRemoveByOpts) => Promise<void>;
listDir: (dir: string) => Promise<OssFileItem[]>;
};
export type OssClientContext = {
accessService: IAccessService;
logger: ILogger;
utils: typeof utils;
};
export abstract class BaseOssClient<A> implements IOssClient {
rootDir: string = "";
access: A = null;
logger: ILogger;
utils: typeof utils;
ctx: OssClientContext;
protected constructor(opts: { rootDir?: string; access: A }) {
this.rootDir = opts.rootDir || "";
this.access = opts.access;
}
join(...strs: string[]) {
let res = "";
for (const item of strs) {
if (item) {
if (!res) {
res = item;
} else {
res += "/" + item;
}
}
}
res = res.replace(/[\\/]+/g, "/");
return res;
}
async setCtx(ctx: any) {
// set context
this.ctx = ctx;
this.logger = ctx.logger;
this.utils = ctx.utils;
await this.init();
}
async init() {
// do nothing
}
abstract remove(fileName: string, opts?: { joinRootDir?: boolean }): Promise<void>;
abstract upload(fileName: string, fileContent: Buffer): Promise<void>;
abstract download(fileName: string, savePath: string): Promise<void>;
abstract listDir(dir: string): Promise<OssFileItem[]>;
async removeBy(removeByOpts: OssClientRemoveByOpts): Promise<void> {
const list = await this.listDir(removeByOpts.dir);
// removeByOpts.beforeDays = 0;
const beforeDate = dayjs().subtract(removeByOpts.beforeDays, "day");
for (const item of list) {
if (item.lastModified && item.lastModified < beforeDate.valueOf()) {
await this.remove(item.path, { joinRootDir: false });
}
}
}
}

23
packages/plugins/plugin-cert/src/plugin/cert-plugin/uploads/factory.ts → packages/plugins/plugin-lib/src/oss/factory.ts
View File

@ -1,30 +1,33 @@
import { HttpChallengeUploadContext } from "./api";
import { OssClientContext } from "./api";
export class HttpChallengeUploaderFactory {
export class OssClientFactory {
async getClassByType(type: string) {
if (type === "alioss") {
const module = await import("./impls/alioss.js");
return module.AliossHttpChallengeUploader;
return module.default;
} else if (type === "ssh") {
const module = await import("./impls/ssh.js");
return module.SshHttpChallengeUploader;
return module.default;
} else if (type === "sftp") {
const module = await import("./impls/sftp.js");
return module.SftpHttpChallengeUploader;
return module.default;
} else if (type === "ftp") {
const module = await import("./impls/ftp.js");
return module.FtpHttpChallengeUploader;
return module.default;
} else if (type === "tencentcos") {
const module = await import("./impls/tencentcos.js");
return module.TencentCosHttpChallengeUploader;
return module.default;
} else if (type === "qiniuoss") {
const module = await import("./impls/qiniuoss.js");
return module.QiniuOssHttpChallengeUploader;
return module.default;
} else if (type === "s3") {
const module = await import("./impls/s3.js");
return module.default;
} else {
throw new Error(`暂不支持此文件上传方式: ${type}`);
}
}
async createUploaderByType(type: string, opts: { rootDir: string; access: any; ctx: HttpChallengeUploadContext }) {
async createOssClientByType(type: string, opts: { rootDir?: string; access: any; ctx: OssClientContext }) {
const cls = await this.getClassByType(type);
if (cls) {
// @ts-ignore
@ -35,4 +38,4 @@ export class HttpChallengeUploaderFactory {
}
}
export const httpChallengeUploaderFactory = new HttpChallengeUploaderFactory();
export const ossClientFactory = new OssClientFactory();

57
packages/plugins/plugin-lib/src/oss/impls/alioss.ts Normal file
View File

@ -0,0 +1,57 @@
import { BaseOssClient, OssFileItem } from "../api.js";
import { AliossAccess, AliossClient, AliyunAccess } from "../../aliyun/index.js";
import dayjs from "dayjs";
export default class AliOssClientImpl extends BaseOssClient<AliossAccess> {
client: AliossClient;
join(...strs: string[]) {
const str = super.join(...strs);
if (str.startsWith("/")) {
return str.substring(1);
}
return str;
}
async init() {
const aliyunAccess = await this.ctx.accessService.getById<AliyunAccess>(this.access.accessId);
const client = new AliossClient({
access: aliyunAccess,
bucket: this.access.bucket,
region: this.access.region,
});
await client.init();
this.client = client;
}
async download(filePath: string, savePath: string): Promise<void> {
const key = this.join(this.rootDir, filePath);
await this.client.downloadFile(key, savePath);
}
async listDir(dir: string): Promise<OssFileItem[]> {
const dirKey = this.join(this.rootDir, dir) + "/";
const list = await this.client.listDir(dirKey);
this.logger.info(`列出目录: ${dirKey},文件数:${list.length}`);
return list.map(item => {
return {
path: item.name,
lastModified: dayjs(item.lastModified).valueOf(),
size: item.size,
};
});
}
async upload(filePath: string, fileContent: Buffer | string) {
const key = this.join(this.rootDir, filePath);
this.logger.info(`开始上传文件: ${key}`);
await this.client.uploadFile(key, fileContent);
this.logger.info(`文件上传成功: ${filePath}`);
}
async remove(filePath: string, opts?: { joinRootDir?: boolean }) {
if (opts?.joinRootDir !== false) {
filePath = this.join(this.rootDir, filePath);
}
const key = filePath;
// remove file from alioss
await this.client.removeFile(key);
this.logger.info(`文件删除成功: ${key}`);
}
}

78
packages/plugins/plugin-lib/src/oss/impls/ftp.ts Normal file
View File

@ -0,0 +1,78 @@
import { BaseOssClient } from "../api.js";
import path from "path";
import os from "os";
import fs from "fs";
import { FtpAccess, FtpClient } from "../../ftp/index.js";
export default class FtpOssClientImpl extends BaseOssClient<FtpAccess> {
join(...strs: string[]) {
const str = super.join(...strs);
if (!str.startsWith("/")) {
return "/" + str;
}
return str;
}
async download(fileName: string, savePath: string) {
const client = this.getFtpClient();
await client.connect(async client => {
const path = this.join(this.rootDir, fileName);
await client.download(path, savePath);
});
}
async listDir(dir: string) {
const client = this.getFtpClient();
return await client.connect(async (client: FtpClient) => {
const path = this.join(this.rootDir, dir);
const res = await client.listDir(path);
return res.map(item => {
return {
path: this.join(path, item.name),
size: item.size,
lastModified: item.modifiedAt.getTime(),
};
});
});
}
async upload(filePath: string, fileContent: Buffer | string) {
const client = this.getFtpClient();
await client.connect(async client => {
let tmpFilePath = fileContent as string;
if (typeof fileContent !== "string") {
tmpFilePath = path.join(os.tmpdir(), "cert", "oss", filePath);
const dir = path.dirname(tmpFilePath);
if (!fs.existsSync(dir)) {
fs.mkdirSync(dir, { recursive: true });
}
fs.writeFileSync(tmpFilePath, fileContent);
}
try {
// Write file to temp path
const path = this.join(this.rootDir, filePath);
await client.upload(tmpFilePath, path);
} finally {
// Remove temp file
fs.unlinkSync(tmpFilePath);
}
});
}
private getFtpClient() {
return new FtpClient({
access: this.access,
logger: this.logger,
});
}
async remove(filePath: string, opts?: { joinRootDir?: boolean }) {
if (opts?.joinRootDir !== false) {
filePath = this.join(this.rootDir, filePath);
}
const client = this.getFtpClient();
await client.connect(async client => {
await client.client.remove(filePath);
this.logger.info(`删除文件成功: ${filePath}`);
});
}
}

50
packages/plugins/plugin-lib/src/oss/impls/qiniuoss.ts Normal file
View File

@ -0,0 +1,50 @@
import { QiniuAccess, QiniuClient, QiniuOssAccess } from "../../qiniu/index.js";
import { BaseOssClient, OssFileItem } from "../api.js";
export default class QiniuOssClientImpl extends BaseOssClient<QiniuOssAccess> {
client: QiniuClient;
join(...strs: string[]) {
const str = super.join(...strs);
if (str.startsWith("/")) {
return str.substring(1);
}
return str;
}
async init() {
const qiniuAccess = await this.ctx.accessService.getById<QiniuAccess>(this.access.accessId);
this.client = new QiniuClient({
access: qiniuAccess,
logger: this.logger,
http: this.ctx.utils.http,
});
}
async download(fileName: string, savePath: string): Promise<void> {
const path = this.join(this.rootDir, fileName);
await this.client.downloadFile(this.access.bucket, path, savePath);
}
async listDir(dir: string): Promise<OssFileItem[]> {
const path = this.join(this.rootDir, dir);
const res = await this.client.listDir(this.access.bucket, path);
return res.items.map(item => {
return {
path: item.key,
size: item.fsize,
//ns 纳秒去掉低4位 为毫秒
lastModified: Math.floor(item.putTime / 10000),
};
});
}
async upload(filePath: string, fileContent: Buffer | string) {
const path = this.join(this.rootDir, filePath);
await this.client.uploadFile(this.access.bucket, path, fileContent);
}
async remove(filePath: string, opts?: { joinRootDir?: boolean }) {
if (opts?.joinRootDir !== false) {
filePath = this.join(this.rootDir, filePath);
}
await this.client.removeFile(this.access.bucket, filePath);
}
}

98
packages/plugins/plugin-lib/src/oss/impls/s3.ts Normal file
View File

@ -0,0 +1,98 @@
import { BaseOssClient, OssFileItem } from "../api.js";
import path from "node:path";
import { S3Access } from "../../s3/access.js";
import fs from "fs";
import dayjs from "dayjs";
export default class S3OssClientImpl extends BaseOssClient<S3Access> {
client: any;
join(...strs: string[]) {
const str = super.join(...strs);
if (str.startsWith("/")) {
return str.substring(1);
}
return str;
}
async init() {
// import { S3Client } from "@aws-sdk/client-s3";
//@ts-ignore
const { S3Client } = await import("@aws-sdk/client-s3");
this.client = new S3Client({
forcePathStyle: true,
//@ts-ignore
s3ForcePathStyle: true,
credentials: {
accessKeyId: this.access.accessKeyId, // 默认 MinIO 访问密钥
secretAccessKey: this.access.secretAccessKey, // 默认 MinIO 秘密密钥
},
region: "us-east-1",
endpoint: this.access.endpoint,
});
}
async download(filePath: string, savePath: string): Promise<void> {
// @ts-ignore
const { GetObjectCommand } = await import("@aws-sdk/client-s3");
const key = path.join(this.rootDir, filePath);
const params = {
Bucket: this.access.bucket, // The name of the bucket. For example, 'sample_bucket_101'.
Key: key, // The name of the object. For example, 'sample_upload.txt'.
};
const res = await this.client.send(new GetObjectCommand({ ...params }));
const fileContent = fs.createWriteStream(savePath);
res.Body.pipe(fileContent);
this.logger.info(`文件下载成功: ${savePath}`);
}
async listDir(dir: string): Promise<OssFileItem[]> {
// @ts-ignore
const { ListObjectsCommand } = await import("@aws-sdk/client-s3");
const dirKey = this.join(this.rootDir, dir);
const params = {
Bucket: this.access.bucket, // The name of the bucket. For example, 'sample_bucket_101'.
Prefix: dirKey, // The name of the object. For example, 'sample_upload.txt'.
};
const res = await this.client.send(new ListObjectsCommand({ ...params }));
return res.Contents.map(item => {
return {
path: item.Key,
size: item.Size,
lastModified: dayjs(item.LastModified).valueOf(),
};
});
}
async upload(filePath: string, fileContent: Buffer | string) {
// @ts-ignore
const { PutObjectCommand } = await import("@aws-sdk/client-s3");
const key = path.join(this.rootDir, filePath);
this.logger.info(`开始上传文件: ${key}`);
const params = {
Bucket: this.access.bucket, // The name of the bucket. For example, 'sample_bucket_101'.
Key: key, // The name of the object. For example, 'sample_upload.txt'.
};
if (typeof fileContent === "string") {
fileContent = fs.createReadStream(fileContent) as any;
}
await this.client.send(new PutObjectCommand({ Body: fileContent, ...params }));
this.logger.info(`文件上传成功: ${filePath}`);
}
async remove(filePath: string, opts?: { joinRootDir?: boolean }) {
if (opts?.joinRootDir !== false) {
filePath = this.join(this.rootDir, filePath);
}
const key = filePath;
// @ts-ignore
const { DeleteObjectCommand } = await import("@aws-sdk/client-s3");
await this.client.send(
new DeleteObjectCommand({
Bucket: this.access.bucket,
Key: key,
})
);
this.logger.info(`文件删除成功: ${key}`);
}
}

82
packages/plugins/plugin-lib/src/oss/impls/sftp.ts Normal file
View File

@ -0,0 +1,82 @@
import { BaseOssClient, OssFileItem } from "../api.js";
import path from "path";
import os from "os";
import fs from "fs";
import { SftpAccess, SshAccess, SshClient } from "../../ssh/index.js";
export default class SftpOssClientImpl extends BaseOssClient<SftpAccess> {
async download(fileName: string, savePath: string): Promise<void> {
const path = this.join(this.rootDir, fileName);
const client = new SshClient(this.logger);
const access = await this.ctx.accessService.getById<SshAccess>(this.access.sshAccess);
await client.download({
connectConf: access,
filePath: path,
savePath,
});
}
async listDir(dir: string): Promise<OssFileItem[]> {
const path = this.join(this.rootDir, dir);
const client = new SshClient(this.logger);
const access = await this.ctx.accessService.getById<SshAccess>(this.access.sshAccess);
const res = await client.listDir({
connectConf: access,
dir: path,
});
return res.map(item => {
return {
path: this.join(path, item.filename),
size: item.size,
lastModified: item.attrs.atime * 1000,
};
});
}
async upload(filePath: string, fileContent: Buffer | string) {
let tmpFilePath = fileContent as string;
if (typeof fileContent !== "string") {
tmpFilePath = path.join(os.tmpdir(), "cert", "oss", filePath);
const dir = path.dirname(tmpFilePath);
if (!fs.existsSync(dir)) {
fs.mkdirSync(dir, { recursive: true });
}
fs.writeFileSync(tmpFilePath, fileContent);
}
const access = await this.ctx.accessService.getById<SshAccess>(this.access.sshAccess);
const key = this.join(this.rootDir, filePath);
try {
const client = new SshClient(this.logger);
await client.uploadFiles({
connectConf: access,
mkdirs: true,
transports: [
{
localPath: tmpFilePath,
remotePath: key,
},
],
uploadType: "sftp",
opts: {
mode: this.access?.fileMode ?? undefined,
},
});
} finally {
// Remove temp file
fs.unlinkSync(tmpFilePath);
}
}
async remove(filePath: string, opts?: { joinRootDir?: boolean }) {
const access = await this.ctx.accessService.getById<SshAccess>(this.access.sshAccess);
const client = new SshClient(this.logger);
if (opts?.joinRootDir !== false) {
filePath = this.join(this.rootDir, filePath);
}
await client.removeFiles({
connectConf: access,
files: [filePath],
});
}
}

24
packages/plugins/plugin-cert/src/plugin/cert-plugin/uploads/impls/ssh.ts → packages/plugins/plugin-lib/src/oss/impls/ssh.ts
View File

@ -1,10 +1,20 @@
import { BaseHttpChallengeUploader } from "../api.js";
import { SshAccess, SshClient } from "@certd/plugin-lib";
import { BaseOssClient, OssClientRemoveByOpts, OssFileItem } from "../api.js";
import path from "path";
import os from "os";
import fs from "fs";
import { SshAccess, SshClient } from "../../ssh/index.js";
export class SshHttpChallengeUploader extends BaseHttpChallengeUploader<SshAccess> {
//废弃
export default class SshOssClientImpl extends BaseOssClient<SshAccess> {
download(fileName: string, savePath: string): Promise<void> {
throw new Error("Method not implemented.");
}
removeBy(removeByOpts: OssClientRemoveByOpts): Promise<void> {
throw new Error("Method not implemented.");
}
listDir(dir: string): Promise<OssFileItem[]> {
throw new Error("Method not implemented.");
}
async upload(filePath: string, fileContent: Buffer) {
const tmpFilePath = path.join(os.tmpdir(), "cert", "http", filePath);
@ -34,12 +44,14 @@ export class SshHttpChallengeUploader extends BaseHttpChallengeUploader<SshAcces
}
}
async remove(filePath: string) {
async remove(filePath: string, opts?: { joinRootDir?: boolean }) {
if (opts?.joinRootDir !== false) {
filePath = this.join(this.rootDir, filePath);
}
const client = new SshClient(this.logger);
const key = this.rootDir + filePath;
await client.removeFiles({
connectConf: this.access,
files: [key],
files: [filePath],
});
}
}

54
packages/plugins/plugin-lib/src/oss/impls/tencentcos.ts Normal file
View File

@ -0,0 +1,54 @@
import dayjs from "dayjs";
import { TencentAccess, TencentCosAccess, TencentCosClient } from "../../tencent/index.js";
import { BaseOssClient, OssFileItem } from "../api.js";
export default class TencentOssClientImpl extends BaseOssClient<TencentCosAccess> {
client: TencentCosClient;
join(...strs: string[]) {
const str = super.join(...strs);
if (str.startsWith("/")) {
return str.substring(1);
}
return str;
}
async init() {
const access = await this.ctx.accessService.getById<TencentAccess>(this.access.accessId);
this.client = new TencentCosClient({
access: access,
logger: this.logger,
region: this.access.region,
bucket: this.access.bucket,
});
}
async download(filePath: string, savePath: string): Promise<void> {
const key = this.join(this.rootDir, filePath);
await this.client.downloadFile(key, savePath);
}
async listDir(dir: string): Promise<OssFileItem[]> {
const dirKey = this.join(this.rootDir, dir) + "/";
// @ts-ignore
const res: any[] = await this.client.listDir(dirKey);
return res.map(item => {
return {
path: item.Key,
size: item.Size,
lastModified: dayjs(item.LastModified).valueOf(),
};
});
}
async upload(filePath: string, fileContent: Buffer | string) {
const key = this.join(this.rootDir, filePath);
await this.client.uploadFile(key, fileContent);
this.logger.info(`文件上传成功: ${filePath}`);
}
async remove(filePath: string, opts?: { joinRootDir?: boolean }) {
if (opts?.joinRootDir !== false) {
filePath = this.join(this.rootDir, filePath);
}
await this.client.removeFile(filePath);
this.logger.info(`文件删除成功: ${filePath}`);
}
}

2
packages/plugins/plugin-lib/src/oss/index.ts Normal file
View File

@ -0,0 +1,2 @@
export * from "./factory.js";
export * from "./api.js";

58
packages/plugins/plugin-lib/src/qiniu/lib/sdk.ts
View File

@ -1,5 +1,6 @@
import { HttpClient, ILogger } from "@certd/basic";
import { HttpClient, ILogger, utils } from "@certd/basic";
import { QiniuAccess } from "../access.js";
import fs from "fs";
export type QiniuCertInfo = {
key: string;
@ -98,7 +99,7 @@ export class QiniuClient {
});
}
async uploadFile(bucket: string, key: string, content: Buffer) {
async uploadFile(bucket: string, key: string, content: Buffer | string) {
const sdk = await import("qiniu");
const qiniu = sdk.default;
const mac = new qiniu.auth.digest.Mac(this.access.accessKey, this.access.secretKey);
@ -111,8 +112,15 @@ export class QiniuClient {
const config = new qiniu.conf.Config();
const formUploader = new qiniu.form_up.FormUploader(config);
const putExtra = new qiniu.form_up.PutExtra();
// 文件上传
const { data, resp } = await formUploader.put(uploadToken, key, content, putExtra);
let res: any = {};
if (typeof content === "string") {
const readableStream = fs.createReadStream(content);
res = await formUploader.putStream(uploadToken, key, readableStream, putExtra);
} else {
// 文件上传
res = await formUploader.put(uploadToken, key, content, putExtra);
}
const { data, resp } = res;
if (resp.statusCode === 200) {
this.logger.info("文件上传成功:" + key);
return data;
@ -123,12 +131,7 @@ export class QiniuClient {
}
async removeFile(bucket: string, key: string) {
const sdk = await import("qiniu");
const qiniu = sdk.default;
const mac = new qiniu.auth.digest.Mac(this.access.accessKey, this.access.secretKey);
const config = new qiniu.conf.Config();
config.useHttpsDomain = true;
const bucketManager = new qiniu.rs.BucketManager(mac, config);
const bucketManager = await this.getBucketManager();
const { resp } = await bucketManager.delete(bucket, key);
@ -139,4 +142,39 @@ export class QiniuClient {
throw new Error("删除失败:" + JSON.stringify(resp));
}
}
async downloadFile(bucket: string, path: string, savePath: string) {
const bucketManager = await this.getBucketManager();
const privateBucketDomain = `http://${bucket}.qiniudn.com`;
const deadline = Math.floor(Date.now() / 1000) + 3600; // 1小时过期
const privateDownloadUrl = bucketManager.privateDownloadUrl(privateBucketDomain, path, deadline);
await utils.request.download({
http: this.http,
logger: this.logger,
config: {
url: privateDownloadUrl,
method: "get",
},
savePath,
});
}
private async getBucketManager() {
const sdk = await import("qiniu");
const qiniu = sdk.default;
const mac = new qiniu.auth.digest.Mac(this.access.accessKey, this.access.secretKey);
const config = new qiniu.conf.Config();
config.useHttpsDomain = true;
return new qiniu.rs.BucketManager(mac, config);
}
async listDir(bucket: string, path: string) {
const bucketManager = await this.getBucketManager();
const res = await bucketManager.listPrefix(bucket, {
prefix: path,
limit: 1000,
});
return res.data;
}
}

87
packages/plugins/plugin-lib/src/s3/access.ts Normal file
View File

@ -0,0 +1,87 @@
import { AccessInput, BaseAccess, IsAccess } from "@certd/pipeline";
/**
*
* certd
*/
@IsAccess({
name: "s3",
title: "s3/minio授权",
desc: "S3/minio oss授权",
icon: "mdi:folder-upload-outline",
})
export class S3Access extends BaseAccess {
@AccessInput({
title: "endpoint",
component: {
placeholder: "http://xxxxxx:9000",
name: "a-input",
vModel: "value",
},
helper: "Minio的地址如果是aws s3 则无需填写",
required: false,
})
endpoint!: string;
/**
* const minioClient = new S3Client({
* endpoint: "http://localhost:9000",
* forcePathStyle: true,
* credentials: {
* accessKeyId: "minioadmin", // 默认 MinIO 访问密钥
* secretAccessKey: "minioadmin", // 默认 MinIO 秘密密钥
* },
* region: "us-east-1",
* });
*/
@AccessInput({
title: "accessKeyId",
component: {
placeholder: "accessKeyId",
},
helper: "accessKeyId",
required: true,
})
accessKeyId!: string;
@AccessInput({
title: "secretAccessKey",
component: {
placeholder: "secretAccessKey",
component: {
name: "a-input",
vModel: "value",
},
},
helper: "secretAccessKey",
encrypt: true,
required: true,
})
secretAccessKey!: string;
@AccessInput({
title: "地区",
value: "us-east-1",
component: {
name: "a-input",
vModel: "value",
},
helper: "region",
required: true,
})
region!: string;
@AccessInput({
title: "存储桶",
component: {
name: "a-input",
vModel: "value",
},
helper: "bucket 名称",
required: true,
})
bucket!: string;
}
new S3Access();

1
packages/plugins/plugin-lib/src/s3/index.ts Normal file
View File

@ -0,0 +1 @@
export * from "./access.js";

113
packages/plugins/plugin-lib/src/ssh/ssh.ts
View File

@ -136,6 +136,20 @@ export class AsyncSsh2Client {
});
}
async listDir(options: { sftp: any; remotePath: string }) {
const { sftp, remotePath } = options;
return new Promise((resolve, reject) => {
this.logger.info(`listDir${remotePath}`);
sftp.readdir(remotePath, (err: Error, list: any) => {
if (err) {
reject(err);
return;
}
resolve(list);
});
});
}
async unlink(options: { sftp: any; remotePath: string }) {
const { sftp, remotePath } = options;
return new Promise((resolve, reject) => {
@ -283,6 +297,28 @@ export class AsyncSsh2Client {
}
return proxy;
}
async download(param: { remotePath: string; savePath: string; sftp: any }) {
return new Promise((resolve, reject) => {
const { remotePath, savePath, sftp } = param;
sftp.fastGet(
remotePath,
savePath,
{
step: (transferred: any, chunk: any, total: any) => {
this.logger.info(`${transferred} / ${total}`);
},
},
(err: any) => {
if (err) {
reject(err);
} else {
resolve({});
}
}
);
});
}
}
export class SshClient {
@ -329,17 +365,17 @@ export class SshClient {
}
}
if (options.uploadType === "sftp") {
const sftp = await conn.getSftp();
for (const transport of transports) {
await conn.fastPut({ sftp, ...transport, opts });
}
} else {
if (options.uploadType === "scp") {
//scp
for (const transport of transports) {
await this.scpUpload({ conn, ...transport, opts });
await new Promise(resolve => setTimeout(resolve, 1000));
}
} else {
const sftp = await conn.getSftp();
for (const transport of transports) {
await conn.fastPut({ sftp, ...transport, opts });
}
}
this.logger.info("文件全部上传成功");
@ -359,25 +395,29 @@ export class SshClient {
if (err) {
return reject(err);
}
// 准备 SCP 协议头
const fileStats = fs.statSync(localPath);
const fileName = path.basename(localPath);
try {
// 准备 SCP 协议头
const fileStats = fs.statSync(localPath);
const fileName = path.basename(localPath);
// SCP 协议格式C[权限] [文件大小] [文件名]\n
stream.write(`C0644 ${fileStats.size} ${fileName}\n`);
// SCP 协议格式C[权限] [文件大小] [文件名]\n
stream.write(`C0644 ${fileStats.size} ${fileName}\n`);
// 通过管道传输文件
fs.createReadStream(localPath)
.on("error", e => {
this.logger.info("read stream error", e);
reject(e);
})
.pipe(stream)
.on("finish", async () => {
this.logger.info(`上传完成:${localPath} => ${remotePath}`);
resolve(true);
})
.on("error", reject);
// 通过管道传输文件
fs.createReadStream(localPath)
.on("error", e => {
this.logger.info("read stream error", e);
reject(e);
})
.pipe(stream)
.on("finish", async () => {
this.logger.info(`上传完成:${localPath} => ${remotePath}`);
resolve(true);
})
.on("error", reject);
} catch (e) {
reject(e);
}
}
);
} catch (e) {
@ -526,4 +566,31 @@ export class SshClient {
conn.end();
}
}
async listDir(param: { connectConf: any; dir: string }) {
return await this._call<any>({
connectConf: param.connectConf,
callable: async (conn: AsyncSsh2Client) => {
const sftp = await conn.getSftp();
return await conn.listDir({
sftp,
remotePath: param.dir,
});
},
});
}
async download(param: { connectConf: any; filePath: string; savePath: string }) {
return await this._call<any>({
connectConf: param.connectConf,
callable: async (conn: AsyncSsh2Client) => {
const sftp = await conn.getSftp();
return await conn.download({
sftp,
remotePath: param.filePath,
savePath: param.savePath,
});
},
});
}
}

52
packages/plugins/plugin-lib/src/tencent/lib/cos-client.ts
View File

@ -1,5 +1,6 @@
import { TencentAccess } from "../access.js";
import { ILogger } from "@certd/basic";
import fs from "fs";
export class TencentCosClient {
access: TencentAccess;
@ -23,15 +24,19 @@ export class TencentCosClient {
return new sdk.default(clientConfig);
}
async uploadFile(key: string, file: Buffer) {
async uploadFile(key: string, file: Buffer | string) {
const cos = await this.getCosClient();
return new Promise((resolve, reject) => {
let readableStream = file as any;
if (typeof file === "string") {
readableStream = fs.createReadStream(file);
}
cos.putObject(
{
Bucket: this.bucket /* 必须 */,
Region: this.region /* 必须 */,
Key: key /* 必须 */,
Body: file, // 上传文件对象
Body: readableStream, // 上传文件对象
onProgress: function (progressData) {
console.log(JSON.stringify(progressData));
},
@ -66,4 +71,47 @@ export class TencentCosClient {
);
});
}
async downloadFile(key: string, savePath: string) {
const cos = await this.getCosClient();
const writeStream = fs.createWriteStream(savePath);
return new Promise((resolve, reject) => {
cos.getObject(
{
Bucket: this.bucket,
Region: this.region,
Key: key,
Output: writeStream,
},
function (err, data) {
if (err) {
reject(err);
return;
}
resolve(data);
}
);
});
}
async listDir(dirKey: string) {
const cos = await this.getCosClient();
return new Promise((resolve, reject) => {
cos.getBucket(
{
Bucket: this.bucket,
Region: this.region,
Prefix: dirKey,
MaxKeys: 1000,
},
function (err, data) {
if (err) {
reject(err);
return;
}
resolve(data.Contents);
}
);
});
}
}

8
packages/ui/certd-client/.env
View File

@ -1,12 +1,12 @@
VITE_APP_API=/api
VITE_APP_API=api
#登录与权限关闭
VITE_APP_PM_ENABLED=true
VITE_APP_TITLE=Certd
VITE_APP_SLOGAN=让你的证书永不过期
VITE_APP_COPYRIGHT_YEAR=2021-2024
VITE_APP_COPYRIGHT_YEAR=2021-2025
VITE_APP_COPYRIGHT_NAME=handsfree.work
VITE_APP_COPYRIGHT_URL=https://certd.handsfree.work
VITE_APP_LOGO=/static/images/logo/logo.svg
VITE_APP_LOGIN_LOGO=/static/images/logo/rect-black.svg
VITE_APP_LOGO=static/images/logo/logo.svg
VITE_APP_LOGIN_LOGO=static/images/logo/rect-black.svg
VITE_APP_PROJECT_PATH=https://github.com/certd/certd
VITE_APP_NAMESPACE=fs

2
packages/ui/certd-client/.env.production
View File

@ -1,3 +1,3 @@
VITE_APP_API=/api
VITE_APP_API=api
#登录与权限开启
VITE_APP_PM_ENABLED=true

13
packages/ui/certd-client/CHANGELOG.md
View File

@ -3,6 +3,19 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
### Bug Fixes
* 服务器时间获取不准确的bug ([5d10cbf](https://github.com/certd/certd/commit/5d10cbf18daf94a90a7551641a3b13e3c5fec611))
* 修复复制流水线无效的bug ([3df20a9](https://github.com/certd/certd/commit/3df20a924f32970b052e2588ea20de095f0ea693))
* 修复token过期后疯狂打印token过期信息的bug ([50a5fa1](https://github.com/certd/certd/commit/50a5fa15bb240a125bbc91d2ce1ff3c835888a77))
### Performance Improvements
* 数据库备份支持oss ([308d460](https://github.com/certd/certd/commit/308d4600efe2002f199c33b4594d3071784e58ea))
* 支持反向代理增加contextPath路径 ([0088929](https://github.com/certd/certd/commit/0088929622160cc922995de9a563e8061686ff34))
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
### Performance Improvements

6
packages/ui/certd-client/index.html
View File

@ -2,11 +2,11 @@
<html lang="en">
<head>
<meta charset="UTF-8"/>
<link rel="icon" href="/api/app/favicon"/>
<link rel="icon" href="api/app/favicon"/>
<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
<title>Loading</title>
<script src="/static/icons/iconfont.js"></script>
<link rel="stylesheet" type="text/css" href="/static/index.css"/>
<script src="static/icons/iconfont.js?v=<%=version%>"></script>
<link rel="stylesheet" type="text/css" href="static/index.css?v=<%=version%>"/>
</head>
<body>
<div id="app">

6
packages/ui/certd-client/package.json
View File

@ -1,6 +1,6 @@
{
"name": "@certd/ui-client",
"version": "1.33.7",
"version": "1.33.8",
"private": true,
"scripts": {
"dev": "vite --open",
@ -101,8 +101,8 @@
"zod-defaults": "^0.1.3"
},
"devDependencies": {
"@certd/lib-iframe": "^1.33.7",
"@certd/pipeline": "^1.33.7",
"@certd/lib-iframe": "^1.33.8",
"@certd/pipeline": "^1.33.8",
"@rollup/plugin-commonjs": "^25.0.7",
"@rollup/plugin-node-resolve": "^15.2.3",
"@types/chai": "^4.3.12",

2
packages/ui/certd-client/src/api/service.ts
View File

@ -120,7 +120,7 @@ function createService() {
errorLog(error, error?.response?.config?.showErrorNotify);
if (status === 401) {
const userStore = useUserStore();
userStore.logout();
userStore.logout(true, true);
}
if (error?.config?.onError) {

2
packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-tip.vue
View File

@ -21,6 +21,6 @@ const props = defineProps<{
}>();
const nslookupCmd = computed(() => {
return `nslookup -qa=txt _acme-challenge.${props.record.domain}`;
return `nslookup -q=txt _acme-challenge.${props.record.domain}`;
});
</script>

1
packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/http-verify-plan.vue
View File

@ -75,6 +75,7 @@ const uploaderTypeDict = dict({
{ label: "阿里云OSS", value: "alioss" },
{ label: "腾讯云COS", value: "tencentcos" },
{ label: "七牛OSS", value: "qiniuoss" },
{ label: "S3/Minio", value: "s3" },
{ label: "SSH(已废弃请选择SFTP方式)", value: "ssh", disabled: true },
],
});

22
packages/ui/certd-client/src/router/source/modules/certd.ts
View File

@ -98,17 +98,17 @@ export const certdResources = [
keepAlive: true,
},
},
{
title: "子域名托管设置",
name: "SubDomain",
path: "/certd/pipeline/subDomain",
component: "/certd/pipeline/sub-domain/index.vue",
meta: {
icon: "material-symbols:approval-delegation-outline",
auth: true,
keepAlive: true,
},
},
// {
// title: "子域名托管设置",
// name: "SubDomain",
// path: "/certd/pipeline/subDomain",
// component: "/certd/pipeline/sub-domain/index.vue",
// meta: {
// icon: "material-symbols:approval-delegation-outline",
// auth: true,
// keepAlive: true,
// },
// },
{
title: "流水线分组管理",
name: "PipelineGroupManager",

4
packages/ui/certd-client/src/store/settings/index.ts
View File

@ -161,10 +161,10 @@ export const useSettingStore = defineStore({
//@ts-ignore
if (this.isComm) {
if (siteInfo.logo) {
siteInfo.logo = `/api/basic/file/download?key=${siteInfo.logo}`;
siteInfo.logo = `api/basic/file/download?key=${siteInfo.logo}`;
}
if (siteInfo.loginLogo) {
siteInfo.loginLogo = `/api/basic/file/download?key=${siteInfo.loginLogo}`;
siteInfo.loginLogo = `api/basic/file/download?key=${siteInfo.loginLogo}`;
}
}
this.siteInfo = _.merge({}, defaultSiteInfo, siteInfo);

6
packages/ui/certd-client/src/store/user/index.ts
View File

@ -108,10 +108,12 @@ export const useUserStore = defineStore({
/**
* @description: logout
*/
async logout(goLogin = true) {
async logout(goLogin = true, from401 = false) {
this.resetState();
resetAllStores();
await UserApi.logout(); //主要是清空cookie
if (!from401) {
await UserApi.logout(); //主要是清空cookie
}
goLogin && router.push("/login");
mitter.emit("app.logout");
},

2
packages/ui/certd-client/src/views/certd/mine/user-profile.vue
View File

@ -7,7 +7,7 @@
<a-descriptions title="" bordered>
<a-descriptions-item label="用户名">{{ userInfo.username }}</a-descriptions-item>
<a-descriptions-item label="头像">
<a-avatar v-if="userInfo.avatar" size="large" :src="'/api/basic/file/download?&key=' + userInfo.avatar" style="background-color: #eee"> </a-avatar>
<a-avatar v-if="userInfo.avatar" size="large" :src="'api/basic/file/download?&key=' + userInfo.avatar" style="background-color: #eee"> </a-avatar>
<a-avatar v-else size="large" style="background-color: #00b4f5">
{{ userInfo.username }}
</a-avatar>

1
packages/ui/certd-client/src/views/certd/pipeline/crud.tsx
View File

@ -120,6 +120,7 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
function onDialogOpen(opt: any) {
const searchForm = crudExpose.getSearchValidatedFormData();
opt.initialForm = {
...opt.initialForm,
groupId: searchForm.groupId,
};
}

4
packages/ui/certd-client/src/views/framework/home/dashboard/index.vue
View File

@ -3,7 +3,7 @@
<div class="header-profile flex-wrap bg-white dark:bg-black">
<div class="flex flex-1">
<div class="avatar">
<a-avatar v-if="userInfo.avatar" size="large" :src="'/api/basic/file/download?&key=' + userInfo.avatar" style="background-color: #eee"> </a-avatar>
<a-avatar v-if="userInfo.avatar" size="large" :src="'api/basic/file/download?&key=' + userInfo.avatar" style="background-color: #eee"> </a-avatar>
<a-avatar v-else size="large" style="background-color: #00b4f5">
{{ userInfo.username }}
</a-avatar>
@ -182,7 +182,7 @@ const userInfo: ComputedRef<UserInfoRes> = computed(() => {
return userStore.getUserInfo;
});
const now = computed(() => {
const serverTime = settingStore.app.deltaTime + Date.now();
const serverTime = Date.now() - settingStore.app.deltaTime;
return dayjs(serverTime).format("YYYY-MM-DD HH:mm:ss");
});

2
packages/ui/certd-client/src/views/framework/login/image-code.vue
View File

@ -28,7 +28,7 @@ function onChange(value: string) {
const imageCodeUrl = ref();
function resetImageCode() {
const randomStr = nanoid(10);
let url = "/api/basic/code/captcha";
let url = "api/basic/code/captcha";
imageCodeUrl.value = url + "?randomStr=" + randomStr;
emit("update:randomStr", randomStr);
}

4
packages/ui/certd-client/src/views/sys/authority/user/crud.tsx
View File

@ -164,7 +164,7 @@ export default function ({ crudExpose }: CreateCrudOptionsProps): CreateCrudOpti
width: "auto",
},
buildUrl(key: string) {
return `/api/basic/file/download?&key=` + key;
return `api/basic/file/download?&key=` + key;
},
},
},
@ -190,7 +190,7 @@ export default function ({ crudExpose }: CreateCrudOptionsProps): CreateCrudOpti
},
},
buildUrl(key: string) {
return `/api/basic/file/download?&key=` + key;
return `api/basic/file/download?&key=` + key;
},
},
},

5
packages/ui/certd-client/vite.config.ts
View File

@ -21,9 +21,9 @@ export default ({ command, mode }) => {
const env = loadEnv(mode, process.cwd());
const devServerFs: any = {};
const devAlias: any[] = [];
const base = "/";
const base = "./";
// if (mode.startsWith("dev")) {
// base = "/dev";
// base = "./";
// }
return {
base: base,
@ -36,6 +36,7 @@ export default ({ command, mode }) => {
data: {
title: env.VITE_APP_TITLE,
projectPath: env.VITE_APP_PROJECT_PATH,
version: env.VITE_APP_VERSION,
},
},
}),

8
packages/ui/certd-server/CHANGELOG.md
View File

@ -3,6 +3,14 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
### Performance Improvements
* 数据库备份支持oss ([308d460](https://github.com/certd/certd/commit/308d4600efe2002f199c33b4594d3071784e58ea))
* 支持反向代理增加contextPath路径 ([0088929](https://github.com/certd/certd/commit/0088929622160cc922995de9a563e8061686ff34))
* 支持中文域名 ([162ebfd](https://github.com/certd/certd/commit/162ebfd4e0c25727efb33952d3bbf7420a02e2c3))
## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
### Performance Improvements

28
packages/ui/certd-server/package.json
View File

@ -1,6 +1,6 @@
{
"name": "@certd/ui-server",
"version": "1.33.7",
"version": "1.33.8",
"description": "fast-server base midway",
"private": true,
"type": "module",
@ -38,19 +38,19 @@
"@aws-sdk/client-acm": "^3.699.0",
"@aws-sdk/client-cloudfront": "^3.699.0",
"@aws-sdk/client-s3": "^3.705.0",
"@certd/acme-client": "^1.33.7",
"@certd/basic": "^1.33.7",
"@certd/commercial-core": "^1.33.7",
"@certd/jdcloud": "^1.33.7",
"@certd/lib-huawei": "^1.33.7",
"@certd/lib-k8s": "^1.33.7",
"@certd/lib-server": "^1.33.7",
"@certd/midway-flyway-js": "^1.33.7",
"@certd/pipeline": "^1.33.7",
"@certd/plugin-cert": "^1.33.7",
"@certd/plugin-lib": "^1.33.7",
"@certd/plugin-plus": "^1.33.7",
"@certd/plus-core": "^1.33.7",
"@certd/acme-client": "^1.33.8",
"@certd/basic": "^1.33.8",
"@certd/commercial-core": "^1.33.8",
"@certd/jdcloud": "^1.33.8",
"@certd/lib-huawei": "^1.33.8",
"@certd/lib-k8s": "^1.33.8",
"@certd/lib-server": "^1.33.8",
"@certd/midway-flyway-js": "^1.33.8",
"@certd/pipeline": "^1.33.8",
"@certd/plugin-cert": "^1.33.8",
"@certd/plugin-lib": "^1.33.8",
"@certd/plugin-plus": "^1.33.8",
"@certd/plus-core": "^1.33.8",
"@corsinvest/cv4pve-api-javascript": "^8.3.0",
"@huaweicloud/huaweicloud-sdk-cdn": "^3.1.120",
"@huaweicloud/huaweicloud-sdk-core": "^3.1.120",

14
packages/ui/certd-server/src/modules/cname/service/common-provider.ts
View File

@ -1,5 +1,5 @@
import { CreateRecordOptions, DnsProviderContext, IDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
import { PlusService } from '@certd/lib-server';
import {CreateRecordOptions, DnsProviderContext, IDnsProvider, RemoveRecordOptions} from '@certd/plugin-cert';
import {PlusService} from '@certd/lib-server';
export type CommonCnameProvider = {
id: number;
@ -24,7 +24,13 @@ export class CommonDnsProvider implements IDnsProvider {
this.plusService = opts.plusService;
}
async onInstance() {}
usePunyCode(): boolean {
return false
}
async onInstance() {
}
async createRecord(options: CreateRecordOptions) {
if (!this.config.domain.endsWith(options.domain)) {
throw new Error('cname服务域名不匹配');
@ -45,6 +51,7 @@ export class CommonDnsProvider implements IDnsProvider {
});
return res;
}
async removeRecord(options: RemoveRecordOptions<any>) {
const res = await this.plusService.requestWithToken({
url: '/activation/certd/cname/recordRemove',
@ -60,6 +67,7 @@ export class CommonDnsProvider implements IDnsProvider {
});
return res;
}
setCtx(ctx: DnsProviderContext): void {
this.ctx = ctx;
}

6
packages/ui/certd-server/src/plugins/plugin-aliyun/dns-provider/aliyun-dns-provider.ts
View File

@ -87,15 +87,13 @@ export class AliyunDnsProvider extends AbstractDnsProvider {
// }
async createRecord(options: CreateRecordOptions): Promise<any> {
const { fullRecord, value, type, domain } = options;
const { fullRecord,hostRecord, value, type, domain } = options;
this.logger.info('添加域名解析:', fullRecord, value, domain);
// const domain = await this.matchDomain(fullRecord);
const rr = fullRecord.replace('.' + domain, '');
const params = {
RegionId: 'cn-hangzhou',
DomainName: domain,
RR: rr,
RR: hostRecord,
Type: type,
Value: value,
// Line: 'oversea' // 海外

121
packages/ui/certd-server/src/plugins/plugin-other/plugins/plugin-db-backup.ts
View File

@ -1,14 +1,15 @@
import { IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
import fs from 'fs';
import path from 'path';
import dayjs from 'dayjs';
import { AbstractPlusTaskPlugin } from '@certd/plugin-plus';
import JSZip from 'jszip';
import * as os from 'node:os';
import { SshAccess, SshClient } from '@certd/plugin-lib';
import { IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
import fs from "fs";
import path from "path";
import dayjs from "dayjs";
import { AbstractPlusTaskPlugin } from "@certd/plugin-plus";
import JSZip from "jszip";
import * as os from "node:os";
import { OssClientContext, ossClientFactory, OssClientRemoveByOpts, SshAccess, SshClient } from "@certd/plugin-lib";
const defaultBackupDir = 'certd_backup';
const defaultFilePrefix = 'db-backup';
const defaultFilePrefix = 'db_backup';
@IsTaskPlugin({
name: 'DBBackupPlugin',
title: '数据库备份',
@ -30,8 +31,9 @@ export class DBBackupPlugin extends AbstractPlusTaskPlugin {
component: {
name: 'a-select',
options: [
{ label: '本地复制', value: 'local' },
{ label: 'ssh上传', value: 'ssh' },
{label: '本地复制', value: 'local'},
{label: 'ssh上传', value: 'ssh'},
{label: 'oss上传', value: 'oss'},
],
placeholder: '',
},
@ -57,6 +59,53 @@ export class DBBackupPlugin extends AbstractPlusTaskPlugin {
})
sshAccessId!: number;
@TaskInput({
title: 'OSS类型',
component: {
name: 'a-select',
options: [
{value: "alioss", label: "阿里云OSS"},
{value: "s3", label: "MinIO/S3"},
{value: "qiniuoss", label: "七牛云"},
{value: "tencentcos", label: "腾讯云COS"},
{value: "ftp", label: "Ftp"},
{value: "sftp", label: "Sftp"},
]
},
mergeScript: `
return {
show:ctx.compute(({form})=>{
return form.backupMode === 'oss';
})
}
`,
required: true,
})
ossType!: string;
@TaskInput({
title: 'OSS授权',
component: {
name: 'access-selector',
},
mergeScript: `
return {
show:ctx.compute(({form})=>{
return form.backupMode === 'oss';
}),
component:{
type: ctx.compute(({form})=>{
return form.ossType;
}),
}
}
`,
required: true,
})
ossAccessId!: number;
@TaskInput({
title: '备份保存目录',
component: {
@ -104,7 +153,9 @@ export class DBBackupPlugin extends AbstractPlusTaskPlugin {
})
retainDays!: number;
async onInstance() {}
async onInstance() {
}
async execute(): Promise<void> {
this.logger.info('开始备份数据库');
@ -114,11 +165,11 @@ export class DBBackupPlugin extends AbstractPlusTaskPlugin {
this.logger.error('数据库文件不存在:', dbPath);
return;
}
const dbTmpFilename = `${this.filePrefix}.${dayjs().format('YYYYMMDD.HHmmss')}.sqlite`;
const dbTmpFilename = `${this.filePrefix}_${dayjs().format('YYYYMMDD_HHmmss')}_sqlite`;
const dbZipFilename = `${dbTmpFilename}.zip`;
const tempDir = path.resolve(os.tmpdir(), 'certd_backup');
if (!fs.existsSync(tempDir)) {
await fs.promises.mkdir(tempDir, { recursive: true });
await fs.promises.mkdir(tempDir, {recursive: true});
}
const dbTmpPath = path.resolve(tempDir, dbTmpFilename);
const dbZipPath = path.resolve(tempDir, dbZipFilename);
@ -129,14 +180,14 @@ export class DBBackupPlugin extends AbstractPlusTaskPlugin {
const zip = new JSZip();
const stream = fs.createReadStream(dbTmpPath);
// 使用流的方式添加文件内容
zip.file(dbTmpFilename, stream, { binary: true, compression: 'DEFLATE' });
zip.file(dbTmpFilename, stream, {binary: true, compression: 'DEFLATE'});
const uploadDir = path.resolve('data', 'upload');
if (this.withUpload && fs.existsSync(uploadDir)) {
zip.folder(uploadDir);
}
const content = await zip.generateAsync({ type: 'nodebuffer' });
const content = await zip.generateAsync({type: 'nodebuffer'});
await fs.promises.writeFile(dbZipPath, content);
this.logger.info(`数据库文件压缩完成:${dbZipPath}`);
@ -164,7 +215,7 @@ export class DBBackupPlugin extends AbstractPlusTaskPlugin {
}
const dir = path.dirname(backupPath);
if (!fs.existsSync(dir)) {
await fs.promises.mkdir(dir, { recursive: true });
await fs.promises.mkdir(dir, {recursive: true});
}
backupPath = path.resolve(backupPath);
await fs.promises.copyFile(dbPath, backupPath);
@ -195,7 +246,7 @@ export class DBBackupPlugin extends AbstractPlusTaskPlugin {
this.logger.info('备份目录:', backupPath);
await sshClient.uploadFiles({
connectConf: access,
transports: [{ localPath: dbPath, remotePath: backupPath }],
transports: [{localPath: dbPath, remotePath: backupPath}],
mkdirs: true,
});
this.logger.info('备份文件上传完成');
@ -221,7 +272,39 @@ export class DBBackupPlugin extends AbstractPlusTaskPlugin {
}
private async ossBackup(dbPath: string, backupDir: string, backupPath: string) {
// TODO
if (!this.ossAccessId) {
throw new Error('未配置ossAccessId');
}
const access = await this.getAccess(this.ossAccessId);
const ossType = this.ossType
const ctx: OssClientContext = {
logger: this.logger,
utils: this.ctx.utils,
accessService:this.accessService
}
this.logger.info(`开始备份文件到:${ossType}`);
const client = await ossClientFactory.createOssClientByType(ossType, {
access,
ctx,
})
await client.upload(backupPath, dbPath);
if (this.retainDays > 0) {
// 删除过期备份
this.logger.info('开始删除过期备份文件');
const removeByOpts: OssClientRemoveByOpts = {
dir: backupDir,
beforeDays: this.retainDays,
};
await client.removeBy(removeByOpts);
this.logger.info('删除过期备份文件完成');
}else{
this.logger.info('已禁止删除过期文件');
}
}
}
new DBBackupPlugin();

0
packages/ui/certd-server/src/plugins/plugin-51dns/client.test.mjs → packages/ui/certd-server/test/plugins/51dns.test.mjs
View File

1243
pnpm-lock.yaml
View File

File diff suppressed because it is too large Load Diff