perf: 申请证书时可以选择跳过本地dns校验

2024-07-08 15:35:58 +08:00 · 2024-07-08 15:35:58 +08:00 · fe91d94090
parent 56ab3269d2
commit fe91d94090
2 changed files with 28 additions and 3 deletions
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
@ -18,12 +18,20 @@ export class AcmeService {
  userContext: IContext;
  logger: Logger;
  sslProvider: SSLProvider;
+  skipLocalVerify = true;
  eab?: ClientExternalAccountBindingOptions;
-  constructor(options: { userContext: IContext; logger: Logger; sslProvider: SSLProvider; eab?: ClientExternalAccountBindingOptions }) {
+  constructor(options: {
+    userContext: IContext;
+    logger: Logger;
+    sslProvider: SSLProvider;
+    eab?: ClientExternalAccountBindingOptions;
+    skipLocalVerify?: boolean;
+  }) {
    this.userContext = options.userContext;
    this.logger = options.logger;
    this.sslProvider = options.sslProvider || "letsencrypt";
    this.eab = options.eab;
+    this.skipLocalVerify = options.skipLocalVerify ?? false;
    acme.setLogger((text: string) => {
      this.logger.info(text);
    });
@ -192,7 +200,7 @@ export class AcmeService {
      csr,
      email: email,
      termsOfServiceAgreed: true,
-      skipChallengeVerification: false,
+      skipChallengeVerification: this.skipLocalVerify,
      challengePriority: ["dns-01"],
      challengeCreateFn: async (authz: acme.Authorization, challenge: Challenge, keyAuthorization: string): Promise<any> => {
        return await this.challengeCreateFn(authz, challenge, keyAuthorization, dnsProvider);
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
@ -109,6 +109,17 @@ export class CertApplyPlugin extends AbstractTaskPlugin {
  })
  dnsProviderAccess!: string;

+  @TaskInput({
+    title: "跳过本地校验DNS解析",
+    default: false,
+    component: {
+      name: "a-switch",
+      vModel: "checked",
+    },
+    helper: "如果重试多次出现Authorization not found TXT record，导致无法申请成功，请尝试开启此选项",
+  })
+  skipLocalVerify = false;
+
  @TaskInput({
    title: "更新天数",
    component: {
@ -165,7 +176,13 @@ export class CertApplyPlugin extends AbstractTaskPlugin {
    if (this.eabAccessId) {
      eab = await this.ctx.accessService.getById(this.eabAccessId);
    }
-    this.acme = new AcmeService({ userContext: this.userContext, logger: this.logger, sslProvider: this.sslProvider, eab });
+    this.acme = new AcmeService({
+      userContext: this.userContext,
+      logger: this.logger,
+      sslProvider: this.sslProvider,
+      eab,
+      skipLocalVerify: this.skipLocalVerify,
+    });
  }

  async execute(): Promise<void> {