mirror of
https://github.com/allinssl/allinssl.git
synced 2025-12-15 09:55:37 +08:00
93 lines
2.4 KiB
Go
93 lines
2.4 KiB
Go
package aliyun
|
||
|
||
import (
|
||
"ALLinSSL/backend/internal/access"
|
||
"encoding/json"
|
||
"fmt"
|
||
openapi "github.com/alibabacloud-go/darabonba-openapi/v2/client"
|
||
dcdn "github.com/alibabacloud-go/dcdn-20180115/v3/client"
|
||
util "github.com/alibabacloud-go/tea-utils/v2/service"
|
||
"github.com/alibabacloud-go/tea/tea"
|
||
"strconv"
|
||
)
|
||
|
||
func CreateDcdnClient(accessKey, accessSecret string) (*dcdn.Client, error) {
|
||
config := &openapi.Config{
|
||
AccessKeyId: tea.String(accessKey),
|
||
AccessKeySecret: tea.String(accessSecret),
|
||
RegionId: tea.String("cn-hangzhou"),
|
||
}
|
||
return dcdn.NewClient(config)
|
||
}
|
||
|
||
func DeployCertToDcdn(client *dcdn.Client, domain, certPEM, privkeyPEM string) error {
|
||
request := &dcdn.SetDcdnDomainSSLCertificateRequest{
|
||
DomainName: tea.String(domain),
|
||
SSLPri: tea.String(privkeyPEM),
|
||
SSLPub: tea.String(certPEM),
|
||
SSLProtocol: tea.String("on"),
|
||
CertType: tea.String("upload"),
|
||
}
|
||
|
||
runtime := &util.RuntimeOptions{}
|
||
|
||
_, err := client.SetDcdnDomainSSLCertificateWithOptions(request, runtime)
|
||
if err != nil {
|
||
return err
|
||
}
|
||
return nil
|
||
|
||
}
|
||
|
||
func DeployAliyunDcdn(cfg map[string]any) error {
|
||
cert, ok := cfg["certificate"].(map[string]any)
|
||
if !ok {
|
||
return fmt.Errorf("证书不存在")
|
||
}
|
||
var providerID string
|
||
switch v := cfg["provider_id"].(type) {
|
||
case float64:
|
||
providerID = strconv.Itoa(int(v))
|
||
case string:
|
||
providerID = v
|
||
default:
|
||
return fmt.Errorf("参数错误:provider_id")
|
||
}
|
||
//
|
||
providerData, err := access.GetAccess(providerID)
|
||
if err != nil {
|
||
return err
|
||
}
|
||
providerConfigStr, ok := providerData["config"].(string)
|
||
if !ok {
|
||
return fmt.Errorf("api配置错误")
|
||
}
|
||
// 解析 JSON 配置
|
||
var providerConfig map[string]string
|
||
err = json.Unmarshal([]byte(providerConfigStr), &providerConfig)
|
||
if err != nil {
|
||
return err
|
||
}
|
||
client, err := CreateDcdnClient(providerConfig["access_key_id"], providerConfig["access_key_secret"])
|
||
if err != nil {
|
||
return fmt.Errorf("创建 DCDN 客户端失败: %w", err)
|
||
}
|
||
certPEM, ok := cert["cert"].(string)
|
||
if !ok {
|
||
return fmt.Errorf("证书内容不存在或格式错误")
|
||
}
|
||
privkeyPEM, ok := cert["key"].(string)
|
||
if !ok {
|
||
return fmt.Errorf("私钥内容不存在或格式错误")
|
||
}
|
||
domain, ok := cfg["domain"].(string)
|
||
if !ok {
|
||
return fmt.Errorf("域名不存在或格式错误")
|
||
}
|
||
err = DeployCertToDcdn(client, domain, certPEM, privkeyPEM)
|
||
if err != nil {
|
||
return fmt.Errorf("部署证书到 DCDN 失败: %w", err)
|
||
}
|
||
return nil
|
||
}
|