lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-24 04:17:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'v2-dev' into v2

Browse Source
This commit is contained in:
xiaojunnuo
2025-06-05 23:56:47 +08:00
parent 9d6ad771a3 4cfb2644c6
commit 1bbed351ba
84 changed files with 1012 additions and 296 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/ui/certd-client/CHANGELOG.md
+15
View File
@@ -3,6 +3,21 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
### Bug Fixes
* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
### Performance Improvements
* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
* 优化cname检查,当有冲突的cname记录时,给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
* 增加下载日志按钮 ([6ff509d](https://github.com/certd/certd/commit/6ff509d263c0182645b4692c10b5fedb192db964))
* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
### Performance Improvements
packages/ui/certd-client/package.json
+4 -4
View File
@@ -1,6 +1,6 @@
{
"name": "@certd/ui-client",
"version": "1.34.10",
"version": "1.34.11",
"private": true,
"scripts": {
"dev": "vite --open",
@@ -9,7 +9,7 @@
"debug": "vite --mode debug --open",
"debug:pm": "vite --mode debugpm",
"debug:force": "vite --force --mode debug",
"build": "cross-env NODE_OPTIONS=--max-old-space-size=32768 vite build ",
"build": "cross-env NODE_OPTIONS=--max-old-space-size=40960 vite build ",
"dev-build": "echo 1",
"test:unit": "vitest",
"serve": "vite preview",
@@ -102,8 +102,8 @@
"zod-defaults": "^0.1.3"
},
"devDependencies": {
"@certd/lib-iframe": "^1.34.10",
"@certd/pipeline": "^1.34.10",
"@certd/lib-iframe": "^1.34.11",
"@certd/pipeline": "^1.34.11",
"@rollup/plugin-commonjs": "^25.0.7",
"@rollup/plugin-node-resolve": "^15.2.3",
"@types/chai": "^4.3.12",
packages/ui/certd-client/public/template-import.csv → packages/ui/certd-client/public/site-import-template.csv
View File
packages/ui/certd-client/src/components/index.ts
+2
View File
@@ -15,6 +15,7 @@ import PemInput from "./pem-input.vue";
import { defineAsyncComponent } from "vue";
import NotificationSelector from "../views/certd/notification/notification-selector/index.vue";
import EmailSelector from "./email-selector/index.vue";
import ValidTimeFormat from "./valid-time-format.vue";
export default {
install(app: any) {
app.component(
@@ -27,6 +28,7 @@ export default {
app.component("TextEditable", TextEditable);
app.component("FileInput", FileInput);
app.component("PemInput", PemInput);
app.component("ValidTimeFormat", ValidTimeFormat);
// app.component("CodeEditor", CodeEditor);
app.component("CronLight", CronLight);
packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/api.ts
+1
View File
@@ -8,6 +8,7 @@ export type CnameRecord = {
status?: string;
hostRecord?: string;
recordValue?: string;
error?: string;
};
export type DomainGroupItem = {
packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue
+3
View File
@@ -13,6 +13,9 @@
</td>
<td class="status center flex-center">
<fs-values-format v-model="cnameRecord.status" :dict="statusDict" />
<a-tooltip v-if="cnameRecord.error" :title="cnameRecord.error">
<fs-icon class="ml-5 color-red" icon="ion:warning-outline"></fs-icon>
</a-tooltip>
</td>
<td class="center">
<template v-if="cnameRecord.status !== 'valid'">
packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-verify-plan.vue
+1 -1
View File
@@ -21,7 +21,7 @@ import CnameRecordInfo from "/@/components/plugins/cert/domains-verify-plan-edit
import { computed } from "vue";
defineOptions({
name: "CnameVerifyPlan"
name: "CnameVerifyPlan",
});
const emit = defineEmits(["update:modelValue", "change"]);
packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/index.vue
+1
View File
@@ -55,6 +55,7 @@
</div>
<div v-if="item.type === 'http'" class="plan-http">
<http-verify-plan v-model="item.httpVerifyPlan" @change="onPlanChanged" />
<div class="helper">证书颁发机构将请求 https://yourdomain/.well-known/acme-challenge/xxxxxx 来验证域名所有权。</div>
</div>
</div>
</td>
packages/ui/certd-client/src/components/valid-time-format.vue
+32
View File
@@ -0,0 +1,32 @@
<template>
<div class="valid-time-format">
<a-tag v-if="isExpired" color="red">{{ prefix || "" }}已过期</a-tag>
<a-tag v-if="isValid" color="green" :title="date">
<fs-time-humanize v-if="humanize" :model-value="modelValue" :options="{ largest: 1, units: ['y', 'd', 'h'] }" :use-format-greater="30000000000" />
<template v-else> {{ prefix || "" }}{{ date }} </template>
</a-tag>
</div>
</template>
<script setup lang="ts">
import { computed } from "vue";
import dayjs from "dayjs";
const props = defineProps<{
modelValue: number;
humanize?: boolean;
prefix?: string;
}>();
const date = computed(() => {
return dayjs(props.modelValue || 0).format("YYYY-MM-DD");
});
const isValid = computed(() => {
return props.modelValue > 0 && props.modelValue > new Date().getTime();
});
const isExpired = computed(() => {
return props.modelValue > 0 && props.modelValue < new Date().getTime();
});
</script>
packages/ui/certd-client/src/components/vip-button/index.vue
+2 -2
View File
@@ -233,13 +233,13 @@ function openUpgrade() {
desc: "社区免费版",
type: "free",
icon: "lucide:package-open",
privilege: ["证书申请无限制", "域名数量无限制", "证书流水线数量无限制", "常用的主机、云平台、cdn等部署插件", "邮件、webhook通知方式"],
privilege: ["证书申请无限制", "域名数量无限制", "证书流水线数量无限制", "常用的主机、云平台、cdn、宝塔、1Panel等部署插件", "邮件、webhook通知方式"],
},
plus: {
title: "专业版",
desc: "开源需要您的赞助支持",
type: "plus",
privilege: ["可加VIP群,您的需求将优先实现", "站点证书监控无限制", "更多通知方式", "插件全开放,更多强大的部署插件,宝塔、群晖、1Panel等"],
privilege: ["可加VIP群,您的需求将优先实现", "站点证书监控无限制", "更多通知方式", "插件全开放,群辉等更多插件"],
trial: {
title: "点击获取7天试用",
click: () => {
packages/ui/certd-client/src/plugin/fast-crud/index.tsx
+4 -4
View File
@@ -120,10 +120,10 @@ function install(app: App, options: any = {}) {
rowHandle: {
fixed: "right",
buttons: {
view: { type: "link", text: null, icon: "ion:eye-outline" },
copy: { show: true, type: "link", text: null, icon: "ion:copy-outline" },
edit: { type: "link", text: null, icon: "ion:create-outline" },
remove: { type: "link", style: { color: "red" }, text: null, icon: "ion:trash-outline" },
view: { type: "link", text: null, icon: "ion:eye-outline", tooltip: { title: "查看" } },
copy: { show: true, type: "link", text: null, icon: "ion:copy-outline", tooltip: { title: "复制" } },
edit: { type: "link", text: null, icon: "ion:create-outline", tooltip: { title: "编辑" } },
remove: { type: "link", style: { color: "red" }, text: null, icon: "ion:trash-outline", tooltip: { title: "删除" } },
},
dropdown: {
more: {
packages/ui/certd-client/src/router/source/modules/certd.ts
+1 -1
View File
@@ -122,7 +122,7 @@ export const certdResources = [
},
{
title: "OpenKey",
title: "开放接口密钥",
name: "OpenKey",
path: "/certd/open/openkey",
component: "/certd/open/openkey/index.vue",
packages/ui/certd-client/src/store/settings/api.basic.ts
+1
View File
@@ -30,6 +30,7 @@ export type PlusInfo = {
};
export type SysPublicSetting = {
registerEnabled?: boolean;
userValidTimeEnabled?: boolean;
usernameRegisterEnabled?: boolean;
mobileRegisterEnabled?: boolean;
emailRegisterEnabled?: boolean;
packages/ui/certd-client/src/store/user/api.user.ts
+2
View File
@@ -27,6 +27,8 @@ export interface UserInfoRes {
avatar?: string;
roleIds: number[];
isWeak?: boolean;
validTime?: number;
status?: number;
}
export interface LoginRes {
packages/ui/certd-client/src/views/certd/cname/record/crud.tsx
+23 -11
View File
@@ -2,7 +2,7 @@ import * as api from "./api";
import { useI18n } from "vue-i18n";
import { Ref, ref } from "vue";
import { useRouter } from "vue-router";
import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
import { AddReq, compute, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
import { useUserStore } from "/@/store/user";
import { useSettingStore } from "/@/store/settings";
import { message } from "ant-design-vue";
@@ -31,7 +31,15 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
const settingStore = useSettingStore();
const selectedRowKeys: Ref<any[]> = ref([]);
context.selectedRowKeys = selectedRowKeys;
const dictRef = dict({
data: [
{ label: "待设置CNAME", value: "cname", color: "warning" },
{ label: "验证中", value: "validating", color: "blue" },
{ label: "验证成功", value: "valid", color: "green" },
{ label: "验证失败", value: "failed", color: "red" },
{ label: "验证超时", value: "timeout", color: "red" },
],
});
return {
crudOptions: {
settings: {
@@ -174,21 +182,25 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
status: {
title: "状态",
type: "dict-select",
dict: dict({
data: [
{ label: "待设置CNAME", value: "cname", color: "warning" },
{ label: "验证中", value: "validating", color: "blue" },
{ label: "验证成功", value: "valid", color: "green" },
{ label: "验证失败", value: "failed", color: "red" },
{ label: "验证超时", value: "timeout", color: "red" },
],
}),
dict: dictRef,
addForm: {
show: false,
},
column: {
width: 120,
align: "center",
cellRender({ value, row }) {
return (
<div class={"flex flex-center"}>
<fs-values-format modelValue={value} dict={dictRef}></fs-values-format>
{row.error && (
<a-tooltip title={row.error}>
<fs-icon class={"ml-5 color-red"} icon="ion:warning-outline"></fs-icon>
</a-tooltip>
)}
</div>
);
},
},
},
triggerValidate: {
packages/ui/certd-client/src/views/certd/history/api.ts
+7 -7
View File
@@ -6,7 +6,7 @@ export async function GetList(query: any) {
return await request({
url: apiPrefix + "/page",
method: "post",
data: query
data: query,
});
}
@@ -14,7 +14,7 @@ export async function AddObj(obj: any) {
return await request({
url: apiPrefix + "/add",
method: "post",
data: obj
data: obj,
});
}
@@ -22,7 +22,7 @@ export async function UpdateObj(obj: any) {
return await request({
url: apiPrefix + "/update",
method: "post",
data: obj
data: obj,
});
}
@@ -30,7 +30,7 @@ export async function DelObj(id: any) {
return await request({
url: apiPrefix + "/delete",
method: "post",
params: { id }
params: { id },
});
}
@@ -38,7 +38,7 @@ export async function GetObj(id: any) {
return await request({
url: apiPrefix + "/info",
method: "post",
params: { id }
params: { id },
});
}
@@ -46,7 +46,7 @@ export async function GetDetail(id: any) {
return await request({
url: apiPrefix + "/detail",
method: "post",
params: { id }
params: { id },
});
}
@@ -54,6 +54,6 @@ export async function DeleteBatch(ids: any[]) {
return await request({
url: apiPrefix + "/deleteByIds",
method: "post",
data: { ids }
data: { ids },
});
}
packages/ui/certd-client/src/views/certd/monitor/site/api.ts
+8
View File
@@ -56,6 +56,14 @@ export const siteInfoApi = {
});
},
async Import(form: any) {
return await request({
url: apiPrefix + "/import",
method: "post",
data: form,
});
},
async DisabledChange(id: number, disabled: boolean) {
return await request({
url: apiPrefix + "/disabledChange",
packages/ui/certd-client/src/views/certd/monitor/site/crud.tsx
+16 -1
View File
@@ -8,6 +8,7 @@ import { useSettingStore } from "/@/store/settings";
import { mySuiteApi } from "/@/views/certd/suite/mine/api";
import { mitter } from "/@/utils/util.mitt";
import { useSiteIpMonitor } from "./ip/use";
import { useSiteImport } from "/@/views/certd/monitor/site/use";
export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
const { t } = useI18n();
@@ -44,6 +45,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
});
const { openSiteIpMonitorDialog } = useSiteIpMonitor();
const { openSiteImportDialog } = useSiteImport();
return {
crudOptions: {
request: {
@@ -97,6 +99,19 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
await crudExpose.openAdd({});
},
},
//导入按钮
import: {
show: true,
text: "批量导入",
type: "primary",
async click() {
openSiteImportDialog({
afterSubmit() {
crudExpose.doRefresh();
},
});
},
},
},
},
rowHandle: {
@@ -235,7 +250,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
},
};
return (
<a-popover placement="left" v-slots={slots} overlayStyle={{ maxWidth: "30%" }}>
<a-popover placement={"left"} v-slots={slots} overlayStyle={{ maxWidth: "30%" }}>
{row.certDomains}
</a-popover>
);
packages/ui/certd-client/src/views/certd/monitor/site/ip/api.ts
+7
View File
@@ -68,4 +68,11 @@ export const siteIpApi = {
},
});
},
async Import(form: any) {
return await request({
url: apiPrefix + "/import",
method: "post",
data: form,
});
},
};
packages/ui/certd-client/src/views/certd/monitor/site/ip/crud.tsx
+16 -5
View File
@@ -4,13 +4,11 @@ import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, Edi
import { siteIpApi } from "./api";
import dayjs from "dayjs";
import { Modal, notification } from "ant-design-vue";
import { useSettingStore } from "/@/store/settings";
import { useSiteIpMonitor } from "/@/views/certd/monitor/site/ip/use";
export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
const { t } = useI18n();
const api = siteIpApi;
const { crudBinding } = crudExpose;
const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
if (!query.query) {
query.query = {};
@@ -36,8 +34,6 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
return res;
};
const settingsStore = useSettingStore();
const checkStatusDict = dict({
data: [
{ label: "成功", value: "ok", color: "green" },
@@ -45,6 +41,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
{ label: "异常", value: "error", color: "red" },
],
});
const { openSiteIpImportDialog } = useSiteIpMonitor();
return {
crudOptions: {
request: {
@@ -75,6 +72,19 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
await crudExpose.openAdd({});
},
},
import: {
show: true,
text: "批量导入",
type: "primary",
async click() {
openSiteIpImportDialog({
siteId: context.props.siteId,
afterSubmit() {
crudExpose.doRefresh();
},
});
},
},
load: {
text: "同步IP",
type: "primary",
@@ -295,6 +305,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
data: [
{ label: "同步", value: "sync", color: "green" },
{ label: "手动", value: "manual", color: "blue" },
{ label: "导入", value: "import", color: "blue" },
],
}),
form: {
packages/ui/certd-client/src/views/certd/monitor/site/ip/use.tsx
+37 -3
View File
@@ -1,11 +1,10 @@
import { useFormWrapper } from "@fast-crud/fast-crud";
import { useRouter } from "vue-router";
import SiteIpCertMonitor from "./index.vue";
import { siteIpApi } from "/@/views/certd/monitor/site/ip/api";
export function useSiteIpMonitor() {
const { openDialog } = useFormWrapper();
const router = useRouter();
const { openDialog, openCrudFormDialog } = useFormWrapper();
async function openSiteIpMonitorDialog(opts: { siteId: number }) {
await openDialog({
@@ -34,7 +33,42 @@ export function useSiteIpMonitor() {
});
}
async function openSiteIpImportDialog(opts: { afterSubmit: any; siteId: any }) {
const { afterSubmit } = opts;
await openCrudFormDialog<any>({
crudOptions: {
columns: {
text: {
type: "textarea",
title: "IP列表",
form: {
helper: "IP或者CNAME域名,一行一个",
rules: [{ required: true, message: "请输入要导入的IP或域名" }],
component: {
placeholder: "192.168.1.2\ncname.foo.com",
rows: 8,
},
col: {
span: 24,
},
},
},
},
form: {
async doSubmit({ form }) {
return siteIpApi.Import({
...form,
siteId: opts.siteId,
});
},
afterSubmit,
},
},
});
}
return {
openSiteIpMonitorDialog,
openSiteIpImportDialog,
};
}
packages/ui/certd-client/src/views/certd/monitor/site/use.tsx
+41
View File
@@ -0,0 +1,41 @@
import { useFormWrapper } from "@fast-crud/fast-crud";
import { siteInfoApi } from "./api";
export function useSiteImport() {
const { openCrudFormDialog } = useFormWrapper();
async function openSiteImportDialog(opts: { afterSubmit: any }) {
const { afterSubmit } = opts;
await openCrudFormDialog<any>({
crudOptions: {
columns: {
text: {
type: "textarea",
title: "域名列表",
form: {
helper: "格式【域名:端口:名称】,一行一个,其中端口、名称可以省略\n比如:\nwww.baidu.com:443:百度\nwww.taobao.com::淘宝\nwww.google.com",
rules: [{ required: true, message: "请输入要导入的域名" }],
component: {
placeholder: "www.baidu.com:443:百度\nwww.taobao.com::淘宝\nwww.google.com\n",
rows: 8,
},
col: {
span: 24,
},
},
},
},
form: {
async doSubmit({ form }) {
return siteInfoApi.Import(form);
},
afterSubmit,
},
},
});
}
return {
openSiteImportDialog,
};
}
packages/ui/certd-client/src/views/certd/pipeline/crud.tsx
+3
View File
@@ -223,6 +223,7 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
play: {
order: -999,
title: "运行流水线",
tooltip: { title: "运行流水线" },
type: "link",
icon: "ant-design:play-circle-outlined",
click({ row }) {
@@ -276,6 +277,7 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
viewCert: {
order: 3,
title: "查看证书",
tooltip: { title: "查看证书" },
type: "link",
icon: "ph:certificate",
async click({ row }) {
@@ -286,6 +288,7 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
order: 4,
type: "link",
title: "下载证书",
tooltip: { title: "下载证书" },
icon: "ant-design:download-outlined",
async click({ row }) {
await downloadCert(row);
packages/ui/certd-client/src/views/certd/pipeline/group/group-selector.vue
+1 -1
View File
@@ -1,7 +1,7 @@
<template>
<div class="pi-group-selector flex full-w">
<div class="flex-1">
<fs-dict-select :value="modelValue" :dict="groupDictRef" @update:value="doUpdate"></fs-dict-select>
<fs-dict-select :value="modelValue" :dict="groupDictRef" :allow-clear="true" @update:value="doUpdate"></fs-dict-select>
</div>
<fs-table-select
packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/task-view/index.vue
+22 -8
View File
@@ -23,14 +23,11 @@
</a-tab-pane>
</a-tabs>
<template #footer>
<a-tooltip title="AI分析异常">
<fs-button v-if="settingsStore.sysPublic.aiChatEnabled !== false" key="aiChat" type="primary" icon="ion:color-wand-outline" @click="taskModal.onAiChat">AI分析</fs-button>
</a-tooltip>
<a-tooltip title="强制重新执行此步骤">
<fs-button key="rerun" type="primary" text="重新运行" icon="icon-park-outline:replay-music" @click="triggerRun(activeKey)"></fs-button>
</a-tooltip>
<fs-button key="cancel" icon="ion:close-circle-outline" @click="taskModal.onOk">关闭</fs-button>
<fs-button key="submit" icon="ion:checkmark-circle-outline" type="primary" @click="taskModal.onOk">确定</fs-button>
<fs-button v-if="settingsStore.sysPublic.aiChatEnabled !== false" key="aiChat" :tooltip="{ title: 'AI分析异常' }" type="primary" icon="ion:color-wand-outline" @click="taskModal.onAiChat">AI分析</fs-button>
<fs-button key="rerun" type="primary" :tooltip="{ title: '强制重新执行此步骤' }" text="重新运行" icon="icon-park-outline:replay-music" @click="triggerRun(activeKey)"></fs-button>
<fs-button key="downloadLogs" type="primary" :tooltip="{ title: '当前任务日志下载' }" icon="ion:arrow-down-circle-outline" @click="taskModal.onDownloadLogs">下载日志</fs-button>
<fs-button key="cancel" :tooltip="{ title: '关闭窗口' }" icon="ion:close-circle-outline" @click="taskModal.onOk">关闭</fs-button>
<!-- <fs-button key="submit" :tooltip="{ title: '关闭窗口' }" icon="ion:checkmark-circle-outline" type="primary" @click="taskModal.onOk">确定</fs-button>-->
</template>
</a-modal>
</template>
@@ -41,6 +38,7 @@ import { RunHistory } from "../../type";
import PiStatusShow from "/@/views/certd/pipeline/pipeline/component/status-show.vue";
import { usePreferences } from "/@/vben/preferences";
import { useSettingStore } from "/@/store/settings/index";
import { notification } from "ant-design-vue";
export default {
name: "PiTaskView",
components: { PiStatusShow },
@@ -56,6 +54,22 @@ export default {
onAiChat() {
onAiChat();
},
onDownloadLogs() {
const logs = currentHistory.value?.logs[activeKey.value];
if (!logs || logs.length === 0) {
notification.warning({
message: "没有日志",
});
return;
}
const logText = logs.join("");
const blob = new Blob([logText], { type: "text/plain;charset=utf-8" });
const a = document.createElement("a");
a.href = URL.createObjectURL(blob);
a.download = "certd-task-log.txt";
a.click();
URL.revokeObjectURL(a.href);
},
cancelText: "关闭",
});
const { isMobile } = usePreferences();
packages/ui/certd-client/src/views/framework/home/dashboard/index.vue
+4
View File
@@ -35,6 +35,10 @@
<a-divider type="vertical" />
<suite-card class="m-0"></suite-card>
</template>
<template v-if="settingsStore.isPlus && settingsStore.sysPublic.userValidTimeEnabled === true && userInfo.validTime">
<a-divider type="vertical" />
<valid-time-format class="flex-o" prefix="账户有效期:" :model-value="userInfo.validTime" />
</template>
</div>
</div>
</div>
packages/ui/certd-client/src/views/sys/authority/user/crud.tsx
+44 -1
View File
@@ -1,7 +1,9 @@
import * as api from "./api";
import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
import { AddReq, compute, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
import { useUserStore } from "/@/store/user";
import { Modal, notification } from "ant-design-vue";
import dayjs from "dayjs";
import { useSettingStore } from "/@/store/settings";
export default function ({ crudExpose }: CreateCrudOptionsProps): CreateCrudOptionsRet {
const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
@@ -21,6 +23,10 @@ export default function ({ crudExpose }: CreateCrudOptionsProps): CreateCrudOpti
const userStore = useUserStore();
const settingStore = useSettingStore();
const userValidTimeEnabled = compute(() => {
return settingStore.sysPublic.userValidTimeEnabled === true;
});
return {
crudOptions: {
request: {
@@ -210,6 +216,43 @@ export default function ({ crudExpose }: CreateCrudOptionsProps): CreateCrudOpti
width: 100,
},
},
validTime: {
title: "有效期",
type: "date",
form: {
show: userValidTimeEnabled,
},
column: {
align: "center",
sorter: true,
width: 100,
show: userValidTimeEnabled,
cellRender({ value }) {
if (value == null || value === 0) {
return "";
}
if (value < dayjs().valueOf()) {
return <a-tag color={"red"}></a-tag>;
}
const date = dayjs(value).format("YYYY-MM-DD");
return (
<a-tag color={"green"} title={date}>
<fs-time-humanize modelValue={value} options={{ largest: 1, units: ["y", "d", "h"] }} useFormatGreater={30000000000} />
</a-tag>
);
},
},
valueBuilder({ value, row, key }) {
if (value != null) {
row[key] = dayjs(value);
}
},
valueResolve({ value, row, key }) {
if (value != null) {
row[key] = value.valueOf();
}
},
},
remark: {
title: "备注",
type: "text",
packages/ui/certd-client/src/views/sys/settings/tabs/register.vue
+15
View File
@@ -11,6 +11,13 @@
<a-form-item label="开启自助注册" :name="['public', 'registerEnabled']">
<a-switch v-model:checked="formState.public.registerEnabled" />
</a-form-item>
<a-form-item label="开启用户有效期" :name="['public', 'userValidTimeEnabled']">
<div class="flex-o">
<a-switch v-model:checked="formState.public.userValidTimeEnabled" :disabled="!settingsStore.isPlus" />
<vip-button class="ml-5" mode="button"></vip-button>
</div>
<div class="helper">有效期内用户可正常使用失效后流水线将被停用</div>
</a-form-item>
<template v-if="formState.public.registerEnabled">
<a-form-item label="开启用户名注册" :name="['public', 'usernameRegisterEnabled']">
<a-switch v-model:checked="formState.public.usernameRegisterEnabled" />
@@ -154,6 +161,14 @@ async function loadSysSettings() {
if (data?.private.sms?.type) {
await loadTypeDefine(data.private.sms.type);
}
if (!settingsStore.isPlus) {
formState.public.userValidTimeEnabled = false;
formState.public.emailRegisterEnabled = false;
}
if (!settingsStore.isComm) {
formState.public.smsLoginEnabled = false;
}
}
const saveLoading = ref(false);
packages/ui/certd-server/.env.dev-mysql.yaml
+1 -1
View File
@@ -9,6 +9,6 @@ typeorm:
port: 3309
username: root
password: root
database: certd2
database: certd
packages/ui/certd-server/CHANGELOG.md
+17
View File
@@ -3,6 +3,23 @@
All notable changes to this project will be documented in this file.
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
### Bug Fixes
* 修复用户最大流水线数量校验的问题 ([919f70a](https://github.com/certd/certd/commit/919f70a5fd2842ca69f96f1659bb5a7ba3f73776))
* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
* 修复cv4pve sdk (proxmox插件连接失败时无法正常结束任务的bug) ([49f26b4](https://github.com/certd/certd/commit/49f26b4049a0549b0270395157e96e8f04a68bc4))
* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
* 修复flexcdn证书commonNames错误的问题 ([ace363f](https://github.com/certd/certd/commit/ace363fa355436e769b27f71cc487d30d6441780))
### Performance Improvements
* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
* 优化cname检查,当有冲突的cname记录时,给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
### Bug Fixes
packages/ui/certd-server/db/migration-mysql/v10024__cname_error.sql
+3
View File
@@ -0,0 +1,3 @@
ALTER TABLE cd_cname_record ADD COLUMN `error` varchar(4096);
ALTER TABLE sys_user ADD COLUMN `valid_time` bigint;
packages/ui/certd-server/db/migration-pg/v10024__cname_error.sql
+3
View File
@@ -0,0 +1,3 @@
ALTER TABLE cd_cname_record ADD COLUMN "error" varchar(4096);
ALTER TABLE sys_user ADD COLUMN "valid_time" bigint;
packages/ui/certd-server/db/migration/v10024__cname_error.sql
+3
View File
@@ -0,0 +1,3 @@
ALTER TABLE cd_cname_record ADD COLUMN "error" varchar(4096);
ALTER TABLE sys_user ADD COLUMN "valid_time" integer;
packages/ui/certd-server/package.json
+16 -15
View File
@@ -1,6 +1,6 @@
{
"name": "@certd/ui-server",
"version": "1.34.10",
"version": "1.34.11",
"description": "fast-server base midway",
"private": true,
"type": "module",
@@ -42,20 +42,20 @@
"@aws-sdk/client-iam": "^3.699.0",
"@aws-sdk/client-cloudfront": "^3.699.0",
"@aws-sdk/client-s3": "^3.705.0",
"@certd/acme-client": "^1.34.10",
"@certd/basic": "^1.34.10",
"@certd/commercial-core": "^1.34.10",
"@certd/jdcloud": "^1.34.10",
"@certd/lib-huawei": "^1.34.10",
"@certd/lib-k8s": "^1.34.10",
"@certd/lib-server": "^1.34.10",
"@certd/midway-flyway-js": "^1.34.10",
"@certd/pipeline": "^1.34.10",
"@certd/plugin-cert": "^1.34.10",
"@certd/plugin-lib": "^1.34.10",
"@certd/plugin-plus": "^1.34.10",
"@certd/plus-core": "^1.34.10",
"@corsinvest/cv4pve-api-javascript": "^8.3.0",
"@certd/acme-client": "^1.34.11",
"@certd/basic": "^1.34.11",
"@certd/commercial-core": "^1.34.11",
"@certd/cv4pve-api-javascript": "^8.4.1",
"@certd/jdcloud": "^1.34.11",
"@certd/lib-huawei": "^1.34.11",
"@certd/lib-k8s": "^1.34.11",
"@certd/lib-server": "^1.34.11",
"@certd/midway-flyway-js": "^1.34.11",
"@certd/pipeline": "^1.34.11",
"@certd/plugin-cert": "^1.34.11",
"@certd/plugin-lib": "^1.34.11",
"@certd/plugin-plus": "^1.34.11",
"@certd/plus-core": "^1.34.11",
"@huaweicloud/huaweicloud-sdk-cdn": "^3.1.120",
"@huaweicloud/huaweicloud-sdk-core": "^3.1.120",
"@koa/cors": "^5.0.0",
@@ -105,6 +105,7 @@
"otplib": "^12.0.1",
"pg": "^8.12.0",
"psl": "^1.9.0",
"punycode.js": "^2.3.1",
"qiniu": "^7.12.0",
"qrcode": "^1.5.4",
"qs": "^6.13.1",
packages/ui/certd-server/src/controller/user/monitor/site-info-controller.ts
+11
View File
@@ -105,6 +105,17 @@ export class SiteInfoController extends CrudController<SiteInfoService> {
await this.service.checkAllByUsers(userId);
return this.ok();
}
@Post('/import', { summary: Constants.per.authOnly })
async doImport(@Body(ALL) body: any) {
const userId = this.getUserId();
await this.service.doImport({
text:body.text,
userId
})
return this.ok();
}
@Post('/ipCheckChange', { summary: Constants.per.authOnly })
async ipCheckChange(@Body(ALL) bean: any) {
const userId = this.getUserId();
packages/ui/certd-server/src/controller/user/monitor/site-ip-controller.ts
+11
View File
@@ -111,5 +111,16 @@ export class SiteInfoController extends CrudController<SiteIpService> {
return this.ok();
}
@Post('/import', { summary: Constants.per.authOnly })
async doImport(@Body(ALL) body: any) {
const userId = this.getUserId();
await this.service.doImport({
text:body.text,
userId,
siteId:body.siteId
})
return this.ok();
}
}
packages/ui/certd-server/src/modules/cname/entity/cname-record.ts
+3
View File
@@ -26,6 +26,9 @@ export class CnameRecordEntity {
@Column({ comment: '验证状态', length: 20 })
status: string;
@Column({ comment: '错误信息' })
error: string
@Column({
comment: '创建时间',
name: 'create_time',
packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts
+102 -19
View File
@@ -6,13 +6,13 @@ import {CnameRecordEntity, CnameRecordStatusType} from '../entity/cname-record.j
import {createDnsProvider, IDnsProvider} from '@certd/plugin-cert';
import {CnameProvider, CnameRecord} from '@certd/pipeline';
import {cache, http, isDev, logger, utils} from '@certd/basic';
import {walkTxtRecord} from '@certd/acme-client';
import {getAuthoritativeDnsResolver, walkTxtRecord} from '@certd/acme-client';
import {CnameProviderService} from './cname-provider-service.js';
import {CnameProviderEntity} from '../entity/cname-provider.js';
import {CommonDnsProvider} from './common-provider.js';
import {SubDomainService, SubDomainsGetter} from "../../pipeline/service/sub-domain-service.js";
import {DomainParser} from "@certd/plugin-cert/dist/dns-provider/domain-parser.js";
import punycode from 'punycode.js'
type CnameCheckCacheValue = {
validating: boolean;
pass: boolean;
@@ -22,11 +22,12 @@ type CnameCheckCacheValue = {
intervalId?: NodeJS.Timeout;
dnsProvider?: IDnsProvider;
};
/**
* 授权
*/
@Provide()
@Scope(ScopeEnum.Request, { allowDowngrade: true })
@Scope(ScopeEnum.Request, {allowDowngrade: true})
export class CnameRecordService extends BaseService<CnameRecordEntity> {
@InjectEntityModel(CnameRecordEntity)
repository: Repository<CnameRecordEntity>;
@@ -47,6 +48,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
getRepository() {
return this.repository;
}
/**
* 新增
* @param param 数据
@@ -62,7 +64,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
param.domain = param.domain.substring(2);
}
param.domain = param.domain.trim()
const info = await this.getRepository().findOne({ where: { domain: param.domain,userId: param.userId } });
const info = await this.getRepository().findOne({where: {domain: param.domain, userId: param.userId}});
if (info) {
return info;
}
@@ -77,17 +79,17 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
} else {
cnameProvider = await this.cnameProviderService.info(param.cnameProviderId);
}
await this.cnameProviderChanged(param.userId,param, cnameProvider);
await this.cnameProviderChanged(param.userId, param, cnameProvider);
param.status = 'cname';
const { id } = await super.add(param);
const {id} = await super.add(param);
return await this.info(id);
}
private async cnameProviderChanged(userId:number,param: any, cnameProvider: CnameProviderEntity) {
private async cnameProviderChanged(userId: number, param: any, cnameProvider: CnameProviderEntity) {
param.cnameProviderId = cnameProvider.id;
const subDomainGetter = new SubDomainsGetter(userId, this.subDomainService)
const subDomainGetter = new SubDomainsGetter(userId, this.subDomainService)
const domainParser = new DomainParser(subDomainGetter);
const realDomain = await domainParser.parse(param.domain);
@@ -117,7 +119,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
}
if (old.cnameProviderId !== param.cnameProviderId) {
const cnameProvider = await this.cnameProviderService.info(param.cnameProviderId);
await this.cnameProviderChanged(old.userId,param, cnameProvider);
await this.cnameProviderChanged(old.userId, param, cnameProvider);
param.status = 'cname';
}
return await super.update(param);
@@ -157,10 +159,10 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
if (userId == null) {
throw new ValidateException('userId不能为空');
}
let record = await this.getRepository().findOne({ where: { domain, userId } });
let record = await this.getRepository().findOne({where: {domain, userId}});
if (record == null) {
if (createOnNotFound) {
record = await this.add({ domain, userId });
record = await this.add({domain, userId});
} else {
throw new ValidateException(`找不到${domain}的CNAME记录`);
}
@@ -191,7 +193,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
return true;
}
const subDomainGetter = new SubDomainsGetter(bean.userId, this.subDomainService)
const subDomainGetter = new SubDomainsGetter(bean.userId, this.subDomainService)
const domainParser = new DomainParser(subDomainGetter);
const cacheKey = `cname.record.verify.${bean.id}`;
@@ -208,7 +210,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
if (isDev()) {
ttl = 30 * 1000;
}
const testRecordValue = 'certd-cname-verify';
const testRecordValue = `certd-cname-verify-${bean.id}`;
const buildDnsProvider = async () => {
const cnameProvider = await this.cnameProviderService.info(bean.cnameProviderId);
@@ -228,7 +230,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
}
const access = await this.accessService.getById(cnameProvider.accessId, cnameProvider.userId);
const context = { access, logger, http, utils,domainParser };
const context = {access, logger, http, utils, domainParser};
const dnsProvider: IDnsProvider = await createDnsProvider({
dnsProviderType: cnameProvider.dnsProviderType,
context,
@@ -239,7 +241,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
const clearVerifyRecord = async () => {
cache.delete(cacheKey);
try {
let dnsProvider =value.dnsProvider
let dnsProvider = value.dnsProvider
if (!dnsProvider) {
dnsProvider = await buildDnsProvider();
}
@@ -271,6 +273,9 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
logger.info(`检查CNAME配置 ${fullDomain} ${testRecordValue}`);
//检查是否有重复的acme配置
await this.checkRepeatAcmeChallengeRecords(fullDomain,bean.recordValue)
// const txtRecords = await dns.promises.resolveTxt(fullDomain);
// if (txtRecords.length) {
// records = [].concat(...txtRecords);
@@ -286,7 +291,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
if (success) {
clearInterval(value.intervalId);
logger.info(`检测到CNAME配置,修改状态 ${fullDomain} ${testRecordValue}`);
await this.updateStatus(bean.id, 'valid');
await this.updateStatus(bean.id, 'valid', "");
value.pass = true;
await clearVerifyRecord()
return success;
@@ -312,24 +317,102 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
type: 'TXT',
value: testRecordValue,
};
const dnsProvider = await buildDnsProvider();
if(dnsProvider.usePunyCode()){
//是否需要中文转英文
req.domain = dnsProvider.punyCodeEncode(req.domain)
req.fullRecord = dnsProvider.punyCodeEncode(req.fullRecord)
req.hostRecord = dnsProvider.punyCodeEncode(req.hostRecord)
req.value = dnsProvider.punyCodeEncode(req.value)
}
const recordRes = await dnsProvider.createRecord(req);
value.dnsProvider = dnsProvider;
value.validating = true;
value.recordReq = req;
value.recordRes = recordRes;
await this.updateStatus(bean.id, 'validating');
await this.updateStatus(bean.id, 'validating', "");
value.intervalId = setInterval(async () => {
try {
await checkRecordValue();
} catch (e) {
logger.error('检查cname出错:', e);
await this.updateError(bean.id, e.message);
}
}, 10000);
}
async updateStatus(id: number, status: CnameRecordStatusType) {
await this.getRepository().update(id, { status });
async updateStatus(id: number, status: CnameRecordStatusType, error?: string) {
const updated: any = {status}
if (error != null) {
updated.error = error
}
await this.getRepository().update(id, updated);
}
async updateError(id: number, error: string) {
await this.getRepository().update(id, {error});
}
async checkRepeatAcmeChallengeRecords(acmeRecordDomain: string,targetCnameDomain:string) {
let dnsResolver = null
try{
dnsResolver = await getAuthoritativeDnsResolver(acmeRecordDomain)
}catch (e) {
logger.error(`获取${acmeRecordDomain}的权威DNS服务器失败,${e.message}`)
return
}
let cnameRecords = []
try{
cnameRecords = await dnsResolver.resolveCname(acmeRecordDomain);
}catch (e) {
logger.error(`查询CNAME记录失败:${e.message}`)
return
}
targetCnameDomain = targetCnameDomain.toLowerCase()
targetCnameDomain = punycode.toASCII(targetCnameDomain)
if (cnameRecords.length > 0) {
for (const cnameRecord of cnameRecords) {
if(cnameRecord.toLowerCase() !== targetCnameDomain){
//确保只有一个cname记录
throw new Error(`${acmeRecordDomain}存在多个CNAME记录,请删除多余的CNAME记录:${cnameRecord}`)
}
}
}
// 确保权威服务器里面没有纯粹的TXT记录
let txtRecords = []
try{
const txtRecordRes = await dnsResolver.resolveTxt(acmeRecordDomain);
if (txtRecordRes && txtRecordRes.length > 0) {
logger.info(`找到 ${txtRecordRes.length} 条 TXT记录( ${acmeRecordDomain}`);
logger.info(`TXT records: ${JSON.stringify(txtRecords)}`);
txtRecords = txtRecords.concat(...txtRecordRes);
}
}catch (e) {
logger.error(`查询Txt记录失败:${e.message}`)
}
if (txtRecords.length === 0) {
//如果权威服务器中查不到txt,无需继续检查
return
}
if (cnameRecords.length > 0) {
// 从cname记录中获取txt记录
// 对比是否存在,如果不存在于cname中获取的txt中,说明本体有创建多余的txt记录
const res = await walkTxtRecord(cnameRecords[0]);
if (res.length > 0) {
for (const txtRecord of txtRecords) {
if (!res.includes(txtRecord)) {
throw new Error(`${acmeRecordDomain}存在多个TXT记录,请删除多余的TXT记录:${txtRecord}`)
}
}
}
}
}
}
packages/ui/certd-server/src/modules/cname/service/common-provider.ts
+18 -1
View File
@@ -1,6 +1,6 @@
import {CreateRecordOptions, DnsProviderContext, IDnsProvider, RemoveRecordOptions} from '@certd/plugin-cert';
import {PlusService} from '@certd/lib-server';
import punycode from 'punycode.js'
export type CommonCnameProvider = {
id: number;
domain: string;
@@ -24,6 +24,23 @@ export class CommonDnsProvider implements IDnsProvider {
this.plusService = opts.plusService;
}
/**
* 中文转英文
* @param domain
*/
punyCodeEncode(domain: string) {
return punycode.encode(domain);
}
/**
* 转中文域名
* @param domain
*/
punyCodeDecode(domain: string) {
return punycode.decode(domain);
}
usePunyCode(): boolean {
return false
}
packages/ui/certd-server/src/modules/monitor/service/site-info-service.ts
+160 -88
View File
@@ -1,19 +1,19 @@
import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
import { BaseService, NeedSuiteException, NeedVIPException, SysSettingsService } from '@certd/lib-server';
import { InjectEntityModel } from '@midwayjs/typeorm';
import { Repository } from 'typeorm';
import { SiteInfoEntity } from '../entity/site-info.js';
import { siteTester } from './site-tester.js';
import dayjs from 'dayjs';
import { logger, utils } from '@certd/basic';
import { PeerCertificate } from 'tls';
import { NotificationService } from '../../pipeline/service/notification-service.js';
import { isComm, isPlus } from '@certd/plus-core';
import { UserSuiteService } from '@certd/commercial-core';
import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
import { BaseService, NeedSuiteException, NeedVIPException, SysSettingsService } from "@certd/lib-server";
import { InjectEntityModel } from "@midwayjs/typeorm";
import { Repository } from "typeorm";
import { SiteInfoEntity } from "../entity/site-info.js";
import { siteTester } from "./site-tester.js";
import dayjs from "dayjs";
import { logger, utils } from "@certd/basic";
import { PeerCertificate } from "tls";
import { NotificationService } from "../../pipeline/service/notification-service.js";
import { isComm, isPlus } from "@certd/plus-core";
import { UserSuiteService } from "@certd/commercial-core";
import { UserSettingsService } from "../../mine/service/user-settings-service.js";
import { UserSiteMonitorSetting } from "../../mine/service/models.js";
import {SiteIpService} from "./site-ip-service.js";
import {SiteIpEntity} from "../entity/site-ip.js";
import { UserSiteMonitorSetting } from "../../mine/service/models.js";
import { SiteIpService } from "./site-ip-service.js";
import { SiteIpEntity } from "../entity/site-ip.js";
@Provide()
@Scope(ScopeEnum.Request, { allowDowngrade: true })
@@ -43,7 +43,7 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
async add(data: SiteInfoEntity) {
if (!data.userId) {
throw new Error('userId is required');
throw new Error("userId is required");
}
if (isComm()) {
@@ -51,25 +51,34 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
if (suiteSetting.enabled) {
const userSuite = await this.userSuiteService.getMySuiteDetail(data.userId);
if (userSuite.monitorCount.max != -1 && userSuite.monitorCount.max <= userSuite.monitorCount.used) {
throw new NeedSuiteException('站点监控数量已达上限,请购买或升级套餐');
throw new NeedSuiteException("站点监控数量已达上限,请购买或升级套餐");
}
}
}else if (!isPlus()) {
const count = await this.getUserMonitorCount(data.userId);
if (count >= 1) {
throw new NeedVIPException('站点监控数量已达上限,请升级专业版');
}
} else if (!isPlus()) {
const count = await this.getUserMonitorCount(data.userId);
if (count >= 1) {
throw new NeedVIPException("站点监控数量已达上限,请升级专业版");
}
}
data.disabled = false;
const found = await this.repository.findOne({
where: {
domain: data.domain,
userId: data.userId,
httpsPort: data.httpsPort || 443
}
});
if (found) {
return { id: found.id };
}
data.disabled = false;
return await super.add(data);
}
async update(data: any) {
if (!data.id) {
throw new Error('id is required');
throw new Error("id is required");
}
delete data.userId;
await super.update(data);
@@ -77,10 +86,10 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
async getUserMonitorCount(userId: number) {
if (!userId) {
throw new Error('userId is required');
throw new Error("userId is required");
}
return await this.repository.count({
where: { userId },
where: { userId }
});
}
@@ -92,26 +101,26 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
*/
async doCheck(site: SiteInfoEntity, notify = true, retryTimes = 3) {
if (!site?.domain) {
throw new Error('站点域名不能为空');
throw new Error("站点域名不能为空");
}
try {
await this.update({
id: site.id,
checkStatus: 'checking',
lastCheckTime: dayjs().valueOf(),
checkStatus: "checking",
lastCheckTime: dayjs().valueOf()
});
const res = await siteTester.test({
host: site.domain,
port: site.httpsPort,
retryTimes,
retryTimes
});
const certi: PeerCertificate = res.certificate;
if (!certi) {
throw new Error('没有发现证书');
throw new Error("没有发现证书");
}
const expires = certi.valid_to;
const allDomains = certi.subjectaltname?.replaceAll('DNS:', '').split(',') ||[];
const allDomains = certi.subjectaltname?.replaceAll("DNS:", "").split(",") || [];
const mainDomain = certi.subject?.CN;
let domains = allDomains;
if (!allDomains.includes(mainDomain)) {
@@ -119,23 +128,26 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
}
const issuer = `${certi.issuer.O}<${certi.issuer.CN}>`;
const isExpired = dayjs().valueOf() > dayjs(expires).valueOf();
const status = isExpired ? 'expired' : 'ok';
const status = isExpired ? "expired" : "ok";
const updateData = {
id: site.id,
certDomains: domains.join(','),
certDomains: domains.join(","),
certStatus: status,
certProvider: issuer,
certExpiresTime: dayjs(expires).valueOf(),
lastCheckTime: dayjs().valueOf(),
error: null,
checkStatus: 'ok',
checkStatus: "ok"
};
if (site.ipCheck) {
delete updateData.checkStatus
}
await this.update(updateData);
//检查ip
await this.checkAllIp(site)
await this.checkAllIp(site);
if (!notify) {
return;
@@ -143,15 +155,15 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
try {
await this.sendExpiresNotify(site);
} catch (e) {
logger.error('send notify error', e);
logger.error("send notify error", e);
}
} catch (e) {
logger.error('check site error', e);
logger.error("check site error", e);
await this.update({
id: site.id,
checkStatus: 'error',
checkStatus: "error",
lastCheckTime: dayjs().valueOf(),
error: e.message,
error: e.message
});
if (!notify) {
return;
@@ -159,49 +171,56 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
try {
await this.sendCheckErrorNotify(site);
} catch (e) {
logger.error('send notify error', e);
logger.error("send notify error", e);
}
}
}
async checkAllIp(site:SiteInfoEntity){
if( !site.ipCheck){
async checkAllIp(site: SiteInfoEntity) {
if (!site.ipCheck) {
return;
}
const certExpiresTime = site.certExpiresTime;
const onFinished = async (list:SiteIpEntity[])=>{
let errorCount = 0
let errorMessage = ""
const onFinished = async (list: SiteIpEntity[]) => {
let errorCount = 0;
let errorMessage = "";
for (const item of list) {
if (!item) {
continue;
}
errorCount++
if(item.error){
errorMessage += `${item.ipAddress}${item.error} \n`
}else if(item.certExpiresTime!==certExpiresTime){
errorMessage += `${item.ipAddress}:与主站证书过期时间不一致; \n`
}else{
errorCount--
errorCount++;
if (item.error) {
errorMessage += `${item.ipAddress}${item.error} \n`;
} else if (item.certExpiresTime !== certExpiresTime) {
errorMessage += `${item.ipAddress}:与主站证书过期时间不一致; \n`;
} else {
errorCount--;
}
}
if (errorCount<=0){
return
if (errorCount <= 0) {
//检查正常
await this.update({
id: site.id,
checkStatus: "ok",
error: "",
ipErrorCount: 0
});
return;
}
await this.update({
id: site.id,
checkStatus: 'error',
checkStatus: "error",
error: errorMessage,
ipErrorCount: errorCount,
})
ipErrorCount: errorCount
});
try {
site = await this.info(site.id)
await this.sendCheckErrorNotify(site,true);
site = await this.info(site.id);
await this.sendCheckErrorNotify(site, true);
} catch (e) {
logger.error('send notify error', e);
logger.error("send notify error", e);
}
}
await this.siteIpService.checkAll(site,onFinished)
};
await this.siteIpService.checkAll(site, onFinished);
}
/**
@@ -213,13 +232,13 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
async check(id: number, notify = false, retryTimes = 3) {
const site = await this.info(id);
if (!site) {
throw new Error('站点不存在');
throw new Error("站点不存在");
}
return await this.doCheck(site, notify, retryTimes);
}
async sendCheckErrorNotify(site: SiteInfoEntity,fromIpCheck=false) {
const url = await this.notificationService.getBindUrl('#/certd/monitor/site');
async sendCheckErrorNotify(site: SiteInfoEntity, fromIpCheck = false) {
const url = await this.notificationService.getBindUrl("#/certd/monitor/site");
// 发邮件
await this.notificationService.send(
{
@@ -227,22 +246,23 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
logger: logger,
body: {
url,
title: `站点证书${fromIpCheck?"(IP)":""}检查出错<${site.name}>`,
title: `站点证书${fromIpCheck ? "(IP)" : ""}检查出错<${site.name}>`,
content: `站点名称: ${site.name} \n站点域名: ${site.domain} \n错误信息:${site.error}`,
errorMessage: site.error,
},
errorMessage: site.error
}
},
site.userId
);
}
async sendExpiresNotify(site: SiteInfoEntity) {
const tipDays = 10
const tipDays = 10;
const expires = site.certExpiresTime;
const validDays = dayjs(expires).diff(dayjs(), 'day');
const url = await this.notificationService.getBindUrl('#/certd/monitor/site');
const content = `站点名称: ${site.name} \n站点域名: ${site.domain} \n证书域名: ${site.certDomains} \n颁发机构: ${site.certProvider} \n过期时间: ${dayjs(site.certExpiresTime).format('YYYY-MM-DD')} \n`;
const validDays = dayjs(expires).diff(dayjs(), "day");
const url = await this.notificationService.getBindUrl("#/certd/monitor/site");
const content = `站点名称: ${site.name} \n站点域名: ${site.domain} \n证书域名: ${site.certDomains} \n颁发机构: ${site.certProvider} \n过期时间: ${dayjs(site.certExpiresTime).format("YYYY-MM-DD")} \n`;
if (validDays >= 0 && validDays < tipDays) {
// 发通知
await this.notificationService.send(
@@ -252,8 +272,8 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
body: {
title: `站点证书即将过期,剩余${validDays}天,<${site.name}>`,
content,
url,
},
url
}
},
site.userId
);
@@ -268,7 +288,7 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
content,
url,
errorMessage: "站点证书已过期"
},
}
},
site.userId
);
@@ -277,10 +297,10 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
async checkAllByUsers(userId: any) {
if (!userId) {
throw new Error('userId is required');
throw new Error("userId is required");
}
const sites = await this.repository.find({
where: { userId },
where: { userId }
});
this.checkList(sites);
}
@@ -294,7 +314,7 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
}
}
async getSetting(userId: number){
async getSetting(userId: number) {
return await this.userSettingsService.getSetting<UserSiteMonitorSetting>(userId, UserSiteMonitorSetting);
}
@@ -302,26 +322,78 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
await this.userSettingsService.saveSetting(userId, bean);
}
async ipCheckChange(req: {id: any; ipCheck: any}) {
async ipCheckChange(req: { id: any; ipCheck: any }) {
await this.update({
id: req.id,
ipCheck: req.ipCheck,
ipCheck: req.ipCheck
});
if(req.ipCheck){
if (req.ipCheck) {
const site = await this.info(req.id);
await this.siteIpService.sync(site)
await this.siteIpService.sync(site);
}
}
async disabledChange(req: { disabled: any; id: any }) {
await this.update({
id: req.id,
disabled: req.disabled,
disabled: req.disabled
});
if(!req.disabled){
if (!req.disabled) {
const site = await this.info(req.id);
await this.doCheck(site)
await this.doCheck(site);
}
}
async doImport(req: { text: string; userId: number }) {
if (!req.text) {
throw new Error("text is required");
}
if (!req.userId) {
throw new Error("userId is required");
}
const rows = req.text.split("\n");
const list = [];
for (const item of rows) {
if (!item) {
continue;
}
const arr = item.trim().split(":");
if (arr.length === 0) {
continue;
}
const domain = arr[0];
let port = 443;
let name = domain;
if (arr.length > 1) {
try {
port = parseInt(arr[1] || "443");
} catch (e) {
throw new Error(`${item}格式错误`);
}
}
if (arr.length > 2) {
name = arr[2] || domain;
}
list.push({
domain,
name,
httpsPort: port,
userId: req.userId
});
}
const batchAdd = async (list: any[]) => {
for (const item of list) {
await this.add(item);
}
// await this.checkAllByUsers(req.userId);
};
await batchAdd(list);
}
}
packages/ui/certd-server/src/modules/monitor/service/site-ip-service.ts
+47 -1
View File
@@ -182,7 +182,7 @@ export class SiteIpService extends BaseService<SiteIpEntity> {
const finished = res.filter(item=>{
return item!=null
})
if (finished.length > 0) {
if (onFinish) {
onFinish && onFinish(finished)
}
})
@@ -232,4 +232,50 @@ export class SiteIpService extends BaseService<SiteIpEntity> {
ipCount:count
})
}
async doImport(req: { text: string; userId:number, siteId:number }) {
if (!req.text) {
throw new Error("text is required");
}
if (!req.siteId) {
throw new Error("siteId is required");
}
const siteEntity = await this.siteInfoRepository.findOne({
where: {
id: req.siteId,
userId:req.userId
}
});
if (!siteEntity) {
throw new Error(`站点${req.siteId}不存在`);
}
const userId = siteEntity.userId;
const rows = req.text.split("\n");
const list = [];
for (const item of rows) {
if (!item) {
continue;
}
list.push({
ipAddress:item,
userId: userId,
siteId: req.siteId,
from: "import",
disabled:false,
});
}
const batchAdd = async (list: any[]) => {
for (const item of list) {
await this.add(item);
}
// await this.checkAllByUsers(req.userId);
};
await batchAdd(list);
}
}
packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts
+41 -12
View File
@@ -233,17 +233,18 @@ export class PipelineService extends BaseService<PipelineEntity> {
throw new NeedSuiteException(`对不起,您最多只能添加${userSuite.domainCount.max}个域名,请购买或升级套餐`);
}
}
}
const userId = bean.userId;
const userIsAdmin = await this.userService.isAdmin(userId);
if (!userIsAdmin) {
//非管理员用户,限制pipeline数量
const count = await this.repository.count({ where: { userId } });
const sysPublic = await this.sysSettingsService.getSetting<SysPublicSettings>(SysPublicSettings);
const limitUserPipelineCount = sysPublic.limitUserPipelineCount;
if (limitUserPipelineCount && limitUserPipelineCount > 0 && count >= limitUserPipelineCount) {
throw new NeedVIPException(`普通用户最多只能创建${limitUserPipelineCount}条流水线`);
}else{
//非商业版校验用户最大流水线数量
const userId = bean.userId;
const userIsAdmin = await this.userService.isAdmin(userId);
if (!userIsAdmin) {
//非管理员用户,限制pipeline数量
const count = await this.repository.count({ where: { userId } });
const sysPublic = await this.sysSettingsService.getSetting<SysPublicSettings>(SysPublicSettings);
const limitUserPipelineCount = sysPublic.limitUserPipelineCount;
if (limitUserPipelineCount && limitUserPipelineCount > 0 && count >= limitUserPipelineCount) {
throw new NeedVIPException(`普通用户最多只能创建${limitUserPipelineCount}条流水线`);
}
}
}
}
@@ -329,6 +330,7 @@ export class PipelineService extends BaseService<PipelineEntity> {
if (isComm()) {
await this.checkHasDeployCount(id, entity.userId);
}
await this.checkUserStatus(entity.userId)
this.cron.register({
name: `pipeline.${id}.trigger.once`,
cron: null,
@@ -446,6 +448,13 @@ export class PipelineService extends BaseService<PipelineEntity> {
if (isComm()) {
suite = await this.checkHasDeployCount(id, entity.userId);
}
try{
await this.checkUserStatus(entity.userId)
}catch (e) {
logger.info(e.message)
return
}
const pipeline = JSON.parse(entity.content);
if (!pipeline.id) {
@@ -745,5 +754,25 @@ export class PipelineService extends BaseService<PipelineEntity> {
}
private async checkUserStatus(userId: number) {
const userEntity = await this.userService.info(userId);
if(userEntity == null){
throw new Error('用户不存在');
}
if(userEntity.status === 0){
const message = `账户${userId}已被禁用,禁止运行流水线`
throw new Error(message)
}
const sysPublic = await this.sysSettingsService.getPublicSettings()
if(isPlus() && sysPublic.userValidTimeEnabled === true){
//校验用户有效期是否设置
if(userEntity.validTime!= null && userEntity.validTime > 0){
if(userEntity.validTime < new Date().getTime()){
//用户已过期
const message = `账户${userId}已过有效期,禁止运行流水线`
throw new Error(message)
}
}
}
}
}
packages/ui/certd-server/src/modules/sys/authority/entity/user.ts
+4
View File
@@ -37,6 +37,10 @@ export class UserEntity {
@Column({ comment: '状态 0:禁用 1:启用', default: 1 })
status: number;
@Column({ name: 'valid_time', comment: '有效期', nullable: true })
validTime: number;
@Column({
name: 'create_time',
comment: '创建时间',
packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-oss/index.ts
+1 -1
View File
@@ -7,7 +7,7 @@ import { CertApplyPluginNames} from '@certd/plugin-cert';
title: '阿里云-部署证书至OSS',
icon: 'svg:icon-aliyun',
group: pluginGroups.aliyun.key,
desc: '自动部署域名证书至阿里云OSS',
desc: '部署域名证书至阿里云OSS自定义域名,不是上传到阿里云oss',
default: {
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed,
packages/ui/certd-server/src/plugins/plugin-cloudflare/dns-provider.ts
+5
View File
@@ -26,6 +26,11 @@ export type CloudflareRecord = {
})
export class CloudflareDnsProvider extends AbstractDnsProvider<CloudflareRecord> {
access!: CloudflareAccess;
usePunyCode(): boolean {
//是否使用punycode来添加解析记录
//默认都使用原始中文域名来添加
return true;
}
async onInstance() {
//一些初始化的操作
// 也可以通过ctx成员变量传递context
packages/ui/certd-server/src/plugins/plugin-flex/plugins/plugin-refresh-cert.ts
+3 -2
View File
@@ -91,8 +91,9 @@ export class FlexCDNRefreshCert extends AbstractTaskPlugin {
* timeEndAt: Math.floor((new Date(currentInfo.validTo)).getTime() / 1000),
*
*/
const commonNames =[ certReader.getMainDomain()]
const dnsNames = certReader.getAltNames()
const topCrt = CertReader.readCertDetail(certReader.cert.ic)
const commonNames =[ topCrt.detail.issuer.commonName]
const dnsNames = certReader.getAllDomains()
const timeBeginAt = Math.floor(certReader.detail.notBefore.getTime() / 1000);
const timeEndAt = Math.floor(certReader.detail.notAfter.getTime() / 1000);
const body = {
packages/ui/certd-server/src/plugins/plugin-github/plugins/plugin-check-release.ts
+7 -1
View File
@@ -77,7 +77,13 @@ export class GithubCheckRelease extends AbstractTaskPlugin {
this.logger.info(`有更新,${lastVersion??"0"}->${res.tag_name}`)
this.lastVersion = res.tag_name;
const body = res.body.replaceAll("* ","- ")
// const body = res.body.replaceAll("* ","- ")
//仅每行开头的* 替换成 -, *号前面可以有空格
const body = res.body.replace(/^(\s*)\* /gm, "$1- ")
if (this.notificationIds == null){
this.notificationIds = [0]
}
//发送通知
for (const notificationId of this.notificationIds) {
await this.ctx.notificationService.send({
packages/ui/certd-server/src/plugins/plugin-namesilo/dns-provider.ts
+5
View File
@@ -23,6 +23,11 @@ export class NamesiloDnsProvider extends AbstractDnsProvider<NamesiloRecord> {
// 也可以通过ctx成员变量传递context
this.access = this.ctx.access as NamesiloAccess;
}
usePunyCode(): boolean {
//是否使用punycode来添加解析记录
//默认都使用原始中文域名来添加
return true;
}
private async doRequest(url: string, params: any = null) {
params = merge(
packages/ui/certd-server/src/plugins/plugin-proxmox/plugins/plugin-upload.ts
+1 -1
View File
@@ -93,7 +93,7 @@ export class ProxmoxUploadCert extends AbstractPlusTaskPlugin {
async getClient() {
const access: ProxmoxAccess = await this.getAccess<ProxmoxAccess>(this.accessId);
const pve = await import('@corsinvest/cv4pve-api-javascript');
const pve = await import('@certd/cv4pve-api-javascript');
const client = new pve.PveClient(access.host, access.port);
const login = await client.login(access.username, access.password, access.realm || 'pam');
if (!login) {