lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-06-30 16:39:43 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: format

Browse Source
This commit is contained in:
xiaojunnuo
2026-05-31 01:41:33 +08:00
parent acd440106b
commit 4b57a0d729
557 changed files with 12530 additions and 14039 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/ui/certd-server/src/plugins/plugin-fnos/index.ts
+41 -50
View File
@@ -1,9 +1,6 @@
import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
import { CertApplyPluginNames, CertInfo, CertReader } from "@certd/plugin-cert";
import {
createCertDomainGetterInputDefine,
createRemoteSelectInputDefine,
} from "@certd/plugin-lib";
import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from "@certd/plugin-lib";
import { SshAccess } from "../plugin-lib/ssh/ssh-access.js";
import { SshClient } from "../plugin-lib/ssh/ssh.js";
@@ -18,9 +15,9 @@ import { SshClient } from "../plugin-lib/ssh/ssh.js";
default: {
//默认值配置照抄即可
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed
}
}
runStrategy: RunStrategy.SkipWhenSucceed,
},
},
})
//类名规范,跟上面插件名称(name)一致
export class FnOSDeployToNAS extends AbstractTaskPlugin {
@@ -30,8 +27,8 @@ export class FnOSDeployToNAS extends AbstractTaskPlugin {
helper: "请选择前置任务输出的域名证书",
component: {
name: "output-selector",
from: [...CertApplyPluginNames]
}
from: [...CertApplyPluginNames],
},
// required: true, // 必填
})
cert!: CertInfo;
@@ -44,27 +41,24 @@ export class FnOSDeployToNAS extends AbstractTaskPlugin {
title: "飞牛SSH授权",
component: {
name: "access-selector",
type: "ssh" //固定授权类型
type: "ssh", //固定授权类型
},
helper:"请先配置sudo免密:\nsudo visudo\n#在文件最后一行增加以下内容,需要将username替换成自己的用户名\nusername ALL=(ALL) NOPASSWD: NOPASSWD: ALL\nctrl+x 保存退出",
required: true //必填
helper: "请先配置sudo免密:\nsudo visudo\n#在文件最后一行增加以下内容,需要将username替换成自己的用户名\nusername ALL=(ALL) NOPASSWD: NOPASSWD: ALL\nctrl+x 保存退出",
required: true, //必填
})
accessId!: string;
@TaskInput(
createRemoteSelectInputDefine({
title: "证书Id",
helper: "面板证书请选择fnOS,其他FTP、webdav等证书请选择已使用,可多选(如果证书域名都匹配的话)",
action: FnOSDeployToNAS.prototype.onGetCertList.name
action: FnOSDeployToNAS.prototype.onGetCertList.name,
})
)
certList!: number[];
//插件实例化时执行的方法
async onInstance() {
}
async onInstance() {}
//插件执行方法
async execute(): Promise<void> {
@@ -73,22 +67,22 @@ export class FnOSDeployToNAS extends AbstractTaskPlugin {
const client = new SshClient(this.logger);
//复制证书
const list = await this.doGetCertList()
const list = await this.doGetCertList();
const certReader = new CertReader(this.cert);
const expiresAt = certReader.expires;
const validFrom = certReader.detail.notBefore.getTime()
const validFrom = certReader.detail.notBefore.getTime();
for (const target of this.certList) {
this.logger.info(`----------- 准备部署:${target}`);
let found = false
let found = false;
for (const item of list) {
if (item.sum === target) {
this.logger.info(`----------- 找到证书,开始部署:${item.sum},${item.domain}`)
this.logger.info(`----------- 找到证书,开始部署:${item.sum},${item.domain}`);
const certPath = item.certificate;
const keyPath = item.privateKey;
const certDir = keyPath.substring(0, keyPath.lastIndexOf("/"));
const fullchainPath = certDir+ "/fullchain.crt"
const caPath = certDir+ "/issuer_certificate.crt"
const fullchainPath = certDir + "/fullchain.crt";
const caPath = certDir + "/issuer_certificate.crt";
const cmd = `
sudo tee ${certPath} > /dev/null <<'EOF'
${this.cert.crt}
@@ -107,16 +101,16 @@ sudo chmod 0755 "${certDir}/" -R
sudo -u postgres psql -d trim_connect -c "UPDATE cert SET valid_to=${expiresAt},valid_from=${validFrom} WHERE private_key='${item.privateKey}'"
`
`;
const res = await client.exec({
connectConf: access,
script: cmd
});
if (res.indexOf("Permission denied") > -1){
this.logger.error("权限不足,请先配置 sudo 免密")
connectConf: access,
script: cmd,
});
if (res.indexOf("Permission denied") > -1) {
this.logger.error("权限不足,请先配置 sudo 免密");
}
found = true
break
found = true;
break;
}
}
if (!found) {
@@ -124,60 +118,57 @@ sudo -u postgres psql -d trim_connect -c "UPDATE cert SET valid_to=${expiresAt}
}
}
this.logger.info("证书已上传,准备重启...");
const restartCmd= `
const restartCmd = `
echo "正在重启相关服务..."
sudo systemctl restart webdav.service
sudo systemctl restart smbftpd.service
sudo systemctl restart trim_nginx.service
echo "服务重启完成!"
`
`;
await client.exec({
connectConf: access,
script: restartCmd
script: restartCmd,
});
this.logger.info("部署完成");
}
async doGetCertList(){
async doGetCertList() {
const access: SshAccess = await this.getAccess<SshAccess>(this.accessId);
const client = new SshClient(this.logger);
/**
* :/usr/trim/etc$ cat network_cert_all.conf | jq .
*/
const sslListCmd = "cat /usr/trim/etc/network_cert_all.conf | jq ."
const sslListCmd = "cat /usr/trim/etc/network_cert_all.conf | jq .";
const res:string = await client.exec({
const res: string = await client.exec({
connectConf: access,
script: sslListCmd
script: sslListCmd,
});
let list = []
try{
list = JSON.parse(res.trim())
}catch (e){
throw new Error(`证书列表解析失败:${res}`)
let list = [];
try {
list = JSON.parse(res.trim());
} catch (e) {
throw new Error(`证书列表解析失败:${res}`);
}
if (!list || list.length === 0) {
throw new Error("没有找到证书,请先在证书管理页面上传一次证书");
}
return list
return list;
}
async onGetCertList() {
const list = await this.doGetCertList()
const list = await this.doGetCertList();
const options = list.map((item: any) => {
return {
label: `${item.domain}<${item.used?'已使用':"未使用"}-${item.sum}>`,
label: `${item.domain}<${item.used ? "已使用" : "未使用"}-${item.sum}>`,
value: item.sum,
domain: item.san
domain: item.san,
};
});
return this.ctx.utils.options.buildGroupOptions(options, this.certDomains);