feat: 新增套餐激活码功能,通过CDK兑换套餐

This commit is contained in:
xiaojunnuo
2026-05-31 06:00:15 +08:00
parent dc1507a5ea
commit 81d6289a86
17 changed files with 947 additions and 65 deletions
@@ -0,0 +1,29 @@
-- 激活码表
CREATE TABLE "cd_product_activation_code"
(
"id" integer PRIMARY KEY AUTOINCREMENT NOT NULL,
"code" varchar(50) NOT NULL,
"product_id" integer NOT NULL,
"duration" integer NOT NULL,
"batch_no" varchar(50) NOT NULL DEFAULT '',
"status" varchar(20) NOT NULL DEFAULT 'unused',
"used_user_id" integer,
"used_time" integer,
"expire_time" integer,
"disabled_time" integer,
"exported" integer NOT NULL DEFAULT 0,
"export_time" integer,
"remark" varchar(500) NOT NULL DEFAULT '',
"create_time" datetime NOT NULL DEFAULT (CURRENT_TIMESTAMP),
"update_time" datetime NOT NULL DEFAULT (CURRENT_TIMESTAMP)
);
CREATE UNIQUE INDEX "index_activation_code_code" ON "cd_product_activation_code" ("code");
CREATE INDEX "index_activation_code_batch_no" ON "cd_product_activation_code" ("batch_no");
CREATE INDEX "index_activation_code_status" ON "cd_product_activation_code" ("status");
CREATE INDEX "index_activation_code_expire_time" ON "cd_product_activation_code" ("expire_time");
CREATE INDEX "index_activation_code_exported" ON "cd_product_activation_code" ("exported");
-- cd_user_suite 增加激活码来源追溯
ALTER TABLE "cd_user_suite"
ADD COLUMN "activation_code_id" integer;
@@ -0,0 +1,129 @@
name: acmeAccount
title: ACME账号
desc: 用于复用ACME账号私钥和账号地址,证书申请时不再临时创建账号
icon: ph:certificate
subtype: caType
input:
caType:
title: 颁发机构
component:
name: a-select
options:
- value: letsencrypt
label: Let's Encrypt
- value: letsencrypt_staging
label: Let's Encrypt测试环境
- value: google
label: Google
- value: zerossl
label: ZeroSSL
- value: litessl
label: litessl
- value: sslcom
label: SSL.com
required: true
mergeScript: |2-
return {
component: {
disabled: ctx.compute(({form})=> !!form.access?.account)
}
}
email:
title: 邮箱
component:
placeholder: user@example.com
rules:
- type: email
message: 请输入正确的邮箱
required: true
mergeScript: |2-
return {
component: {
disabled: ctx.compute(({form})=> !!form.access?.account)
}
}
directoryUrl:
title: ACME Directory URL
component:
placeholder: 自定义ACME服务端点
helper: 自定义ACME时必填,其他颁发机构默认自动使用内置端点
required: false
mergeScript: |2-
return {
show: false,
}
eabKid:
title: EAB KID
component:
placeholder: 需要EAB的颁发机构生成账号时填写
helper: >-
需要提供EAB授权
ZeroSSL:请前往[zerossl开发者中心](https://app.zerossl.com/developer),生成 'EAB
Credentials'
Google:请查看[google获取eab帮助文档](https://certd.docmirror.cn/guide/use/google/),用过一次后会绑定邮箱,后续复用EAB要用同一个邮箱
SSL.com:[SSL.com账号页面](https://secure.ssl.com/account),然后点击api
credentials链接,然后点击编辑按钮,查看Secret key和HMAC key
litessl:[litesslEAB页面](https://freessl.cn/automation/eab-manager),然后点击新增EAB
required: false
encrypt: true
mergeScript: |2-
return {
show: ctx.compute(({form})=>{
const caType = form.access?.caType;
return ['google','zerossl','sslcom','litessl'].includes(caType);
}),
component: {
disabled: ctx.compute(({form})=> !!form.access?.account)
}
}
eabHmacKey:
title: EAB HMAC Key
component:
placeholder: 需要EAB的颁发机构生成账号时填写
required: false
encrypt: true
mergeScript: |2-
return {
show: ctx.compute(({form})=>{
const caType = form.access?.caType;
return ['google','zerossl','sslcom','litessl'].includes(caType);
}),
component: {
disabled: ctx.compute(({form})=> !!form.access?.account)
}
}
account:
title: ACME账号信息
component:
name: refresh-input
action: GenerateAccount
buttonText: 生成ACME账号
successMessage: ACME账号已生成,请保存授权配置
required: true
helper: 请生成ACME账号,账号一旦生成不允许修改
encrypt: true
mergeScript: |2-
return {
component: {
disabled: ctx.compute(({form})=> !!form.access?.account)
}
}
pluginType: access
type: builtIn
scriptFilePath: /plugins/plugin-cert/access/acme-account-access.js
@@ -51,6 +51,12 @@ input:
required: true
order: -1
helper: 请输入邮箱
version:
title: 版本
value: 2
isSys: true
show: false
order: 0
challengeType:
title: 域名验证方式
value: dns
@@ -60,6 +66,8 @@ input:
options:
- value: dns
label: DNS直接验证
- value: dns-persist
label: DNS持久验证
- value: cname
label: CNAME代理验证
- value: http
@@ -80,6 +88,9 @@ input:
4. <b>多DNS提供商</b>:每个域名可以选择独立的DNS提供商
5. <b>自动匹配</b>:此处无需选择校验方式,需要在[域名管理](#/certd/cert/domain)中提前配置好校验方式
6. <b>DNS持久验证</b>:需要先配置ACME账号和_validation-persist持久TXT记录,续期时不再增删DNS记录;当前仅
Let's Encrypt 测试环境可以申请
order: 0
dnsProviderType:
title: DNS解析服务商
@@ -103,7 +114,7 @@ input:
required: true
helper: |-
您的域名注册商,或者域名的dns服务器属于哪个平台
如果这里没有,请选择CNAME代理验证校验方式
如果这里没有,请选择CNAME代理验证
order: 0
dnsProviderAccess:
title: DNS解析授权
@@ -141,18 +152,30 @@ input:
}),
defaultType: ctx.compute(({form})=>{
return form.challengeType || 'cname'
}),
caType: ctx.compute(({form})=>{
return form.sslProvider
}),
acmeAccountAccessId: ctx.compute(({form})=>{
return form.acmeAccountAccessId
}),
commonAcmeAccountAccessId: ctx.compute(({form})=>{
const key = form.sslProvider + 'CommonAcmeAccountAccessId';
return form[key]
})
},
show: ctx.compute(({form})=>{
return form.challengeType === 'cname' || form.challengeType === 'http' || form.challengeType === 'dnses'
return form.challengeType === 'cname' || form.challengeType === 'http' || form.challengeType === 'dnses' || form.challengeType === 'dns-persist'
}),
helper: ctx.compute(({form})=>{
if(form.challengeType === 'cname' ){
return '请按照上面的提示,给要申请证书的域名添加CNAME记录,添加后,点击验证,验证成功后不要删除记录,申请和续期证书会一直用它'
}else if (form.challengeType === 'http'){
return '请按照上面的提示,给每个域名设置文件上传配置,证书申请过程中会上传校验文件到网站根目录的.well-known/acme-challenge/目录下'
}else if (form.challengeType === 'http'){
return '请按照上面的提示,给每个域名设置文件上传配置,证书申请过程中会上传校验文件到网站根目录文件夹下,请确保该校验文件可以公网http访问到'
}else if (form.challengeType === 'dnses'){
return '给每个域名单独配置dns提供商'
}else if (form.challengeType === 'dns-persist'){
return '请先创建并校验_validation-persist TXT持久记录,校验成功后才能提交流水线;当前仅 Let\'s Encrypt 测试环境可以申请'
}
})
}
@@ -195,21 +218,41 @@ input:
isSys: true
show: false
order: 0
googleCommonAcmeAccountAccessId:
title: Google公共ACME账号
isSys: true
show: false
order: 0
zerosslCommonEabAccessId:
title: ZeroSSL公共EAB授权
isSys: true
show: false
order: 0
zerosslCommonAcmeAccountAccessId:
title: ZeroSSL公共ACME账号
isSys: true
show: false
order: 0
sslcomCommonEabAccessId:
title: SSL.com公共EAB授权
isSys: true
show: false
order: 0
sslcomCommonAcmeAccountAccessId:
title: SSL.com公共ACME账号
isSys: true
show: false
order: 0
litesslCommonEabAccessId:
title: litessl公共EAB授权
isSys: true
show: false
order: 0
litesslCommonAcmeAccountAccessId:
title: litessl公共ACME账号
isSys: true
show: false
order: 0
eabAccessId:
title: EAB授权
component:
@@ -233,7 +276,16 @@ input:
return {
show: ctx.compute(({form})=>{
console.log("show",form)
if (form.version === 2) {
return false
}
if(form.acmeAccountAccessId){
return false
}
const commonAcmeKey = form.sslProvider + 'CommonAcmeAccountAccessId';
if (form[commonAcmeKey]) {
return false
}
return (form.sslProvider === 'zerossl' && !form.zerosslCommonEabAccessId)
|| (form.sslProvider === 'google' && !form.googleCommonEabAccessId)
|| (form.sslProvider === 'sslcom' && !form.sslcomCommonEabAccessId)
@@ -241,6 +293,36 @@ input:
})
}
order: 0
acmeAccountAccessId:
title: ACME账号
component:
name: access-selector
type: acmeAccount
required: false
helper: 请选择颁发机构对应的ACME账号
mergeScript: |2-
return {
show: ctx.compute(({form})=>{
const commonKey = form.sslProvider + 'CommonAcmeAccountAccessId';
if (form[commonKey]) {
return false
}
return !!form.sslProvider
}),
component:{
subtype: ctx.compute(({form})=> form.sslProvider)
},
required: ctx.compute(({form})=>{
const commonKey = form.sslProvider + 'CommonAcmeAccountAccessId';
if (form[commonKey]) {
return false
}
return form.version === 2
})
}
order: 0
googleAccessId:
title: 服务账号授权
@@ -257,6 +339,15 @@ input:
return {
show: ctx.compute(({form})=>{
if (form.version === 2) {
return false
}
if(form.acmeAccountAccessId){
return false
}
if(form.googleCommonAcmeAccountAccessId){
return false
}
return form.sslProvider === 'google' && !form.googleCommonEabAccessId
})
}
@@ -81,7 +81,6 @@ input:
search: false
pager: true
single: true
pageSize: 50
watches:
- certDomains
- accessId
@@ -96,7 +95,7 @@ input:
},
}
helper: 订阅模式的证书订单 Id(在新建流水线时暂时无法获取,可以先随便填个数字,先创建,进入流水线编辑页面再获取选择即可)
helper: 订阅模式的证书订单 Id
order: 0
pfxPassword:
title: 证书加密密码
@@ -134,5 +134,6 @@ export class MainConfiguration {
});
logger.info("当前环境:", this.app.getEnv()); // prod
}
}