lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-14 20:40:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

perf: 支持部署到exsi,openwrt

Browse Source
This commit is contained in:
xiaojunnuo
2026-01-08 00:11:46 +08:00
parent f193341eae
commit dae87e26a3
14 changed files with 314 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
packages/ui/certd-server/.env
View File

@@ -1,2 +1,2 @@
LEGO_VERSION=4.30.1
certd_plugin_loadmode=metadata
certd_plugin_loadmode=dev

2
packages/ui/certd-server/before-build.js
View File

@@ -17,3 +17,5 @@ function slimming(filePath, find, rep) {
});
}
slimming(filePath, find, rep);
slimming("./tsconfig.json",`"sourceMap": true,`, `"sourceMap": false,`)

4
packages/ui/certd-server/metadata/deploy_1PanelDeployToWebsitePlugin.yaml
View File

@@ -3,9 +3,9 @@ default:
strategy:
runStrategy: 1
name: 1PanelDeployToWebsitePlugin
title: 1Panel-部署证书到1Panel
title: 1Panel-更新证书
icon: svg:icon-onepanel
desc: 更新1Panel的证书
desc: 更新1Panel的证书,包括面板证书和站点证书
group: panel
needPlus: false
input:

30
packages/ui/certd-server/metadata/deploy_ExsiDeployCert.yaml Normal file
View File

@@ -0,0 +1,30 @@
showRunStrategy: false
default:
strategy:
runStrategy: 1
name: ExsiDeployCert
title: Exsi-部署证书到Exsi
icon: svg:icon-lucky
group: host
needPlus: true
input:
cert:
title: 域名证书
helper: 请选择前置任务输出的域名证书
component:
name: output-selector
from:
- ':cert:'
required: true
order: 0
accessId:
title: 主机SSH授权
component:
name: access-selector
type: ssh
required: true
order: 0
output: {}
pluginType: deploy
type: builtIn
scriptFilePath: /plugins/plugin-plus/exsi/plugin-deploy-to-exsi.js

30
packages/ui/certd-server/metadata/deploy_OpenwrtDeployCert.yaml Normal file
View File

@@ -0,0 +1,30 @@
showRunStrategy: false
default:
strategy:
runStrategy: 1
name: OpenwrtDeployCert
title: Openwrt-部署证书到Openwrt
icon: svg:icon-lucky
group: host
needPlus: true
input:
cert:
title: 域名证书
helper: 请选择前置任务输出的域名证书
component:
name: output-selector
from:
- ':cert:'
required: true
order: 0
accessId:
title: 主机SSH授权
component:
name: access-selector
type: ssh
required: true
order: 0
output: {}
pluginType: deploy
type: builtIn
scriptFilePath: /plugins/plugin-plus/openwrt/plugin-deploy-to-openwrt.js

8
packages/ui/certd-server/metadata/deploy_uploadCertToHost.yaml
View File

@@ -6,7 +6,7 @@ name: uploadCertToHost
title: 主机-部署证书到SSH主机
icon: line-md:uploading-loop
group: host
desc: SFTP上传证书到主机然后SSH执行部署脚本命令
desc: 上传证书到主机覆盖原来的证书文件,然后自动执行部署脚本命令使证书生效
order: 1
input:
cert:
@@ -20,12 +20,14 @@ input:
order: 0
certType:
title: 证书格式
helper: 要部署的证书格式支持pem、pfx、der、jks
helper: |-
要部署的证书格式支持pem/crt、pfx、der、jks、p7b
你原来的证书是哪种格式就选择哪种
component:
name: a-select
options:
- value: pem
label: pemcrtNginx等大部分应用
label: pem/crt用于Nginx等大部分应用证书和私钥2个文件
- value: pfx
label: pfx一般用于IIS
- value: der

9
packages/ui/certd-server/src/modules/auto/auto-b-load-plugins.ts
View File

@@ -16,7 +16,14 @@ export class AutoBLoadPlugins {
if (process.env.certd_plugin_loadmode === "metadata") {
await this.pluginService.registerFromLocal("./metadata")
}else{
await import("../../plugins/index.js")
// await import("../../plugins/index.js")
const fs = await import("fs");
const list = fs.readdirSync("../../plugins");
for (const file of list) {
if (file.endsWith("index.js")) {
await import(`../../plugins/${file}`);
}
}
}
// await import("../../plugins/index.js")
await this.pluginService.registerFromDb()

94
packages/ui/certd-server/src/plugins/index.ts
View File

@@ -1,47 +1,47 @@
export * from './plugin-aliyun/index.js';
export * from './plugin-tencent/index.js';
export * from './plugin-host/index.js';
export * from './plugin-huawei/index.js';
export * from './plugin-demo/index.js';
export * from './plugin-other/index.js';
export * from './plugin-west/index.js';
export * from './plugin-doge/index.js';
export * from './plugin-qiniu/index.js';
export * from './plugin-woai/index.js';
export * from './plugin-cachefly/index.js';
export * from './plugin-gcore/index.js';
export * from './plugin-qnap/index.js';
export * from './plugin-aws/index.js';
export * from './plugin-aws-cn/index.js';
export * from './plugin-dnsla/index.js';
export * from './plugin-upyun/index.js';
export * from './plugin-volcengine/index.js'
export * from './plugin-jdcloud/index.js'
export * from './plugin-51dns/index.js'
export * from './plugin-notification/index.js'
export * from './plugin-flex/index.js'
export * from './plugin-farcdn/index.js'
export * from './plugin-fnos/index.js'
export * from './plugin-rainyun/index.js'
export * from './plugin-cloudflare/index.js'
export * from './plugin-github/index.js'
export * from './plugin-namesilo/index.js'
export * from './plugin-proxmox/index.js'
export * from './plugin-wangsu/index.js'
export * from './plugin-admin/index.js'
export * from './plugin-ksyun/index.js'
export * from './plugin-apisix/index.js'
export * from './plugin-dokploy/index.js'
export * from './plugin-godaddy/index.js'
export * from './plugin-captcha/index.js'
export * from './plugin-xinnet/index.js'
export * from './plugin-xinnetconnet/index.js'
export * from './plugin-oauth/index.js'
export * from './plugin-cmcc/index.js'
export * from './plugin-template/index.js'
export * from './plugin-ucloud/index.js'
export * from './plugin-goedge/index.js'
export * from './plugin-lib/index.js'
export * from './plugin-plus/index.js'
export * from './plugin-cert/index.js'
export * from './plugin-zenlayer/index.js'
// export * from './plugin-aliyun/index.js';
// export * from './plugin-tencent/index.js';
// export * from './plugin-host/index.js';
// export * from './plugin-huawei/index.js';
// export * from './plugin-demo/index.js';
// export * from './plugin-other/index.js';
// export * from './plugin-west/index.js';
// export * from './plugin-doge/index.js';
// export * from './plugin-qiniu/index.js';
// export * from './plugin-woai/index.js';
// export * from './plugin-cachefly/index.js';
// export * from './plugin-gcore/index.js';
// export * from './plugin-qnap/index.js';
// export * from './plugin-aws/index.js';
// export * from './plugin-aws-cn/index.js';
// export * from './plugin-dnsla/index.js';
// export * from './plugin-upyun/index.js';
// export * from './plugin-volcengine/index.js'
// export * from './plugin-jdcloud/index.js'
// export * from './plugin-51dns/index.js'
// export * from './plugin-notification/index.js'
// export * from './plugin-flex/index.js'
// export * from './plugin-farcdn/index.js'
// export * from './plugin-fnos/index.js'
// export * from './plugin-rainyun/index.js'
// export * from './plugin-cloudflare/index.js'
// export * from './plugin-github/index.js'
// export * from './plugin-namesilo/index.js'
// export * from './plugin-proxmox/index.js'
// export * from './plugin-wangsu/index.js'
// export * from './plugin-admin/index.js'
// export * from './plugin-ksyun/index.js'
// export * from './plugin-apisix/index.js'
// export * from './plugin-dokploy/index.js'
// export * from './plugin-godaddy/index.js'
// export * from './plugin-captcha/index.js'
// export * from './plugin-xinnet/index.js'
// export * from './plugin-xinnetconnet/index.js'
// export * from './plugin-oauth/index.js'
// export * from './plugin-cmcc/index.js'
// export * from './plugin-template/index.js'
// export * from './plugin-ucloud/index.js'
// export * from './plugin-goedge/index.js'
// export * from './plugin-lib/index.js'
// export * from './plugin-plus/index.js'
// export * from './plugin-cert/index.js'
// export * from './plugin-zenlayer/index.js'

1
packages/ui/certd-server/src/plugins/plugin-plus/exsi/index.ts Normal file
View File

@@ -0,0 +1 @@
export * from "./plugin-deploy-to-exsi.js";

90
packages/ui/certd-server/src/plugins/plugin-plus/exsi/plugin-deploy-to-exsi.ts Normal file
View File

@@ -0,0 +1,90 @@
import { IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
import { AbstractPlusTaskPlugin, CertReader } from "@certd/plugin-lib";
import { SshAccess } from "../../plugin-lib/ssh/ssh-access.js";
import { SshClient } from "../../plugin-lib/ssh/ssh.js";
@IsTaskPlugin({
name: "ExsiDeployCert",
title: "Exsi-部署证书到Exsi",
icon: "svg:icon-lucky",
group: pluginGroups.host.key,
default: {
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed,
},
},
needPlus: true,
})
export class ExsiDeployCertPlugin extends AbstractPlusTaskPlugin {
//证书选择,此项必须要有
@TaskInput({
title: "域名证书",
helper: "请选择前置任务输出的域名证书",
component: {
name: "output-selector",
from: [...CertApplyPluginNames],
},
required: true,
})
cert!: CertInfo;
// @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
// certDomains!: string[];
//授权选择框
@TaskInput({
title: "主机SSH授权",
component: {
name: "access-selector",
type: "ssh",
},
required: true,
})
accessId!: string;
async onInstance() { }
async execute(): Promise<void> {
const sshConf = await this.getAccess<SshAccess>(this.accessId);
const sshClient = new SshClient(this.logger);
// /etc/vmware/ssl/rui.crt
// /etc/vmware/ssl/rui.key
const certReader = new CertReader(this.cert);
await certReader.readCertFile({
logger: this.logger,
handle: async (ctx) => {
const crtPath = ctx.tmpCrtPath;
const keyPath = ctx.tmpKeyPath;
sshClient.uploadFiles({
connectConf: sshConf,
transports: [
{
localPath: crtPath,
remotePath: "/etc/vmware/ssl/rui.crt",
},
{
localPath: keyPath,
remotePath: "/etc/vmware/ssl/rui.key",
},
],
mkdirs: true,
});
},
});
const cmd = `/etc/init.d/hostd restart
/etc/init.d/vpxa restart`
await sshClient.exec({
connectConf: sshConf,
script: cmd,
});
this.logger.info(`证书部署完成`);
}
}
new ExsiDeployCertPlugin();

2
packages/ui/certd-server/src/plugins/plugin-plus/index.ts
View File

@@ -19,3 +19,5 @@ export * from "./kuocai/index.js";
export * from "./unicloud/index.js";
export * from "./maoyun/index.js";
export * from "./xinnet/index.js";
export * from "./exsi/index.js";
export * from "./openwrt/index.js";

1
packages/ui/certd-server/src/plugins/plugin-plus/openwrt/index.ts Normal file
View File

@@ -0,0 +1 @@
export * from "./plugin-deploy-to-openwrt.js";

90
packages/ui/certd-server/src/plugins/plugin-plus/openwrt/plugin-deploy-to-openwrt.ts Normal file
View File

@@ -0,0 +1,90 @@
import { IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
import { AbstractPlusTaskPlugin, CertReader } from "@certd/plugin-lib";
import { SshAccess } from "../../plugin-lib/ssh/ssh-access.js";
import { SshClient } from "../../plugin-lib/ssh/ssh.js";
@IsTaskPlugin({
name: "OpenwrtDeployCert",
title: "Openwrt-部署证书到Openwrt",
icon: "svg:icon-lucky",
group: pluginGroups.host.key,
default: {
strategy: {
runStrategy: RunStrategy.SkipWhenSucceed,
},
},
needPlus: true,
})
export class OpenwrtDeployCertPlugin extends AbstractPlusTaskPlugin {
//证书选择,此项必须要有
@TaskInput({
title: "域名证书",
helper: "请选择前置任务输出的域名证书",
component: {
name: "output-selector",
from: [...CertApplyPluginNames],
},
required: true,
})
cert!: CertInfo;
// @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
// certDomains!: string[];
//授权选择框
@TaskInput({
title: "主机SSH授权",
component: {
name: "access-selector",
type: "ssh",
},
required: true,
})
accessId!: string;
async onInstance() { }
async execute(): Promise<void> {
const sshConf = await this.getAccess<SshAccess>(this.accessId);
const sshClient = new SshClient(this.logger);
// /etc/vmware/ssl/rui.crt
// /etc/vmware/ssl/rui.key
const certReader = new CertReader(this.cert);
await certReader.readCertFile({
logger: this.logger,
handle: async (ctx) => {
const crtPath = ctx.tmpCrtPath;
const keyPath = ctx.tmpKeyPath;
sshClient.uploadFiles({
connectConf: sshConf,
transports: [
{
localPath: crtPath,
remotePath: "/etc/uhttpd.crt",
},
{
localPath: keyPath,
remotePath: "/etc/uhttpd.key",
},
],
mkdirs: true,
});
},
});
this.logger.info(`证书上传完成准备重启uhttpd生效`);
const cmd = `/etc/init.d/uhttpd restart`
await sshClient.exec({
connectConf: sshConf,
script: cmd,
});
this.logger.info(`证书部署完成`);
}
}
new OpenwrtDeployCertPlugin();