docs(AGENTS): 更新文档以明确文件读取时的编码设置

添加关于在PowerShell中读取中文和文档文件时使用UTF-8编码的说明，并更新示例命令

.codex/skills

@@ -0,0 +1 @@
+../.trae/skills

.trae/skills/access-plugin-dev/SKILL.md

@@ -1,190 +1,59 @@
+---
+name: access-plugin-dev
+description: 用于开发 Certd 系统中的 Access 插件，存储用户第三方应用授权数据并对接实现第三方 API 接口。当用户需要创建授权插件、实现第三方API接口、添加新的授权方式或修改现有 Access 插件时触发。
+version: 1.0.0
+---
+
 # Access 插件开发技能
 
-## 什么是 Access 插件
+## 角色定义
+你是一名 Certd 插件开发专家，擅长创建和实现 Access 类型的插件，熟悉 TypeScript 编程和 Certd 插件开发规范。
 
-Access 插件是 Certd 系统中用于存储用户第三方应用授权数据的插件，例如用户名密码、accessSecret 或 accessToken 等。同时，它还负责对接实现第三方的 API 接口，供其他插件调用使用。
+## 核心指令
+请严格按照以下步骤执行任务：
 
-## 开发步骤
+1. **导入必要的依赖**
+   - 导入 `AccessInput`, `BaseAccess`, `IsAccess`, `Pager`, `PageRes`, `PageSearch` 等必要的类型和装饰器
+   - 导入 `DomainRecord` 等相关类型
 
-### 1. 导入必要的依赖
+2. **使用 @IsAccess 注解注册插件**
+   - 配置插件的唯一标识、标题、图标和描述
+   - 继承 `BaseAccess` 类
 
-```typescript
-import { AccessInput, BaseAccess, IsAccess, Pager, PageRes, PageSearch } from '@certd/pipeline';
-import { DomainRecord } from '@certd/plugin-lib';
-```
+3. **定义授权属性**
+   - 使用 `@AccessInput` 注解定义授权属性
+   - 配置属性的标题、默认值、组件类型和验证规则
+   - 对于敏感信息，设置 `encrypt: true` 进行加密
 
-### 2. 使用 @IsAccess 注解注册插件
+4. **实现测试方法**
+   - 添加测试按钮配置
+   - 实现 `onTestRequest` 方法，用于测试接口调用是否正常
 
-```typescript
-@IsAccess({
-  name: 'demo', // 插件唯一标识
-  title: '授权插件示例', // 插件标题
-  icon: 'clarity:plugin-line', // 插件图标
-  desc: '这是一个示例授权插件，用于演示如何实现一个授权插件', // 插件描述
-})
-export class DemoAccess extends BaseAccess {
-  // 插件实现...
-}
-```
+5. **实现 API 方法**
+   - 实现必要的 API 方法，如 `GetDomainList`
+   - 封装统一的 API 请求方法 `doRequest`，处理错误和日志
 
-### 3. 定义授权属性
+6. **遵循开发最佳实践**
+   - 使用 `this.ctx.logger` 输出日志
+   - 统一处理错误，抛出明确的错误信息
+   - 实现代码复用，避免重复逻辑
 
-使用 `@AccessInput` 注解定义授权属性：
+## 输出规范
+- 必须包含完整的插件实现代码，包括所有必要的导入语句
+- 代码必须包含详细的注释说明，解释每个步骤的目的和实现细节
+- 提供完整的示例代码，展示插件的使用方法，包括不同类型的授权方式
+- 代码块必须使用正确的语法高亮，确保代码可读性
+- 包含开发技巧和注意事项，帮助开发者避免常见错误
+- 输出内容必须结构清晰，使用适当的标题和列表格式
 
-```typescript
-@AccessInput({
-  title: '授权方式',
-  value: 'apiKey', // 默认值
-  component: {
-    name: "a-select", // 基于 antdv 的输入组件
-    vModel: "value", // v-model 绑定的属性名
-    options: [ // 组件参数
-      { label: "API密钥（推荐）", value: "apiKey" },
-      { label: "账号密码", value: "account" },
-    ],
-    placeholder: 'demoKeyId',
-  },
-  required: true,
-})
-apiType = '';
+## 示例
 
-@AccessInput({
-  title: '密钥Id',
-  component: {
-    name:"a-input",
-    allowClear: true,
-    placeholder: 'demoKeyId',
-  },
-  required: true,
-})
-demoKeyId = '';
+### 示例 1: 基本 Access 插件
 
-@AccessInput({
-  title: '密钥',//标题
-  required: true,  //text组件可以省略
-  encrypt: true, //该属性是否需要加密
-})
-demoKeySecret = '';
+#### 用户输入
+创建一个 Access 插件，用于存储第三方应用的授权信息并提供 API 接口。
 
-
-
-@AccessInput({
-  title: '另外一个授权Id',//标题
-  component: {
-    name:"access-selector", //access选择组件
-    vModel:"modelValue",
-    type: "ssh", // access类型，让用户固定选择这种类型的access
-  },
-  required: true,  //text组件可以省略
-})
-otherAccessId;
-
-```
-
-### 4. 实现测试方法
-
-```typescript
-@AccessInput({
-  title: "测试",
-  component: {
-    name: "api-test",
-    action: "TestRequest"
-  },
-  helper: "点击测试接口是否正常"
-})
-testRequest = true;
-
-/**
- * 会通过上面的testRequest参数在ui界面上生成测试按钮，供用户测试接口调用是否正常
- */
-async onTestRequest() {
-  await this.GetDomainList({});
-  return "ok"
-}
-```
-
-### 5. 实现 API 方法
-
-```typescript
-/**
- * api接口示例 获取域名列表，
- */
-async GetDomainList(req: PageSearch): Promise<PageRes<DomainRecord>> {
-  //输出日志必须使用ctx.logger
-  this.ctx.logger.info(`获取域名列表，req:${JSON.stringify(req)}`);
-  const pager = new Pager(req);
-  const resp = await this.doRequest({
-    action: "ListDomains",
-    data: {
-      domain: req.searchKey,
-      offset: pager.getOffset(),
-      limit: pager.pageSize,
-    }
-  });
-  const total = resp?.TotalCount || 0;
-  let list = resp?.DomainList?.map((item) => {
-    item.domain = item.Domain;
-    item.id = item.DomainId;
-    return item;
-  })
-  return {
-    total,
-    list
-  };
-}
-
-/**
- *  通用api调用方法, 具体如何构造请求体，需参考对应应用的API文档
- */
-async doRequest(req: { action: string, data?: any }) {
-  /**
-      this.ctx中包含很多有用的工具类
-      type AccessContext = {
-        http: HttpClient;
-        logger: ILogger;
-        utils: typeof utils;
-        accessService: IAccessService;
-      }
-   */
-  const res = await this.ctx.http.request({
-    url: "https://api.demo.cn/api/",
-    method: "POST",
-    data: {
-      Action: req.action,
-      Body: req.data
-    }
-  });
-
-  if (res.Code !== 0) {
-    //异常处理 
-    throw new Error(res.Message || "请求失败");
-  }
-  return res.Resp;
-}
-```
-
---- 开发技巧：实现统一的 API 请求封装
-
-**好处：**
-- **代码复用**：避免在每个 API 方法中重复编写相同的 header 设置和错误处理逻辑
-- **错误处理一致**：统一捕获和处理各种错误情况，确保错误信息格式统一
-- **日志记录完善**：集中记录详细的错误信息，便于调试和问题排查
-- **接口调用简化**：调用方只需关注业务逻辑，无需关心底层请求细节
-- **易于维护**：统一修改 API 调用方式时，只需修改一处代码
-
-
-## 注意事项
-
-1. **插件命名**：插件名称应简洁明了，反映其功能。
-2. **属性加密**：对于敏感信息（如密钥），应设置 `encrypt: true`。
-3. **日志输出**：必须使用 `this.ctx.logger` 输出日志，而不是 `console`。
-4. **错误处理**：API 调用失败时应抛出明确的错误信息。
-5. **测试方法**：实现 `onTestRequest` 方法，以便用户可以测试授权是否正常。
-6. **统一接口调用方法**：封装统一的 API 请求方法，避免在每个 API 方法调用中重复编写错误处理逻辑。
-
-## 完整示例
-
-### 示例 1: 通用授权插件
+#### 你的回答
 
 ```typescript
 import { AccessInput, BaseAccess, IsAccess, Pager, PageRes, PageSearch } from '@certd/pipeline';
@@ -248,7 +117,6 @@ export class DemoAccess extends BaseAccess {
   })
   demoKeySecret = '';
 
-
   @AccessInput({
     title: "测试",
     component: {
@@ -268,7 +136,7 @@ export class DemoAccess extends BaseAccess {
   }
 
   /**
-   * 获api接口示例 取域名列表，
+   * api接口示例 获取域名列表
    */
   async GetDomainList(req: PageSearch): Promise<PageRes<DomainRecord>> {
     //输出日志必须使用ctx.logger
@@ -294,21 +162,10 @@ export class DemoAccess extends BaseAccess {
     };
   }
 
-  // 还可以继续编写API
-
   /**
    * 通用api调用方法, 具体如何构造请求体，需参考对应应用的API文档
    */
   async doRequest(req: { action: string, data?: any }) {
-    /**
-        this.ctx中包含很多有用的工具类
-        type AccessContext = {
-          http: HttpClient;
-          logger: ILogger;
-          utils: typeof utils;
-          accessService: IAccessService;
-        }
-     */
     const res = await this.ctx.http.request({
       url: "https://api.demo.cn/api/",
       method: "POST",
@@ -326,3 +183,223 @@ export class DemoAccess extends BaseAccess {
   }
 }
 ```
+
+### 示例 2: 支持 OAuth 授权的 Access 插件
+
+#### 用户输入
+创建一个支持 OAuth 授权方式的 Access 插件。
+
+#### 你的回答
+
+```typescript
+import { AccessInput, BaseAccess, IsAccess, Pager, PageRes, PageSearch } from '@certd/pipeline';
+import { DomainRecord } from '@certd/plugin-lib';
+
+/**
+ * OAuth 授权插件示例
+ */
+@IsAccess({
+  name: 'oauth-demo',
+  title: 'OAuth授权插件示例',
+  icon: 'clarity:plugin-line',
+  desc: '这是一个支持OAuth授权的插件示例',
+})
+export class OAuthDemoAccess extends BaseAccess {
+
+  @AccessInput({
+    title: '授权方式',
+    value: 'oauth',
+    component: {
+      name: "a-select",
+      vModel: "value",
+      options: [
+        {
+          label: "OAuth授权",
+          value: "oauth"
+        },
+        {
+          label: "API密钥",
+          value: "apiKey"
+        },
+      ],
+    },
+    required: true,
+  })
+  authType = '';
+
+  @AccessInput({
+    title: '客户端ID',
+    component: {
+      name:"a-input",
+      placeholder: 'Client ID',
+    },
+    required: true,
+  })
+  clientId = '';
+
+  @AccessInput({
+    title: '客户端密钥',
+    required: true,
+    encrypt: true,
+  })
+  clientSecret = '';
+
+  @AccessInput({
+    title: '授权回调地址',
+    component: {
+      name:"a-input",
+      placeholder: 'https://your-domain.com/callback',
+    },
+    required: true,
+  })
+  redirectUri = '';
+
+  @AccessInput({
+    title: 'AccessToken',
+    required: true,
+    encrypt: true,
+  })
+  accessToken = '';
+
+  @AccessInput({
+    title: 'RefreshToken',
+    encrypt: true,
+  })
+  refreshToken = '';
+
+  @AccessInput({
+    title: "测试",
+    component: {
+      name: "api-test",
+      action: "TestOAuth"
+    },
+    helper: "点击测试OAuth授权是否正常"
+  })
+  testOAuth = true;
+
+  /**
+   * 测试OAuth授权
+   */
+  async onTestOAuth() {
+    try {
+      // 测试AccessToken是否有效
+      const result = await this.doOAuthRequest('GET', '/api/user/profile');
+      this.ctx.logger.info('OAuth测试成功:', result);
+      return "OAuth授权测试成功";
+    } catch (error) {
+      this.ctx.logger.error('OAuth测试失败:', error);
+      throw new Error('OAuth授权测试失败');
+    }
+  }
+
+  /**
+   * OAuth API请求方法
+   */
+  async doOAuthRequest(method: string, endpoint: string, data?: any) {
+    const res = await this.ctx.http.request({
+      url: `https://api.oauth-demo.com${endpoint}`,
+      method,
+      headers: {
+        'Authorization': `Bearer ${this.accessToken}`,
+        'Content-Type': 'application/json'
+      },
+      data
+    });
+
+    if (res.status !== 200) {
+      throw new Error(`API请求失败: ${res.status} ${res.statusText}`);
+    }
+    return res.data;
+  }
+
+  /**
+   * 刷新AccessToken
+   */
+  async refreshAccessToken() {
+    if (!this.refreshToken) {
+      throw new Error('没有提供RefreshToken');
+    }
+
+    const res = await this.ctx.http.request({
+      url: 'https://api.oauth-demo.com/oauth/token',
+      method: 'POST',
+      data: {
+        grant_type: 'refresh_token',
+        refresh_token: this.refreshToken,
+        client_id: this.clientId,
+        client_secret: this.clientSecret
+      }
+    });
+
+    if (res.status === 200 && res.data.access_token) {
+      this.accessToken = res.data.access_token;
+      if (res.data.refresh_token) {
+        this.refreshToken = res.data.refresh_token;
+      }
+      return true;
+    }
+    throw new Error('刷新AccessToken失败');
+  }
+
+  /**
+   * 获取域名列表
+   */
+  async GetDomainList(req: PageSearch): Promise<PageRes<DomainRecord>> {
+    try {
+      const res = await this.doOAuthRequest('GET', '/api/domains', {
+        search: req.searchKey,
+        page: req.page,
+        pageSize: req.pageSize
+      });
+
+      return {
+        total: res.total,
+        list: res.items.map((item: any) => ({
+          id: item.id,
+          domain: item.domain
+        }))
+      };
+    } catch (error) {
+      // 尝试刷新AccessToken并重试
+      if (error.message.includes('401')) {
+        await this.refreshAccessToken();
+        const res = await this.doOAuthRequest('GET', '/api/domains', {
+          search: req.searchKey,
+          page: req.page,
+          pageSize: req.pageSize
+        });
+
+        return {
+          total: res.total,
+          list: res.items.map((item: any) => ({
+            id: item.id,
+            domain: item.domain
+          }))
+        };
+      }
+      throw error;
+    }
+  }
+}
+```
+
+## 注意事项
+
+1. **插件命名**：插件名称应简洁明了，反映其功能。
+2. **属性加密**：对于敏感信息（如密钥），应设置 `encrypt: true`。
+3. **日志输出**：必须使用 `this.ctx.logger` 输出日志，而不是 `console`，参数文本化，不要传对象，否则会输出`[object Object]}`。
+4. **错误处理**：API 调用失败时应抛出明确的错误信息。
+5. **测试方法**：实现 `onTestRequest` 方法，以便用户可以测试授权是否正常。
+6. **统一接口调用**：封装统一的 API 请求方法，避免重复编写错误处理逻辑。
+
+## 开发技巧
+
+### 实现统一的 API 请求封装
+
+**好处：**
+- **代码复用**：避免在每个 API 方法中重复编写相同的 header 设置和错误处理逻辑
+- **错误处理一致**：统一捕获和处理各种错误情况，确保错误信息格式统一
+- **日志记录完善**：集中记录详细的错误信息，便于调试和问题排查
+- **接口调用简化**：调用方只需关注业务逻辑，无需关心底层请求细节
+- **易于维护**：统一修改 API 调用方式时，只需修改一处代码
+```

.trae/skills/dns-provider-dev/SKILL.md

@@ -1,141 +1,82 @@
+---
+name: dns-provider-dev
+description: 用于开发 Certd 系统中的 DNS Provider 插件，在 ACME 申请证书时给域名添加 TXT 解析记录以验证域名所有权。当用户需要创建DNS提供商插件、实现DNS解析、ACME证书验证或修改现有 DNS Provider 插件时触发。
+version: 1.0.0
+---
+
 # DNS Provider 插件开发技能
 
-## 什么是 DNS Provider 插件
+## 角色定义
+你是一名 Certd 插件开发专家，擅长创建和实现 DNS Provider 类型的插件，熟悉 TypeScript 编程和 Certd 插件开发规范。
 
-DNS Provider 插件是 Certd 系统中的 DNS 提供商插件，它用于在 ACME 申请证书时给域名添加 TXT 解析记录，以验证域名所有权。
+## 核心指令
+请严格按照以下步骤执行任务：
 
-## 开发步骤
+1. **导入必要的依赖**
+   - 导入 `AbstractDnsProvider`, `CreateRecordOptions`, `IsDnsProvider`, `RemoveRecordOptions` 等必要的类型和装饰器
+   - 导入对应的 Access 插件类型
 
-### 1. 导入必要的依赖
+2. **定义记录数据结构**
+   - 定义适合对应云平台的记录数据结构
+   - 至少包含 id 字段，用于后续删除记录
+
+3. **使用 @IsDnsProvider 注解注册插件**
+   - 配置插件的唯一标识、标题、描述、图标
+   - 指定对应的云平台的 access 类型名称
+   - 设置排序值（可选）
+   - 继承 `AbstractDnsProvider` 类
+
+4. **实现 onInstance 方法**
+   - 获取并保存对应的 Access 实例
+   - 执行初始化操作
+
+5. **实现 createRecord 方法**
+   - 解析传入的参数（fullRecord, value, type, domain）
+   - 记录操作开始日志
+   - 调用云平台 API 创建 TXT 类型的 DNS 解析记录
+   - 处理可能的错误：网络错误、API调用失败、授权失败等
+   - 记录操作结果日志
+   - 返回创建的记录信息，用于后续删除操作
+
+6. **实现 removeRecord 方法**
+   - 解析传入的参数和之前创建的记录信息
+   - 记录操作开始日志
+   - 调用云平台 API 删除 TXT 类型的 DNS 解析记录
+   - 处理可能的错误：网络错误、API调用失败、记录不存在等
+   - 记录操作结果日志
+
+7. **实现 getDomainListPage 方法**
+   - 实现获取域名列表的方法
+   - 支持分页查询
+   - 处理可能的错误：网络错误、API调用失败、授权失败等
+   - 返回标准化的域名列表格式
+
+8. **实例化插件**
+   - 实例化插件，确保插件被注册
+
+## 输出规范
+- 必须包含完整的插件实现代码
+- 代码必须包含详细的注释说明
+- 提供完整的示例代码，展示插件的使用方法
+- 包含开发注意事项
+
+## 示例
+
+### 示例 1: 基本 DNS Provider 插件
+
+#### 用户输入
+创建一个 DNS Provider 插件，用于在 ACME 申请证书时添加和删除 TXT 解析记录。
+
+#### 你的回答
 
 ```typescript
-import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
+import { Pager, PageRes, PageSearch } from "@certd/pipeline";
+import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions, DomainRecord } from '@certd/plugin-cert';
 import { DemoAccess } from './access.js';
-import { isDev } from '../../utils/env.js';
-```
-
-### 2. 定义记录数据结构
-
-```typescript
-type DemoRecord = {
-  // 这里定义 Record 记录的数据结构，跟对应云平台接口返回值一样即可，一般是拿到 id 就行，用于删除 txt 解析记录，清理申请痕迹
-  // id:string
-};
-```
-
-### 3. 使用 @IsDnsProvider 注解注册插件
-
-```typescript
-// 这里通过 IsDnsProvider 注册一个 dnsProvider
-@IsDnsProvider({
-  name: 'demo', // 插件唯一标识
-  title: 'Dns提供商Demo', // 插件标题
-  desc: 'dns provider示例', // 插件描述
-  icon: 'clarity:plugin-line', // 插件图标
-  // 这里是对应的云平台的 access 类型名称
-  accessType: 'demo',
-  order: 99, // 排序
-})
-export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
-  access!: DemoAccess;
-
-  async onInstance() {
-    this.access = this.ctx.access as DemoAccess;
-    // 也可以通过 ctx 成员变量传递 context
-    this.logger.debug('access', this.access);
-    // 初始化的操作
-    // ...
-  }
-
-  // 插件实现...
-}
-```
-
-### 4. 实现 createRecord 方法
-
-```typescript
-/**
- * 创建 dns 解析记录，用于验证域名所有权
- */
-async createRecord(options: CreateRecordOptions): Promise<any> {
-  /**
-   * options 参数说明
-   * fullRecord: '_acme-challenge.example.com',
-   * value: 一串 uuid
-   * type: 'TXT',
-   * domain: 'example.com'
-   */
-  const { fullRecord, value, type, domain } = options;
-  this.logger.info('添加域名解析：', fullRecord, value, type, domain);
-
-  // 调用创建 dns 解析记录的对应的云端接口，创建 txt 类型的 dns 解析记录
-  // 请根据实际接口情况调用，例如：
-  // const createDnsRecordUrl = "xxx"
-  // const record = this.http.post(createDnsRecordUrl,{
-  //   // 授权参数
-  //   // 创建 dns 解析记录的参数
-  // })
-  // // 返回本次创建的 dns 解析记录，这个记录会在删除的时候用到
-  // return record
-}
-```
-
-### 5. 实现 removeRecord 方法
-
-```typescript
-/**
- *  删除 dns 解析记录,清理申请痕迹
- * @param options
- */
-async removeRecord(options: RemoveRecordOptions<DemoRecord>): Promise<void> {
-  const { fullRecord, value, domain } = options.recordReq;
-  const record = options.recordRes;
-  this.logger.info('删除域名解析：', domain, fullRecord, value, record);
-  // 这里调用删除 txt dns 解析记录接口
-  // 请根据实际接口情况调用，例如：
-
-  // const deleteDnsRecordUrl = "xxx"
-  // const res = this.http.delete(deleteDnsRecordUrl,{
-  //   // 授权参数
-  //   // 删除 dns 解析记录的参数
-  // })
-
-
-  this.logger.info('删除域名解析成功:', fullRecord, value);
-}
-```
-
-### 6. 实例化插件
-
-```typescript
-// 实例化这个 provider，将其自动注册到系统中
-if (isDev()) {
-  // 你的实现 要去掉这个 if，不然生产环境将不会显示
-  new DemoDnsProvider();
-}
-```
-
-## 注意事项
-
-1. **插件命名**：插件名称应简洁明了，反映其功能。
-2. **accessType**：必须指定对应的云平台的 access 类型名称。
-3. **记录结构**：定义适合对应云平台的记录数据结构，至少包含 id 字段用于删除记录。
-4. **日志输出**：使用 `this.logger` 输出日志，而不是 `console`。
-5. **错误处理**：API 调用失败时应抛出明确的错误信息。
-6. **实例化**：生产环境中应移除 `if (isDev())` 条件，确保插件在生产环境中也能被注册。
-
-## 完整示例
-
-### 示例：通用 DNS Provider
-
-```typescript
-import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
-import { DemoAccess } from './access.js';
-import { isDev } from '../../utils/env.js';
 
 type DemoRecord = {
-  // 这里定义 Record 记录的数据结构，跟对应云平台接口返回值一样即可，一般是拿到 id 就行，用于删除 txt 解析记录，清理申请痕迹
-  // id:string
+  // 这里定义 Record 记录的数据结构，跟对应云平台接口返回值一样即可
+  id: string;
 };
 
 // 这里通过 IsDnsProvider 注册一个 dnsProvider
@@ -173,6 +114,7 @@ export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
     const { fullRecord, value, type, domain } = options;
     this.logger.info('添加域名解析：', fullRecord, value, type, domain);
 
+    try {
       // 调用创建 dns 解析记录的对应的云端接口，创建 txt 类型的 dns 解析记录
       // 请根据实际接口情况调用，例如：
       // const createDnsRecordUrl = "xxx"
@@ -182,6 +124,13 @@ export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
       // })
       // // 返回本次创建的 dns 解析记录，这个记录会在删除的时候用到
       // return record
+      
+      // 模拟返回
+      return { id: 'demo-record-id' };
+    } catch (error) {
+      this.logger.error('创建DNS记录失败:', error);
+      throw new Error(`创建DNS记录失败: ${error.message}`);
+    }
   }
 
   /**
@@ -192,23 +141,302 @@ export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
     const { fullRecord, value, domain } = options.recordReq;
     const record = options.recordRes;
     this.logger.info('删除域名解析：', domain, fullRecord, value, record);
+    
+    try {
       // 这里调用删除 txt dns 解析记录接口
       // 请根据实际接口情况调用，例如：
-
       // const deleteDnsRecordUrl = "xxx"
       // const res = this.http.delete(deleteDnsRecordUrl,{
       //   // 授权参数
       //   // 删除 dns 解析记录的参数
       // })
       
-
       this.logger.info('删除域名解析成功:', fullRecord, value);
+    } catch (error) {
+      this.logger.error('删除DNS记录失败:', error);
+      // 即使删除失败也不抛出异常，避免影响整个证书申请流程
+    }
+  }
+
+  /**
+   * 实现获取域名列表
+   */
+  async getDomainListPage(req: PageSearch): Promise<PageRes<DomainRecord>> {
+    try {
+      const pager = new Pager(req);
+      const res = await this.http.request({
+        // 请求接口获取域名列表
+      })
+      const list = res.Domains?.map(item => ({
+        id: item.Id,
+        domain: item.DomainName,
+      })) || []
+
+      return {
+        list,
+        total: res.Total,
+      };
+    } catch (error) {
+      this.logger.error('获取域名列表失败:', error);
+      return { list: [], total: 0 };
+    }
   }
 }
 
 // 实例化这个 provider，将其自动注册到系统中
-if (isDev()) {
-  // 你的实现 要去掉这个 if，不然生产环境将不会显示
 new DemoDnsProvider();
-}
 ```
+
+### 示例 2: 阿里云 DNS Provider 插件
+
+#### 用户输入
+创建一个阿里云 DNS Provider 插件，用于在 ACME 申请证书时添加和删除 TXT 解析记录。
+
+#### 你的回答
+
+```typescript
+import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions, PageSearch, PageRes, DomainRecord } from '@certd/plugin-cert';
+import { AliyunAccess } from './aliyun-access.js';
+import { Pager } from '@certd/pipeline';
+
+type AliyunRecord = {
+  RecordId: string;
+};
+
+// 阿里云 DNS Provider 插件
+@IsDnsProvider({
+  name: 'aliyun',
+  title: '阿里云DNS',
+  desc: '阿里云DNS提供商插件',
+  icon: 'clarity:plugin-line',
+  accessType: 'aliyun',
+  order: 10,
+})
+export class AliyunDnsProvider extends AbstractDnsProvider<AliyunRecord> {
+  access!: AliyunAccess;
+
+  async onInstance() {
+    this.access = this.ctx.access as AliyunAccess;
+    this.logger.debug('阿里云Access实例初始化成功');
+  }
+
+  /**
+   * 创建 DNS 解析记录
+   */
+  async createRecord(options: CreateRecordOptions): Promise<AliyunRecord> {
+    const { fullRecord, value, type, domain } = options;
+    this.logger.info('阿里云DNS: 添加解析记录', { fullRecord, value, type, domain });
+
+    try {
+      // 提取主机记录
+      const hostRecord = fullRecord.replace(`.${domain}`, '');
+      
+      // 调用阿里云 API 创建解析记录
+      const response = await this.access.doRequest({
+        action: 'AddDomainRecord',
+        data: {
+          DomainName: domain,
+          RR: hostRecord,
+          Type: type,
+          Value: value,
+          TTL: 600, // 10分钟
+        }
+      });
+
+      this.logger.info('阿里云DNS: 解析记录创建成功', { RecordId: response.RecordId });
+      return { RecordId: response.RecordId };
+    } catch (error) {
+      this.logger.error('阿里云DNS: 创建解析记录失败', error);
+      throw new Error(`阿里云DNS创建解析记录失败: ${error.message}`);
+    }
+  }
+
+  /**
+   * 删除 DNS 解析记录
+   */
+  async removeRecord(options: RemoveRecordOptions<AliyunRecord>): Promise<void> {
+    const { fullRecord, value, domain } = options.recordReq;
+    const record = options.recordRes;
+    this.logger.info('阿里云DNS: 删除解析记录', { fullRecord, value, domain, RecordId: record.RecordId });
+
+    try {
+      // 调用阿里云 API 删除解析记录
+      await this.access.doRequest({
+        action: 'DeleteDomainRecord',
+        data: {
+          RecordId: record.RecordId,
+        }
+      });
+
+      this.logger.info('阿里云DNS: 解析记录删除成功', { RecordId: record.RecordId });
+    } catch (error) {
+      this.logger.error('阿里云DNS: 删除解析记录失败', error);
+      // 即使删除失败也不抛出异常，避免影响整个证书申请流程
+    }
+  }
+
+  /**
+   * 获取域名列表
+   */
+  async getDomainListPage(req: PageSearch): Promise<PageRes<DomainRecord>> {
+    try {
+      const pager = new Pager(req);
+      const response = await this.access.doRequest({
+        action: 'DescribeDomains',
+        data: {
+          PageNumber: pager.page,
+          PageSize: pager.pageSize,
+          KeyWord: req.searchKey,
+        }
+      });
+
+      const list = response.Domains.Domain.map((domain: any) => ({
+        id: domain.DomainId,
+        domain: domain.DomainName,
+      }));
+
+      return {
+        list,
+        total: response.TotalCount,
+      };
+    } catch (error) {
+      this.logger.error('阿里云DNS: 获取域名列表失败', error);
+      return { list: [], total: 0 };
+    }
+  }
+}
+
+// 实例化插件
+new AliyunDnsProvider();
+```
+
+### 示例 3: 腾讯云 DNS Provider 插件
+
+#### 用户输入
+创建一个腾讯云 DNS Provider 插件，用于在 ACME 申请证书时添加和删除 TXT 解析记录。
+
+#### 你的回答
+
+```typescript
+import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions, PageSearch, PageRes, DomainRecord } from '@certd/plugin-cert';
+import { TencentAccess } from './tencent-access.js';
+import { Pager } from '@certd/pipeline';
+
+type TencentRecord = {
+  RecordId: string;
+};
+
+// 腾讯云 DNS Provider 插件
+@IsDnsProvider({
+  name: 'tencent',
+  title: '腾讯云DNS',
+  desc: '腾讯云DNS提供商插件',
+  icon: 'clarity:plugin-line',
+  accessType: 'tencent',
+  order: 20,
+})
+export class TencentDnsProvider extends AbstractDnsProvider<TencentRecord> {
+  access!: TencentAccess;
+
+  async onInstance() {
+    this.access = this.ctx.access as TencentAccess;
+    this.logger.debug('腾讯云Access实例初始化成功');
+  }
+
+  /**
+   * 创建 DNS 解析记录
+   */
+  async createRecord(options: CreateRecordOptions): Promise<TencentRecord> {
+    const { fullRecord, value, type, domain } = options;
+    this.logger.info('腾讯云DNS: 添加解析记录', { fullRecord, value, type, domain });
+
+    try {
+      // 提取主机记录
+      const hostRecord = fullRecord.replace(`.${domain}`, '');
+      
+      // 调用腾讯云 API 创建解析记录
+      const response = await this.access.doRequest({
+        action: 'CreateRecord',
+        data: {
+          Domain: domain,
+          SubDomain: hostRecord,
+          RecordType: type,
+          RecordValue: value,
+          TTL: 600, // 10分钟
+        }
+      });
+
+      this.logger.info('腾讯云DNS: 解析记录创建成功', { RecordId: response.RecordId });
+      return { RecordId: response.RecordId };
+    } catch (error) {
+      this.logger.error('腾讯云DNS: 创建解析记录失败', error);
+      throw new Error(`腾讯云DNS创建解析记录失败: ${error.message}`);
+    }
+  }
+
+  /**
+   * 删除 DNS 解析记录
+   */
+  async removeRecord(options: RemoveRecordOptions<TencentRecord>): Promise<void> {
+    const { fullRecord, value, domain } = options.recordReq;
+    const record = options.recordRes;
+    this.logger.info('腾讯云DNS: 删除解析记录', { fullRecord, value, domain, RecordId: record.RecordId });
+
+    try {
+      // 调用腾讯云 API 删除解析记录
+      await this.access.doRequest({
+        action: 'DeleteRecord',
+        data: {
+          RecordId: record.RecordId,
+        }
+      });
+
+      this.logger.info('腾讯云DNS: 解析记录删除成功', { RecordId: record.RecordId });
+    } catch (error) {
+      this.logger.error('腾讯云DNS: 删除解析记录失败', error);
+      // 即使删除失败也不抛出异常，避免影响整个证书申请流程
+    }
+  }
+
+  /**
+   * 获取域名列表
+   */
+  async getDomainListPage(req: PageSearch): Promise<PageRes<DomainRecord>> {
+    try {
+      const pager = new Pager(req);
+      const response = await this.access.doRequest({
+        action: 'DescribeDomains',
+        data: {
+          Offset: (pager.page - 1) * pager.pageSize,
+          Limit: pager.pageSize,
+          Keyword: req.searchKey,
+        }
+      });
+
+      const list = response.Domains.map((domain: any) => ({
+        id: domain.DomainId,
+        domain: domain.DomainName,
+      }));
+
+      return {
+        list,
+        total: response.TotalCount,
+      };
+    } catch (error) {
+      this.logger.error('腾讯云DNS: 获取域名列表失败', error);
+      return { list: [], total: 0 };
+    }
+  }
+}
+
+// 实例化插件
+new TencentDnsProvider();
+```
+
+## 注意事项
+
+1. **插件命名**：插件名称应简洁明了，反映其功能。
+2. **accessType**：必须指定对应的云平台的 access 类型名称。
+3. **记录结构**：定义适合对应云平台的记录数据结构，至少包含 id 字段用于删除记录。
+4. **日志输出**：使用 `this.logger` 输出日志，而不是 `console`，参数文本化，不要传对象，否则会输出`[object Object]}`。
+5. **错误处理**：API 调用失败时应抛出明确的错误信息。

.trae/skills/plugin-converter/SKILL.md

@@ -1,126 +1,90 @@
+---
+name: plugin-converter
+description: 用于将 Certd 插件转换为 YAML 配置文件的命令行工具，支持分析单个插件文件、识别插件类型并生成对应的 YAML 配置。当用户需要生成插件配置、转换插件格式、批量处理插件或修改现有插件配置时触发。
+version: 1.0.0
+---
+
 # 插件转换工具技能
 
-## 什么是插件转换工具
+## 角色定义
+你是一名 Certd 插件开发专家，擅长使用插件转换工具将 Certd 插件转换为 YAML 配置文件，熟悉命令行工具的使用和 Certd 插件开发规范。
 
-插件转换工具是一个用于将 Certd 插件转换为 YAML 配置文件的命令行工具。它可以分析单个插件文件，识别插件类型，并生成对应的 YAML 配置，可以让插件分发和在线注册。
+## 核心指令
+请严格按照以下步骤执行任务：
 
-## 工具位置
+1. **定位工具位置**
+   - 工具位于 `trae/skills/convert-plugin-to-yaml.js`
 
-`trae/skills/convert-plugin-to-yaml.js`
+2. **了解功能特性**
+   - 单个插件转换：支持指定单个插件文件进行转换
+   - 批量插件转换：支持指定目录批量转换多个插件
+   - 自动类型识别：自动识别插件类型（Access、Task、DNS Provider、Notification、Addon）
+   - 详细日志输出：提供详细的转换过程日志
+   - YAML 配置生成：生成标准的 YAML 配置文件
+   - 配置文件保存：自动将生成的配置保存到 `./metadata` 目录
+   - 自定义输出目录：支持指定自定义输出目录
+   - 格式化输出：支持格式化 YAML 输出
+   - 可复用函数：导出了可复用的函数，便于其他模块调用
 
-## 功能特性
+3. **使用工具**
+   - 基本用法：`node trae/skills/convert-plugin-to-yaml.js <插件文件路径>`
+   - 批量转换：`node trae/skills/convert-plugin-to-yaml.js <目录路径>`
+   - 自定义输出目录：`node trae/skills/convert-plugin-to-yaml.js <插件文件路径> --output <输出目录>`
+   - 格式化输出：`node trae/skills/convert-plugin-to-yaml.js <插件文件路径> --format`
+   - 示例：
+     - 转换 Access 插件：`node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js`
+     - 转换 Task 插件：`node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js`
+     - 转换 DNS Provider 插件：`node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js`
+     - 批量转换插件：`node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/`
+     - 自定义输出目录：`node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js --output ./configs`
 
-- **单个插件转换**：支持指定单个插件文件进行转换，而不是扫描整个目录
-- **自动类型识别**：自动识别插件类型（Access、Task、DNS Provider、Notification、Addon）
-- **详细日志输出**：提供详细的转换过程日志，便于调试
-- **YAML 配置生成**：生成标准的 YAML 配置文件
-- **配置文件保存**：自动将生成的配置保存到 `./metadata` 目录
-- **可复用函数**：导出了可复用的函数，便于其他模块调用
+4. **理解转换过程**
+   - 加载插件模块：使用 `import()` 动态加载指定的插件文件
+   - 分析插件定义：检查模块导出的对象，寻找带有 `define` 属性的插件
+   - 识别插件类型：根据插件的继承关系或属性识别插件类型
+   - 生成 YAML 配置：基于插件定义生成标准的 YAML 配置
+   - 保存配置文件：将生成的配置保存到 `./metadata` 目录
 
-## 使用方法
+5. **了解输出说明**
+   - 命令行输出：插件加载状态、插件导出的对象列表、插件类型识别结果、生成的 YAML 配置内容、配置文件保存路径
+   - 配置文件命名规则：`<插件类型>[_<子类型>]_<插件名称>.yaml`
 
-### 基本用法
+6. **理解插件类型识别逻辑**
+   - DNS Provider：如果插件定义中包含 `accessType` 属性
+   - Task：如果插件继承自 `AbstractTaskPlugin`
+   - Notification：如果插件继承自 `BaseNotification`
+   - Access：如果插件继承自 `BaseAccess`
+   - Addon：如果插件继承自 `BaseAddon`
 
-```bash
-node trae/skills/convert-plugin-to-yaml.js <插件文件路径>
-```
+7. **遵循注意事项**
+   - 文件路径：插件文件路径可以是相对路径或绝对路径
+   - 文件格式：仅支持 `.js` 文件，不支持 `.ts` 文件（需要先编译）
+   - 依赖安装：执行前确保已安装所有必要的依赖
+   - 配置目录：如果 `./metadata` 目录不存在，工具会自动创建
+   - 错误处理：如果插件加载失败或识别失败，工具会输出错误信息但不会终止执行
 
-### 示例
+## 输出规范
+- 必须包含工具的使用方法和示例
+- 必须包含转换过程的详细说明
+- 必须包含输出说明和配置文件命名规则
+- 必须包含插件类型识别逻辑
+- 必须包含注意事项和故障排除建议
+
+## 示例
+
+### 示例 1: 转换单个 Access 插件
+
+#### 用户输入
+将 Access 插件转换为 YAML 配置文件。
+
+#### 你的回答
 
 ```bash
 # 转换 Access 插件
 node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js
-
-# 转换 Task 插件
-node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
-
-# 转换 DNS Provider 插件
-node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js
 ```
 
-## 转换过程
-
-1. **加载插件模块**：使用 `import()` 动态加载指定的插件文件
-2. **分析插件定义**：检查模块导出的对象，寻找带有 `define` 属性的插件
-3. **识别插件类型**：根据插件的继承关系或属性识别插件类型
-4. **生成 YAML 配置**：基于插件定义生成标准的 YAML 配置
-5. **保存配置文件**：将生成的配置保存到 `./metadata` 目录
-
-## 输出说明
-
-### 命令行输出
-
-执行转换命令后，工具会输出以下信息：
-
-- 插件加载状态
-- 插件导出的对象列表
-- 插件类型识别结果
-- 生成的 YAML 配置内容
-- 配置文件保存路径
-
-### 配置文件命名规则
-
-生成的配置文件命名规则为：
-
-```
-<插件类型>[_<子类型>]_<插件名称>.yaml
-```
-
-例如：
-- `access_demo.yaml`（Access 插件）
-- `deploy_DemoTest.yaml`（Task 插件）
-- `dnsProvider_demo.yaml`（DNS Provider 插件）
-
-## 插件类型识别逻辑
-
-工具通过以下逻辑识别插件类型：
-
-1. **DNS Provider**：如果插件定义中包含 `accessType` 属性
-2. **Task**：如果插件继承自 `AbstractTaskPlugin`
-3. **Notification**：如果插件继承自 `BaseNotification`
-4. **Access**：如果插件继承自 `BaseAccess`
-5. **Addon**：如果插件继承自 `BaseAddon`
-
-## 注意事项
-
-1. **文件路径**：插件文件路径可以是相对路径或绝对路径
-2. **文件格式**：仅支持 `.js` 文件，不支持 `.ts` 文件（需要先编译）
-3. **依赖安装**：执行前确保已安装所有必要的依赖
-4. **配置目录**：如果 `./metadata` 目录不存在，工具会自动创建
-5. **错误处理**：如果插件加载失败或识别失败，工具会输出错误信息但不会终止执行
-
-## 代码结构
-
-### 主要函数
-
-1. **isPrototypeOf(value, cls)**：检查对象是否是指定类的原型
-2. **loadSingleModule(filePath)**：加载单个插件模块
-3. **convertSinglePlugin(pluginPath)**：分析单个插件并生成 YAML 配置
-4. **main()**：主函数，处理命令行参数并执行转换
-
-### 导出函数
-
-工具导出了以下函数，便于其他模块调用：
-
-```javascript
-export {
-  convertSinglePlugin,  // 转换单个插件
-  loadSingleModule,     // 加载单个模块
-  isPrototypeOf         // 检查原型关系
-};
-```
-
-## 应用场景
-
-1. **插件开发**：在开发新插件时，快速生成配置文件
-2. **插件调试**：查看插件的内部定义和配置
-3. **插件管理**：批量转换现有插件为标准配置格式
-4. **自动化构建**：集成到构建流程中，自动生成插件配置
-
-## 示例输出
-
-### 转换 Access 插件示例
-
+#### 输出
 ```bash
 $ node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js
 开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/access.js
@@ -142,30 +106,117 @@ YAML 配置已保存到: ./metadata/access_demo.yaml
 插件转换完成!
 ```
 
-### 转换 Task 插件示例
+### 示例 2: 批量转换插件
+
+#### 用户输入
+批量转换目录中的所有插件为 YAML 配置文件。
+
+#### 你的回答
 
 ```bash
-$ node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
+# 批量转换插件
+node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/
+```
+
+#### 输出
+```bash
+$ node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/
+开始转换目录: packages/ui/certd-server/src/plugins/
+
+正在处理文件: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+插件模块导出了 1 个对象: DemoAccess
+处理插件: DemoAccess
+插件类型: access
+脚本路径: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+
+生成的 YAML 配置:
+name: demo
+title: 授权插件示例
+desc: 这是一个示例授权插件，用于演示如何实现一个授权插件
+icon: clarity:plugin-line
+pluginType: access
+type: builtIn
+scriptFilePath: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+
+YAML 配置已保存到: ./metadata/access_demo.yaml
+插件转换完成!
+
+正在处理文件: packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
 开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
 插件模块导出了 1 个对象: DemoTest
 处理插件: DemoTest
-插件类型: deploy
+插件类型: task
 脚本路径: packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
 
 生成的 YAML 配置:
 name: DemoTest
 title: Demo-测试插件
-desc: ""
+desc: 这是一个示例任务插件，用于演示如何实现一个任务插件
 icon: clarity:plugin-line
+pluginType: task
 group: other
-default:
-  strategy:
-    runStrategy: SkipWhenSucceed
-pluginType: deploy
 type: builtIn
 scriptFilePath: packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.js
 
-YAML 配置已保存到: ./metadata/deploy_DemoTest.yaml
+YAML 配置已保存到: ./metadata/task_DemoTest.yaml
+插件转换完成!
+
+正在处理文件: packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js
+开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js
+插件模块导出了 1 个对象: DemoDnsProvider
+处理插件: DemoDnsProvider
+插件类型: dns-provider
+脚本路径: packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js
+
+生成的 YAML 配置:
+name: demo
+title: Dns提供商Demo
+desc: dns provider示例
+icon: clarity:plugin-line
+pluginType: dns-provider
+accessType: demo
+order: 99
+type: builtIn
+scriptFilePath: packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.js
+
+YAML 配置已保存到: ./metadata/dns-provider_demo.yaml
+插件转换完成!
+
+批量转换完成，共处理 3 个插件文件
+```
+
+### 示例 3: 自定义输出目录
+
+#### 用户输入
+将插件转换为 YAML 配置文件，并保存到自定义目录。
+
+#### 你的回答
+
+```bash
+# 自定义输出目录
+node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js --output ./configs
+```
+
+#### 输出
+```bash
+$ node trae/skills/convert-plugin-to-yaml.js packages/ui/certd-server/src/plugins/plugin-demo/access.js --output ./configs
+开始转换插件: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+插件模块导出了 1 个对象: DemoAccess
+处理插件: DemoAccess
+插件类型: access
+脚本路径: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+
+生成的 YAML 配置:
+name: demo
+title: 授权插件示例
+desc: 这是一个示例授权插件，用于演示如何实现一个授权插件
+icon: clarity:plugin-line
+pluginType: access
+type: builtIn
+scriptFilePath: packages/ui/certd-server/src/plugins/plugin-demo/access.js
+
+YAML 配置已保存到: ./configs/access_demo.yaml
 插件转换完成!
 ```
 
@@ -196,6 +247,30 @@ YAML 配置已保存到: ./metadata/deploy_DemoTest.yaml
 - **尝试简化插件**：如果转换失败，尝试创建一个最小化的插件示例进行测试
 - **检查依赖版本**：确保使用的依赖版本与 Certd 兼容
 
-## 总结
+## 代码结构
 
-插件转换工具是一个方便实用的工具，它可以帮助开发者快速生成插件的 YAML 配置文件，简化插件的注册和管理过程。通过命令行参数指定单个插件文件，工具会自动完成类型识别、配置生成和保存等操作，大大提高了插件开发和管理的效率。
+### 主要函数
+
+1. **isPrototypeOf(value, cls)**：检查对象是否是指定类的原型
+2. **loadSingleModule(filePath)**：加载单个插件模块
+3. **convertSinglePlugin(pluginPath)**：分析单个插件并生成 YAML 配置
+4. **main()**：主函数，处理命令行参数并执行转换
+
+### 导出函数
+
+工具导出了以下函数，便于其他模块调用：
+
+```javascript
+export {
+  convertSinglePlugin,  // 转换单个插件
+  loadSingleModule,     // 加载单个模块
+  isPrototypeOf         // 检查原型关系
+};
+```
+
+## 应用场景
+
+1. **插件开发**：在开发新插件时，快速生成配置文件
+2. **插件调试**：查看插件的内部定义和配置
+3. **插件管理**：批量转换现有插件为标准配置格式
+4. **自动化构建**：集成到构建流程中，自动生成插件配置

.trae/skills/task-plugin-dev/SKILL.md

@@ -1,12 +1,73 @@
+---
+name: task-plugin-dev
+description: 用于开发 Certd 系统中的 Task 插件，继承自 AbstractTaskPlugin 类，被流水线调用 execute 方法将证书部署到对应的应用上。当用户需要创建任务插件、部署证书、自动化任务或修改现有 Task 插件时触发。
+version: 1.0.0
+---
+
 # Task 插件开发技能
 
-## 什么是 Task 插件
+## 角色定义
+你是一名 Certd 插件开发专家，擅长创建和实现 Task 类型的插件，熟悉 TypeScript 编程和 Certd 插件开发规范。
 
-Task 插件是 Certd 系统中的部署任务插件，它继承自 `AbstractTaskPlugin` 类，被流水线调用 `execute` 方法，将证书部署到对应的应用上。
+## 核心指令
+请严格按照以下步骤执行任务：
 
-## 开发步骤
+1. **导入必要的依赖**
+   - 导入 `AbstractTaskPlugin`, `IsTaskPlugin`, `PageSearch`, `pluginGroups`, `RunStrategy`, `TaskInput` 等必要的类型和装饰器
+   - 导入 `CertInfo`, `CertReader` 等证书相关类型
+   - 导入 `createCertDomainGetterInputDefine`, `createRemoteSelectInputDefine` 等工具函数
+   - 导入 `optionsUtils` 等辅助工具
+   - 导入 `CertApplyPluginNames` 等常量
 
-### 1. 导入必要的依赖
+2. **使用 @IsTaskPlugin 注解注册插件**
+   - 配置插件的唯一标识、标题、图标
+   - 设置插件分组
+   - 配置默认策略（如 `SkipWhenSucceed`）
+   - 确保类名与插件名称一致
+
+3. **定义任务输入参数**
+   - 使用 `@TaskInput` 注解定义各种输入参数
+   - 必须包含证书选择参数，用于获取前置任务输出的域名证书
+   - 可以添加授权选择框、文本输入、选择框等参数
+   - 使用 `createCertDomainGetterInputDefine` 获取证书域名列表
+
+4. **实现动态显隐配置**
+   - 使用 `mergeScript` 实现根据其他输入值动态控制输入项的显隐状态
+   - 利用 `ctx.compute` 函数访问表单中的其他字段值
+
+5. **实现插件方法**
+   - **onInstance 方法**：插件实例化时执行的初始化操作
+   - **execute 方法**：插件的核心执行逻辑
+     - 获取授权信息
+     - 读取证书信息
+     - 执行具体的部署逻辑
+     - 处理错误并记录日志
+     - 实现幂等性：确保重复执行不会导致问题
+     - 实现超时处理：设置合理的超时时间
+     - 实现回滚机制：在部署失败时能够回滚到之前的状态
+   - **后端获取选项方法**：用于前端从后端获取选项的方法
+
+6. **遵循开发最佳实践**
+   - 插件命名：遵循命名规范，大写字母开头，驼峰命名
+   - 类名规范：类名应与插件名称一致
+   - 日志输出：使用 `this.logger` 输出日志
+   - 错误处理：捕获并记录执行过程中的错误
+   - 授权获取：使用 `this.getAccess(accessId)` 获取授权信息
+
+## 输出规范
+- 必须包含完整的插件实现代码
+- 代码必须包含详细的注释说明
+- 提供完整的示例代码，展示插件的使用方法
+- 包含开发注意事项和最佳实践
+
+## 示例
+
+### 示例 1: 基本 Task 插件
+
+#### 用户输入
+创建一个 Task 插件，用于将证书部署到对应的应用上。
+
+#### 你的回答
 
 ```typescript
 import { AbstractTaskPlugin, IsTaskPlugin, PageSearch, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
@@ -14,231 +75,10 @@ import { CertInfo, CertReader } from '@certd/plugin-cert';
 import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from '@certd/plugin-lib';
 import { optionsUtils } from '@certd/basic';
 import { CertApplyPluginNames} from '@certd/plugin-cert';
-```
 
-### 2. 使用 @IsTaskPlugin 注解注册插件
-
-```typescript
 @IsTaskPlugin({
   //命名规范，插件类型+功能，大写字母开头，驼峰命名
   name: 'DemoTest',
-  title: 'Demo-测试插件', // 插件标题
-  icon: 'clarity:plugin-line', // 插件图标
-  // 插件分组
-  group: pluginGroups.other.key,
-  default: {
-    // 默认值配置照抄即可
-    strategy: {
-      runStrategy: RunStrategy.SkipWhenSucceed,
-    },
-  },
-})
-// 类名规范，跟上面插件名称（name）一致
-export class DemoTest extends AbstractTaskPlugin {
-  // 插件实现...
-}
-```
-
-### 3. 定义任务输入参数
-
-使用 `@TaskInput` 注解定义任务输入参数：
-
-```typescript
-// 测试参数
-@TaskInput({
-  title: '属性示例',
-  value: '默认值',
-  component: {
-    // 前端组件配置，具体配置见组件文档 https://www.antdv.com/components/input-cn
-    name: 'a-input',
-    vModel: 'value', // 双向绑定组件的 props 名称
-  },
-  helper: '帮助说明,[链接](https://certd.docmirror.cn)',
-  required: false, // 是否必填
-})
-text!: string;
-
-// 证书选择，此项必须要有
-@TaskInput({
-  title: '域名证书',
-  helper: '请选择前置任务输出的域名证书',
-  component: {
-    name: 'output-selector',
-    from: [...CertApplyPluginNames],
-  },
-  // required: true, // 必填
-})
-cert!: CertInfo;
-
-@TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
-// 前端可以展示，当前申请的证书域名列表
-certDomains!: string[];
-
-// 授权选择框
-@TaskInput({
-  title: 'demo授权',
-  helper: 'demoAccess授权',
-  component: {
-    name: 'access-selector',
-    vModel:"modelValue",
-    type: "demo", // access类型，让用户固定选择这种类型的access
-  },
-  // rules: [{ required: true, message: '此项必填' }],
-  // required: true, // 必填
-})
-accessId!: string;
-```
-
-### 4. 动态显隐配置（mergeScript）
-
-使用 `mergeScript` 可以实现根据其他输入值动态控制当前输入项的显隐状态。
-
-```typescript
-@TaskInput({
-  title: '匹配模式',
-  component: {
-    name: 'select',
-    options: [
-      { label: '手动选择', value: 'manual' },
-      { label: '根据证书匹配', value: 'auto' },
-    ],
-  },
-  default: 'manual',
-})
-domainMatchMode!: 'manual' | 'auto';
-
-@TaskInput(
-  createRemoteSelectInputDefine({
-    title: 'DCDN加速域名',
-    helper: '你在阿里云上配置的DCDN加速域名',
-    action: DeployCertToAliyunDCDN.prototype.onGetDomainList.name,
-    watches: ['certDomains', 'accessId'],
-    required: true,
-    mergeScript: `
-      return {
-        show: ctx.compute(({form})=>{
-          return domainMatchMode === "manual"
-        })
-      }
-    `,
-  })
-)
-domainName!: string | string[];
-```
-
-`mergeScript` 中的 `ctx.compute` 函数接收一个回调函数，通过 `form` 参数可以访问表单中的其他字段值。
-
-### 5. 实现插件方法
-
-#### 5.1 插件实例化时执行的方法
-
-```typescript
-// 插件实例化时执行的方法
-async onInstance() {}
-```
-
-#### 5.2 插件执行方法
-
-```typescript
-// 插件执行方法
-async execute(): Promise<void> {
-  const { select, text, cert, accessId } = this;
-
-  try {
-    const access = await this.getAccess(accessId);
-    this.logger.debug('access', access);
-  } catch (e) {
-    this.logger.error('获取授权失败', e);
-  }
-
-  try {
-    const certReader = new CertReader(cert);
-    this.logger.debug('certReader', certReader);
-  } catch (e) {
-    this.logger.error('读取crt失败', e);
-  }
-
-  this.logger.info('DemoTestPlugin execute');
-  this.logger.info('text:', text);
-  this.logger.info('select:', select);
-  this.logger.info('switch:', this.switch);
-  this.logger.info('授权id:', accessId);
-
-  // 具体的部署逻辑
-  // ...
-}
-```
-
-#### 5.3 后端获取选项方法
-
-使用 `createRemoteSelectInputDefine` 创建远程选择输入项，`action` 指向的方法接收 `PageSearch` 参数并返回 `{ list, total }` 格式。
-
-```typescript
-@TaskInput(
-  createRemoteSelectInputDefine({
-    title: '从后端获取选项',
-    helper: '选择时可以从后端获取选项',
-    action: DemoTest.prototype.onGetSiteList.name,
-    // 当以下参数变化时，触发获取选项
-    watches: ['certDomains', 'accessId'],
-    required: true,
-  })
-)
-siteName!: string | string[];
-
-// 从后端获取选项的方法，接收PageSearch参数
-async onGetSiteList(data: PageSearch) {
-  if (!this.accessId) {
-    throw new Error('请选择Access授权');
-  }
-
-  // @ts-ignore
-  const access = await this.getAccess(this.accessId);
-
-  // const siteRes = await access.GetDomainList(data);
-  // 以下是模拟数据
-  const siteRes = [
-    { id: 1, siteName: 'site1.com' },
-    { id: 2, siteName: 'site2.com' },
-    { id: 3, siteName: 'site2.com' },
-  ];
-  // 转换为前端所需要的格式
-  const options = siteRes.map((item: any) => {
-    return {
-      value: item.siteName,
-      label: item.siteName,
-      domain: item.siteName,
-    };
-  });
-  
-  // 返回{list, total}格式
-  return {
-    list: optionsUtils.buildGroupOptions(options, this.certDomains),
-    total: siteRes.length,
-  };
-}
-```
-
-## 注意事项
-
-1. **插件命名**：插件名称应遵循命名规范，大写字母开头，驼峰命名。
-2. **类名规范**：类名应与插件名称（name）一致。
-3. **证书选择**：必须包含证书选择参数，用于获取前置任务输出的域名证书。
-4. **日志输出**：使用 `this.logger` 输出日志，而不是 `console`。
-5. **错误处理**：执行过程中的错误应被捕获并记录。
-6. **授权获取**：使用 `this.getAccess(accessId)` 获取授权信息。
-
-## 完整示例
-
-```typescript
-import { AbstractTaskPlugin, IsTaskPlugin, PageSearch, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
-import { CertInfo, CertReader } from '@certd/plugin-cert';
-import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from '@certd/plugin-lib';
-import { optionsUtils } from '@certd/basic';
-import { CertApplyPluginNames} from '@certd/plugin-cert';
-@IsTaskPlugin({
-  //命名规范，插件类型+功能（就是目录plugin-demo中的demo），大写字母开头，驼峰命名
-  name: 'DemoTest',
   title: 'Demo-测试插件',
   icon: 'clarity:plugin-line',
   //插件分组
@@ -286,7 +126,7 @@ export class DemoTest extends AbstractTaskPlugin {
     title: '动态显隐',
     helper: '我会根据选择框的值进行显隐',
     show: true, //动态计算的值会覆盖它
-    //动态计算脚本， mergeScript返回的对象会合并当前配置，此处演示 show的值会被动态计算结果覆盖，show的值根据用户选择的select的值决定
+    //动态计算脚本， mergeScript返回的对象会合并当前配置
     mergeScript: `
     return {
       show: ctx.compute(({form})=>{
@@ -324,6 +164,7 @@ export class DemoTest extends AbstractTaskPlugin {
     },
   })
   switch!: boolean;
+
   //证书选择，此项必须要有
   @TaskInput({
     title: '域名证书',
@@ -392,6 +233,7 @@ export class DemoTest extends AbstractTaskPlugin {
     this.logger.info('switch:', this.switch);
     this.logger.info('授权id:', accessId);
 
+    // 具体的部署逻辑
     // const res = await this.http.request({
     //   url: 'https://api.demo.com',
     //   method: 'GET',
@@ -435,3 +277,370 @@ export class DemoTest extends AbstractTaskPlugin {
   }
 }
 ```
+
+### 示例 2: Nginx 部署 Task 插件
+
+#### 用户输入
+创建一个 Task 插件，用于将证书部署到 Nginx 服务器上。
+
+#### 你的回答
+
+```typescript
+import { AbstractTaskPlugin, CertInfo, IsTaskPlugin, TaskInput, pluginGroups, RunStrategy } from '@certd/pipeline';
+import { CertReader } from '@certd/plugin-lib';
+
+/**
+ * Nginx 证书部署插件
+ */
+@IsTaskPlugin({
+  name: 'NginxDeploy',
+  title: 'Nginx 部署',
+  desc: '将证书部署到 Nginx 服务器上',
+  icon: 'clarity:server-line',
+  group: pluginGroups.deploy.key,
+  default: {
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed,
+    },
+  },
+})
+export class NginxDeploy extends AbstractTaskPlugin {
+  /**
+   * 服务器授权
+   */
+  @TaskInput({
+    title: '服务器授权',
+    component: {
+      name: 'access-selector',
+      vModel: 'accessId',
+      accessTypes: ['ssh'],
+      placeholder: '请选择服务器授权',
+    },
+    required: true,
+  })
+  accessId = '';
+
+  /**
+   * 域名证书
+   */
+  @TaskInput({
+    title: '域名证书',
+    component: {
+      name: 'output-selector',
+      from: ['CertApply', 'CertApplyCloudflare'],
+      field: 'cert',
+    },
+    required: true,
+  })
+  cert!: CertInfo;
+
+  /**
+   * 证书路径
+   */
+  @TaskInput({
+    title: '证书路径',
+    value: '/etc/nginx/ssl',
+    component: {
+      name: 'a-input',
+      placeholder: '请输入证书存储路径',
+    },
+    required: true,
+  })
+  certPath = '';
+
+  /**
+   * Nginx 配置文件路径
+   */
+  @TaskInput({
+    title: 'Nginx 配置文件',
+    value: '/etc/nginx/conf.d',
+    component: {
+      name: 'a-input',
+      placeholder: '请输入 Nginx 配置文件路径',
+    },
+    required: true,
+  })
+  nginxConfPath = '';
+
+  /**
+   * 服务名称
+   */
+  @TaskInput({
+    title: '服务名称',
+    component: {
+      name: 'a-input',
+      placeholder: '请输入服务名称（用于生成配置文件）',
+    },
+    required: true,
+  })
+  serviceName = '';
+
+  /**
+   * 执行部署
+   */
+  async execute(): Promise<void> {
+    this.logger.info('开始部署证书到 Nginx');
+
+    try {
+      // 1. 获取服务器授权
+      const sshAccess = await this.getAccess(this.accessId);
+      this.logger.info('获取服务器授权成功');
+
+      // 2. 读取证书信息
+      const certReader = new CertReader(this.cert);
+      const cert = certReader.getCert();
+      const key = certReader.getKey();
+      const fullchain = certReader.getFullChain();
+      this.logger.info('读取证书信息成功');
+
+      // 3. 准备部署路径
+      const certFile = `${this.certPath}/${this.serviceName}.pem`;
+      const keyFile = `${this.certPath}/${this.serviceName}.key`;
+      const confFile = `${this.nginxConfPath}/${this.serviceName}.conf`;
+
+      // 4. 创建证书目录
+      await sshAccess.exec(`mkdir -p ${this.certPath}`);
+      this.logger.info('创建证书目录成功');
+
+      // 5. 上传证书文件
+      await sshAccess.uploadContent(cert, certFile);
+      await sshAccess.uploadContent(key, keyFile);
+      await sshAccess.uploadContent(fullchain, `${this.certPath}/${this.serviceName}-fullchain.pem`);
+      this.logger.info('上传证书文件成功');
+
+      // 6. 生成 Nginx 配置
+      const nginxConf = `server {
+    listen 443 ssl;
+    server_name ${this.cert.domains.join(' ')};
+
+    ssl_certificate ${certFile};
+    ssl_certificate_key ${keyFile};
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384;
+    ssl_prefer_server_ciphers on;
+
+    location / {
+        proxy_pass http://localhost:80;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+}
+`;
+
+      // 7. 上传 Nginx 配置
+      await sshAccess.uploadContent(nginxConf, confFile);
+      this.logger.info('上传 Nginx 配置成功');
+
+      // 8. 测试 Nginx 配置
+      const testResult = await sshAccess.exec('nginx -t');
+      if (testResult.includes('test is successful')) {
+        this.logger.info('Nginx 配置测试成功');
+      } else {
+        throw new Error(`Nginx 配置测试失败: ${testResult}`);
+      }
+
+      // 9. 重启 Nginx 服务
+      await sshAccess.exec('systemctl reload nginx');
+      this.logger.info('重启 Nginx 服务成功');
+
+      this.logger.info('证书部署到 Nginx 成功');
+    } catch (error) {
+      this.logger.error('部署失败:', error);
+      throw new Error(`部署到 Nginx 失败: ${error.message}`);
+    }
+  }
+}
+
+// 实例化插件
+new NginxDeploy();
+```
+
+### 示例 3: 阿里云 OSS 部署 Task 插件
+
+#### 用户输入
+创建一个 Task 插件，用于将证书部署到阿里云 OSS 上。
+
+#### 你的回答
+
+```typescript
+import { AbstractTaskPlugin, CertInfo, IsTaskPlugin, TaskInput, pluginGroups, RunStrategy } from '@certd/pipeline';
+import { CertReader } from '@certd/plugin-lib';
+
+/**
+ * 阿里云 OSS 证书部署插件
+ */
+@IsTaskPlugin({
+  name: 'AliyunOSSDeploy',
+  title: '阿里云 OSS 部署',
+  desc: '将证书部署到阿里云 OSS 存储上',
+  icon: 'clarity:cloud-line',
+  group: pluginGroups.deploy.key,
+  default: {
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed,
+    },
+  },
+})
+export class AliyunOSSDeploy extends AbstractTaskPlugin {
+  /**
+   * 阿里云授权
+   */
+  @TaskInput({
+    title: '阿里云授权',
+    component: {
+      name: 'access-selector',
+      vModel: 'accessId',
+      accessTypes: ['aliyun'],
+      placeholder: '请选择阿里云授权',
+    },
+    required: true,
+  })
+  accessId = '';
+
+  /**
+   * 域名证书
+   */
+  @TaskInput({
+    title: '域名证书',
+    component: {
+      name: 'output-selector',
+      from: ['CertApply', 'CertApplyCloudflare'],
+      field: 'cert',
+    },
+    required: true,
+  })
+  cert!: CertInfo;
+
+  /**
+   * OSS 存储桶
+   */
+  @TaskInput({
+    title: 'OSS 存储桶',
+    component: {
+      name: 'a-input',
+      placeholder: '请输入 OSS 存储桶名称',
+    },
+    required: true,
+  })
+  bucketName = '';
+
+  /**
+   * 存储路径
+   */
+  @TaskInput({
+    title: '存储路径',
+    value: 'ssl/',
+    component: {
+      name: 'a-input',
+      placeholder: '请输入证书存储路径',
+    },
+  })
+  storagePath = '';
+
+  /**
+   * 执行部署
+   */
+  async execute(): Promise<void> {
+    this.logger.info('开始部署证书到阿里云 OSS');
+
+    try {
+      // 1. 获取阿里云授权
+      const aliyunAccess = await this.getAccess(this.accessId);
+      this.logger.info('获取阿里云授权成功');
+
+      // 2. 读取证书信息
+      const certReader = new CertReader(this.cert);
+      const cert = certReader.getCert();
+      const key = certReader.getKey();
+      const fullchain = certReader.getFullChain();
+      this.logger.info('读取证书信息成功');
+
+      // 3. 准备存储路径
+      const basePath = this.storagePath.endsWith('/') ? this.storagePath : `${this.storagePath}/`;
+      const certFileName = `${basePath}${this.cert.domains[0]}.pem`;
+      const keyFileName = `${basePath}${this.cert.domains[0]}.key`;
+      const fullchainFileName = `${basePath}${this.cert.domains[0]}-fullchain.pem`;
+
+      // 4. 上传证书到 OSS
+      await aliyunAccess.uploadToOSS({
+        bucket: this.bucketName,
+        key: certFileName,
+        content: cert,
+      });
+      this.logger.info('上传证书文件成功');
+
+      await aliyunAccess.uploadToOSS({
+        bucket: this.bucketName,
+        key: keyFileName,
+        content: key,
+      });
+      this.logger.info('上传私钥文件成功');
+
+      await aliyunAccess.uploadToOSS({
+        bucket: this.bucketName,
+        key: fullchainFileName,
+        content: fullchain,
+      });
+      this.logger.info('上传完整证书链成功');
+
+      // 5. 设置文件访问权限（可选）
+      await aliyunAccess.setOSSObjectAcl({
+        bucket: this.bucketName,
+        key: certFileName,
+        acl: 'private',
+      });
+
+      await aliyunAccess.setOSSObjectAcl({
+        bucket: this.bucketName,
+        key: keyFileName,
+        acl: 'private',
+      });
+
+      await aliyunAccess.setOSSObjectAcl({
+        bucket: this.bucketName,
+        key: fullchainFileName,
+        acl: 'private',
+      });
+      this.logger.info('设置文件访问权限成功');
+
+      this.logger.info('证书部署到阿里云 OSS 成功');
+    } catch (error) {
+      this.logger.error('部署失败:', error);
+      throw new Error(`部署到阿里云 OSS 失败: ${error.message}`);
+    }
+  }
+}
+
+// 实例化插件
+new AliyunOSSDeploy();
+```
+
+## 注意事项
+
+1. **插件命名**：插件名称应遵循命名规范，大写字母开头，驼峰命名。
+2. **类名规范**：类名应与插件名称（name）一致。
+3. **证书选择**：必须包含证书选择参数，用于获取前置任务输出的域名证书。
+4. **日志输出**：使用 `this.logger` 输出日志，而不是 `console`，参数文本化，不要传对象，否则会输出`[object Object]}`。
+5. **错误处理**：执行过程中的错误应被捕获并记录。
+6. **授权获取**：使用 `this.getAccess(accessId)` 获取授权信息。
+
+## 部署逻辑注意事项
+
+1. **部署接口逻辑**：
+   - 研究应用的部署接口逻辑，一般有两种：
+     a. 用户选择网站ID，给网站部署新证书
+     b. 用户选择证书ID，只需要更新证书即可
+   - 保证多次执行都能针对同一个对象部署证书
+   - 确保出错后重新运行能够回归到正常状态
+
+2. **前置证书选择**：
+   - 前置证书可以是原始的 `certInfo` 类型，也可能是上传到平台之后返回的证书id
+   - 根据接口要求选择合适的证书类型：
+     a. 如果接口需要上传后的证书id，那么部署时要先将证书上传，再部署
+     b. 如果接口需要原始的 `certInfo` 类型，那么直接使用 `certInfo` 部署证书
+     c. 当两者都支持时，判断用户选择的证书类型，再考虑优先上传再部署
+
+3. **证书清理**：
+   - 如果是先上传再部署的，那么在部署完成后，可能需要考虑清理证书
+```

.vscode/launch.json

@@ -65,6 +65,16 @@
             "console": "integratedTerminal",
             "internalConsoleOptions": "neverOpen"
         },
+        {
+            "name": "server-new",
+            "type": "node",
+            "request": "launch",
+            "cwd": "${workspaceFolder}/packages/ui/certd-server",
+            "runtimeExecutable": "pnpm",
+            "runtimeArgs": ["dev-new"],
+            "console": "integratedTerminal",
+            "internalConsoleOptions": "neverOpen"
+        },
         {
             "name": "server-local-plus",
             "type": "node",

AGENTS.md

@@ -0,0 +1,208 @@
+# Certd 开发 Agent 上下文
+
+这个文件是给在本仓库工作的开发 agent 看的常驻项目说明。后续会话进入仓库后，应先读取它，再按任务需要查看具体代码，避免每次都重新全量扫描项目。
+
+## 项目用途
+
+Certd 是一个支持私有化部署的 SSL/TLS 证书自动化管理平台。它提供 Web 管理台和后端服务，用于证书申请、续期、部署、监控、通知和开放 API 集成。
+
+它不只是一个简单的 ACME 客户端。项目的核心产品模型是“证书流水线”：
+
+- 通过 ACME 申请证书
+- 支持 DNS-01、HTTP-01、CNAME 代理以及各类服务商集成来完成域名验证
+- 支持将证书转换或导出为 pem、pfx、der、jks、p7b 等格式
+- 支持把证书部署到主机、Nginx、Kubernetes、CDN、云厂商、面板等目标
+- 支持通知用户，并监控站点证书过期时间
+
+由于系统会保存证书、云厂商凭据、SSH 信息、API Key 等敏感数据，产品定位上强烈建议私有化/本地部署。
+
+## 仓库结构
+
+这是一个 pnpm + lerna 的 monorepo。
+
+- `package.json`：根脚本和 workspace 元信息
+- `pnpm-workspace.yaml`：workspace 包匹配规则
+- `lerna.json`：lerna-lite 配置
+- `docs/`：VitePress 文档站
+- `docker/`：Docker 安装和运行相关文件
+- `packages/core/acme-client/`：ACME 协议客户端，风格接近 node-acme-client
+- `packages/core/basic/`：共享基础工具和基础设施
+- `packages/core/pipeline/`：流水线核心、注册表、装饰器、插件模型、上下文、服务、通知等
+- `packages/libs/`：共享集成与辅助库，例如 server、Huawei、JDCloud、Kubernetes、iframe
+- `packages/plugins/plugin-lib/`：通用插件辅助能力和证书相关共享代码
+- `packages/plugins/plugin-cert/`：证书流水线插件包
+- `packages/pro/`：商业版/专业版相关包
+- `packages/ui/certd-server/`：后端服务
+- `packages/ui/certd-client/`：前端 Web 管理台
+
+## 后端
+
+主要后端包：`packages/ui/certd-server`。
+
+技术栈：
+
+- Node.js、ESM、TypeScript
+- MidwayJS 3
+- Koa
+- TypeORM
+- 默认使用 better-sqlite3，同时支持 PostgreSQL 和 MySQL
+- 通过 `@certd/midway-flyway-js` 使用类似 Flyway 的 SQL 迁移机制
+
+重要位置：
+
+- `packages/ui/certd-server/src/config/config.default.ts`：默认服务、静态文件、数据库、定时任务、认证、上传、Swagger 配置
+- `packages/ui/certd-server/src/config/`：环境与配置加载逻辑
+- `packages/ui/certd-server/src/configuration.ts`：Midway 应用配置、中间件注册、组件导入
+- `packages/ui/certd-server/src/modules/`：业务模块，例如 pipeline、cert、cron、monitor、login、open API、sys、plugin、cname、notification
+- `packages/ui/certd-server/src/controller/`：按 API 领域划分的控制器
+- `packages/ui/certd-server/src/plugins/`：后端内置的具体服务商、部署、通知等插件
+- `packages/ui/certd-server/db/migration/`：数据库迁移 SQL
+- `packages/ui/certd-server/data/`：本地运行数据，例如 SQLite 数据库和生成文件
+- `packages/ui/certd-server/logs/`：运行日志
+
+已观察到的默认开发配置：
+
+- HTTP 端口：`7001`
+- HTTPS 端口：`7002`
+- 默认 SQLite 数据库：`./data/db.sqlite`
+- 默认文件根目录：`./data/files`
+
+常用脚本：
+
+- 根目录 `pnpm run start:server`：以生产模式启动后端包
+- 后端 `pnpm run dev`：启动 Midway watch/dev 服务
+- 后端 `pnpm run test`：运行后端 mocha 测试
+- 后端 `pnpm run build`：构建后端并导出插件元数据
+
+## 前端
+
+主要前端包：`packages/ui/certd-client`。
+
+技术栈：
+
+- Vue 3
+- Vite
+- TypeScript
+- Ant Design Vue
+- Fast Crud
+- Pinia
+- vue-router
+- vue-i18n
+- Tailwind/Windi 相关样式工具
+
+重要位置：
+
+- `packages/ui/certd-client/src/main.ts`：前端启动入口
+- `packages/ui/certd-client/src/App.vue`：根组件
+- `packages/ui/certd-client/src/api/`：API 调用封装
+- `packages/ui/certd-client/src/router/`：路由
+- `packages/ui/certd-client/src/store/`：Pinia store
+- `packages/ui/certd-client/src/views/certd/`：核心产品页面，例如流水线、证书、授权、监控、通知、开放 API、项目、支付、插件
+- `packages/ui/certd-client/src/components/`：共享 UI 组件
+- `packages/ui/certd-client/src/locales/`：国际化
+
+常用脚本：
+
+- 前端 `pnpm dev`：启动 Vite 开发服务
+- 前端 `pnpm build`：生产构建
+- 前端 `pnpm tsc`：类型检查
+- 前端 `pnpm test:unit`：Vitest 单元测试
+
+## 流水线与插件模型
+
+项目最关键的架构概念是证书流水线。
+
+可以从 `packages/core/pipeline/src/index.ts` 入手，它导出：
+
+- `core`
+- `dt`
+- `access`
+- `registry`
+- `plugin`
+- `context`
+- `decorator`
+- `service`
+- `notification`
+
+插件是核心能力，不是边缘功能。新增服务商、DNS 验证、证书部署、通知方式等能力，通常应该放在插件包里，或放在 `packages/ui/certd-server/src/plugins/<plugin-name>/` 下。
+
+后端已看到的插件类型包括：
+
+- DNS 和注册商服务商：Aliyun、Tencent、Cloudflare、Huawei、JDCloud、AWS、Azure、Google、GoDaddy、Namesilo、Xinnet、West、UCloud、Qiniu、Upyun、Volcengine 等
+- 部署目标：host、Kubernetes、Nginx Proxy Manager、APISIX、Proxmox、QNAP、Dokploy、GoEdge、各类 CDN、各类面板
+- 系统/产品插件：notification、captcha、oauth、admin、plus/pro、demo/template
+
+当修改证书申请、验证、部署或通知行为时，先判断改动属于哪里：
+
+- ACME client 代码
+- pipeline 核心抽象
+- 后端 module/service/entity/controller
+- 某个具体插件实现
+- 前端 view/form/schema
+
+如果只是某个服务商或部署目标的问题，不要轻易修改共享 pipeline/core 行为，除非确实是可复用的公共能力。
+
+## 数据与迁移
+
+后端使用 TypeORM 实体加 SQL 迁移。
+
+重点查看：
+
+- `packages/ui/certd-server/src/modules/**/entity/*.ts`
+- `packages/ui/certd-server/db/migration/*.sql`
+
+默认配置中 `synchronize: false`，所以涉及表结构变更时，通常应该添加或更新迁移脚本，而不是依赖 TypeORM 自动同步。
+
+## 开发注意事项
+
+- 中文 README 在部分 PowerShell 环境中可能显示乱码；`README_en.md` 可读性更好，且包含同样的高层项目说明。
+- 初次整理时观察到当前分支为 `v2-dev`。
+- 根包管理器是 pnpm，不要引入 npm/yarn lockfile。
+- 优先沿用现有模块、插件、服务模式，再考虑新增抽象。
+- `packages/ui/certd-server/data/`、`logs/`、生成的 metadata/dist 等通常视为运行时或构建产物，除非任务明确要求处理它们。
+- 注意本地数据和配置里可能包含凭据、证书材料等敏感信息。
+
+## 插件开发技能
+
+仓库内置了 Certd 插件开发技能，供 Trae 和 Codex 共用：
+
+- Trae 入口：`.trae/skills`
+- Codex 入口：`.codex/skills`
+
+其中 `.codex/skills` 是指向 `.trae/skills` 的目录链接，不要复制出第二份技能内容。更新技能时只维护 `.trae/skills` 下的原始文件，Codex 会通过 `.codex/skills` 读取同一份内容。
+
+当前技能包括：
+
+- `access-plugin-dev`：开发 Access 授权插件
+- `dns-provider-dev`：开发 DNS Provider 插件
+- `task-plugin-dev`：开发 Task 部署任务插件
+- `plugin-converter`：将插件转换为 YAML 配置
+
+做插件相关任务时，先读取对应技能目录下的 `SKILL.md`，再进入具体实现。若用户在插件开发中指出更好的做法，应总结并更新对应技能。
+
+## 快速定向命令
+
+进入项目后，优先使用这些有目标的读取命令，而不是立刻全仓库扫描：
+
+```powershell
+Get-Content -Encoding utf8 package.json
+Get-Content -Encoding utf8 pnpm-workspace.yaml
+Get-Content -Encoding utf8 lerna.json
+Get-Content -Encoding utf8 README_en.md -TotalCount 180
+Get-Content -Encoding utf8 packages\ui\certd-server\package.json
+Get-Content -Encoding utf8 packages\ui\certd-client\package.json
+Get-ChildItem packages\ui\certd-server\src\modules
+Get-ChildItem packages\ui\certd-server\src\plugins
+Get-ChildItem packages\ui\certd-client\src\views\certd
+```
+
+## 本仓库 Agent 工作方式
+
+- 先读本文件，再按用户任务查看相关 package/module。
+- 在 PowerShell 中读取中文、Markdown、locale、文档类文件时，显式使用 `Get-Content -Encoding utf8`；如果仍然显示乱码，再先执行 `[Console]::OutputEncoding = [System.Text.UTF8Encoding]::new()` 后重试。
+- 做后端任务时，先定位 `packages/ui/certd-server/src/modules` 下的模块，以及相关 entity/service/controller。
+- 做前端任务时，先定位 `packages/ui/certd-client/src/views/certd` 下的页面，再找对应 `src/api`。
+- 做服务商、DNS、部署、通知相关任务时，先看 `packages/ui/certd-server/src/plugins`，再看 `packages/plugins/plugin-lib` 里的共享辅助能力。
+- 做数据库结构变更时，添加或更新迁移脚本，不要依赖 TypeORM 自动同步。
+- 前端 TS/Vue/locale 等文件改动后，优先只对本次改动文件运行项目现有自动格式化/修复，例如 `corepack pnpm --dir packages\ui\certd-client exec prettier --write <files>` 和 `corepack pnpm --dir packages\ui\certd-client exec eslint --fix <files>`；不要为了格式化无关文件而扩大 diff。项目保留了 `tslint` 依赖，但当前主要使用 ESLint + Prettier。
+- 优先对改动包运行聚焦的测试或类型检查；只有跨包影响明显时再考虑全 monorepo 构建。

CHANGELOG.md

@@ -3,6 +3,66 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+### Bug Fixes
+
+* 调整手机版首页标题被挤开的bug ([eab66e2](https://github.com/certd/certd/commit/eab66e2d1988635985745f2d1b227b958969ee00))
+* 修复腾讯云clb部署报缺少sslmode参数的bug ([2f1ad72](https://github.com/certd/certd/commit/2f1ad7201f5ed9e00368a28b9e40907d4b415852))
+
+### Performance Improvements
+
+* 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
+* 阿里云证书订单支持获取2.0的订单 ([64b3184](https://github.com/certd/certd/commit/64b3184b286fee996002d857b0de588452abdadd))
+* 优化流水线执行时的状态保存性能 ([e00830b](https://github.com/certd/certd/commit/e00830bebcfe6344499e490bc174de96f9fb22d6))
+* 增加权威NS检查开关，某些用户服务器禁止向黑名单NS服务器发请求 ([1aa50cf](https://github.com/certd/certd/commit/1aa50cf53a0deab752f35ec973912e41ab8161b6))
+* 支持页脚自定义 ([c985a13](https://github.com/certd/certd/commit/c985a13544aa31b0eb0783f9a3193a7e8bdc6ed6))
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+### Bug Fixes
+
+* 修复列表页面底部滚动条与表格之间有空白间隙的bug ([71cfcad](https://github.com/certd/certd/commit/71cfcad2a15aac0badd85a10c4012a1e713654d1))
+* 修复流水线未编辑模式下也提示未保存的bug ([64a3503](https://github.com/certd/certd/commit/64a350364d820725b5e69d22ac2416809092f97d))
+* 修复商业版设置了公共eab，创建流水线仍然会显示需要配置eab的bug ([24dff05](https://github.com/certd/certd/commit/24dff05f6427dadec1e40350214c0167e1d6a73d))
+* 修复站点监控某些情况下获取不到证书的bug ([a2bbc7e](https://github.com/certd/certd/commit/a2bbc7e27298821d75a36abac6ec05d86dcf51f4))
+
+### Performance Improvements
+
+*  支持google dns插件 ([edc7bfc](https://github.com/certd/certd/commit/edc7bfc23043c2c6ef5f3564392f8aac6661c4bf))
+* 阿里云waf支持云产品接入方式应用的证书部署 ([2f7514a](https://github.com/certd/certd/commit/2f7514a2e7d89a34f833401a983149e667da911b))
+* 模版创建流水线支持随机时间 ([575415b](https://github.com/certd/certd/commit/575415b93a3e10e1c6e5644f71ddc711ea6f8adc))
+* 商业版支持配置证书申请插件参数 ([7ac789c](https://github.com/certd/certd/commit/7ac789c9c7e91cdf08dfdae1bb49186552e370e3))
+* 添加全新的未登录首页和路由配置 ([d1988dc](https://github.com/certd/certd/commit/d1988dc982440472ecf61847ccad76e4c96a80fb))
+* 添加Azure DNS插件支持及文档 ([1f1d687](https://github.com/certd/certd/commit/1f1d6873172d71fadaa5a0005e1d6f3f528096fc))
+* 添加HiPMDnsmgr DNS提供商的支持 @WUHINS ([296dcab](https://github.com/certd/certd/commit/296dcab4c7c26cb3f9da1ff748cc6a6b7d83edda))
+* 为DNS解析器添加超时配置,避免查询时间过长 ([cc5154e](https://github.com/certd/certd/commit/cc5154e04e87f648111119b4eeb4e3cb4dd6cc41))
+* 优化权威域名服务器查询超时时长 ([77db5ec](https://github.com/certd/certd/commit/77db5ecd12c51293e4de178e43ca0067bc70b46d))
+* 支持部署到nginx-proxy-manager ([2e6e9ed](https://github.com/certd/certd/commit/2e6e9ed9255bcf178edb0eb00d93a7f13c214430))
+* 支持一键安装脚本 ([dc969dd](https://github.com/certd/certd/commit/dc969dd7edb6934a29d6657afefe6f8af056741c))
+* 支持主动修改绑定url地址 ([11b7cfe](https://github.com/certd/certd/commit/11b7cfe5cb7e88e6ebd68d53acb4e5b556550ca9))
+* apisix支持v2 ([23b4658](https://github.com/certd/certd/commit/23b465867244b199bab9b61863a5ca43644834a9))
+* **technitium:** 添加Technitium DNS Server插件支持 ([edeb817](https://github.com/certd/certd/commit/edeb817c39597e4fa73a17ff4ca3f712f0320fec))
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+### Bug Fixes
+
+* 修复创建流水线无法选择通知的bug ([a88d0a6](https://github.com/certd/certd/commit/a88d0a6ae15cb6170d0b36e21daf89f0dbd5f681))
+* 修复流水线任务编辑页面复制粘贴按钮在夜间模式显示问题 ([1e549df](https://github.com/certd/certd/commit/1e549dfd431ed74e2bcdfce63e5f640c51603af3))
+* 修复用户管理添加用户无法上传头像的bug ([557e98c](https://github.com/certd/certd/commit/557e98c33f5462167d8f6289f70dad68bb114a97))
+* 修复自定义插件删除后没有反注册的bug ([df98463](https://github.com/certd/certd/commit/df9846332596d2afaba53e66d2897aa1c598f9c4))
+* 修复spaceship创建record报错的bug ([70b46d4](https://github.com/certd/certd/commit/70b46d4a8f89cf8eded21ebb237e8c8ce6c40d30))
+
+### Performance Improvements
+
+* 1panel支持先上传证书再选择证书 ([7a9eec8](https://github.com/certd/certd/commit/7a9eec88e8eddf40dba055c072b5b2b0f67c1407))
+* 部署到1panel面板支持mux模式 ([d05129e](https://github.com/certd/certd/commit/d05129ec67893b0b639003a4bca6878d128f56ad))
+* 流水线修改编辑之后，增加未保存提示 ([21620ac](https://github.com/certd/certd/commit/21620ac6bdeb57e43509156a77037fc07c44282a))
+* 修复检查全部某些情况下无效的bug，优化公共触发站点证书检查定时逻辑 ([ee53589](https://github.com/certd/certd/commit/ee535895a3166c6f9046963e28fa8f22f018b574))
+* 增加域名管理 子域名检查提醒 ([2bdf183](https://github.com/certd/certd/commit/2bdf1832da73a3728f3ac415837bc26e70531cd6))
+* 站点监控域名气泡增加端口显示 ([6ee718a](https://github.com/certd/certd/commit/6ee718a25265a9db2115343af9a1a01958f34b81))
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 ### Bug Fixes

README.md

@@ -95,7 +95,15 @@ https://certd.handfree.work/
 3. 【推荐】[1Panel面板方式部署](https://certd.docmirror.cn/guide/install/1panel/)
 4. 【推荐】[雨云一键部署](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2) ： 首充翻倍，每月仅需2.2元    
 [<img src="https://rainyun-apps.cn-nb1.rains3.com/materials/deploy-on-rainyun-cn.svg">](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2)
-5. 【不推荐】[源码方式部署 ](https://certd.docmirror.cn/guide/install/source/)
+
+5. 【推荐】[一键安装脚本](https://certd.docmirror.cn/guide/install/docker/)（自动安装 Docker，Certd）：
+```bash
+ curl -fsSL https://gitee.com/certd/certd/raw/v2/docker/run/install.sh | bash
+```
+
+6. 【不推荐】[源码方式部署 ](https://certd.docmirror.cn/guide/install/source/)
+
+
 
 #### Docker镜像说明：
 * 国内镜像地址:

docker/run/install.sh

@@ -0,0 +1,340 @@
+#!/bin/bash
+set -e
+
+CERTD_VERSION="${CERTD_VERSION:-latest}"
+INSTALL_DIR="${INSTALL_DIR:-/opt/certd}"
+COMPOSE_FILE_URL="https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml"
+COMPOSE_FILE="$INSTALL_DIR/docker-compose.yaml"
+
+DOCKER_MIRROR="https://mirrors.aliyun.com"
+
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m'
+
+log_info() {
+    echo -e "${GREEN}[INFO]${NC} $1"
+}
+
+log_warn() {
+    echo -e "${YELLOW}[WARN]${NC} $1"
+}
+
+log_error() {
+    echo -e "${RED}[ERROR]${NC} $1"
+}
+
+check_command() {
+    command -v "$1" >/dev/null 2>&1
+}
+
+get_local_ip() {
+    LOCAL_IP=$(ip route get 1.1.1.1 2>/dev/null | grep -oP 'src \K[^ ]+' | head -1)
+    if [ -z "$LOCAL_IP" ]; then
+        LOCAL_IP=$(hostname -I 2>/dev/null | awk '{print $1}')
+    fi
+    if [ -z "$LOCAL_IP" ]; then
+        LOCAL_IP="127.0.0.1"
+    fi
+    echo "$LOCAL_IP"
+}
+
+get_public_ip() {
+    PUBLIC_IP=$(curl -s --max-time 5 https://api.ipify.org 2>/dev/null)
+    if [ -z "$PUBLIC_IP" ]; then
+        PUBLIC_IP=$(curl -s --max-time 5 https://checkip.amazonaws.com 2>/dev/null)
+    fi
+    if [ -z "$PUBLIC_IP" ]; then
+        PUBLIC_IP=""
+    fi
+    echo "$PUBLIC_IP"
+}
+
+show_access_urls() {
+    LOCAL_IP=$(get_local_ip)
+    PUBLIC_IP=$(get_public_ip)
+
+    echo ""
+    echo "=========================================="
+    log_info "安装完成!"
+    echo "=========================================="
+    echo ""
+    echo "访问地址:"
+    if [ -n "$PUBLIC_IP" ]; then
+        echo -e "  ${GREEN}外网访问:${NC} http://$PUBLIC_IP:7001"
+    fi
+    echo -e "  ${GREEN}局域网:${NC}  http://$LOCAL_IP:7001"
+    echo ""
+    echo "配置文件: $COMPOSE_FILE"
+    echo ""
+    echo "常用命令:"
+    echo "  cd $INSTALL_DIR"
+    echo "  docker compose logs -f     # 查看日志"
+    echo "  docker compose restart     # 重启服务"
+    echo "  docker compose down        # 停止服务"
+    echo ""
+}
+
+detect_os() {
+    if [ -f /etc/os-release ]; then
+        . /etc/os-release
+        OS=$ID
+        VER=$VERSION_ID
+    elif [ -f /etc/centos-release ]; then
+        OS="centos"
+    elif [ -f /etc/redhat-release ]; then
+        OS="rhel"
+    else
+        OS="unknown"
+    fi
+}
+
+check_docker() {
+    if check_command docker; then
+        DOCKER_VERSION=$(docker --version 2>/dev/null | awk '{print $3}' | tr -d ',')
+        log_info "Docker 已安装: $DOCKER_VERSION"
+        return 0
+    else
+        log_warn "Docker 未安装"
+        return 1
+    fi
+}
+
+check_docker_compose() {
+    if check_command docker-compose; then
+        COMPOSE_VERSION=$(docker-compose --version 2>/dev/null | awk '{print $3}' | tr -d ',')
+        log_info "Docker Compose 已安装: $COMPOSE_VERSION"
+        return 0
+    elif docker compose version >/dev/null 2>&1; then
+        log_info "Docker Compose (插件版) 已安装"
+        return 0
+    else
+        log_warn "Docker Compose 未安装"
+        return 1
+    fi
+}
+
+install_docker_ubuntu() {
+    log_info "正在安装 Docker (Ubuntu/Debian)..."
+    apt-get update
+    apt-get install -y ca-certificates curl gnupg lsb-release
+
+    mkdir -p /etc/apt/keyrings
+    curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/${OS}/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg 2>/dev/null || \
+    curl -fsSL https://download.docker.com/linux/${OS}/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+
+    echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://mirrors.aliyun.com/docker-ce/linux/${OS} $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
+
+    apt-get update
+    apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
+    systemctl enable docker
+    systemctl start docker
+
+    log_info "Docker 安装完成"
+}
+
+install_docker_centos() {
+    log_info "正在安装 Docker (CentOS/RHEL)..."
+    yum install -y yum-utils
+    yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
+    yum install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
+    systemctl enable docker
+    systemctl start docker
+
+    log_info "Docker 安装完成"
+}
+
+install_dockerrocky() {
+    log_info "正在安装 Docker (Rocky Linux/AlmaLinux)..."
+    dnf install -y yum-utils
+    dnf config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
+    dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
+    systemctl enable docker
+    systemctl start docker
+
+    log_info "Docker 安装完成"
+}
+
+install_docker_debian() {
+    log_info "正在安装 Docker (Debian)..."
+    apt-get update
+    apt-get install -y ca-certificates curl gnupg2
+
+    mkdir -p /etc/apt/keyrings
+    curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/debian/gpg | gpg --armor -o /etc/apt/keyrings/docker.gpg 2>/dev/null || \
+    curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --armor -o /etc/apt/keyrings/docker.gpg
+
+    echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://mirrors.aliyun.com/docker-ce/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list
+
+    apt-get update
+    apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
+    systemctl enable docker
+    systemctl start docker
+
+    log_info "Docker 安装完成"
+}
+
+install_docker() {
+    detect_os
+    log_info "检测到操作系统: $OS"
+
+    case $OS in
+        ubuntu)
+            install_docker_ubuntu
+            ;;
+        debian)
+            install_docker_debian
+            ;;
+        centos)
+            install_docker_centos
+            ;;
+        rhel|rocky|almalinux)
+            install_dockerrocky
+            ;;
+        *)
+            log_error "不支持的操作系统: $OS"
+            log_info "请手动安装 Docker"
+            exit 1
+            ;;
+    esac
+}
+
+install_docker_compose_standalone() {
+    log_info "正在安装 Docker Compose (独立版本)..."
+
+    COMPOSE_URLS=(
+        "https://get.daocloud.io/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)"
+        "https://mirror.sjtu.edu.cn/github/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)"
+        "https://github.com/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)"
+    )
+
+    for url in "${COMPOSE_URLS[@]}"; do
+        log_info "尝试从: $url"
+        if curl -L "$url" -o /usr/local/bin/docker-compose 2>/dev/null; then
+            chmod +x /usr/local/bin/docker-compose
+            log_info "Docker Compose 安装完成"
+            return 0
+        fi
+        log_warn "下载失败，尝试下一个源..."
+    done
+
+    log_error "Docker Compose 安装失败"
+    return 1
+}
+
+install_docker_compose() {
+    if check_command docker && docker compose version >/dev/null 2>&1; then
+        log_info "Docker Compose 插件已可用"
+        return 0
+    fi
+
+    if check_command docker-compose; then
+        log_info "Docker Compose 独立版本已安装"
+        return 0
+    fi
+
+    install_docker_compose_standalone
+}
+
+download_compose_file() {
+    log_info "正在下载 docker-compose.yaml..."
+    mkdir -p "$INSTALL_DIR"
+
+    if curl -fsSL "$COMPOSE_FILE_URL" -o "$COMPOSE_FILE.tmp"; then
+        mv "$COMPOSE_FILE.tmp" "$COMPOSE_FILE"
+        log_info "docker-compose.yaml 已下载到 $COMPOSE_FILE"
+
+        if [ "$CERTD_VERSION" != "latest" ]; then
+            sed -i "s|certd:latest|certd:$CERTD_VERSION|g" "$COMPOSE_FILE"
+            log_info "已修改镜像版本为: $CERTD_VERSION"
+        fi
+    else
+        log_error "下载失败，请检查网络连接"
+        exit 1
+    fi
+}
+
+start_certd() {
+    log_info "正在启动 Certd 容器..."
+    cd "$INSTALL_DIR"
+
+    if docker compose -f "$COMPOSE_FILE" up -d 2>/dev/null; then
+        log_info "Certd 启动成功!"
+    elif docker-compose -f "$COMPOSE_FILE" up -d; then
+        log_info "Certd 启动成功!"
+    fi
+
+    sleep 2
+    docker ps --filter "name=certd" --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
+}
+
+show_usage() {
+    echo "用法: $0 [选项]"
+    echo ""
+    echo "选项:"
+    echo "  -v, --version VERSION    指定 Certd 版本 (默认: latest)"
+    echo "  -p, --path PATH          指定安装路径 (默认: /opt/certd)"
+    echo "  -h, --help               显示帮助信息"
+    echo ""
+    echo "示例:"
+    echo "  $0                      # 使用默认配置安装"
+    echo "  $0 -v 1.29.0            # 安装指定版本"
+    echo "  $0 -p /data/certd       # 安装到指定目录"
+}
+
+main() {
+    echo "=========================================="
+    echo "         Certd 一键安装脚本"
+    echo "=========================================="
+    echo ""
+
+    while [[ $# -gt 0 ]]; do
+        case $1 in
+            -v|--version)
+                CERTD_VERSION="$2"
+                shift 2
+                ;;
+            -p|--path)
+                INSTALL_DIR="$2"
+                COMPOSE_FILE="$INSTALL_DIR/docker-compose.yaml"
+                shift 2
+                ;;
+            -h|--help)
+                show_usage
+                exit 0
+                ;;
+            *)
+                log_error "未知选项: $1"
+                show_usage
+                exit 1
+                ;;
+        esac
+    done
+
+    log_info "Certd 版本: $CERTD_VERSION"
+    log_info "安装路径: $INSTALL_DIR"
+    echo ""
+
+    DOCKER_INSTALLED=true
+    COMPOSE_INSTALLED=true
+
+    if ! check_docker; then
+        echo ""
+        log_info "正在安装 Docker..."
+        install_docker
+    fi
+
+    if ! check_docker_compose; then
+        echo ""
+        log_info "正在安装 Docker Compose..."
+        install_docker_compose
+    fi
+
+    download_compose_file
+    start_certd
+
+    show_access_urls
+}
+
+main "$@"

docs/.vitepress/config.ts

@@ -114,6 +114,7 @@ export default defineConfig({
                         {text: "连接windows主机", link: "/guide/use/host/windows.md"},
                         {text: "Google EAB获取", link: "/guide/use/google/"},
                         {text: "阿里云相关", link: "/guide/use/aliyun/"},
+                        {text: "Azure相关", link: "/guide/use/azure/dns.md"},
                         {text: "数据备份", link: "/guide/use/backup/"},
                         {text: "Certd本身的证书更新", link: "/guide/use/https/index.md"},
                         {text: "js脚本插件使用", link: "/guide/use/custom-script/index.md"},

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,66 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+### Bug Fixes
+
+* 调整手机版首页标题被挤开的bug ([eab66e2](https://github.com/certd/certd/commit/eab66e2d1988635985745f2d1b227b958969ee00))
+* 修复腾讯云clb部署报缺少sslmode参数的bug ([2f1ad72](https://github.com/certd/certd/commit/2f1ad7201f5ed9e00368a28b9e40907d4b415852))
+
+### Performance Improvements
+
+* 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
+* 阿里云证书订单支持获取2.0的订单 ([64b3184](https://github.com/certd/certd/commit/64b3184b286fee996002d857b0de588452abdadd))
+* 优化流水线执行时的状态保存性能 ([e00830b](https://github.com/certd/certd/commit/e00830bebcfe6344499e490bc174de96f9fb22d6))
+* 增加权威NS检查开关，某些用户服务器禁止向黑名单NS服务器发请求 ([1aa50cf](https://github.com/certd/certd/commit/1aa50cf53a0deab752f35ec973912e41ab8161b6))
+* 支持页脚自定义 ([c985a13](https://github.com/certd/certd/commit/c985a13544aa31b0eb0783f9a3193a7e8bdc6ed6))
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+### Bug Fixes
+
+* 修复列表页面底部滚动条与表格之间有空白间隙的bug ([71cfcad](https://github.com/certd/certd/commit/71cfcad2a15aac0badd85a10c4012a1e713654d1))
+* 修复流水线未编辑模式下也提示未保存的bug ([64a3503](https://github.com/certd/certd/commit/64a350364d820725b5e69d22ac2416809092f97d))
+* 修复商业版设置了公共eab，创建流水线仍然会显示需要配置eab的bug ([24dff05](https://github.com/certd/certd/commit/24dff05f6427dadec1e40350214c0167e1d6a73d))
+* 修复站点监控某些情况下获取不到证书的bug ([a2bbc7e](https://github.com/certd/certd/commit/a2bbc7e27298821d75a36abac6ec05d86dcf51f4))
+
+### Performance Improvements
+
+*  支持google dns插件 ([edc7bfc](https://github.com/certd/certd/commit/edc7bfc23043c2c6ef5f3564392f8aac6661c4bf))
+* 阿里云waf支持云产品接入方式应用的证书部署 ([2f7514a](https://github.com/certd/certd/commit/2f7514a2e7d89a34f833401a983149e667da911b))
+* 模版创建流水线支持随机时间 ([575415b](https://github.com/certd/certd/commit/575415b93a3e10e1c6e5644f71ddc711ea6f8adc))
+* 商业版支持配置证书申请插件参数 ([7ac789c](https://github.com/certd/certd/commit/7ac789c9c7e91cdf08dfdae1bb49186552e370e3))
+* 添加全新的未登录首页和路由配置 ([d1988dc](https://github.com/certd/certd/commit/d1988dc982440472ecf61847ccad76e4c96a80fb))
+* 添加Azure DNS插件支持及文档 ([1f1d687](https://github.com/certd/certd/commit/1f1d6873172d71fadaa5a0005e1d6f3f528096fc))
+* 添加HiPMDnsmgr DNS提供商的支持 @WUHINS ([296dcab](https://github.com/certd/certd/commit/296dcab4c7c26cb3f9da1ff748cc6a6b7d83edda))
+* 为DNS解析器添加超时配置,避免查询时间过长 ([cc5154e](https://github.com/certd/certd/commit/cc5154e04e87f648111119b4eeb4e3cb4dd6cc41))
+* 优化权威域名服务器查询超时时长 ([77db5ec](https://github.com/certd/certd/commit/77db5ecd12c51293e4de178e43ca0067bc70b46d))
+* 支持部署到nginx-proxy-manager ([2e6e9ed](https://github.com/certd/certd/commit/2e6e9ed9255bcf178edb0eb00d93a7f13c214430))
+* 支持一键安装脚本 ([dc969dd](https://github.com/certd/certd/commit/dc969dd7edb6934a29d6657afefe6f8af056741c))
+* 支持主动修改绑定url地址 ([11b7cfe](https://github.com/certd/certd/commit/11b7cfe5cb7e88e6ebd68d53acb4e5b556550ca9))
+* apisix支持v2 ([23b4658](https://github.com/certd/certd/commit/23b465867244b199bab9b61863a5ca43644834a9))
+* **technitium:** 添加Technitium DNS Server插件支持 ([edeb817](https://github.com/certd/certd/commit/edeb817c39597e4fa73a17ff4ca3f712f0320fec))
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+### Bug Fixes
+
+* 修复创建流水线无法选择通知的bug ([a88d0a6](https://github.com/certd/certd/commit/a88d0a6ae15cb6170d0b36e21daf89f0dbd5f681))
+* 修复流水线任务编辑页面复制粘贴按钮在夜间模式显示问题 ([1e549df](https://github.com/certd/certd/commit/1e549dfd431ed74e2bcdfce63e5f640c51603af3))
+* 修复用户管理添加用户无法上传头像的bug ([557e98c](https://github.com/certd/certd/commit/557e98c33f5462167d8f6289f70dad68bb114a97))
+* 修复自定义插件删除后没有反注册的bug ([df98463](https://github.com/certd/certd/commit/df9846332596d2afaba53e66d2897aa1c598f9c4))
+* 修复spaceship创建record报错的bug ([70b46d4](https://github.com/certd/certd/commit/70b46d4a8f89cf8eded21ebb237e8c8ce6c40d30))
+
+### Performance Improvements
+
+* 1panel支持先上传证书再选择证书 ([7a9eec8](https://github.com/certd/certd/commit/7a9eec88e8eddf40dba055c072b5b2b0f67c1407))
+* 部署到1panel面板支持mux模式 ([d05129e](https://github.com/certd/certd/commit/d05129ec67893b0b639003a4bca6878d128f56ad))
+* 流水线修改编辑之后，增加未保存提示 ([21620ac](https://github.com/certd/certd/commit/21620ac6bdeb57e43509156a77037fc07c44282a))
+* 修复检查全部某些情况下无效的bug，优化公共触发站点证书检查定时逻辑 ([ee53589](https://github.com/certd/certd/commit/ee535895a3166c6f9046963e28fa8f22f018b574))
+* 增加域名管理 子域名检查提醒 ([2bdf183](https://github.com/certd/certd/commit/2bdf1832da73a3728f3ac415837bc26e70531cd6))
+* 站点监控域名气泡增加端口显示 ([6ee718a](https://github.com/certd/certd/commit/6ee718a25265a9db2115343af9a1a01958f34b81))
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 ### Bug Fixes

docs/guide/install/docker/index.md

@@ -2,7 +2,23 @@
 
 ## 一、安装
 
-### 1. 环境准备
+### 一键脚本安装（推荐）
+
+如果您的服务器未安装 Docker，该脚本会自动为您安装 Docker 和 Docker Compose，并启动 Certd 容器。
+
+```bash
+curl -fsSL https://gitee.com/certd/certd/raw/v2/docker/run/install.sh | bash
+```
+
+> 支持 Ubuntu、Debian、CentOS、Rocky Linux、AlmaLinux 等主流发行版。    
+> docker-compose文件目录：`/opt/certd` ，升级时需要先进入此目录
+> 运行时数据默认保存路径：`/data/certd` ，可使用参数指定：`-p /data/certd` 
+   
+
+
+###  手动安装
+
+#### 1. 环境准备
 
 1.1  准备一台云服务器
 
@@ -19,9 +35,9 @@ https://docs.docker.com/engine/install/
 
 ```bash
 # 随便创建一个目录
-mkdir certd
+mkdir /opt/certd
 # 进入目录
-cd certd
+cd /opt/certd
 # 下载docker-compose.yaml文件，或者手动下载放到certd目录下
 wget https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
 
@@ -54,12 +70,12 @@ https://your_server_ip:7002
 记得修改密码  
 
 
-## 二、升级
+## 二、升级Certd
 
 ::: warning   
 如果您是第一次升级certd版本，切记切记先备份一下数据    
 ```
-# docker-compose.yaml配置
+# 查看/opt/certd/docker-compose.yaml配置
 - /data/certd:/app/data   # 请务必确保 /app/data 这个路径没有改动，固定写死
 ```
 :::
@@ -71,6 +87,7 @@ https://your_server_ip:7002
 
 ### 如果使用`latest`版本
 ```shell
+cd /opt/certd
 #重新拉取镜像
 docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
 # 重新启动容器

docs/guide/plugins/access.md

@@ -20,61 +20,65 @@
 | 16.| **APISIX授权** |  | 
 | 17.| **亚马逊云aws授权** |  | 
 | 18.| **亚马逊云科技（国区）授权** |  | 
-| 19.| **BIND9 DNS 授权** | 通过 SSH 连接到 BIND9 服务器，使用 nsupdate 命令管理 DNS 记录 | 
-| 20.| **CacheFly** | CacheFly | 
-| 21.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
-| 22.| **google cloud** | 谷歌云授权 | 
-| 23.| **cloudflare授权** |  | 
-| 24.| **中国移动CND授权** |  | 
-| 25.| **授权插件示例** | 这是一个示例授权插件，用于演示如何实现一个授权插件 | 
-| 26.| **dns.la授权** |  | 
-| 27.| **彩虹DNS** | 彩虹DNS管理系统授权 | 
-| 28.| **多吉云** |  | 
-| 29.| **Dokploy授权** |  | 
-| 30.| **farcdn授权** |  | 
-| 31.| **FlexCDN授权** |  | 
-| 32.| **Gcore** | Gcore | 
-| 33.| **Github授权** |  | 
-| 34.| **godaddy授权** |  | 
-| 35.| **金山云授权** |  | 
-| 36.| **FTP授权** |  | 
-| 37.| **七牛OSS授权** |  | 
-| 38.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
-| 39.| **s3/minio授权** | S3/minio oss授权 | 
-| 40.| **namesilo授权** |  | 
-| 41.| **Next Terminal 授权** | 用于访问 Next Terminal API 的授权配置 | 
-| 42.| **1panel授权** | 账号和密码 | 
-| 43.| **支付宝** |  | 
-| 44.| **白山云授权** |  | 
-| 45.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
-| 46.| **cdnfly授权** |  | 
-| 47.| **k8s授权** |  | 
-| 48.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 49.| **LeCDN授权** |  | 
-| 50.| **lucky** |  | 
-| 51.| **猫云授权** |  | 
-| 52.| **plesk授权** |  | 
-| 53.| **长亭雷池授权** |  | 
-| 54.| **群晖登录授权** |  | 
-| 55.| **uniCloud** | unicloud授权 | 
-| 56.| **微信支付** |  | 
-| 57.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
-| 58.| **易发云短信** | sms.yfyidc.cn/ | 
-| 59.| **易盾DCDN授权** | https://user.yiduncdn.com | 
-| 60.| **易支付** |  | 
-| 61.| **proxmox** |  | 
-| 62.| **Spaceship.com 授权** | Spaceship.com API 授权插件 | 
-| 63.| **UCloud授权** | 优刻得授权 | 
-| 64.| **又拍云** |  | 
-| 65.| **网宿授权** |  | 
-| 66.| **西部数码授权** |  | 
-| 67.| **我爱云授权** | 我爱云CDN | 
-| 68.| **新网授权（代理方式）** |  | 
-| 69.| **新网授权** |  | 
-| 70.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
-| 71.| **Zenlayer授权** | Zenlayer授权 | 
-| 72.| **GoEdge授权** |  | 
-| 73.| **雨云授权** | https://app.rainyun.com/ | 
+| 19.| **微软云Azure授权** |  | 
+| 20.| **BIND9 DNS 授权** | 通过 SSH 连接到 BIND9 服务器，使用 nsupdate 命令管理 DNS 记录 | 
+| 21.| **CacheFly** | CacheFly | 
+| 22.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
+| 23.| **google cloud** | 谷歌云授权 | 
+| 24.| **cloudflare授权** |  | 
+| 25.| **中国移动CND授权** |  | 
+| 26.| **授权插件示例** | 这是一个示例授权插件，用于演示如何实现一个授权插件 | 
+| 27.| **dns.la授权** |  | 
+| 28.| **彩虹DNS** | 彩虹DNS管理系统授权 | 
+| 29.| **多吉云** |  | 
+| 30.| **Dokploy授权** |  | 
+| 31.| **farcdn授权** |  | 
+| 32.| **FlexCDN授权** |  | 
+| 33.| **Gcore** | Gcore | 
+| 34.| **Github授权** |  | 
+| 35.| **godaddy授权** |  | 
+| 36.| **HiPM DNSMgr** | HiPM DNSMgr API Token 授权 | 
+| 37.| **金山云授权** |  | 
+| 38.| **FTP授权** |  | 
+| 39.| **七牛OSS授权** |  | 
+| 40.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
+| 41.| **s3/minio授权** | S3/minio oss授权 | 
+| 42.| **namesilo授权** |  | 
+| 43.| **Next Terminal 授权** | 用于访问 Next Terminal API 的授权配置 | 
+| 44.| **Nginx Proxy Manager 授权** | 用于登录 Nginx Proxy Manager，并为代理主机证书部署提供授权。 | 
+| 45.| **1panel授权** | 账号和密码 | 
+| 46.| **支付宝** |  | 
+| 47.| **白山云授权** |  | 
+| 48.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
+| 49.| **cdnfly授权** |  | 
+| 50.| **k8s授权** |  | 
+| 51.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 52.| **LeCDN授权** |  | 
+| 53.| **lucky** |  | 
+| 54.| **猫云授权** |  | 
+| 55.| **plesk授权** |  | 
+| 56.| **长亭雷池授权** |  | 
+| 57.| **群晖登录授权** |  | 
+| 58.| **uniCloud** | unicloud授权 | 
+| 59.| **微信支付** |  | 
+| 60.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 61.| **易发云短信** | sms.yfyidc.cn/ | 
+| 62.| **易盾DCDN授权** | https://user.yiduncdn.com | 
+| 63.| **易支付** |  | 
+| 64.| **proxmox** |  | 
+| 65.| **Spaceship.com 授权** | Spaceship.com API 授权插件 | 
+| 66.| **Technitium DNS Server** | Technitium DNS Server 自建DNS服务器授权 | 
+| 67.| **UCloud授权** | 优刻得授权 | 
+| 68.| **又拍云** |  | 
+| 69.| **网宿授权** |  | 
+| 70.| **西部数码授权** |  | 
+| 71.| **我爱云授权** | 我爱云CDN | 
+| 72.| **新网授权（代理方式）** |  | 
+| 73.| **新网授权** |  | 
+| 74.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
+| 75.| **Zenlayer授权** | Zenlayer授权 | 
+| 76.| **GoEdge授权** |  | 
+| 77.| **雨云授权** | https://app.rainyun.com/ | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/deploy.md

@@ -1,12 +1,12 @@
 # 任务插件
-共 `129` 款任务插件    
+共 `131` 款任务插件    
 ## 1. 证书申请
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **证书申请（JS版）** | 免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
 | 2.| **已有证书托管** | 手动上传自定义证书后，自动部署（每次证书有更新，都需要手动上传一次） | 
-| 3.| **获取阿里云订阅证书** | 从阿里云拉取订阅模式的商用证书 | 
+| 3.| **获取阿里云订阅证书** | 从阿里云拉取订阅模式的商用证书（支持 API 1.0 和 2.0） | 
 | 4.| **证书申请（Lego）** | 支持海量DNS解析提供商，推荐使用，一样的免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
 ## 2. 主机
 
@@ -58,25 +58,26 @@
 | 3.| **Dokploy-部署server证书** | 自动更新Dokploy server证书 | 
 | 4.| **飞牛NAS-部署证书** |  | 
 | 5.| **NextTerminal-更新证书** | 更新 Next Terminal 证书 | 
-| 6.| **1Panel-部署面板证书** | 更新1Panel的面板证书 | 
-| 7.| **1Panel-更新站点证书** | 更新1Panel的站点证书 | 
-| 8.| **宝塔-删除过期证书** | 删除证书夹中过期证书 | 
-| 9.| **宝塔-WAF证书部署** | 部署宝塔云WAF/aaWAF | 
-| 10.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
-| 11.| **宝塔win-网站证书部署** | 部署到Windows版宝塔管理的站点的ssl证书 | 
-| 12.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持宝塔网站站点、docker站点等。本插件也支持aaPanel。 | 
-| 13.| **K8S-Apply自定义yaml** | apply自定义yaml到k8s | 
-| 14.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
-| 15.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
-| 16.| **lucky-更新Lucky证书** |  | 
-| 17.| **Plesk-部署Plesk网站证书** |  | 
-| 18.| **Plesk-更新证书** | 不会创建新证书记录，直接更新旧的证书 | 
-| 19.| **雷池-更新证书（支持控制台和防护应用）** | 更新长亭雷池WAF的证书，支持更新控制台和防护应用的证书。 | 
-| 20.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
-| 21.| **群晖-刷新OTP登录有效期** | 群晖登录状态可能30天失效，需要在失效之前登录一次，刷新有效期，您可以将其放在“部署到群晖面板”任务之后 | 
-| 22.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
-| 23.| **Proxmox-上传证书到Proxmox** |  | 
-| 24.| **威联通-部署证书到威联通** | 部署证书到qnap | 
+| 6.| **Nginx Proxy Manager-部署到主机** | 上传自定义证书到 Nginx Proxy Manager，并绑定到所选主机。 | 
+| 7.| **1Panel-部署面板证书** | 更新1Panel的面板证书 | 
+| 8.| **1Panel-更新站点证书** | 更新1Panel的站点证书 | 
+| 9.| **宝塔-删除过期证书** | 删除证书夹中过期证书 | 
+| 10.| **宝塔-WAF证书部署** | 部署宝塔云WAF/aaWAF | 
+| 11.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
+| 12.| **宝塔win-网站证书部署** | 部署到Windows版宝塔管理的站点的ssl证书 | 
+| 13.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持宝塔网站站点、docker站点等。本插件也支持aaPanel。 | 
+| 14.| **K8S-Apply自定义yaml** | apply自定义yaml到k8s | 
+| 15.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
+| 16.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
+| 17.| **lucky-更新Lucky证书** |  | 
+| 18.| **Plesk-部署Plesk网站证书** |  | 
+| 19.| **Plesk-更新证书** | 不会创建新证书记录，直接更新旧的证书 | 
+| 20.| **雷池-更新证书（支持控制台和防护应用）** | 更新长亭雷池WAF的证书，支持更新控制台和防护应用的证书。 | 
+| 21.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
+| 22.| **群晖-刷新OTP登录有效期** | 群晖登录状态可能30天失效，需要在失效之前登录一次，刷新有效期，您可以将其放在“部署到群晖面板”任务之后 | 
+| 23.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
+| 24.| **Proxmox-上传证书到Proxmox** |  | 
+| 25.| **威联通-部署证书到威联通** | 部署证书到qnap | 
 ## 5. 阿里云
 
 | 序号 | 名称 | 说明 |
@@ -96,8 +97,9 @@
 | 13.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
 | 14.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) | 
 | 15.| **阿里云-部署至VOD** | 部署证书到阿里云视频点播（vod） | 
-| 16.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
-| 17.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
+| 16.| **阿里云-部署至阿里云WAF(云产品接入)** | 部署证书到阿里云WAF(云产品接入)，CNAME方式接入的请选择另外一个waf插件 | 
+| 17.| **阿里云-部署至阿里云WAF(cname接入)** | 部署证书到阿里云WAF(cname接入)，云资源的请选择另外一个waf插件 | 
+| 18.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
 ## 6. 华为云
 
 | 序号 | 名称 | 说明 |

docs/guide/plugins/dns-provider.md

@@ -5,25 +5,29 @@
 | 1.| **阿里ESA** | 阿里ESA DNS解析 | 
 | 2.| **阿里云** | 阿里云DNS解析提供商 | 
 | 3.| **AWS Route53** | AWS Route53 DNS解析提供商 | 
-| 4.| **火山引擎** | 火山引擎DNS解析提供商 | 
-| 5.| **京东云** | 京东云DNS解析提供商 | 
-| 6.| **新网(代理方式)** | 新网域名解析(代理方式) | 
-| 7.| **新网** | 新网域名解析 | 
-| 8.| **BIND9 DNS** | 通过 SSH 连接到 BIND9 服务器，使用 nsupdate 命令管理 DNS 记录 | 
-| 9.| **cloudflare** | cloudflare dns provider | 
-| 10.| **dns.la** | dns.la | 
-| 11.| **godaddy** | GoDaddy | 
-| 12.| **华为云** | 华为云DNS解析提供商 | 
-| 13.| **namesilo** | namesilo dns provider | 
-| 14.| **雨云** | 雨云DNS解析提供商 | 
-| 15.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
-| 16.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
-| 17.| **西部数码** | west dns provider | 
-| 18.| **Dns提供商Demo** | dns provider示例 | 
-| 19.| **彩虹DNS** | 彩虹DNS管理系统 | 
-| 20.| **Spaceship** | Spaceship 域名解析 | 
-| 21.| **51dns** | 51DNS | 
-| 22.| **新网互联** | 新网互联 | 
+| 4.| **Azure DNS** | Azure DNS 解析提供商 | 
+| 5.| **火山引擎** | 火山引擎DNS解析提供商 | 
+| 6.| **京东云** | 京东云DNS解析提供商 | 
+| 7.| **新网(代理方式)** | 新网域名解析(代理方式) | 
+| 8.| **新网** | 新网域名解析 | 
+| 9.| **BIND9 DNS** | 通过 SSH 连接到 BIND9 服务器，使用 nsupdate 命令管理 DNS 记录 | 
+| 10.| **cloudflare** | cloudflare dns provider | 
+| 11.| **dns.la** | dns.la | 
+| 12.| **godaddy** | GoDaddy | 
+| 13.| **HiPM DNSMgr** | HiPM DNSMgr DNS 解析提供商 | 
+| 14.| **华为云** | 华为云DNS解析提供商 | 
+| 15.| **namesilo** | namesilo dns provider | 
+| 16.| **雨云** | 雨云DNS解析提供商 | 
+| 17.| **Technitium DNS Server** | Technitium DNS Server 自建DNS服务器 | 
+| 18.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
+| 19.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
+| 20.| **西部数码** | west dns provider | 
+| 21.| **Google Cloud DNS** | Google Cloud DNS提供商 | 
+| 22.| **Dns提供商Demo** | dns provider示例 | 
+| 23.| **彩虹DNS** | 彩虹DNS管理系统 | 
+| 24.| **Spaceship** | Spaceship 域名解析 | 
+| 25.| **51dns** | 51DNS | 
+| 26.| **新网互联** | 新网互联 | 
 
 <style module>
 table th:first-of-type {

docs/guide/use/azure/dns.md

@@ -0,0 +1,28 @@
+# Azure 配置
+
+## Access授权配置
+
+1. 登录 Azure 并创建一个资源组 【可选，如果已经有了可以不用创建】
+2. 创建一个应用程序
+Microsoft Entra ID - 》 应用注册 - 》 新注册
+![](./images/access-1.png)
+![](./images/access-2.png)
+
+3. 配置授权
+![](./images/access-3.png)
+
+4. 点击测试
+
+## Azure DNS 配置
+
+1. 创建一个 DNS 区域(就是一个域名)
+![](./images/dns-1.png)
+![](./images/dns-2.png)
+
+2. 为这个域名和上面创建的授权应用分配角色
+![](./images/dns-3.png)
+![](./images/dns-4.png)
+![](./images/dns-5.png)
+
+3. 然后就可以给dns区域去申请证书了
+

docs/guide/use/google/index.md

@@ -26,16 +26,20 @@ Created an external account key
 [b64MacKey: xxxxxxxxxxxxxxxx
 keyId: xxxxxxxxxxxxx]
 ```
+![](./images/google-eab.png)
 
 3. 到Certd中，创建一条EAB授权记录，填写keyId(=kid) 和 b64MacKey 信息    
    注意：keyId没有`]`结尾，不要把`]`也复制了   
 
-注意：EAB授权使用过一次之后，会绑定邮箱，后续再次使用时，要使用相同的邮箱    
+注意：EAB授权使用过一次之后，会绑定邮箱，后续再次使用时，要使用相同的邮箱，所以邮箱切记不要修改    
 否则会报错 `Unknown external account binding (EAB) key. This may be due to the EAB key expiring which occurs 7 days after creation`
 
-### 2.2 通过服务账号获取EAB
+4. 创建证书流水线，选择证书提供商为google，选择EAB授权，运行流水线申请证书
 
-此方式可以自动EAB，需要配置代理
+
+### 2.2 通过google服务账号接口获取授权
+
+此方式可以自动获取EAB，需要服务端配置代理
 
 1. 创建服务账号    
 https://console.cloud.google.com/projectselector2/iam-admin/serviceaccounts/create?walkthrough_id=iam--create-service-account&hl=zh-cn#step_index=1
@@ -48,9 +52,7 @@ https://console.cloud.google.com/projectselector2/iam-admin/serviceaccounts/crea
 7. 点击`添加密钥`->`创建新密钥`->`JSON`，下载密钥文件
 8. 将json文件内容粘贴到 certd中 Google服务授权输入框中
 
+9. 创建证书流水线，选择证书提供商为google， 选择服务账号授权，运行流水线申请证书
 
-## 3、 创建证书流水线
-选择证书提供商为google， 选择EAB授权 或 服务账号授权
 
-## 4、 其他就跟正常申请证书一样了
 

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.39.9"
+  "version": "1.39.12"
 }

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/publishlab/node-acme-client/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+### Performance Improvements
+
+* 增加权威NS检查开关，某些用户服务器禁止向黑名单NS服务器发请求 ([1aa50cf](https://github.com/publishlab/node-acme-client/commit/1aa50cf53a0deab752f35ec973912e41ab8161b6))
+
+## [1.39.11](https://github.com/publishlab/node-acme-client/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+### Performance Improvements
+
+* 为DNS解析器添加超时配置,避免查询时间过长 ([cc5154e](https://github.com/publishlab/node-acme-client/commit/cc5154e04e87f648111119b4eeb4e3cb4dd6cc41))
+* 优化权威域名服务器查询超时时长 ([77db5ec](https://github.com/publishlab/node-acme-client/commit/77db5ecd12c51293e4de178e43ca0067bc70b46d))
+* **technitium:** 添加Technitium DNS Server插件支持 ([edeb817](https://github.com/publishlab/node-acme-client/commit/edeb817c39597e4fa73a17ff4ca3f712f0320fec))
+
+## [1.39.10](https://github.com/publishlab/node-acme-client/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.39.9](https://github.com/publishlab/node-acme-client/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.39.9",
+    "version": "1.39.12",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.39.9",
+        "@certd/basic": "^1.39.12",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.9.0",
@@ -70,5 +70,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "1c634a702af9298d25542acc270d68f71d9b1049"
+    "gitHead": "898bc9b9f2f75df11ea0803b144862ba98b7511a"
 }

packages/core/acme-client/src/auto.js

@@ -21,7 +21,8 @@ const defaultOpts = {
     },
     challengeRemoveFn: async () => {
         throw new Error("Missing challengeRemoveFn()");
-    }
+    },
+    waitDnsDiffuseTime: 30,
 };
 
 /**

packages/core/acme-client/src/client.js

@@ -494,7 +494,7 @@ class AcmeClient {
             throw new Error('Unable to verify ACME challenge, URL not found');
         }
 
-        const {challenges} = createChallengeFn({logger:this.logger});
+        const {challenges} = createChallengeFn({logger:this.logger,walkFromAuthoritative: this.opts.walkFromAuthoritative});
  
         const verify = challenges
         if (typeof verify[challenge.type] === 'undefined') {
@@ -577,7 +577,7 @@ class AcmeClient {
 
         const verifyFn = async (abort) => {
             if (this.opts.signal && this.opts.signal.aborted) {
-                abort();
+                abort(true);
                 throw new CancelError('用户取消');
             }
 

packages/core/acme-client/src/util.js

@@ -50,15 +50,18 @@ class Backoff {
 
 async function retryPromise(fn, attempts, backoff, logger = log) {
     let aborted = false;
+    let abortedFromUser = false;
 
     try {
-        const setAbort = () => { aborted = true; }
+        const setAbort = (fromUser = false) => { aborted = true; abortedFromUser = fromUser; }
         const data = await fn(setAbort);
         return data;
     }
     catch (e) {
         if (aborted){
+            if (abortedFromUser){
                 logger(`用户取消重试`);
+            }
             throw e;
         }
         if ( ((backoff.attempts + 1) >= attempts)) {
@@ -249,7 +252,7 @@ async function resolveDomainBySoaRecord(recordName, logger = log) {
 
 async function getAuthoritativeDnsResolver(recordName, logger = log) {
     logger(`获取域名${recordName}的权威NS服务器: `);
-    const resolver = new dns.Resolver();
+    const resolver = new dns.Resolver({timeout: 2000,tries: 2});
 
     try {
         /* Resolve root domain by SOA */
@@ -349,3 +352,5 @@ export {
     resolveDomainBySoaRecord
 };
 
+
+

packages/core/acme-client/src/verify.js

@@ -12,6 +12,10 @@ import {utils} from '@certd/basic'
 
 const dns = dnsSdk.promises
 
+let walkFromAuthoritative = true
+export function setWalkFromAuthoritative(value = true) {
+    walkFromAuthoritative = value
+}
 
 export function createChallengeFn(opts = {}) {
     const logger = opts?.logger || { info: defaultLog, error: defaultLog, warn: defaultLog, debug: defaultLog }
@@ -88,11 +92,11 @@ async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
 
         let records = [];
 
+        const isAuthoritative = resolver === dns
         /* Resolve TXT records */
         try {
-        log(`检查域名 ${recordName} 的TXT记录`);
+            log(`检查域名 ${recordName} 的TXT记录(from ${isAuthoritative ? '本地DNS' : '权威DNS服务器'})`);
             const txtRecords = await resolver.resolveTxt(recordName);
-
             if (txtRecords && txtRecords.length) {
                 log(`找到 ${txtRecords.length} 条 TXT记录（ ${recordName}）`);
                 log(`TXT records: ${JSON.stringify(txtRecords)}`);
@@ -145,6 +149,7 @@ async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
             log(`本地获取TXT解析记录失败:${e.message}`)
         }
 
+        if (walkFromAuthoritative !==false) {
             try {
                 /* Authoritative DNS resolver */
                 log(`从域名权威服务器获取TXT解析记录`);
@@ -158,6 +163,10 @@ async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
             } catch (e) {
                 log(`权威服务器获取TXT解析记录失败:${e.message}`)
             }
+        }else{
+            log(`跳过从权威服务器获取TXT解析记录`);
+        }
+
 
         if (txtRecords.length === 0) {
             throw new Error(`没有找到TXT解析记录（${recordName}）`);
@@ -180,7 +189,7 @@ async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
     async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
         const recordName = `${prefix}${authz.identifier.value}`;
         log(`本地校验TXT记录）: ${recordName}`);
-    let recordValues = await walkTxtRecord(recordName);
+        let recordValues = await walkTxtRecord(recordName, 0, walkFromAuthoritative);
         //去重
         recordValues = [...new Set(recordValues)];
         log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录：${recordValues}`);
@@ -227,6 +236,11 @@ async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
             'tls-alpn-01': verifyTlsAlpnChallenge,
         },
         walkTxtRecord,
+        walkDnsChallengeRecord,
     }
 
 }
+
+
+
+// createChallengeFn({logger:{info:console.log}}).walkDnsChallengeRecord("handsfree.work")

packages/core/acme-client/types/index.d.ts

@@ -68,6 +68,7 @@ export interface ClientAutoOptions {
     preferredChain?: string;
     signal?: AbortSignal;
     profile?:string;
+    waitDnsDiffuseTime?: number;
 }
 
 export class Client {
@@ -219,3 +220,5 @@ export function getAuthoritativeDnsResolver(record:string): Promise<any>;
 export const CancelError: typeof CancelError;
 
 export function resolveDomainBySoaRecord(domain: string): Promise<string>;
+
+export function setWalkFromAuthoritative(value = true): void;

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+### Performance Improvements
+
+* 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+### Performance Improvements
+
+* 流水线修改编辑之后，增加未保存提示 ([21620ac](https://github.com/certd/certd/commit/21620ac6bdeb57e43509156a77037fc07c44282a))
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 ### Performance Improvements

packages/core/basic/build.md

@@ -1 +1 @@
-01:21
+23:06

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.39.9",
+  "version": "1.39.12",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -47,5 +47,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1c634a702af9298d25542acc270d68f71d9b1049"
+  "gitHead": "898bc9b9f2f75df11ea0803b144862ba98b7511a"
 }

packages/core/basic/src/utils/util.request.ts

@@ -111,8 +111,13 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
       if (config.logData == null) {
         config.logData = false;
       }
+      if (config.logReq == null) {
+        config.logReq = true;
+      }
 
+      if (config.logReq !== false) {
         logger.info(`http request:${config.url}，method:${config.method}`);
+      }
       if (config.logParams !== false && config.params) {
         logger.info(`params:${JSON.stringify(config.params)}`);
       }
@@ -126,7 +131,7 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
       if (config.skipSslVerify || config.httpProxy) {
         let rejectUnauthorized = true;
         if (config.skipSslVerify) {
-          logger.info("跳过SSL验证");
+          logger.info("忽略接口请求的SSL校验");
           rejectUnauthorized = false;
         }
         const proxy: any = {};
@@ -151,10 +156,11 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
 
       config.retry = merge(
         {
-          status: [421],
+          status: [421, 524],
           count: 0,
           max: 3,
-          delay: 1000,
+          delay: 2000,
+          includes: ["[524]"],
         },
         config.retry
       );
@@ -273,7 +279,19 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
       const originalRequest = error.config || {};
       // logger.info(`config`, originalRequest);
       const retry = originalRequest.retry || {};
-      if (retry.status && retry.status.includes(status)) {
+
+      const isRetryStatus = retry.status && retry.status.includes(status);
+      let isRetryMessage = false;
+      if (retry.includes) {
+        for (const item of retry.includes) {
+          if (error.message?.includes(item)) {
+            isRetryMessage = true;
+            break;
+          }
+        }
+      }
+
+      if (isRetryStatus || isRetryMessage) {
         if (retry.max > 0 && retry.count < retry.max) {
           // 重试次数增加
           retry.count++;
@@ -301,6 +319,7 @@ export type HttpClientResponse<R> = any;
 export type HttpRequestConfig<D = any> = {
   skipSslVerify?: boolean;
   skipCheckRes?: boolean;
+  logReq?: boolean;
   logParams?: boolean;
   logRes?: boolean;
   logData?: boolean;

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,23 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+### Performance Improvements
+
+* 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
+* 优化流水线执行时的状态保存性能 ([e00830b](https://github.com/certd/certd/commit/e00830bebcfe6344499e490bc174de96f9fb22d6))
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+### Performance Improvements
+
+* 支持一键安装脚本 ([dc969dd](https://github.com/certd/certd/commit/dc969dd7edb6934a29d6657afefe6f8af056741c))
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 ### Performance Improvements

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.39.9",
+  "version": "1.39.12",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -18,8 +18,8 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.39.9",
-    "@certd/plus-core": "^1.39.9",
+    "@certd/basic": "^1.39.12",
+    "@certd/plus-core": "^1.39.12",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -45,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1c634a702af9298d25542acc270d68f71d9b1049"
+  "gitHead": "898bc9b9f2f75df11ea0803b144862ba98b7511a"
 }

packages/core/pipeline/src/access/api.ts

@@ -65,4 +65,8 @@ export abstract class BaseAccess implements IAccess {
     }
     throw new Error(`action ${req.action} not found`);
   }
+
+  normalizeEndpoint(endpoint: string) {
+    return endpoint.replace(/\/$/, "");
+  }
 }

packages/core/pipeline/src/core/executor.ts

@@ -23,6 +23,7 @@ export type ExecutorOptions = {
   pipeline: Pipeline;
   storage: IStorage;
   onChanged: (history: RunHistory) => Promise<void>;
+  onFinished: (history: RunHistory) => Promise<void>;
   accessService: IAccessService;
   emailService: IEmailService;
   notificationService: INotificationService;
@@ -47,16 +48,19 @@ export class Executor {
   lastRuntime!: RunHistory;
   options: ExecutorOptions;
   abort: AbortController = new AbortController();
-
   _inited = false;
 
   onChanged: (history: RunHistory) => Promise<void>;
+  onFinished: (history: RunHistory) => Promise<void>;
   constructor(options: ExecutorOptions) {
     this.options = options;
     this.pipeline = cloneDeep(options.pipeline);
     this.onChanged = async (history: RunHistory) => {
       await options.onChanged(history);
     };
+    this.onFinished = async (history: RunHistory) => {
+      await options.onFinished(history);
+    };
     this.pipeline.userId = options.user.id;
     this.contextFactory = new ContextFactory(options.storage);
     this.logger = logger;
@@ -77,7 +81,7 @@ export class Executor {
   async cancel() {
     this.abort.abort();
     this.runtime?.cancel(this.pipeline);
-    await this.onChanged(this.runtime);
+    await this.onFinished(this.runtime);
   }
 
   async run(runtimeId: any = 0, triggerType: string) {
@@ -111,7 +115,7 @@ export class Executor {
       this.logger.error("pipeline 执行失败", e);
     } finally {
       clearInterval(intervalFlushLogId);
-      await this.onChanged(this.runtime);
+      await this.onFinished(this.runtime);
       //保存之前移除logs
       const lastRuntime: any = {
         ...this.runtime,

packages/core/pipeline/src/dt/pipeline.ts

@@ -87,6 +87,7 @@ export type Notification = {
   options?: EmailOptions;
   notificationId: number;
   title: string;
+  id: string;
 };
 
 export type Pipeline = Runnable & {

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.39.9",
+  "version": "1.39.12",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "1c634a702af9298d25542acc270d68f71d9b1049"
+  "gitHead": "898bc9b9f2f75df11ea0803b144862ba98b7511a"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.39.9",
+  "version": "1.39.12",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1c634a702af9298d25542acc270d68f71d9b1049"
+  "gitHead": "898bc9b9f2f75df11ea0803b144862ba98b7511a"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.39.9",
+  "version": "1.39.12",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
@@ -56,5 +56,5 @@
       "fetch"
     ]
   },
-  "gitHead": "1c634a702af9298d25542acc270d68f71d9b1049"
+  "gitHead": "898bc9b9f2f75df11ea0803b144862ba98b7511a"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.39.9",
+  "version": "1.39.12",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -18,7 +18,7 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.39.9",
+    "@certd/basic": "^1.39.12",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -33,5 +33,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1c634a702af9298d25542acc270d68f71d9b1049"
+  "gitHead": "898bc9b9f2f75df11ea0803b144862ba98b7511a"
 }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,25 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+### Performance Improvements
+
+* 增加权威NS检查开关，某些用户服务器禁止向黑名单NS服务器发请求 ([1aa50cf](https://github.com/certd/certd/commit/1aa50cf53a0deab752f35ec973912e41ab8161b6))
+* 支持页脚自定义 ([c985a13](https://github.com/certd/certd/commit/c985a13544aa31b0eb0783f9a3193a7e8bdc6ed6))
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+### Bug Fixes
+
+* 修复列表页面底部滚动条与表格之间有空白间隙的bug ([71cfcad](https://github.com/certd/certd/commit/71cfcad2a15aac0badd85a10c4012a1e713654d1))
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+### Bug Fixes
+
+* 修复自定义插件删除后没有反注册的bug ([df98463](https://github.com/certd/certd/commit/df9846332596d2afaba53e66d2897aa1c598f9c4))
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 **Note:** Version bump only for package @certd/lib-server

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.39.9",
+  "version": "1.39.12",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -28,11 +28,11 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.39.9",
-    "@certd/basic": "^1.39.9",
-    "@certd/pipeline": "^1.39.9",
-    "@certd/plugin-lib": "^1.39.9",
-    "@certd/plus-core": "^1.39.9",
+    "@certd/acme-client": "^1.39.12",
+    "@certd/basic": "^1.39.12",
+    "@certd/pipeline": "^1.39.12",
+    "@certd/plugin-lib": "^1.39.12",
+    "@certd/plus-core": "^1.39.12",
     "@midwayjs/cache": "3.14.0",
     "@midwayjs/core": "3.20.11",
     "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1c634a702af9298d25542acc270d68f71d9b1049"
+  "gitHead": "898bc9b9f2f75df11ea0803b144862ba98b7511a"
 }

packages/libs/lib-server/src/system/settings/service/models.ts

@@ -29,6 +29,7 @@ export class SysPublicSettings extends BaseSettings {
   managerOtherUserPipeline = false;
   icpNo?: string;
   mpsNo?: string;
+  customFooter?: string;
   robots?: boolean = true;
   aiChatEnabled = true;
 
@@ -92,6 +93,9 @@ export class SysPrivateSettings extends BaseSettings {
   environmentVars?: string = '';
 
 
+  acmeWalkFromAuthoritative?: boolean = true;
+
+
   sms?: {
     type?: string;
     config?: any;

packages/libs/lib-server/src/system/settings/service/sys-settings-service.ts

@@ -4,12 +4,12 @@ import { Repository } from 'typeorm';
 import { SysSettingsEntity } from '../entity/sys-settings.js';
 import { BaseSettings, SysInstallInfo, SysPrivateSettings, SysPublicSettings, SysSecret, SysSecretBackup } from './models.js';
 
-import { getAllSslProviderDomains, setSslProviderReverseProxies } from '@certd/acme-client';
+import { getAllSslProviderDomains, setSslProviderReverseProxies, setWalkFromAuthoritative } from '@certd/acme-client';
 import { cache, logger, mergeUtils, setGlobalProxy } from '@certd/basic';
+import { isPlus } from '@certd/plus-core';
 import * as dns from 'node:dns';
 import { BaseService, setAdminMode } from '../../../basic/index.js';
 import { executorQueue } from '../../basic/service/executor-queue.js';
-import { isComm, isPlus } from '@certd/plus-core';
 const { merge } = mergeUtils;
 
 let lastSaveEnvVars = {};
@@ -119,11 +119,11 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
   }
 
   async savePublicSettings(bean: SysPublicSettings) {
-    if (isComm()) {
-      if (bean.adminMode === 'enterprise') {
-        throw new Error("商业版不支持使用企业管理模式")
-      }
-    }
+    // if (isComm()) {
+    //   if (bean.adminMode === 'enterprise') {
+    //     throw new Error("商业版不支持使用企业管理模式")
+    //   }
+    // }
 
     await this.saveSetting(bean);
     //让设置生效
@@ -180,6 +180,9 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
 
     //加载环境变量
     this.setEnvironmentVars(privateSetting.environmentVars);
+
+    setWalkFromAuthoritative(privateSetting.acmeWalkFromAuthoritative);
+    
   }
 
   setEnvironmentVars(vars: string) {

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.39.9",
+  "version": "1.39.12",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1c634a702af9298d25542acc270d68f71d9b1049"
+  "gitHead": "898bc9b9f2f75df11ea0803b144862ba98b7511a"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 **Note:** Version bump only for package @certd/plugin-cert

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.39.9",
+  "version": "1.39.12",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -17,10 +17,10 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.39.9",
-    "@certd/basic": "^1.39.9",
-    "@certd/pipeline": "^1.39.9",
-    "@certd/plugin-lib": "^1.39.9",
+    "@certd/acme-client": "^1.39.12",
+    "@certd/basic": "^1.39.12",
+    "@certd/pipeline": "^1.39.12",
+    "@certd/plugin-lib": "^1.39.12",
     "psl": "^1.9.0",
     "punycode.js": "^2.3.1"
   },
@@ -38,5 +38,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1c634a702af9298d25542acc270d68f71d9b1049"
+  "gitHead": "898bc9b9f2f75df11ea0803b144862ba98b7511a"
 }

packages/plugins/plugin-lib/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+### Performance Improvements
+
+* 支持部署到nginx-proxy-manager ([2e6e9ed](https://github.com/certd/certd/commit/2e6e9ed9255bcf178edb0eb00d93a7f13c214430))
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+### Performance Improvements
+
+* 1panel支持先上传证书再选择证书 ([7a9eec8](https://github.com/certd/certd/commit/7a9eec88e8eddf40dba055c072b5b2b0f67c1407))
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 **Note:** Version bump only for package @certd/plugin-lib

packages/plugins/plugin-lib/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-lib",
   "private": false,
-  "version": "1.39.9",
+  "version": "1.39.12",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -22,10 +22,10 @@
     "@alicloud/pop-core": "^1.7.10",
     "@alicloud/tea-util": "^1.4.11",
     "@aws-sdk/client-s3": "^3.964.0",
-    "@certd/acme-client": "^1.39.9",
-    "@certd/basic": "^1.39.9",
-    "@certd/pipeline": "^1.39.9",
-    "@certd/plus-core": "^1.39.9",
+    "@certd/acme-client": "^1.39.12",
+    "@certd/basic": "^1.39.12",
+    "@certd/pipeline": "^1.39.12",
+    "@certd/plus-core": "^1.39.12",
     "@kubernetes/client-node": "0.21.0",
     "ali-oss": "^6.22.0",
     "basic-ftp": "^5.0.5",
@@ -57,5 +57,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "1c634a702af9298d25542acc270d68f71d9b1049"
+  "gitHead": "898bc9b9f2f75df11ea0803b144862ba98b7511a"
 }

packages/plugins/plugin-lib/src/cert/cert-reader.ts

@@ -7,6 +7,9 @@ import { ILogger } from "@certd/basic";
 import dayjs from "dayjs";
 import { uniq } from "lodash-es";
 
+export interface ICertInfoGetter {
+  getByPipelineId: (pipelineId: number) => Promise<CertInfo>;
+}
 export type CertInfo = {
   crt: string; //fullchain证书
   key: string; //私钥
@@ -132,7 +135,12 @@ export class CertReader {
   }
 
   static readCertDetail(crt: string) {
-    const detail = crypto.readCertificateInfo(crt.toString());
+    let detail: CertificateInfo;
+    try {
+      detail = crypto.readCertificateInfo(crt.toString());
+    } catch (e) {
+      throw new Error("证书解析失败:" + e.message + "（请确定证书格式，是否与私钥搞反？）");
+    }
     const effective = detail.notBefore;
     const expires = detail.notAfter;
     const fingerprints = CertReader.getFingerprintX509(crt);

packages/plugins/plugin-lib/src/common/util.ts

@@ -44,6 +44,10 @@ export function createRemoteSelectInputDefine(opts?: {
   component?: any;
   value?: any;
   pageSize?: number;
+  uploadCert?: {
+    title?: string;
+    columns?: Record<string, any>;
+  };
 }) {
   const title = opts?.title || "请选择";
   const certDomainsInputKey = opts?.certDomainsInputKey || "certDomains";
@@ -74,6 +78,7 @@ export function createRemoteSelectInputDefine(opts?: {
       multi,
       pageSize: opts?.pageSize,
       watches: [certDomainsInputKey, accessIdInputKey, ...watches],
+      uploadCert: opts?.uploadCert,
       ...opts.component,
     },
     value: opts.value,

packages/ui/certd-client/CHANGELOG.md

@@ -3,6 +3,52 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
+
+### Bug Fixes
+
+* 调整手机版首页标题被挤开的bug ([eab66e2](https://github.com/certd/certd/commit/eab66e2d1988635985745f2d1b227b958969ee00))
+
+### Performance Improvements
+
+* 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
+* 增加权威NS检查开关，某些用户服务器禁止向黑名单NS服务器发请求 ([1aa50cf](https://github.com/certd/certd/commit/1aa50cf53a0deab752f35ec973912e41ab8161b6))
+* 支持页脚自定义 ([c985a13](https://github.com/certd/certd/commit/c985a13544aa31b0eb0783f9a3193a7e8bdc6ed6))
+
+## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
+
+### Bug Fixes
+
+* 修复列表页面底部滚动条与表格之间有空白间隙的bug ([71cfcad](https://github.com/certd/certd/commit/71cfcad2a15aac0badd85a10c4012a1e713654d1))
+* 修复流水线未编辑模式下也提示未保存的bug ([64a3503](https://github.com/certd/certd/commit/64a350364d820725b5e69d22ac2416809092f97d))
+* 修复商业版设置了公共eab，创建流水线仍然会显示需要配置eab的bug ([24dff05](https://github.com/certd/certd/commit/24dff05f6427dadec1e40350214c0167e1d6a73d))
+
+### Performance Improvements
+
+* 模版创建流水线支持随机时间 ([575415b](https://github.com/certd/certd/commit/575415b93a3e10e1c6e5644f71ddc711ea6f8adc))
+* 商业版支持配置证书申请插件参数 ([7ac789c](https://github.com/certd/certd/commit/7ac789c9c7e91cdf08dfdae1bb49186552e370e3))
+* 添加全新的未登录首页和路由配置 ([d1988dc](https://github.com/certd/certd/commit/d1988dc982440472ecf61847ccad76e4c96a80fb))
+* 优化权威域名服务器查询超时时长 ([77db5ec](https://github.com/certd/certd/commit/77db5ecd12c51293e4de178e43ca0067bc70b46d))
+* 支持主动修改绑定url地址 ([11b7cfe](https://github.com/certd/certd/commit/11b7cfe5cb7e88e6ebd68d53acb4e5b556550ca9))
+* **technitium:** 添加Technitium DNS Server插件支持 ([edeb817](https://github.com/certd/certd/commit/edeb817c39597e4fa73a17ff4ca3f712f0320fec))
+
+## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
+
+### Bug Fixes
+
+* 修复创建流水线无法选择通知的bug ([a88d0a6](https://github.com/certd/certd/commit/a88d0a6ae15cb6170d0b36e21daf89f0dbd5f681))
+* 修复流水线任务编辑页面复制粘贴按钮在夜间模式显示问题 ([1e549df](https://github.com/certd/certd/commit/1e549dfd431ed74e2bcdfce63e5f640c51603af3))
+* 修复用户管理添加用户无法上传头像的bug ([557e98c](https://github.com/certd/certd/commit/557e98c33f5462167d8f6289f70dad68bb114a97))
+* 修复自定义插件删除后没有反注册的bug ([df98463](https://github.com/certd/certd/commit/df9846332596d2afaba53e66d2897aa1c598f9c4))
+
+### Performance Improvements
+
+* 1panel支持先上传证书再选择证书 ([7a9eec8](https://github.com/certd/certd/commit/7a9eec88e8eddf40dba055c072b5b2b0f67c1407))
+* 流水线修改编辑之后，增加未保存提示 ([21620ac](https://github.com/certd/certd/commit/21620ac6bdeb57e43509156a77037fc07c44282a))
+* 修复检查全部某些情况下无效的bug，优化公共触发站点证书检查定时逻辑 ([ee53589](https://github.com/certd/certd/commit/ee535895a3166c6f9046963e28fa8f22f018b574))
+* 增加域名管理 子域名检查提醒 ([2bdf183](https://github.com/certd/certd/commit/2bdf1832da73a3728f3ac415837bc26e70531cd6))
+* 站点监控域名气泡增加端口显示 ([6ee718a](https://github.com/certd/certd/commit/6ee718a25265a9db2115343af9a1a01958f34b81))
+
 ## [1.39.9](https://github.com/certd/certd/compare/v1.39.8...v1.39.9) (2026-04-05)
 
 ### Bug Fixes

packages/ui/certd-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-client",
-  "version": "1.39.9",
+  "version": "1.39.12",
   "private": true,
   "scripts": {
     "dev": "vite --open",
@@ -106,8 +106,8 @@
     "zod-defaults": "^0.1.3"
   },
   "devDependencies": {
-    "@certd/lib-iframe": "^1.39.9",
-    "@certd/pipeline": "^1.39.9",
+    "@certd/lib-iframe": "^1.39.12",
+    "@certd/pipeline": "^1.39.12",
     "@rollup/plugin-commonjs": "^25.0.7",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/chai": "^4.3.12",

packages/ui/certd-client/src/components/captcha/captchas/image_captcha.vue

@@ -1,17 +1,18 @@
 <template>
   <div class="flex">
-    <a-input :value="valueRef" placeholder="请输入图片验证码" autocomplete="off" @update:value="onChange">
+    <a-input :value="valueRef" :placeholder="t('certd.captcha.inputImageCode')" autocomplete="off" @update:value="onChange">
       <template #prefix>
         <fs-icon icon="ion:image-outline"></fs-icon>
       </template>
     </a-input>
-    <div class="input-right pointer" title="点击刷新">
+    <div class="input-right pointer" :title="t('certd.captcha.refresh')">
       <img class="image-code" :src="imageCodeSrc" @click="resetImageCode" />
     </div>
   </div>
 </template>
 <script setup lang="ts">
 import { ref, watch } from "vue";
+import { useI18n } from "vue-i18n";
 
 const props = defineProps<{
   modelValue: any;
@@ -20,6 +21,7 @@ const props = defineProps<{
 defineOptions({
   name: "ImageCaptcha",
 });
+const { t } = useI18n();
 const emit = defineEmits(["update:modelValue", "change"]);
 
 const valueRef = ref("");

packages/ui/certd-client/src/components/captcha/captchas/tencent_captcha.vue

@@ -4,8 +4,8 @@
       <div class="sweep-animation"></div>
       <div class="box-content">
         <div class="box-icon">✓</div>
-        <span v-if="modelValue == null" class="status-text">点击进行验证</span>
-        <span v-else class="status-text">验证成功</span>
+        <span v-if="modelValue == null" class="status-text">{{ t("certd.captcha.clickToVerify") }}</span>
+        <span v-else class="status-text">{{ t("certd.captcha.verifySuccess") }}</span>
       </div>
     </div>
   </div>
@@ -13,8 +13,10 @@
 <script setup lang="ts">
 import { notification } from "ant-design-vue";
 import { ref, Ref, watch } from "vue";
+import { useI18n } from "vue-i18n";
 
 import { loadScript } from "vue-plugin-load-script";
+const { t } = useI18n();
 const loaded = ref(false);
 async function loadCaptchaScript() {
   // 加载验证码js
@@ -56,7 +58,7 @@ function callback(res: { ret: number; ticket: string; randstr: string; errorCode
 
   if (res.errorCode && res.errorCode > 0) {
     notification.error({
-      message: `验证码验证失败：${res.errorMessage || res.errorCode}`,
+      message: t("certd.captcha.verifyFailed", { message: res.errorMessage || res.errorCode }),
     });
   }
 
@@ -83,13 +85,13 @@ function loadErrorCallback(error: any) {
   //   errorMessage: "jsload_error",
   // });
   notification.error({
-    message: `验证码加载失败：${error?.message || error}`,
+    message: t("certd.captcha.loadFailed", { message: error?.message || error }),
   });
 }
 async function triggerCaptcha() {
   if (!loaded.value) {
     notification.error({
-      message: "验证码还未加载完成，请稍后再试",
+      message: t("certd.captcha.notLoaded"),
     });
     return;
   }

packages/ui/certd-client/src/components/cron-editor/index.vue

@@ -13,13 +13,11 @@
 </template>
 
 <script lang="ts" setup>
-import parser from "cron-parser";
 import { computed, ref } from "vue";
-import dayjs from "dayjs";
 import { useI18n } from "vue-i18n";
+import { getCronNextTimes } from "/@/components/cron-editor/utils";
 
 const { t } = useI18n();
-import { getCronNextTimes } from "/@/components/cron-editor/utils";
 defineOptions({
   name: "CronEditor",
 });

packages/ui/certd-client/src/components/icon-select.vue

@@ -1,5 +1,5 @@
 <template>
-  <a-select :value="value" @update:value="onChange">
+  <a-select :value="value" :filter-option="true" @update:value="onChange">
     <a-select-option v-for="item of options" :key="item.value" :value="item.value" :label="item.label">
       <span class="flex-o">
         <fs-icon :icon="item.icon" class="fs-16 color-blue mr-5" />

packages/ui/certd-client/src/components/plugins/cert/dns-provider-selector/index.vue

@@ -1,5 +1,5 @@
 <template>
-  <icon-select class="dns-provider-selector" :value="modelValue" :options="options" @update:value="atChange"> </icon-select>
+  <icon-select class="dns-provider-selector" :value="modelValue" :options="options" :filter-option="true" @update:value="atChange"> </icon-select>
 </template>
 
 <script lang="ts">

packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue

@@ -4,7 +4,7 @@
       <!--    <td class="domain">-->
       <!--      {{ props.domain }}-->
       <!--    </td>-->
-      <td class="host-record" :title="'域名：' + props.domain">
+      <td class="host-record" :title="t('certd.verifyPlan.domainTitle', { domain: props.domain })">
         <fs-copyable v-model="cnameRecord.hostRecord"></fs-copyable>
       </td>
       <td style="text-align: center">CNAME</td>
@@ -16,17 +16,17 @@
         <a-tooltip v-if="cnameRecord.error" :title="cnameRecord.error">
           <fs-icon class="ml-5 color-red" icon="ion:warning-outline"></fs-icon>
         </a-tooltip>
-        <a-tooltip v-if="cnameRecord.status === 'valid'" title="重置校验状态，重新校验">
+        <a-tooltip v-if="cnameRecord.status === 'valid'" :title="t('certd.verifyPlan.resetStatusTooltip')">
           <fs-icon class="ml-2 color-yellow text-md pointer" icon="solar:undo-left-square-bold" @click="resetStatus"></fs-icon>
         </a-tooltip>
       </td>
       <td class="center">
         <template v-if="cnameRecord.status !== 'valid'">
-          <a-button type="primary" size="small" :loading="loading" @click="doVerify">点击验证</a-button>
+          <a-button type="primary" size="small" :loading="loading" @click="doVerify">{{ t("certd.verifyPlan.clickToValidate") }}</a-button>
           <cname-tip :record="cnameRecord"></cname-tip>
         </template>
 
-        <div v-else class="helper" title="后续自动申请证书需要">不要删除CNAME</div>
+        <div v-else class="helper" :title="t('certd.verifyPlan.keepCnameTitle')">{{ t("certd.verifyPlan.keepCname") }}</div>
       </td>
     </tr>
   </tbody>
@@ -35,18 +35,20 @@
 <script lang="ts" setup>
 import { CnameRecord, GetByDomain } from "/@/components/plugins/cert/domains-verify-plan-editor/api";
 import { ref, watch } from "vue";
+import { useI18n } from "vue-i18n";
 import { dict } from "@fast-crud/fast-crud";
 import * as api from "./api.js";
 import CnameTip from "./cname-tip.vue";
 import { Modal } from "ant-design-vue";
 import { utils } from "/@/utils/index.js";
+const { t } = useI18n();
 const statusDict = dict({
   data: [
-    { label: "待设置CNAME", value: "cname", color: "warning" },
-    { label: "验证中", value: "validating", color: "blue" },
-    { label: "验证成功", value: "valid", color: "green" },
-    { label: "验证失败", value: "failed", color: "red" },
-    { label: "验证超时", value: "timeout", color: "red" },
+    { label: t("certd.verifyPlan.status.pendingCname"), value: "cname", color: "warning" },
+    { label: t("certd.verifyPlan.status.validating"), value: "validating", color: "blue" },
+    { label: t("certd.verifyPlan.status.valid"), value: "valid", color: "green" },
+    { label: t("certd.verifyPlan.status.failed"), value: "failed", color: "red" },
+    { label: t("certd.verifyPlan.status.timeout"), value: "timeout", color: "red" },
   ],
 });
 
@@ -125,8 +127,8 @@ async function doVerify() {
 
 async function resetStatus() {
   Modal.confirm({
-    title: "重置状态",
-    content: "确定要重置校验状态吗？",
+    title: t("certd.verifyPlan.resetStatus"),
+    content: t("certd.verifyPlan.confirmResetStatus"),
     onOk: async () => {
       await api.ResetStatus(cnameRecord.value.id);
       await loadRecord();

packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-tip.vue

@@ -2,17 +2,17 @@
   <a-tooltip :overlay-style="{ maxWidth: '400px' }">
     <template #title>
       <div>
-        <div>多试几次，如果仍然无法验证通过，请按如下步骤排查问题：</div>
-        <div>1. 解析记录应该添加在{{ record.domain }}域名下</div>
-        <div>2. 要添加的是CNAME类型的记录，不是TXT</div>
-        <div>3. 核对记录值是否是:{{ record.recordValue }}</div>
+        <div>{{ t("certd.verifyPlan.cnameTip.intro") }}</div>
+        <div>{{ t("certd.verifyPlan.cnameTip.step1", { domain: record.domain }) }}</div>
+        <div>{{ t("certd.verifyPlan.cnameTip.step2") }}</div>
+        <div>{{ t("certd.verifyPlan.cnameTip.step3", { value: record.recordValue }) }}</div>
         <div>
-          4. 在验证中状态下，运行下面的命令,查看cname和txt解析是否正确
+          {{ t("certd.verifyPlan.cnameTip.step4") }}
           <fs-copyable :style="{ color: '#52c41a' }" :model-value="nslookupCmd"></fs-copyable>
-          或者
+          {{ t("certd.verifyPlan.cnameTip.or") }}
           <fs-copyable :style="{ color: '#52c41a' }" :model-value="digCmd"></fs-copyable>
         </div>
-        <div>5. 如果以上检查都没有问题，则可能是DNS解析生效时间比较慢，某些提供商延迟可能高达几个小时</div>
+        <div>{{ t("certd.verifyPlan.cnameTip.step5") }}</div>
       </div>
     </template>
     <fs-icon class="ml-5 pointer" icon="mingcute:question-line"></fs-icon>
@@ -21,9 +21,11 @@
 
 <script lang="ts" setup>
 import { computed } from "vue";
+import { useI18n } from "vue-i18n";
 const props = defineProps<{
   record: any;
 }>();
+const { t } = useI18n();
 
 const nslookupCmd = computed(() => {
   return `nslookup -q=txt _acme-challenge.${props.record.domain}`;

packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-verify-plan.vue

@@ -2,11 +2,11 @@
   <table class="cname-verify-plan">
     <thead>
       <tr>
-        <td style="width: 160px">主机记录</td>
-        <td style="width: 100px; text-align: center">记录类型</td>
-        <td style="width: 250px">请设置CNAME记录（验证成功以后不要删除）</td>
-        <td style="width: 120px" class="center">状态</td>
-        <td style="width: 90px" class="center">操作</td>
+        <td style="width: 160px">{{ t("certd.verifyPlan.hostRecord") }}</td>
+        <td style="width: 100px; text-align: center">{{ t("certd.verifyPlan.recordType") }}</td>
+        <td style="width: 250px">{{ t("certd.verifyPlan.setCnameRecord") }}</td>
+        <td style="width: 120px" class="center">{{ t("certd.status") }}</td>
+        <td style="width: 90px" class="center">{{ t("certd.verifyPlan.operation") }}</td>
       </tr>
     </thead>
     <template v-for="key in domains" :key="key">
@@ -19,11 +19,14 @@
 import { CnameRecord } from "/@/components/plugins/cert/domains-verify-plan-editor/api";
 import CnameRecordInfo from "/@/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue";
 import { computed } from "vue";
+import { useI18n } from "vue-i18n";
 
 defineOptions({
   name: "CnameVerifyPlan",
 });
 
+const { t } = useI18n();
+
 const emit = defineEmits(["update:modelValue", "change"]);
 
 const props = defineProps<{

packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/http-verify-plan.vue

@@ -2,10 +2,10 @@
   <table class="http-verify-plan">
     <thead>
       <tr>
-        <td style="width: 160px">网站域名</td>
-        <td style="width: 100px; text-align: center">上传方式</td>
-        <td style="width: 150px">上传授权</td>
-        <td style="width: 200px">网站根目录路径</td>
+        <td style="width: 160px">{{ t("certd.verifyPlan.websiteDomain") }}</td>
+        <td style="width: 100px; text-align: center">{{ t("certd.verifyPlan.uploadMethod") }}</td>
+        <td style="width: 150px">{{ t("certd.verifyPlan.uploadAccess") }}</td>
+        <td style="width: 200px">{{ t("certd.verifyPlan.websiteRootPath") }}</td>
       </tr>
     </thead>
     <tbody v-if="records" class="http-record-body">
@@ -21,7 +21,7 @@
             <access-selector v-model="item.httpUploaderAccess" :type="item.httpUploaderType" @change="onRecordChange"></access-selector>
           </td>
           <td>
-            <a-input v-model:value="item.httpUploadRootDir" placeholder="网站根目录，如：/www/wwwroot" @change="onRecordChange"></a-input>
+            <a-input v-model:value="item.httpUploadRootDir" :placeholder="t('certd.verifyPlan.websiteRootPlaceholder')" @change="onRecordChange"></a-input>
           </td>
         </tr>
       </template>
@@ -31,6 +31,7 @@
 
 <script lang="ts" setup>
 import { Ref, ref, watch, nextTick } from "vue";
+import { useI18n } from "vue-i18n";
 import { HttpRecord } from "/@/components/plugins/cert/domains-verify-plan-editor/type";
 import { dict } from "@fast-crud/fast-crud";
 import { Dicts } from "/@/components/plugins/lib/dicts";
@@ -39,6 +40,8 @@ defineOptions({
   name: "HttpVerifyPlan",
 });
 
+const { t } = useI18n();
+
 const emit = defineEmits(["update:modelValue", "change"]);
 
 const props = defineProps<{

packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/index.vue

@@ -2,10 +2,10 @@
   <div class="domains-verify-plan-editor" :class="{ fullscreen }">
     <div class="fullscreen-modal" @click="fullscreenExit"></div>
     <div class="plan-wrapper">
-      <div class="plan-box">
+      <div class="plan-box bg-white dark:bg-neutral-700">
         <div class="fullscreen-button pointer flex-center" @click="fullscreen = !fullscreen">
           <span v-if="!fullscreen" style="font-size: 10px" class="flex-center">
-            这里可以放大
+            {{ t("certd.verifyPlan.expandTip") }}
             <fs-icon icon="ion:arrow-forward-outline"></fs-icon>
           </span>
           <fs-icon :icon="fullscreen ? 'material-symbols:fullscreen-exit' : 'material-symbols:fullscreen'"></fs-icon>
@@ -13,9 +13,9 @@
         <table class="plan-table">
           <thead>
             <tr>
-              <th style="min-width: 100px">主域名</th>
-              <th>验证方式</th>
-              <th>验证计划</th>
+              <th style="min-width: 100px">{{ t("certd.verifyPlan.mainDomain") }}</th>
+              <th>{{ t("certd.verifyPlan.challengeType") }}</th>
+              <th>{{ t("certd.verifyPlan.challengePlan") }}</th>
             </tr>
           </thead>
           <tbody>
@@ -30,13 +30,13 @@
                 <div class="plan">
                   <div v-if="item.type === 'dns'" class="plan-dns">
                     <div class="form-item">
-                      <span class="label">DNS类型：</span>
+                      <span class="label">{{ t("certd.verifyPlan.dnsType") }}:</span>
                       <span class="input">
                         <fs-dict-select
                           v-model:value="item.dnsProviderType"
                           size="small"
                           :dict="dnsProviderTypeDict"
-                          placeholder="DNS提供商"
+                          :placeholder="t('certd.verifyPlan.dnsProvider')"
                           @change="onPlanChanged"
                           @selected-change="onDnsProviderChange(item, $event)"
                         ></fs-dict-select>
@@ -44,9 +44,9 @@
                     </div>
                     <a-divider type="vertical" />
                     <div class="form-item">
-                      <span class="label">DNS授权：</span>
+                      <span class="label">{{ t("certd.verifyPlan.dnsAccess") }}:</span>
                       <span class="input">
-                        <access-selector v-model="item.dnsProviderAccessId" size="small" :type="item.dnsProviderAccessType || item.dnsProviderType" placeholder="请选择" @change="onPlanChanged"></access-selector>
+                        <access-selector v-model="item.dnsProviderAccessId" size="small" :type="item.dnsProviderAccessType || item.dnsProviderType" :placeholder="t('certd.verifyPlan.pleaseSelect')" @change="onPlanChanged"></access-selector>
                       </span>
                     </div>
                   </div>
@@ -55,7 +55,7 @@
                   </div>
                   <div v-if="item.type === 'http'" class="plan-http">
                     <http-verify-plan v-model="item.httpVerifyPlan" @change="onPlanChanged" />
-                    <div class="helper">证书颁发机构将请求 https://yourdomain/.well-known/acme-challenge/xxxxxx 来验证域名所有权。</div>
+                    <div class="helper">{{ t("certd.verifyPlan.httpHelper") }}</div>
                   </div>
                 </div>
               </td>
@@ -72,6 +72,7 @@
 
 <script lang="ts" setup>
 import { ref, watch } from "vue";
+import { useI18n } from "vue-i18n";
 import { dict, FsDictSelect } from "@fast-crud/fast-crud";
 import AccessSelector from "/@/views/certd/access/access-selector/index.vue";
 import CnameVerifyPlan from "./cname-verify-plan.vue";
@@ -84,17 +85,19 @@ defineOptions({
   name: "DomainsVerifyPlanEditor",
 });
 
+const { t } = useI18n();
+
 const challengeTypeOptions = ref<any[]>([
   {
-    label: "DNS验证",
+    label: t("certd.verifyPlan.dnsChallenge"),
     value: "dns",
   },
   {
-    label: "CNAME验证",
+    label: t("certd.verifyPlan.cnameChallenge"),
     value: "cname",
   },
   {
-    label: "HTTP验证",
+    label: t("certd.verifyPlan.httpChallenge"),
     value: "http",
   },
 ]);
@@ -273,7 +276,7 @@ watch(
     left: 0;
     width: 100%;
     height: 100%;
-    background-color: rgba(74, 74, 74, 0.78);
+    // background-color: rgba(74, 74, 74, 0.78);
     z-index: 1000;
     margin: auto;
     display: flex;
@@ -287,7 +290,6 @@ watch(
       .plan-box {
         position: relative;
         margin: auto;
-        background-color: #fff;
       }
     }
 
@@ -315,7 +317,7 @@ watch(
     height: 100%;
     //table-layout: fixed;
     th {
-      background-color: #f5f5f5;
+      // background-color: #f5f5f5;
       border-top: 1px solid #e8e8e8;
       border-left: 1px solid #e8e8e8;
       border-bottom: 1px solid #e8e8e8;

packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/validator.ts

@@ -1,5 +1,6 @@
 import Validator from "async-validator";
 import { DomainsVerifyPlanInput } from "./type";
+import { $t } from "/@/locales";
 
 function checkDomainVerifyPlan(rule: any, value: DomainsVerifyPlanInput) {
   if (value == null) {
@@ -13,7 +14,7 @@ function checkDomainVerifyPlan(rule: any, value: DomainsVerifyPlanInput) {
         for (const subDomain of subDomains) {
           const plan = value[domain].cnameVerifyPlan[subDomain];
           if (plan.status !== "valid") {
-            throw new Error(`域名${subDomain}的CNAME未验证通过，请先设置CNAME记录，点击验证按钮`);
+            throw new Error($t("certd.verifyPlan.errors.cnameNotValid", { domain: subDomain }));
           }
         }
       }
@@ -22,7 +23,7 @@ function checkDomainVerifyPlan(rule: any, value: DomainsVerifyPlanInput) {
       for (const item of domains) {
         //如果有通配符域名则不允许使用http校验
         if (item.startsWith("*.")) {
-          throw new Error(`域名${item}为通配符域名，不支持HTTP校验`);
+          throw new Error($t("certd.verifyPlan.errors.wildcardNotSupportHttp", { domain: item }));
         }
       }
 
@@ -31,19 +32,19 @@ function checkDomainVerifyPlan(rule: any, value: DomainsVerifyPlanInput) {
         for (const subDomain of subDomains) {
           const plan = value[domain].httpVerifyPlan[subDomain];
           if (!plan.httpUploaderType) {
-            throw new Error(`域名${subDomain}的上传方式必须填写`);
+            throw new Error($t("certd.verifyPlan.errors.uploadMethodRequired", { domain: subDomain }));
           }
           if (!plan.httpUploaderAccess) {
-            throw new Error(`域名${subDomain}的上传授权信息必须填写`);
+            throw new Error($t("certd.verifyPlan.errors.uploadAccessRequired", { domain: subDomain }));
           }
           if (!plan.httpUploadRootDir) {
-            throw new Error(`域名${subDomain}的网站根路径必须填写`);
+            throw new Error($t("certd.verifyPlan.errors.websiteRootRequired", { domain: subDomain }));
           }
         }
       }
     } else if (type === "dns") {
       if (!value[domain].dnsProviderType || !value[domain].dnsProviderAccessId) {
-        throw new Error(`DNS模式下，域名${domain}的DNS类型和授权信息必须填写`);
+        throw new Error($t("certd.verifyPlan.errors.dnsProviderRequired", { domain }));
       }
     }
   }

packages/ui/certd-client/src/components/plugins/common/api-test.vue

@@ -1,7 +1,7 @@
 <template>
   <div class="api-test">
     <div>
-      <fs-button :loading="loading" type="primary" text="测试" icon="ion:refresh-outline" @click="doTest"></fs-button>
+      <fs-button :loading="loading" type="primary" :text="t('certd.pluginCommon.test')" icon="ion:refresh-outline" @click="doTest"></fs-button>
     </div>
 
     <div class="helper" :class="{ error: hasError }">
@@ -12,6 +12,7 @@
 <script setup lang="ts">
 import { ComponentPropsType, doRequest } from "/@/components/plugins/lib";
 import { ref, inject } from "vue";
+import { useI18n } from "vue-i18n";
 import { Form } from "ant-design-vue";
 import { getInputFromForm } from "./utils";
 
@@ -19,6 +20,8 @@ defineOptions({
   name: "ApiTest",
 });
 
+const { t } = useI18n();
+
 const fromType: any = inject("getFromType");
 const getScope: any = inject("get:scope");
 const getPluginType: any = inject("get:plugin:type", () => {
@@ -61,14 +64,14 @@ const doTest = async () => {
       {
         onError(err: any) {
           hasError.value = true;
-          message.value = `错误：${err.message}`;
+          message.value = t("certd.pluginCommon.errorWithMessage", { message: err.message });
         },
         showErrorNotify: false,
       }
     );
-    message.value = "测试请求成功";
+    message.value = t("certd.pluginCommon.testRequestSuccess");
     if (res) {
-      message.value += `，返回：${JSON.stringify(res)}`;
+      message.value += t("certd.pluginCommon.responseSuffix", { response: JSON.stringify(res) });
     }
   } finally {
     loading.value = false;

packages/ui/certd-client/src/components/plugins/common/cert-domains-getter.vue

@@ -9,6 +9,7 @@
 
 <script setup lang="ts">
 import { inject, ref, watch } from "vue";
+import { useI18n } from "/@/locales";
 
 defineOptions({
   name: "CertDomainsGetter",
@@ -24,6 +25,7 @@ const emit = defineEmits<{
 }>();
 
 const pipeline: any = inject("pipeline");
+const { t } = useI18n();
 
 function findStepFromPipeline(targetStepId: string) {
   for (const stage of pipeline.value.stages) {
@@ -40,7 +42,7 @@ function findStepFromPipeline(targetStepId: string) {
 const errorRef = ref("");
 function getStepIdFromInputKey(inputKey: string) {
   if (!inputKey) {
-    errorRef.value = "请先选择域名证书";
+    errorRef.value = t("certd.pluginCommon.selectCertFirst");
     return;
   }
   return inputKey.split(".")[1];
@@ -49,7 +51,7 @@ function getDomainFromPipeline(inputKey: string) {
   let targetStepId = getStepIdFromInputKey(inputKey);
   let certStep = findStepFromPipeline(targetStepId);
   if (!certStep) {
-    errorRef.value = "找不到目标步骤，请先选择域名证书";
+    errorRef.value = t("certd.pluginCommon.targetStepNotFound");
     return;
   }
 
@@ -58,7 +60,7 @@ function getDomainFromPipeline(inputKey: string) {
     targetStepId = getStepIdFromInputKey(firstLevelValue);
     certStep = findStepFromPipeline(targetStepId);
     if (!certStep) {
-      errorRef.value = "找不到目标步骤，请先选择域名证书";
+      errorRef.value = t("certd.pluginCommon.targetStepNotFound");
       return;
     }
   }

packages/ui/certd-client/src/components/plugins/common/domain-selector.vue

@@ -17,12 +17,12 @@
           <template v-if="search">
             <div class="flex w-full items-center justify-between flex-wrap" style="padding: 4px 8px">
               <div class="flex-1 flex flex-row items-center">
-                <a-input ref="inputRef" v-model:value="searchKeyRef" class="flex-1" allow-clear placeholder="这里可以搜索域名（数据来自“设置->域名管理”），您也可以直接在上面输入框输入" @keydown.enter="doSearch" />
-                <fs-button type="primary" class="m-1" :loading="loading" icon="mingcute:search-2-line" @click="doSearch"> 查询 </fs-button>
+                <a-input ref="inputRef" v-model:value="searchKeyRef" class="flex-1" allow-clear :placeholder="t('certd.pluginCommon.domainSearchPlaceholder')" @keydown.enter="doSearch" />
+                <fs-button type="primary" class="m-1" :loading="loading" icon="mingcute:search-2-line" @click="doSearch">{{ t("certd.pluginCommon.search") }}</fs-button>
               </div>
               <div class="manager flex flex-row items-center">
-                <fs-button type="primary" class="m-1" icon="mingcute:vip-1-line" @click="openDomainImportDialog">导入域名</fs-button>
-                <fs-button class="m-1" type="primary" icon="carbon:gui-management" @click="openDomainManager">管理域名</fs-button>
+                <fs-button type="primary" class="m-1" icon="mingcute:vip-1-line" @click="openDomainImportDialog">{{ t("certd.pluginCommon.importDomain") }}</fs-button>
+                <fs-button class="m-1" type="primary" icon="carbon:gui-management" @click="openDomainManager">{{ t("certd.pluginCommon.manageDomain") }}</fs-button>
               </div>
             </div>
             <div v-if="hasError" class="helper p-2" :class="{ error: hasError }">
@@ -47,7 +47,7 @@
         </template>
       </a-select>
       <div class="ml-5">
-        <fs-button :loading="loading" title="刷新我的域名列表" icon="ion:refresh-outline" @click="refreshOptions"></fs-button>
+        <fs-button :loading="loading" :title="t('certd.pluginCommon.refreshMyDomains')" icon="ion:refresh-outline" @click="refreshOptions"></fs-button>
       </div>
     </div>
     <div class="helper" :class="{ error: hasError }">
@@ -57,6 +57,7 @@
 </template>
 <script setup lang="ts">
 import { computed, defineComponent, onMounted, ref, Ref, useAttrs } from "vue";
+import { useI18n } from "vue-i18n";
 import { useRouter } from "vue-router";
 import { Dicts } from "../lib/dicts";
 import { request } from "/@/api/service";
@@ -67,6 +68,8 @@ defineOptions({
   name: "DomainSelector",
 });
 
+const { t } = useI18n();
+
 const VNodes = defineComponent({
   props: {
     vnodes: {

packages/ui/certd-client/src/components/plugins/common/output-selector/index.vue

@@ -33,7 +33,7 @@ export default {
     async function onCreate() {
       await pluginStore.init();
       options.value = pluginStore.group.getPreStepOutputOptions({
-        pipeline: pipeline.value,
+        pipeline: pipeline?.value,
         currentStageIndex: currentStageIndex.value,
         currentTaskIndex: currentTaskIndex.value,
         currentStepIndex: currentStepIndex.value,

packages/ui/certd-client/src/components/plugins/common/remote-auto-complete.vue

@@ -4,7 +4,7 @@
       <a-auto-complete class="remote-auto-complete-input" :filter-option="filterOption" :options="optionsRef" :value="value" v-bind="attrs" @click="onClick" @update:value="emit('update:value', $event)">
       </a-auto-complete>
       <div class="ml-5">
-        <fs-button :loading="loading" title="刷新选项" icon="ion:refresh-outline" @click="refreshOptions"></fs-button>
+        <fs-button :loading="loading" :title="t('certd.pluginCommon.refreshOptions')" icon="ion:refresh-outline" @click="refreshOptions"></fs-button>
       </div>
     </div>
     <div class="helper" :class="{ error: hasError }">
@@ -15,6 +15,7 @@
 <script setup lang="ts">
 import { ComponentPropsType, doRequest } from "/@/components/plugins/lib";
 import { defineComponent, inject, ref, useAttrs, watch, Ref } from "vue";
+import { useI18n } from "vue-i18n";
 import { PluginDefine } from "@certd/pipeline";
 import { getInputFromForm } from "./utils";
 
@@ -22,6 +23,8 @@ defineOptions({
   name: "RemoteAutoComplete",
 });
 
+const { t } = useI18n();
+
 const props = defineProps<
   {
     watches?: string[];
@@ -93,16 +96,16 @@ const getOptions = async () => {
       {
         onError(err: any) {
           hasError.value = true;
-          message.value = `获取选项出错：${err.message}`;
+          message.value = t("certd.pluginCommon.getOptionsError", { message: err.message });
         },
         showErrorNotify: false,
       }
     );
     const list = res?.list || res || [];
     if (list.length > 0) {
-      message.value = "获取数据成功，请从下拉框中选择";
+      message.value = t("certd.pluginCommon.getDataSuccessSelect");
     } else {
-      message.value = "获取数据成功，没有数据";
+      message.value = t("certd.pluginCommon.getDataSuccessEmpty");
     }
     optionsRef.value = list;
 

packages/ui/certd-client/src/components/plugins/common/remote-input.vue

@@ -7,6 +7,7 @@
 <script setup lang="ts">
 import { doRequest } from "/@/components/plugins/lib";
 import { inject, ref, useAttrs } from "vue";
+import { useI18n } from "vue-i18n";
 import { useFormWrapper } from "@fast-crud/fast-crud";
 import { notification } from "ant-design-vue";
 import { getInputFromForm } from "./utils";
@@ -15,6 +16,7 @@ defineOptions({
   name: "RemoteInput",
 });
 const { openCrudFormDialog } = useFormWrapper();
+const { t } = useI18n();
 const props = defineProps<{
   modelValue: string;
   title: string;
@@ -53,7 +55,7 @@ async function openDialog() {
             saveRemind: false,
           },
           afterSubmit() {
-            notification.success({ message: "操作成功" });
+            notification.success({ message: t("certd.operationSuccess") });
           },
           async doSubmit({ form }: any) {
             return await doPluginFormSubmit(form);

packages/ui/certd-client/src/components/plugins/common/remote-select.vue

@@ -5,12 +5,12 @@
         <template #dropdownRender="{ menuNode: menu }">
           <template v-if="search">
             <div class="flex w-full" style="padding: 4px 8px">
-              <a-input ref="inputRef" v-model:value="searchKeyRef" class="flex-1" allow-clear placeholder="查询关键字" @keydown.enter="doSearch" />
+              <a-input ref="inputRef" v-model:value="searchKeyRef" class="flex-1" allow-clear :placeholder="t('certd.pluginCommon.searchKeyword')" @keydown.enter="doSearch" />
               <a-button class="ml-2" :loading="loading" type="text" @click="doSearch">
                 <template #icon>
                   <search-outlined />
                 </template>
-                查询
+                {{ t("certd.pluginCommon.search") }}
               </a-button>
             </div>
             <div v-if="hasError" class="helper p-2" :class="{ error: hasError }">
@@ -25,8 +25,9 @@
           </div>
         </template>
       </a-select>
-      <div class="ml-5">
-        <fs-button :loading="loading" title="刷新选项" icon="ion:refresh-outline" @click="refreshOptions"></fs-button>
+      <div class="ml-5 flex flex-row no-wrap">
+        <fs-button :loading="loading" :title="t('certd.pluginCommon.refreshOptions')" icon="ion:refresh-outline" @click="refreshOptions"></fs-button>
+        <UploadCert v-if="uploadCert" class="ml-5" v-bind="uploadCert" @submit="refreshOptions"></UploadCert>
       </div>
     </div>
     <div class="helper" :class="{ error: hasError }">
@@ -37,13 +38,18 @@
 <script setup lang="ts">
 import { ComponentPropsType, doRequest } from "/@/components/plugins/lib";
 import { defineComponent, inject, ref, useAttrs, watch, Ref } from "vue";
+import { useI18n } from "vue-i18n";
 import { PluginDefine } from "@certd/pipeline";
 import { getInputFromForm } from "./utils";
+import UploadCert from "./upload-cert.vue";
+import { UploadCertProps } from "./types";
 
 defineOptions({
   name: "RemoteSelect",
 });
 
+const { t } = useI18n();
+
 const selectRef = ref(null);
 
 const VNodes = defineComponent({
@@ -65,9 +71,10 @@ const props = defineProps<
     pager?: boolean;
     multi?: boolean;
     pageSize?: number;
+    uploadCert?: UploadCertProps;
   } & ComponentPropsType
 >();
-
+debugger;
 const emit = defineEmits<{
   "update:value": any;
 }>();
@@ -157,7 +164,7 @@ const getOptions = async () => {
       {
         onError(err: any) {
           hasError.value = true;
-          message.value = `获取选项出错：${err.message}`;
+          message.value = t("certd.pluginCommon.getOptionsError", { message: err.message });
           optionsRef.value = [];
         },
         showErrorNotify: false,
@@ -165,9 +172,9 @@ const getOptions = async () => {
     );
     let list = res?.list || res || [];
     if (list.length > 0) {
-      message.value = "获取数据成功，请从下拉框中选择";
+      message.value = t("certd.pluginCommon.getDataSuccessSelect");
     } else {
-      message.value = "获取数据成功，没有数据";
+      message.value = t("certd.pluginCommon.getDataSuccessEmpty");
     }
     list = list.map((item: any) => {
       return {

packages/ui/certd-client/src/components/plugins/common/remote-tree-select.vue

@@ -3,7 +3,7 @@
     <div class="flex flex-row">
       <a-tree-select class="remote-tree-select-input" :tree-data="optionsRef" :value="value" tree-checkable allow-clear v-bind="attrs" @click="onClick" @update:value="emit('update:value', $event)"> </a-tree-select>
       <div class="ml-5">
-        <fs-button :loading="loading" title="刷新选项" icon="ion:refresh-outline" @click="refreshOptions"></fs-button>
+        <fs-button :loading="loading" :title="t('certd.pluginCommon.refreshOptions')" icon="ion:refresh-outline" @click="refreshOptions"></fs-button>
       </div>
     </div>
     <div class="helper" :class="{ error: hasError }">
@@ -14,6 +14,7 @@
 <script setup lang="ts">
 import { ComponentPropsType, doRequest } from "/@/components/plugins/lib";
 import { defineComponent, inject, ref, useAttrs, watch, Ref } from "vue";
+import { useI18n } from "vue-i18n";
 import { PluginDefine } from "@certd/pipeline";
 import { getInputFromForm } from "./utils";
 
@@ -21,6 +22,8 @@ defineOptions({
   name: "RemoteTreeSelect",
 });
 
+const { t } = useI18n();
+
 const props = defineProps<
   {
     watches: string[];
@@ -104,16 +107,16 @@ const getOptions = async () => {
       {
         onError(err: any) {
           hasError.value = true;
-          message.value = `获取选项出错：${err.message}`;
+          message.value = t("certd.pluginCommon.getOptionsError", { message: err.message });
         },
         showErrorNotify: false,
       }
     );
     const list = res?.list || res || [];
     if (list.length > 0) {
-      message.value = "获取数据成功，请从下拉框中选择";
+      message.value = t("certd.pluginCommon.getDataSuccessSelect");
     } else {
-      message.value = "获取数据成功，没有数据";
+      message.value = t("certd.pluginCommon.getDataSuccessEmpty");
     }
     optionsRef.value = list;
     pagerRef.value.total = list.length;

packages/ui/certd-client/src/components/plugins/common/types.ts

@@ -0,0 +1,5 @@
+export interface UploadCertProps {
+  title?: string;
+  columns?: Record<string, any>;
+  button?: any;
+}

packages/ui/certd-client/src/components/plugins/common/upload-cert.vue

@@ -0,0 +1,103 @@
+<template>
+  <div class="upload-cert">
+    <fs-button v-model:loading="loading" type="primary" :text="t('certd.pluginCommon.upload')" v-bind="props.button" @click="openUploadCertDialog"></fs-button>
+  </div>
+</template>
+<script lang="ts" setup>
+import { message } from "ant-design-vue";
+import { useFormDialog } from "../../../use/use-dialog";
+import { computed, inject, ref } from "vue";
+import { useI18n } from "vue-i18n";
+import { doRequest } from "../lib";
+import { getInputFromForm } from "./utils";
+import { UploadCertProps } from "./types";
+import { merge } from "lodash-es";
+
+const props = defineProps<UploadCertProps>();
+const loading = ref(false);
+const { t } = useI18n();
+
+const emit = defineEmits(["submit"]);
+const { openFormDialog } = useFormDialog();
+const pipeline = inject("pipeline", null);
+
+const getCurrentPluginDefine: any = inject("getCurrentPluginDefine", () => {
+  return {};
+});
+const getScope: any = inject("get:scope", () => {
+  return {};
+});
+const getPluginType: any = inject("get:plugin:type", () => {
+  return "plugin";
+});
+const title = computed(() => props.title || t("certd.pluginCommon.uploadCert"));
+function openUploadCertDialog() {
+  const columns = merge(
+    {
+      certName: {
+        title: t("certd.pluginCommon.certName"),
+        form: {
+          component: {
+            name: "a-input",
+            vModel: "value",
+          },
+          helper: t("certd.pluginCommon.certNameHelper"),
+        },
+      },
+    },
+    props.columns
+  );
+  openFormDialog({
+    title: title.value,
+    columns: {
+      certName: {
+        title: t("certd.pluginCommon.certName"),
+        form: {
+          component: {
+            name: "a-input",
+            vModel: "value",
+          },
+        },
+      },
+      ...props.columns,
+    },
+    onSubmit: async (form: any) => {
+      const pluginType = getPluginType();
+      const scope = getScope();
+      const { input, record } = getInputFromForm(scope.form, pluginType);
+      loading.value = true;
+      try {
+        const res = await doRequest(
+          {
+            type: pluginType,
+            typeName: scope.form.type,
+            action: "onUploadCert",
+            input,
+            record,
+            data: {
+              pipelineId: pipeline?.value?.id,
+              ...form,
+            },
+          },
+          {
+            // onError(err: any) {
+            //   message.error(err.message);
+            // },
+            showErrorNotify: true,
+          }
+        );
+        message.success(t("certd.pluginCommon.uploadSuccess"));
+        emit("submit");
+      } finally {
+        loading.value = false;
+      }
+    },
+  });
+}
+</script>
+<style lang="less">
+.upload-cert {
+  display: flex;
+  align-items: center;
+}
+</style>

packages/ui/certd-client/src/components/plugins/lib/dicts.ts

@@ -1,17 +1,18 @@
 import { dict } from "@fast-crud/fast-crud";
+import { $t } from "/@/locales";
 
 export const Dicts = {
   sslProviderDict: dict({
     data: [
-      { value: "letsencrypt", label: "Let‘s Encrypt" },
+      { value: "letsencrypt", label: "Let's Encrypt" },
       { value: "zerossl", label: "ZeroSSL" },
     ],
   }),
   challengeTypeDict: dict({
     data: [
-      { value: "dns", label: "DNS校验", color: "green" },
-      { value: "cname", label: "CNAME代理校验", color: "blue" },
-      { value: "http", label: "HTTP校验", color: "yellow" },
+      { value: "dns", label: $t("certd.verifyPlan.dnsChallenge"), color: "green" },
+      { value: "cname", label: $t("certd.verifyPlan.cnameProxyChallenge"), color: "blue" },
+      { value: "http", label: $t("certd.verifyPlan.httpChallenge"), color: "yellow" },
     ],
   }),
   dnsProviderTypeDict: dict({
@@ -22,17 +23,17 @@ export const Dicts = {
       { label: "SFTP", value: "sftp" },
       { label: "SCP", value: "scp" },
       { label: "FTP", value: "ftp" },
-      { label: "阿里云OSS", value: "alioss" },
-      { label: "腾讯云COS", value: "tencentcos" },
-      { label: "七牛OSS", value: "qiniuoss" },
+      { label: $t("certd.verifyPlan.uploader.aliyunOss"), value: "alioss" },
+      { label: $t("certd.verifyPlan.uploader.tencentCos"), value: "tencentcos" },
+      { label: $t("certd.verifyPlan.uploader.qiniuOss"), value: "qiniuoss" },
       { label: "S3/Minio", value: "s3" },
-      { label: "SSH(已废弃，请选择SFTP方式)", value: "ssh", disabled: true },
+      { label: $t("certd.verifyPlan.uploader.sshDeprecated"), value: "ssh", disabled: true },
     ],
   }),
   domainFromTypeDict: dict({
     data: [
-      { value: "manual", label: "手动" },
-      { value: "auto", label: "自动" },
+      { value: "manual", label: $t("certd.verifyPlan.domainFrom.manual") },
+      { value: "auto", label: $t("certd.verifyPlan.domainFrom.auto") },
     ],
   }),
 };

packages/ui/certd-client/src/components/tutorial/tutorial-steps.vue

@@ -4,7 +4,7 @@
 
     <div class="step-item overflow-hidden">
       <div class="text">
-        <h3 class="title">{{ number }} {{ currentStepItem.title }}</h3>
+        <h3 class="title font-bold">{{ number }} {{ currentStepItem.title }}</h3>
         <div class="description mt-5">
           <div v-for="(desc, index) of currentStepItem.descriptions" :key="index">{{ desc }}</div>
         </div>
@@ -247,6 +247,7 @@ function previewMask() {
 
 <style lang="less">
 .tutorial-steps {
+  display: flex;
   .step-item {
     display: flex !important;
     flex-direction: row;

packages/ui/certd-client/src/components/vip-button/api.ts

@@ -20,5 +20,6 @@ export async function getTodayVipOrderCount() {
   return await request({
     url: "/sys/plus/getTodayVipOrderCount",
     method: "post",
+    showErrorNotify: false,
   });
 }

packages/ui/certd-client/src/components/vip-button/index.vue

@@ -251,7 +251,7 @@ function openUpgrade() {
     class: "vip-modal",
     maskClosable: true,
     okText: t("vip.close"),
-    width: 1100,
+    width: 1180,
     content: () => {
       return <VipModalContent placeholder={placeholder} isPlus={isPlus} productInfo={productInfo} goBuyPlusPage={goBuyPlusPage} goBuyCommPage={goBuyCommPage} openStarModal={openStarModal} modalRef={modalRef} />;
     },

packages/ui/certd-client/src/components/vip-button/vip-modal-content.vue

@@ -1,31 +1,5 @@
 <template>
   <div class="mt-10 vip-active-modal">
-    <div v-if="todayOrderCount.enabled" class="order-count hidden md:flex">
-      <div v-for="(stage, index) in todayOrderCount.stages" :key="index" class="status-item" :class="{ 'status-show': TodayVipOrderCountRef.current === index }">
-        <div class="background">
-          <img :src="stage.bg" alt="" />
-        </div>
-        <div class="flex flex-col order-count-text weight-bold">
-          <div class="count-text ml-4 flex items-center">
-            <fs-icon icon="noto:fire" class="fs-20 mr-2"></fs-icon>
-            <template v-if="stage.vipTotal > 0">
-              <span> 已有 </span>
-              <span class="count-number color-red font-bold text-2xl ml-1 mr-1"> {{ stage.vipTotal }} </span> 位小伙伴赞助，
-              <span>
-                {{ stage.title }}
-              </span>
-            </template>
-            <template v-else>
-              <span> 今日赞助 </span>
-              <span class="count-number color-red font-bold text-2xl ml-1 mr-1"> {{ stage.orderCount }} </span> 人，
-              <span>
-                {{ stage.title }}
-              </span>
-            </template>
-          </div>
-        </div>
-      </div>
-    </div>
     <div v-if="productInfo.notice" class="mt-10">
       <a-alert type="error" :message="productInfo.notice"></a-alert>
     </div>
@@ -65,6 +39,11 @@
               </div>
               <div class="get-show">
                 <template v-if="item.type === 'plus'">
+                  <span v-if="todayOrderCount.showVipTotal" class="mr-5">
+                    已有
+                    <span class="color-red"> {{ todayOrderCount.vipTotal }}</span>
+                    位伙伴支持
+                  </span>
                   <a-tooltip :title="t('vip.afdian_support_vip')">
                     <a-button size="small" type="primary" @click="goBuyPlusPage">
                       {{ t("vip.get_after_support") }}
@@ -243,66 +222,35 @@ const vipTypeDefine: any = {
 const TodayVipOrderCountRef: Ref = ref({ enabled: false, current: 0, stages: [] });
 
 async function getTodayVipOrderCount() {
+  try {
     const res = await api.getTodayVipOrderCount();
     if (res) {
       TodayVipOrderCountRef.value = res;
       TodayVipOrderCountRef.value.current = 0;
     }
+  } catch (error) {
+    console.error(error);
+  }
 }
 
 const todayOrderCount = computed(() => {
   const countInfo = TodayVipOrderCountRef.value;
-  const enabled = countInfo?.enabled || false;
-  const orderCount = countInfo?.orderCount || 0;
-  for (const stage of countInfo?.stages) {
-    stage.orderCount = stage.countGe || 0;
-  }
-  const lastStage = countInfo?.stages?.[countInfo?.stages?.length - 1] || {};
-  lastStage.orderCount = orderCount;
 
-  const stages: any = [];
-  stages.push({
-    title: countInfo.title,
-    vipTotal: countInfo?.vipTotal || 0,
-    orderCount: orderCount,
-    bg: lastStage.bg,
-  });
-  if (lastStage.orderCount > 0) {
-    stages.push(lastStage);
-  }
+  const vipTotal = countInfo?.vipTotal || 0;
+  const showVipTotal = countInfo?.showVipTotal || false;
+  const userTotal = countInfo?.userTotal || 0;
   return {
-    enabled: enabled,
-    stages: stages,
+    showVipTotal: showVipTotal,
+    vipTotal: vipTotal,
+    userTotal: userTotal,
   };
 });
 
-async function scrollOrderCount() {
-  const stages = todayOrderCount.value.stages;
-  if (stages.length === 0) {
-    return;
-  }
-  let index = 0;
-  const doScroll = () => {
-    TodayVipOrderCountRef.value.current = index;
-    index++;
-    if (index >= stages.length) {
-      index = 0;
-    }
-  };
-  doScroll();
-  scrollOrderCountIntervalRef.value = setInterval(doScroll, 7000);
-}
-
-const scrollOrderCountIntervalRef: Ref = ref(null);
 onMounted(async () => {
   await getTodayVipOrderCount();
-  await nextTick();
-  await scrollOrderCount();
 });
 
-onUnmounted(() => {
-  clearInterval(scrollOrderCountIntervalRef.value);
-});
+onUnmounted(() => {});
 </script>
 
 <style lang="less">

packages/ui/certd-client/src/layout/components/footer/index.vue

@@ -3,7 +3,7 @@
     <div class="flex items-center">
       <span v-if="!settingStore.isComm">
         <span>Powered by</span>
-        <a> handsfree.work </a>
+        <a href="https://certd.docmirror.cn/" target="_blank"> handfree.work </a>
         <a-divider type="vertical" />
       </span>
 
@@ -21,7 +21,12 @@
 
       <span v-if="sysPublic.mpsNo">
         <a href="http://www.beian.gov.cn/portal/registerSystemInfo" target="_blank">{{ sysPublic.mpsNo }}</a>
+        <a-divider type="vertical" />
       </span>
+
+      <template v-if="sysPublic.customFooter && settingStore.isPlus">
+        <div v-html="sysPublic.customFooter"></div>
+      </template>
     </div>
     <div class="ml-5">v{{ version }}</div>
   </div>

packages/ui/certd-client/src/layout/layout-framework.vue

@@ -75,7 +75,7 @@
         <div>
           <span v-if="!settingStore.isComm">
             <span>Powered by</span>
-            <a> handfree.work </a>
+            <a href="https://certd.docmirror.cn/" target="_blank"> handfree.work </a>
           </span>
 
           <template v-if="siteInfo.licenseTo">

packages/ui/certd-client/src/layout/layout-outside.vue

@@ -2,7 +2,7 @@
   <div id="userLayout" :class="['user-layout-wrapper']">
     <div class="login-container flex justify-start dark:background-[#141414]">
       <div class="user-layout-content flex-col justify-start">
-        <div class="top flex flex-col items-center justify-start">
+        <div class="top flex flex-col items-center justify-start pointer" @click="goHome">
           <div class="header flex flex-row items-center">
             <img :src="siteInfo.loginLogo" class="logo" alt="logo" />
             <span class="title"></span>
@@ -15,10 +15,13 @@
         </div>
         <div class="footer">
           <div class="copyright">
-            <span v-if="!settingStore.isComm">
+            <span>
               <span>Copyright</span>
               <span>&copy;</span>
               <span>{{ envRef.COPYRIGHT_YEAR }}</span>
+            </span>
+            <span v-if="!settingStore.isComm">
+              <a-divider type="vertical" />
               <span>
                 <a :href="envRef.COPYRIGHT_URL" target="_blank">{{ envRef.COPYRIGHT_NAME }}</a>
               </span>
@@ -47,6 +50,7 @@ import { env } from "/@/utils/util.env";
 import { computed, ref, Ref } from "vue";
 import { useSettingStore } from "/@/store/settings";
 import { SiteInfo, SysPublicSetting } from "/@/store/settings/api.basic";
+import { useRouter } from "vue-router";
 
 const envRef = ref(env);
 const settingStore = useSettingStore();
@@ -56,6 +60,10 @@ const siteInfo: Ref<SiteInfo> = computed(() => {
 const sysPublic: Ref<SysPublicSetting> = computed(() => {
   return settingStore.sysPublic;
 });
+const router = useRouter();
+function goHome() {
+  router.replace("/");
+}
 </script>
 
 <style lang="less">

packages/ui/certd-client/src/locales/langs/en-US/certd.ts

@@ -1,861 +1,46 @@
-//注意： @符号是保留字符，需要用{'@'}替换， AI请务必提醒我修改
+import common from "./certd/common";
+import navigation from "./certd/navigation";
+import dashboard from "./certd/dashboard";
+import pipeline from "./certd/pipeline";
+import history from "./certd/history";
+import monitor from "./certd/monitor";
+import certdomain from "./certd/cert-domain";
+import cname from "./certd/cname";
+import access from "./certd/access";
+import open from "./certd/open";
+import mine from "./certd/mine";
+import notification from "./certd/notification";
+import addon from "./certd/addon";
+import suite from "./certd/suite";
+import project from "./certd/project";
+import syssettings from "./certd/sys-settings";
+import sysplugin from "./certd/sys-plugin";
+import sysauthority from "./certd/sys-authority";
+import syscname from "./certd/sys-cname";
+import tutorial from "./certd/tutorial";
+import cron from "./certd/cron";
+
+// Note: @ is reserved in locale messages; use {'@'} when needed.
 export default {
-  app: {
-    crud: {
-      i18n: {
-        name: "name",
-        city: "city",
-        status: "status",
-      },
-    },
-  },
-  fs: {
-    rowHandle: {
-      title: "Operation",
-    },
-  },
-  pipelinePage: {
-    addMore: "Add More Pipelines",
-    aliyunSubscriptionPipeline: "Aliyun Subscription Pipeline",
-    legoCertPipeline: "Lego Certificate Pipeline",
-    customPipeline: "Custom Pipeline",
-    batchAddPipeline: "Add Pipeline Use Template",
-    myPipelinesDesc: "Pipeline Mode: Apply -> Deploy -> Schedule",
-  },
-  order: {
-    confirmTitle: "Order Confirmation",
-    package: "Package",
-    description: "Description",
-    specifications: "Specifications",
-    pipeline: "Pipeline",
-    domain: "Domain",
-    deployTimes: "Deployments",
-    monitorCount: "DomainMonitors",
-    duration: "Duration",
-    price: "Price",
-    paymentMethod: "Payment Method",
-    free: "Free",
-    unit: {
-      pieces: "pieces",
-      count: "count",
-      times: "times",
-    },
-  },
-  framework: {
-    title: "Framework",
-    home: "Home",
-  },
-  helpDocLink: "Help Docs",
-  title: "Certificate Automation",
-  pipeline: "Pipeline",
-  pipelineEdit: "Edit Pipeline",
-  history: "Execution History",
-  certStore: "Certificate Repository",
-  siteMonitor: "Site Certificate Monitor",
-  settings: "Settings",
-  accessManager: "Access Management",
-  cnameRecord: "CNAME Record Management",
-  subDomain: "Subdomain Delegation Settings",
-  pipelineGroup: "Pipeline Group Management",
-  openKey: "Open API Key",
-  notification: "Notification Settings",
-  siteMonitorSetting: "Site Monitor Settings",
-  userSecurity: "Security Settings",
-  userProfile: "Account Info",
-  userGrant: "Grant Delegation",
-  suite: "Suite",
-  mySuite: "My Suite",
-  suiteBuy: "Suite Purchase",
-  myTrade: "My Orders",
-  paymentReturn: "Payment Return",
-  hasExpired: "Expired",
-  user: {
-    greeting: "Hello",
-    profile: "Account Info",
-    logout: "Logout",
-    setting: {
-      grantSetting: "Grant Settings",
-      saveSuccess: "Save Success",
-      allowAdminViewCerts: "Allow Admin view and download Certs",
-      allowAdminViewCertsHelper: "Allow admin view and download all certificates",
-    },
-  },
-  dashboard: {
-    greeting: "Hello, {name}, welcome to 【{site}】",
-    latestVersion: "Latest version: {version}",
-    validUntil: "Valid until:",
-    tutorialTooltip: "Click to view detailed tutorial",
-    tutorialText: "Only 3 steps to automatically apply and deploy certificates",
-    alertMessage: "Certificates and credentials are sensitive. Do not use untrusted online Certd services or images. Always self-host and use official release channels:",
-    helpDoc: "Help Docs",
-    pipelineCount: "Number of Certificate Pipelines",
-    noPipeline: "You have no certificate pipelines yet",
-    enabledCount: "Enabled",
-    disabledCount: "Disabled",
-    certCount: "Number of Certificates",
-    noCert: "You have no certificates yet",
-    manageCert: "View Certificates",
-    certExpiringCount: "Soon-to-Expire",
-    certExpiredCount: "Expired",
-    certNoExpireCount: "Not Expired",
-    createNow: "Create Now",
-    managePipeline: "Manage Pipelines",
-    pipelineStatus: "Pipeline Status",
-    recentRun: "Recent Run Statistics",
-    runCount: "Run Count",
-    expiringCerts: "Soon-to-Expire Certificates",
-    supportedTasks: "Overview of Supported Deployment Tasks",
-    changeLog: "Change Log",
-  },
-  steps: {
-    createPipeline: "Create Certificate Pipeline",
-    addTask: "Add Deployment Task",
-    scheduledRun: "Scheduled Run",
-  },
-  customPipeline: "Custom Pipeline",
-  createCertdPipeline: "Create Certificate Pipeline",
-  commercialCertHosting: "Commercial Certificate Hosting",
-  tooltip: {
-    manualUploadOwnCert: "Manually upload your own certificate for automatic deployment",
-    noAutoApplyCommercialCert: "Does not automatically apply for commercial certificates",
-    manualUploadOnUpdate: "Must manually upload once when the certificate is updated",
-  },
-  table: {
-    confirmDeleteTitle: "Are you sure you want to delete?",
-    confirmDeleteMessage: "This will delete all data related to the pipeline, including execution history, certificate files, and certificate repository records.",
-  },
-  play: {
-    runPipeline: "Run Pipeline",
-    confirm: "Confirm",
-    confirmTrigger: "Are you sure you want to trigger the run?",
-    pipelineStarted: "Pipeline has started running",
-  },
-  actions: {
-    editPipeline: "Edit Pipeline",
-    editConfigGroup: "Modify Configuration/Group",
-    viewCertificate: "View Certificate",
-    downloadCertificate: "Download Certificate",
-  },
-  fields: {
-    userId: "User ID",
-    pipelineName: "Pipeline Name",
-    keyword: "Keyword",
-    required: "This field is required",
-    pipelineContent: "Pipeline Content",
-    scheduledTaskCount: "Scheduled Task Count",
-    deployTaskCount: "Deployment Task Count",
-    remainingValidity: "Remaining Validity",
-    effectiveTime: "Effective time",
-    expiryTime: "Expiry Time",
-    status: "Status",
-    lastRun: "Last Run",
-    enabled: "Enabled",
-    enabledLabel: "Enabled",
-    disabledLabel: "Disabled",
-    group: "Group",
-    type: "Type",
-    order: "Order Number",
-    keepHistoryCount: "History Record Retention Count",
-    keepHistoryHelper: "Number of history records to keep; excess will be deleted",
-    createTime: "Creation Time",
-    updateTime: "Update Time",
-    triggerType: "Trigger Type",
-    pipelineId: "Pipeline Id",
-    nextRunTime: "Next Run Time",
-    projectName: "Project",
-    adminId: "Admin",
-  },
-
-  pi: {
-    validTime: "Piepline Valid Time",
-    validTimeHelper: "Not filled in means permanent validity",
-  },
-  types: {
-    certApply: "Cert Apply",
-    certUpload: "Cert Upload",
-    custom: "Custom",
-    template: "Template",
-  },
-  myPipelines: "My Pipelines",
-  selectedCount: "Selected {count} items",
-  batchDelete: "Batch Delete",
-  batchForceRerun: "Force Rerun",
-  batchRerun: "Rerun",
-  applyCertificate: "Apply for Certificate",
-  pipelineExecutionRecords: "Pipeline Execution Records",
-  confirm: "Confirm",
-  confirmBatchDeleteContent: "Are you sure you want to batch delete these {count} records?",
-  deleteSuccess: "Delete successful",
-  pleaseSelectRecords: "Please select records first",
-  triggerTypes: {
-    manual: "Manual Execution",
-    timer: "Scheduled Execution",
-  },
-  sysResources: {
-    sysRoot: "System Management",
-    sysConsole: "Console",
-    sysSettings: "System Settings",
-    cnameSetting: "CNAME Service Settings",
-    emailSetting: "Email Server Settings",
-    siteSetting: "Site Personalization",
-    headerMenus: "Top Menu Settings",
-    sysAccess: "System-level Authorization",
-    sysPlugin: "Plugin Management",
-    sysPluginEdit: "Edit Plugin",
-    sysPluginConfig: "Certificate Plugin Configuration",
-    accountBind: "Account Binding",
-    permissionManager: "Permission Management",
-    roleManager: "Role Management",
-    userManager: "User Management",
-    suiteManager: "Suite Management",
-    suiteSetting: "Suite Settings",
-    orderManager: "Order Management",
-    userSuites: "User Suites",
-    netTest: "Network Test",
-
-    enterpriseSetting: "Enterprise Settings",
-    projectManager: "Project Management",
-    projectUserManager: "Project User Management",
-    myProjectManager: "My Projects",
-    myProjectDetail: "Project Detail",
-    projectJoin: "Join Project",
-    currentProject: "Current Project",
-    projectMemberManager: "Project Member",
-    domainMonitorSetting: "Domain Monitor Settings",
-  },
-  certificateRepo: {
-    title: "Certificate Repository",
-    sub: "Certificates generated from pipeline",
-  },
-
-  certificateNotGenerated: "Certificate not yet generated, please run the pipeline first",
-  viewCertificateTitle: "View Certificate",
-  close: "Close",
-  viewCert: {
-    title: "View Certificate",
-  },
-  download: {
-    title: "Download Certificate",
-  },
-  source: "Source Code",
-  github: "GitHub",
-  gitee: "Gitee",
-  cron: {
-    clearTip: "Clear Selection",
-    nextTrigger: "Next Trigger Time",
-    tip: "Please set a valid cron expression first",
-  },
-  cronForm: {
-    title: "Scheduled Script",
-    helper: "Click the button above to select the time for daily execution.\nIt is recommended to run once a day. Tasks will be skipped if the certificate is not expiring.",
-    required: "This field is required",
-  },
-  email: {
-    title: "Recipient Email",
-    helper: "Enter your recipient email addresses. Multiple addresses are supported.",
-    required: "This field is required",
-  },
-  plugin: {
-    selectTitle: "Certificate Apply Plugin",
-    jsAcme: "JS-ACME: Easy to use, powerful features [Recommended]",
-    legoAcme: "Lego-ACME: Based on Lego, supports a wide range of DNS providers, suitable for users familiar with Lego",
-    aliyunOrder: "Aliyun-Order: Get certificate from Aliyun certificate order",
-  },
-  pipelineForm: {
-    createTitle: "Create Certificate Pipeline",
-    moreParams: "More Parameters",
-    triggerCronTitle: "Scheduled Trigger",
-    triggerCronHelper:
-      "Click the button above to choose a daily execution time.\nIt is recommended to trigger once per day. The task will be skipped if the certificate has not expired and will not be executed repeatedly.",
-    notificationTitle: "Failure Notification",
-    notificationWhen: "Notification Timing",
-    notificationHelper: "Get real-time alerts when the task fails",
-    groupIdTitle: "Pipeline Group",
-
-    addToMonitorEnabled: "Add to Cert Monitor",
-    addToMonitorDomains: "Add to Monitor Domains",
-
-    webhookEnabled: "Webhook Enabled",
-    webhookEnabledHelper: "Support webhook trigger pipeline, please check webhook address in trigger source",
-  },
-  notificationDefault: "Use Default Notification",
-  checkStatus: {
-    success: "Success",
-    checking: "Checking",
-    error: "Error",
-  },
-  domainList: {
-    title: "Domain List",
-    helper: "Format: domain:port:name:remark, one per line. Port and name are optional.\nExamples:\nwww.baidu.com:443:Baidu:remarkText\nwww.taobao.com::Taobao\nwww.google.com",
-    required: "Please enter domains to import",
-    placeholder: "www.baidu.com:443:Baidu\nwww.taobao.com::Taobao\nwww.google.com\n",
-  },
-  accountInfo: "Account Information",
-  securitySettings: "Security & Settings",
-  confirmDisable2FA: "Are you sure you want to disable two-factor authentication login?",
-  disabledSuccess: "Disabled successfully",
-  saveSuccess: "Saved successfully",
-  twoFactorAuth: "2FA Two-Factor Authentication Login",
-  rebind: "Rebind",
-  twoFactorAuthHelper: "Enable or disable two-factor authentication login",
-  bindDevice: "Bind Device",
-  step1: "1. Install any authenticator app, for example:",
-  tooltipGoogleServiceError: "If you get a Google service not found error, you can install KK Google Assistant",
-  step2: "2. Scan the QR code to add the account",
-  step3: "3. Enter the verification code",
-  inputVerifyCode: "Please enter the verification code",
-  cancel: "Cancel",
-  authorizationManagement: "Authorization Management",
-  manageThirdPartyAuth: "Manage third-party system authorization information",
-  name: "Name",
-  pleaseEnterName: "Please enter the name",
-  nameHelper: "Fill in as you like, useful to distinguish when multiple authorizations of the same type exist",
-  level: "Level",
-  system: "System",
-  usera: "User",
-  nickName: "Nickname",
-  max50Chars: "Maximum 50 characters",
-  myInfo: "My Information",
-  save: "Save",
-  editSchedule: "Edit Schedule",
-  timerTrigger: "Timer Trigger",
-  schedule: "Schedule",
-  selectCron: "Please select a schedule Cron",
-  batchEditSchedule: "Batch Edit Schedule",
-  editTrigger: "Edit Trigger",
-  triggerName: "Trigger Name",
-  requiredField: "This field is required",
-  type: "Type",
-  enterName: "Please enter a name",
-  confirmDeleteTrigger: "Are you sure you want to delete this trigger?",
-  notificationType: "Notification Type",
-  selectNotificationType: "Please select a notification type",
-  notificationName: "Notification Name",
-  helperNotificationName: "Fill freely, helps to distinguish when multiple notifications of the same type exist",
-  isDefault: "Is Default",
-  yes: "Yes",
-  no: "No",
-  selectIsDefault: "Please select if default",
-  prompt: "Prompt",
-  confirmSetDefaultNotification: "Are you sure to set as default notification?",
-  test: "Test",
-  scope: "Scope",
-  scopeOpenApiOnly: "Open API Only",
-  scopeFullAccount: "Full Account Permissions",
-  required: "This field is required",
-  scopeHelper: "Open API only allows access to open APIs; full account permissions allow access to all APIs",
-  add: "Generate New Key",
-  gen: {
-    text: "API Test",
-    title: "x-certd-token",
-    okText: "Confirm",
-    contentPart1: "Test the x-certd-token below, you can use it within 3 minutes to test ",
-    openApi: "Open API",
-    contentPart2: " request testing",
-  },
-  pending_cname_setup: "Pending CNAME setup",
-  validating: "Validating",
-  validation_successful: "Validation successful",
-  validation_failed: "Validation failed",
-  validation_timed_out: "Validation timed out",
-  proxied_domain: "Proxied Domain",
-  host_record: "Host Record",
-  please_set_cname: "Please set CNAME",
-  cname_service: "CNAME Service",
-  default_public_cname: "Default public CNAME service, you can also ",
-  customize_cname: "Customize CNAME Service",
-  public_cname: "Public CNAME",
-  custom_cname: "Custom CNAME",
-  validate: "Validate",
-  validation_started: "Validation started, please wait patiently",
-  click_to_validate: "Click to Validate",
-  all: "All",
-  cname_feature_guide: "CNAME feature principle and usage guide",
-  batch_delete: "Batch Delete",
-  confirm_delete_count: "Are you sure to delete these {count} records in batch?",
-  delete_successful: "Delete successful",
-  please_select_records: "Please select records first",
-  edit_notification: "Edit Notification",
-  other_notification_method: "Other Notification Method",
-  trigger_time: "Trigger Time",
-  start_time: "At Start",
-  success_time: "On Success",
-  fail_to_success_time: "Fail to Success",
-  fail_time: "On Failure",
-  helper_suggest_fail_only: "It is recommended to select only 'On Failure' and 'Fail to Success'",
-  notification_config: "Notification Configuration",
-  please_select_notification: "Please select a notification method",
-  please_select_type: "Please select type",
-  please_select_trigger_time: "Please select notification trigger time",
-  please_select_notification_config: "Please select notification configuration",
-  confirm_delete_trigger: "Are you sure you want to delete this trigger?",
-  gift_package: "Gift Package",
-  package_name: "Package Name",
-  click_to_select: "Click to select",
-  please_select_package: "Please select a package",
-  package: "Package",
-  addon_package: "Addon Package",
-  domain_count: "Domain Count",
-  unit_count: "pcs",
-  field_required: "This field is required",
-  pipeline_count: "Pipeline Count",
-  unit_item: "items",
-  deploy_count: "Deploy Count",
-  unit_times: "times",
-  monitor_count: "Certificate Monitor Count",
-  duration: "Duration",
-  status: "Status",
-  active_time: "Activation Time",
-  expires_time: "Expiration Time",
-  is_present: "Is Present",
-  is_present_yes: "Yes",
-  is_present_no: "No",
-  basicInfo: "Basic Information",
-  titlea: "Title",
-  disabled: "Disabled",
-  ordera: "Order",
-  supportBuy: "Support Purchase",
-  intro: "Introduction",
-  packageContent: "Package Content",
-  maxDomainCount: "Max Domain Count",
-  maxPipelineCount: "Max Pipeline Count",
-  maxDeployCount: "Max Deploy Count",
-  maxMonitorCount: "Max Monitor Count",
-  price: "Price",
-  durationPrices: "Duration Prices",
-  packageName: "Package Name",
-  addon: "Addon",
-  typeHelper: "Suite: Only the most recently purchased one is active at a time\nAddon: Multiple can be purchased, effective immediately without affecting the suite\nThe quantities of suite and addon can be accumulated",
-  domainCount: "Domain Count",
-  pipelineCount: "Pipeline Count",
-  unitPipeline: "pipelines",
-  deployCount: "Deployment Count",
-  unitDeploy: "times",
-  monitorCount: "Certificate Monitor Count",
-  unitCount: "pcs",
-  durationPriceTitle: "Duration and Price",
-  selectDuration: "Select Duration",
-  supportPurchase: "Support Purchase",
-  cannotPurchase: "Cannot Purchase",
-  shelfStatus: "Shelf Status",
-  onShelf: "On Shelf",
-  offShelf: "Off Shelf",
-  orderHelper: "Smaller values appear first",
-  description: "Description",
-  createTime: "Creation Time",
-  updateTime: "Update Time",
-  mainDomain: "Main Domain",
-  edit: "Edit",
-  groupName: "Group Name",
-  enterGroupName: "Please enter group name",
-  subdomainHosting: "Subdomain Hosting",
-  subdomainHostingHint: "When your domain has subdomain hosting set, you need to create records here, otherwise certificate application will fail",
-  batchDeleteConfirm: "Are you sure to batch delete these {count} records?",
-  selectRecordFirst: "Please select records first",
-  subdomainHosted: "Hosted Subdomain",
-  subdomainHelpText: "If you don't understand what subdomain hosting is,Do not set it randomly, as it may result in the inability to apply for the certificate. please refer to the documentation ",
-  subdomainHelpSupportStart: "Supports * wildcard, indicating that all subdomains of the domain are hosted (free subdomains)",
-  subdomainManagement: "Subdomain Management",
-  isDisabled: "Is Disabled",
-  enabled: "Enabled",
-  uploadCustomCert: "Upload Custom Certificate",
-  sourcee: "Source",
-  sourcePipeline: "Cert Apply Pipeline",
-  sourceManualUpload: "Hosted Pipeline",
-  domains: "Domains",
-  enterDomain: "Please enter domain",
-  validDays: "Valid Days",
-  expires: " expires",
-  days: " days",
-  effectiveTime: "Effective Time",
-  expireTime: "Expiration Time",
-  certIssuer: "Certificate Issuer",
-  applyTime: "Application Time",
-  relatedPipeline: "Related Pipeline",
-  statusSuccess: "Success",
-  statusChecking: "Checking",
-  statusError: "Error",
-  actionImportBatch: "Batch Import",
-  actionSyncIp: "Sync IP",
-  modalTitleSyncIp: "Sync IP",
-  modalContentSyncIp: "Are you sure to sync IP?",
-  notificationSyncComplete: "Sync Complete",
-  actionCheckAll: "Check All",
-  modalTitleConfirm: "Confirm",
-  modalContentCheckAll: "Confirm to trigger checking all IP site's certificates?",
-  notificationCheckSubmitted: "Check task submitted",
-  notificationCheckDescription: "Please refresh later to see results",
-  tooltipCheckNow: "Check Now",
-  notificationCheckSubmittedPleaseRefresh: "Check task submitted, please refresh later",
-  columnId: "ID",
-  columnIp: "IP",
-  helperIpCname: "Supports entering CNAME domain name or source site domain name",
-  ruleIpRequired: "Please enter IP",
-  columnCertDomains: "Certificate Domains",
-  columnCertProvider: "Issuer",
-  columnCertStatus: "Certificate Status",
-  statusNormal: "Normal",
-  statusExpired: "Expired",
-  columnCertExpiresTime: "Certificate Expiration Time",
-  expired: "expired",
-  columnCheckStatus: "Check Status",
-  columnLastCheckTime: "Last Check Time",
-  columnSource: "Source",
-  sourceSync: "Sync",
-  sourceManual: "Manual",
-  sourceImport: "Import",
-  columnDisabled: "Enabled/Disabled",
-  columnRemark: "Remark",
-  pluginFile: "Plugin File",
-  selectPluginFile: "Select plugin file",
-  overrideSameName: "Override same name",
-  override: "Override",
-  noOverride: "No override",
-  overrideHelper: "If a plugin with the same name exists, override it directly",
-  importPlugin: "Import Plugin",
-  operationSuccess: "Operation successful",
-  customPlugin: "Custom Plugin",
-  import: "Import",
-  export: "Export",
-  pluginType: "Plugin Type",
-  auth: "Authorization",
-  dns: "DNS",
-  deployPlugin: "Deploy Plugin",
-  icon: "Icon",
-  pluginName: "Plugin Name",
-  pluginNameHelper: "Must be English letters or digits, camelCase with type prefix\nExample: AliyunDeployToCDN\nDo not modify name once plugin is used",
-  pluginNameRuleMsg: "Must be English letters or digits, camelCase with type prefix",
-  author: "Author",
-  authorHelper: "Used as prefix when uploading to plugin store, e.g., greper/pluginName",
-  authorRuleMsg: "Must be English letters or digits",
-  titleHelper: "Plugin name in Chinese",
-  descriptionHelper: "Description of the plugin",
-  builtIn: "Built-in",
-  custom: "Custom",
-  store: "Store",
-  version: "Version",
-  pluginDependencies: "Plugin Dependencies",
-  pluginDependenciesHelper: "Dependencies to install first in format: [author/]pluginName[:version]",
-  editableRunStrategy: "Editable Run Strategy",
-  editable: "Editable",
-  notEditable: "Not Editable",
-  runStrategy: "Run Strategy",
-  normalRun: "Normal Run",
-  skipOnSuccess: "Skip on success (Deploy task)",
-  defaultRunStrategyHelper: "Default run strategy",
-  enableDisable: "Enable/Disable",
-  clickToToggle: "Click to toggle enable/disable",
-  confirmToggle: "Are you sure to",
-  disable: "disable",
-  enable: "enable",
-  pluginGroup: "Plugin Group",
-  icpRegistrationNumber: "ICP Registration Number",
-  icpPlaceholder: "Guangdong ICP xxxxxxx Number",
-  publicSecurityRegistrationNumber: "Public Security Registration Number",
-  publicSecurityPlaceholder: "Beijing Public Security xxxxxxx Number",
-  enableAssistant: "Enable Assistant",
-  allowCrawlers: "Allow Crawlers",
-  httpProxy: "HTTP Proxy",
-  httpProxyPlaceholder: "http://192.168.1.2:18010/",
-  httpProxyHelper: "Configure when some websites are blocked",
-  httpsProxy: "HTTPS Proxy",
-  httpsProxyPlaceholder: "http://192.168.1.2:18010/",
-  saveThenTestTitle: "Save first, then click test",
-  testButton: "Test",
-  httpsProxyHelper: "Usually both proxies are the same, save first then test",
-  dualStackNetwork: "Dual Stack Network",
-  default: "Default",
-  ipv4Priority: "IPv4 Priority",
-  ipv6Priority: "IPv6 Priority",
-  dualStackNetworkHelper: "If IPv6 priority is selected, enable IPv6 in docker-compose.yaml",
-  enableCommonCnameService: "Enable Public CNAME Service",
-  commonCnameHelper: "Allow use of public CNAME service. If disabled and no <a href='#/sys/cname/provider'>custom CNAME service</a> is set, CNAME proxy certificate application will not work.",
-  enableCommonSelfServicePasswordRetrieval: "Enable self-service password recovery",
-  saveButton: "Save",
-  stopSuccess: "Stopped successfully",
-  google: "Google",
-  baidu: "Baidu",
-  success: "Success",
-  testFailed: "Test Failed",
-  testCompleted: "Test Completed",
-  manageOtherUserPipeline: "Manage other users' pipelines",
-  limitUserPipelineCount: "Limit user pipeline count",
-  limitUserPipelineCountHelper: "0 means no limit",
-  enableSelfRegistration: "Enable self-registration",
-  enableUserValidityPeriod: "Enable user validity period",
-  userValidityPeriodHelper: "Users can use normally within validity; pipelines disabled after expiry",
-  enableUsernameRegistration: "Enable username registration",
-  enableEmailRegistration: "Enable email registration",
-  proFeature: "Pro feature",
-  emailServerSetup: "Set up email server",
-  enableSmsLoginRegister: "Enable SMS login and registration",
-  commFeature: "Commercial feature",
-  smsProvider: "SMS provider",
-  aliyunSms: "Aliyun SMS",
-  tencentSms: "Tencent SMS",
-  yfySms: "YFY SMS",
-  smsTest: "SMS test",
-  testMobilePlaceholder: "Enter test mobile number",
-  saveThenTest: "Save first then test",
-  enterTestMobile: "Please enter test mobile number",
-  sendSuccess: "Sent successfully",
-  atLeastOneLoginRequired: "At least one of password login or SMS login must be enabled",
-  fieldRequired: "This field is required",
-  siteHide: "Site Hide",
-  enableSiteHide: "Enable Site Hide",
-  siteHideDescription: "You can disable site accessibility normally and enable it when needed to enhance site security",
-  helpDoc: "Help Document",
-  randomAddress: "Random Address",
-  siteHideUrlHelper: "After the site is hidden, you need to visit this URL to unlock to access normally",
-  fullUnlockUrl: "Full Unlock URL",
-  saveThisUrl: "Please save this URL carefully",
-  unlockPassword: "Unlock Password",
-  unlockPasswordHelper: "Password needed to unlock the hide; set on first time or reset when filled",
-  autoHideTime: "Auto Hide Time",
-  autoHideTimeHelper: "Minutes without requests before auto hiding",
-  hideOpenApi: "Hide Open API",
-  hideOpenApiHelper: "Whether to hide open APIs; whether to hide /api/v1 prefixed endpoints",
-  hideSiteImmediately: "Hide Site Immediately",
-  hideImmediately: "Hide Immediately",
-  confirmHideSiteTitle: "Are you sure to hide the site immediately?",
-  confirmHideSiteContent: "After hiding, the site will be inaccessible. Please operate cautiously.",
-  siteHiddenSuccess: "Site has been hidden",
-  emailServerSettings: "Email Server Settings",
-  setEmailSendingServer: "Set the email sending server",
-  useCustomEmailServer: "Use Custom Email Server",
-  smtpDomain: "SMTP Domain",
-  pleaseEnterSmtpDomain: "Please enter SMTP domain or IP",
-  smtpPort: "SMTP Port",
-  pleaseEnterSmtpPort: "Please enter SMTP port",
-  username: "Username",
-  pleaseEnterUsername: "Please enter username",
-  password: "Password",
-  pleaseEnterPassword: "Please enter password",
-  qqEmailAuthCodeHelper: "If using QQ email, get an authorization code in QQ email settings as the password",
-  senderEmailHelper: "You can use the format: Name<Email> to set the sender name, e.g.: autossl<certd{'@'}example.com>",
-  senderEmail: "Sender Email",
-  pleaseEnterSenderEmail: "Please enter sender email",
-  useSsl: "Use SSL",
-  sslPortNote: "SSL and non-SSL SMTP ports are different, please adjust port accordingly",
-  ignoreCertValidation: "Ignore Certificate Validation",
-  useOfficialEmailServer: "Use Official Email Server",
-  useOfficialEmailServerHelper: "Send emails directly using the official server to avoid complicated setup",
-  testReceiverEmail: "Test Receiver Email",
-  pleaseEnterTestReceiverEmail: "Please enter test receiver email",
-  saveBeforeTest: "Save before testing",
-  sendFailHelpDoc: "Failed to send??? ",
-  emailConfigHelpDoc: "Email configuration help document",
-  tryOfficialEmailServer: "You can also try using the official email server ↗↗↗↗↗↗↗↗",
-  pluginManagement: "Plugin Management",
-  pluginBetaWarning: "Custom plugins are in BETA and may have breaking changes in future",
-  pleaseSelectRecord: "Please select records first",
-  permissionManagement: "Permission Management",
-  adda: "Add",
-  rootNode: "Root Node",
-  permissionName: "Permission Name",
-  enterPermissionName: "Please enter permission name",
-  permissionCode: "Permission Code",
-  enterPermissionCode: "Please enter permission code",
-  max100Chars: "Maximum 100 characters",
-  examplePermissionCode: "e.g.: sys:user:view",
-  sortOrder: "Sort Order",
-  sortRequired: "Sort order is required",
-  parentNode: "Parent Node",
-  roleManagement: "Role Management",
-  assignPermissions: "Assign Permissions",
-  roleName: "Role Name",
-  enterRoleName: "Please enter role name",
-  unlockLogin: "Unlock Login",
-  notice: "Notice",
-  confirmUnlock: "Are you sure you want to unlock this user's login?",
-  unlockSuccess: "Unlock successful",
-  enterUsername: "Please enter username",
-  modifyPasswordIfFilled: "Fill in to change the password",
-  emaila: "Email",
-  mobile: "Mobile",
-  avatar: "Avatar",
-  validTime: "Valid Time",
-  remark: "Remark",
-  roles: "Roles",
-  cnameTitle: "CNAME Service Configuration",
-  cnameDescription:
-    "The domain name configured here serves as a proxy for verifying other domains. When other domains apply for certificates, they map to this domain via CNAME for ownership verification. The advantage is that any domain can apply for a certificate this way without providing an AccessSecret.",
-  cnameLinkText: "CNAME principle and usage instructions",
-  confirmTitle: "Confirm",
-  confirmDeleteBatch: "Are you sure you want to delete these {count} records?",
-  selectRecordsFirst: "Please select records first",
-  cnameDomain: "CNAME Domain",
-  cnameDomainPlaceholder: "cname.handsfree.work",
-  cnameDomainHelper:
-    "Requires a domain registered with a DNS provider on the right (or you can transfer other domain DNS servers here).\nOnce the CNAME domain is set, it cannot be changed. It is recommended to use a first-level subdomain.",
-  cnameDomainPattern: "Domain name cannot contain *",
-  dnsProvider: "DNS Provider",
-  dnsProviderAuthorization: "DNS Provider Authorization",
-  setDefault: "Set Default",
-  confirmSetDefault: "Are you sure to set as default?",
-  setAsDefault: "Set as Default",
-  disabledLabel: "Disabled",
-  confirmToggleStatus: "Are you sure to {action}?",
-  template: {
-    title: "Pipeline Template",
-    edit: "Pipeline Template Edit",
-    importCreate: "Pipeline Batch Create",
-    // intro: "可根据模版批量创建流水线",
-    intro: "Batch create pipeline based on template",
-    createTemplate: "Create Template",
-    useTemplate: "Use This Template",
-    batchCreate: "Batch Create Pipeline",
-    singleCreate: "Create Single Pipeline",
-    templateName: "Template Name",
-    enterTemplateName: "Please enter template name",
-    copyPipelineConfig: "Copy this pipeline configuration as template source",
-    pipeline: "Pipeline",
-  },
-
-  addonType: "Type",
-  addonName: "Name",
-  addonNameHelper: "Fill freely, helps to distinguish when multiple same type exist",
-  addonTypeSelect: "Select type",
-  dates: {
-    years: "{count} years",
-    months: "{count} months",
-  },
-  sys: {
-    setting: {
-      baseSetting: "Base Settings",
-      registerSetting: "Register Settings",
-      safeSetting: "Safe Settings",
-      paymentSetting: "Payment Settings",
-      captchaSetting: "Captcha Setting",
-      pipelineSetting: "Pipeline Settings",
-      oauthSetting: "Login Settings",
-      networkSetting: "Network Settings",
-      adminModeSetting: "Admin Mode Settings",
-      adminModeHelper: "enterprise mode : allow to create and manage pipelines, roles, users, etc.\n saas mode : only allow to create and manage pipelines",
-      enterpriseMode: "Enterprise Mode",
-      saasMode: "SaaS Mode",
-
-      showRunStrategy: "Show RunStrategy",
-      showRunStrategyHelper: "Allow modify the run strategy of the task",
-
-      captchaEnabled: "Enable Login Captcha",
-      captchaHelper: "Whether to enable captcha verification for login",
-      captchaType: "Captcha Setting",
-      captchaTest: "Captcha Test",
-      // 保存后再点击测试，请务必测试通过了，再开启登录验证码
-      captchaTestHelper: "Save and click test, please make sure the test is passed before enabling login captcha",
-
-      pipelineValidTimeEnabled: "Enable Pipeline Valid Time",
-      pipelineValidTimeEnabledHelper: "Whether to enable the valid time of the pipeline",
-      certDomainAddToMonitorEnabled: "Add Domain to Certificate Monitor",
-      certDomainAddToMonitorEnabledHelper: "Whether to add the domain to the certificate monitor",
-      fixedCertExpireDays: "Fixed Cert Expire Days",
-      fixedCertExpireDaysHelper: "Fixed cert expiration days, helpful for table list progress bar display",
-      fixedCertExpireDaysRecommend: "Recommend 90",
-
-      enableOauth: "Enable OAuth2 Login",
-      oauthEnabledHelper: "Whether to enable OAuth2 login",
-      oauthProviders: "OAuth2 Login Providers",
-      oauthType: "OAuth2 Login Type",
-      oauthConfig: "OAuth2 Login Config",
-      oauthProviderSelectorPlaceholder: "Not Configured",
-      oauthCallback: "Callback URL",
-      oauthCallbackHelper: "Copy this URL to the callback address of the OAuth2 login provider",
-      oauthCallbackCopy: "Copy Callback URL",
-      oauthAutoRegister: "Auto Register User",
-      oauthAutoRegisterCheckedText: "Auto Register",
-      oauthAutoRegisterUnCheckedText: "User Select",
-      oauthAutoRegisterHelper: "Whether to auto register user when login",
-      oauthAutoRedirect: "Auto Redirect to OAuth2 Login",
-      oauthAutoRedirectHelper: "Whether to auto redirect to OAuth2 login when login (using the first enabled OAuth2 login type)",
-      oauthOnly: "OAuth2 Login Only",
-      oauthOnlyHelper: "Whether to only allow OAuth2 login, disable password login",
-      enablePasskey: "Enable Passkey Login",
-      passkeyHostnameNotSame: "Passkey hostname must be the same as the main domain",
-      passkeyEnabledHelper:
-        "1、Site must enable https \n2、Domain name must not change, otherwise the registered passkey will be invalid \n3、Domain name must be the same as the main domain, otherwise the registered passkey will be invalid",
-
-      email: {
-        templates: "Email Templates",
-        templateType: "Template Type",
-        templateProvider: "Template Config",
-
-        templateSetting: "Email Template Setting",
-        serverSetting: "Email Server Setting",
-        sendTest: "Send Test",
-
-        templateProviderSelectorPlaceholder: "Not Configured",
-      },
-      notice: "System Notice",
-      noticeHelper: "System notice, will be displayed on the login page",
-      noticePlaceholder: "System notice",
-
-      reverseProxy: "Reverse Proxy List",
-      reverseProxyHelper: "Reverse proxy for ACME address, used when applying for certificate",
-      reverseProxyPlaceholder: "http://le.px.handfree.work",
-      reverseProxyEmpty: "No reverse proxy list configured",
-      environmentVars: "Environment Variables",
-      environmentVarsHelper: "configure the runtime environment variables, one per line, format: KEY=VALUE",
-
-      bindUrl: "Bind URL",
-    },
-  },
-  modal: {
-    close: "Close",
-    viewCertificateTitle: "View Certificate",
-  },
-  domain: {
-    domainManager: "Domain Manager",
-    domainDescription: "used to auto apply for certificate", //管理域名的校验方式，用于申请证书时自动选择验证方式
-    domain: "Domain",
-    challengeType: "Challenge Type",
-    dnsProviderType: "DNS Provider Type",
-    dnsProviderAccess: "DNS Provider Access",
-    httpUploaderType: "HTTP Uploader Type",
-    httpUploaderAccess: "HTTP Uploader Access",
-    httpUploadRootDir: "HTTP Upload Root Dir",
-    disabled: "Disabled",
-    challengeSetting: "Challenge Setting",
-    gotoCnameTip: "Please go to CNAME Record Page",
-    fromType: "From Type",
-    expirationDate: "Expiration Date",
-  },
-  ent: {
-    projectName: "Project Name",
-    projectDescription: "Project Description",
-    projectDetailManager: "Project Detail",
-    projectDetailDescription: "Manage Project Members",
-    projectPermission: "Permission",
-    permission: {
-      read: "Read",
-      write: "Write",
-      admin: "Admin",
-    },
-    projectMemberStatus: "Member Status",
-
-    isSystem: "Is System Project",
-    isSystemHelper: "System-level projects allow running admin plugins",
-  },
-  project: {
-    noProjectJoined: "You haven't joined any projects yet",
-    applyToJoin: "Please apply to join a project to start using",
-    systemProjects: "System Project List",
-    createdAt: "Created At",
-    applyJoin: "Apply to Join",
-    noSystemProjects: "No system projects available",
-    fetchFailed: "Failed to fetch project list",
-    applySuccess: "Application successful, waiting for admin approval",
-    applyFailed: "Application failed, please try again later",
-    leave: "Leave Project",
-    leaveSuccess: "Leave project successful",
-    leaveFailed: "Leave project failed, please try again later",
-    applyJoinConfirm: "Are you sure you want to apply to join this project?",
-    leaveConfirm: "Are you sure you want to leave this project?",
-    viewDetail: "View Detail",
-    projectManage: "Project Manage",
-  },
-  addonSelector: {
-    select: "Select",
-    placeholder: "select please",
-  },
+  ...common,
+  ...navigation,
+  ...dashboard,
+  ...pipeline,
+  ...history,
+  ...monitor,
+  ...certdomain,
+  ...cname,
+  ...access,
+  ...open,
+  ...mine,
+  ...notification,
+  ...addon,
+  ...suite,
+  ...project,
+  ...syssettings,
+  ...sysplugin,
+  ...sysauthority,
+  ...syscname,
+  ...tutorial,
+  ...cron,
 };

packages/ui/certd-client/src/locales/langs/en-US/certd/access.ts

@@ -0,0 +1,7 @@
+export default {
+  authorizationManagement: "Authorization Management",
+  manageThirdPartyAuth: "Manage third-party system authorization information",
+  nameHelper: "Fill in as you like, useful to distinguish when multiple authorizations of the same type exist",
+  level: "Level",
+  system: "System",
+};