v1.26.0

Closes https://github.com/certd/certd/issues/200

.github/workflows/build-image.yml

@@ -87,3 +87,15 @@ jobs:
             registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
             greper/certd:armv7
             greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
+
+      - name: Build agent
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/amd64,linux/arm64
+          push: true
+          context: ./packages/ui/agent/
+          tags: |
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:latest
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
+            greper/certd-agent:latest
+            greper/certd-agent:${{steps.get_certd_version.outputs.result}}

CHANGELOG.md

@@ -3,6 +3,75 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+### Bug Fixes
+
+* 修复管理员编辑其他用户流水线任务时归属userid也被修改的bug ([e85c477](https://github.com/certd/certd/commit/e85c47744cf740b4af3b93dca7c2f0ccc818ec2f))
+* 修复历史记录根据流水线名称查询报错的bug ([ce9a986](https://github.com/certd/certd/commit/ce9a9862f122fce2186e7727eaa4b251b59e6032))
+* 修复某些代理情况下 报 400 The plain HTTP request was sent to HTTPS port use proxy 的bug ([a13203f](https://github.com/certd/certd/commit/a13203fb3f48c427d0d81a504912248dcc07df1a))
+
+### Features
+
+* 域名验证方法支持CNAME间接方式，此方式支持所有域名注册商，且无需提供Access授权，但是需要手动添加cname解析 ([f3d3508](https://github.com/certd/certd/commit/f3d35084ed44f9f33845f7045e520be5c27eed93))
+* 站点个性化设置 ([11a9fe9](https://github.com/certd/certd/commit/11a9fe9014d96cba929e5a066e78f2af7ae59d14))
+
+### Performance Improvements
+
+* 并行任务名称改成添加任务，取消并行，可以在同一个阶段获取上一个task的输出 ([c5e5877](https://github.com/certd/certd/commit/c5e58770d1c5edc19c6f9ea1618f44b68e091f35))
+* 调整静态资源到static目录 ([0584b36](https://github.com/certd/certd/commit/0584b3672b40f9042a2ed87e5627022606d046cd))
+* 调整全部静态资源到static目录 ([a218890](https://github.com/certd/certd/commit/a21889080d6c7ffdf0af526a3a21f0b2d1c77288))
+* 检查cname是否正确配置 ([b5d8935](https://github.com/certd/certd/commit/b5d8935159374fbe7fc7d4c48ae0ed9396861bdd))
+* 七牛云cdn支持配置多个域名 ([88d745e](https://github.com/certd/certd/commit/88d745e29063a089864fb9c6705be7b8d4c2669a))
+* 上传到主机插件支持注入环境变量 ([81fac73](https://github.com/certd/certd/commit/81fac736f9ccc8d1cda7ef4178752239cec20849))
+* 优化宝塔网站部署插件远程获取数据的提示 ([2a3ca9f](https://github.com/certd/certd/commit/2a3ca9f552d96594ec6690a1c4c91f598451b9a1))
+* 优化缩短首页缓存时间 ([49395e8](https://github.com/certd/certd/commit/49395e8cb65f4b30c0145329ed5de48be4ef3842))
+* 域名输入增加校验提示，避免输入错误的域名 ([0c8e83e](https://github.com/certd/certd/commit/0c8e83e1254a9ce4d5a4e7888eb1710394a4b77c))
+* cname校验配置增加未校验通过提示 ([77cc3c4](https://github.com/certd/certd/commit/77cc3c4a5cbd81f8233a8e0bb33fab0621c0905f))
+* google eab授权支持自动获取，不过要配置代理 ([592791d](https://github.com/certd/certd/commit/592791d1356fc252fbb70d7f168567aee9585507))
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+### Bug Fixes
+
+* 修复西部数码账户级别apikey不可用的bug ([f8f3e8b](https://github.com/certd/certd/commit/f8f3e8b43fd5d815887bcb53b95f46dc96424b79))
+
+### Performance Improvements
+
+* 增加等待插件 ([3ef0541](https://github.com/certd/certd/commit/3ef0541cc85ab6abf698ead3b258ae1ac156ef98))
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+### Bug Fixes
+
+* 修复pfxPassword无效的bug ([251e450](https://github.com/certd/certd/commit/251e450fabfe62405bac13e39f2153736c081ef0))
+
+### Performance Improvements
+
+* 群晖获取deviceid优化 ([8d42273](https://github.com/certd/certd/commit/8d4227366548eb70f6bc04303829e6933168f906))
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+### Bug Fixes
+
+* 修复某些地区被屏蔽无法激活专业版的bug ([7532a96](https://github.com/certd/certd/commit/7532a960851b84d4f2cc3dba02353c5235e1a364))
+
+### Performance Improvements
+
+* 上传到主机，支持socks代理 ([d91026d](https://github.com/certd/certd/commit/d91026dc4fbfe5fedc4ee8e43dc0d08f1cf88356))
+* 支持上传到七牛云oss ([bf024bd](https://github.com/certd/certd/commit/bf024bdda8bc2a463475be5761acf0da7317a08a))
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Bug Fixes
+
+* 修复中间证书复制错误的bug ([76e86ea](https://github.com/certd/certd/commit/76e86ea283ecbe4ec76cdc92b98457d0fef544ac))
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/certd/certd/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+* 增加使用教程 ([9d9c021](https://github.com/certd/certd/commit/9d9c0218195af5b9896cce7109b26a433480571d))
+
 ## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
 
 **Note:** Version bump only for package root

LICENSE.md

@@ -1,4 +1,6 @@
-# Certd Open Source License
+
+                    Certd Open Source License
+                  
 
 - This project is licensed under the **GNU Affero General Public License (AGPL)** with the following additional terms.  
 - 本项目遵循 GNU Affero General Public License（AGPL），并附加以下条款。

README.md

@@ -5,22 +5,6 @@ Certd 是一个免费全自动申请和自动部署更新SSL证书的工具。
 
 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签
 
-************************
-支持开源，为爱发电，我已入驻爱发电   
-https://afdian.com/a/greper
-
-发电权益：
-1. 可加入发电专属群，可以获得作者一对一技术支持
-2. 您的需求我们将优先实现，并且将作为专业版功能提供
-3. 一年期专业版激活码
-4. 赠送国外免费服务器部署方案（0成本使用Certd，可能需要翻墙，不过现在性能越来越差了）
-
-专业版特权
-1. 证书流水线条数无限制（免费版限制10条）
-2. 免配置发邮件功能
-3. FTP上传、cdnfly、宝塔等部署插件
-4. 更多功能增加中...
-************************
 
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
@@ -45,11 +29,11 @@ https://certd.handsfree.work/
 ## 三、使用教程
 本案例演示，如何配置自动申请证书，并部署到阿里云CDN，然后快要到期前自动更新证书并重新部署     
 
-![演示](./doc/images/5-view.png)
-![演示](./doc/images/9-start.png)
-![演示](./doc/images/10-1-log.png)
-![演示](./doc/images/13-3-download.png)
-![演示](./doc/images/13-1-result.png)
+![演示](packages/ui/certd-client/public/statics/doc/images/5-view.png)
+![演示](packages/ui/certd-client/public/statics/doc/images/9-start.png)
+![演示](packages/ui/certd-client/public/statics/doc/images/10-1-log.png)
+![演示](packages/ui/certd-client/public/statics/doc/images/13-3-download.png)
+![演示](packages/ui/certd-client/public/statics/doc/images/13-1-result.png)
 
 ↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓      
 -------> [点我查看详细使用步骤演示](./step.md)   <--------      
@@ -62,15 +46,19 @@ https://certd.handsfree.work/
 
 由于证书、授权信息等属于高度敏感数据，请务必私有化部署，保障数据安全
 
-### 4.1 宝塔面板一键部署【推荐】
+### 4.1 宝塔面板一键部署
 
-1. 安装宝塔面板，前往 [宝塔面板](https://www.bt.cn/u/CL3JHS) 官网，选择正式版的脚本下载安装
+1. 安装宝塔面板，前往 [宝塔面板](https://www.bt.cn/u/CL3JHS) 官网，选择9.2.0以上正式版的脚本下载安装
 
 2. 安装后登录宝塔面板，在菜单栏中点击 Docker，首次进入会提示安装Docker服务，点击立即安装，按提示完成安装
 
-3. 安装完成后在应用商店中找到`certd`，点击安装，配置域名等基本信息即可完成安装
+3. 安装完成后在应用商店中找到`certd`（要先点右上角更新应用），点击安装，配置域名等基本信息即可完成安装
 
-### 4.2 Docker部署【推荐】
+### 4.2 宝塔面板容器编排部署
+
+[宝塔面板容器编排部署教程](./doc/deploy/baota/baota.md)
+
+### 4.3 Docker部署
 #### 1. 安装docker、docker-compose
 
 1.1 准备一台云服务器
@@ -129,13 +117,15 @@ http://your_server_ip:7001
 默认账号密码：admin/123456    
 记得修改密码   
 
-### 4.3 源码部署
+### 4.4 源码部署
 ```shell
 # 克隆代码
 git clone https://github.com/certd/certd
 cd certd
+# 启动服务
 ./start.sh  
 ```
+如果是windows，请先安装`git for windows` ，然后右键，选择`open git bash here`打开终端，再执行`./start.sh`命令
 
 
 ## 五、 升级
@@ -216,19 +206,31 @@ docker compose up -d
 </p>
 
 ## 十、捐赠
+************************
 支持开源，为爱发电，我已入驻爱发电   
 https://afdian.com/a/greper
 
 发电权益：
-1. 可加入发电专属群（先加我好友，发送发电截图，我拉你进群）
-2. 你的需求优先实现
-3. 可以获得作者一对一技术支持
-4. 更多权益陆续增加中...
+1. 可加入发电专属群，可以获得作者一对一技术支持
+2. 您的需求我们将优先实现，并且将作为专业版功能提供
+3. 一年期专业版激活码
+4. 赠送国外免费服务器部署方案（0成本使用Certd，可能需要翻墙，不过现在性能越来越差了）
 
 
+专业版特权对比
+
+| 功能      | 免费版                    | 专业版                   |
+|---------|------------------------|-----------------------|
+| 免费证书申请  | 免费无限制                  | 免费无限制                 |
+| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中 |
+| 发邮件功能   | 需要配置                   | 免配置                   |
+| 证书流水线条数 | 10条                    | 无限制                   |
+
+************************
+
 ## 十一、贡献代码
 
-1. 本地开发 [贡献插件教程](./dev/development.md)
+1. 本地开发 [贡献插件教程](./doc/dev/development.md)
 2. 作为贡献者，代表您同意您贡献的代码如下许可：
    1. 可以调整开源协议以使其更严格或更宽松。
    2. 可以用于商业用途。

build.trigger

@@ -1 +1 @@
-09:53
+02:06

doc/deploy/baota/baota.md

@@ -0,0 +1,32 @@
+# 宝塔部署教程
+
+## 编排模版部署
+
+### 创建docker模版
+打开docker-compose.yaml，
+https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
+
+整个内容复制下来
+
+然后到宝塔里面进到docker的编排模版，新建模版
+![](./images/1.png)
+
+### 启动应用
+
+![img.png](./images/2.png)
+
+等待启动完成
+
+### 打开应用
+
+http://ip:7001
+
+
+## 二、一键应用部署
+需要宝塔9.2.0版本
+
+### 应用商店
+进入应用商店，更新应用列表
+
+### 搜索certd
+点击安装

doc/dev/development.md

@@ -3,7 +3,7 @@
 
 ## 1.本地调试运行
 
-安装依赖包:      
+### 克隆代码
 ```shell
 
 # 克隆代码
@@ -11,22 +11,38 @@ git clone https://github.com/certd/certd
 
 #进入项目目录
 cd certd
+```
 
+### 修改pnpm-workspace.yaml文件     
+重要：否则无法正确加载专业版的access和plugin
+```yaml
+# pnpm-workspace.yaml
+packages:
+   - 'packages/**'  # <--------------注释掉这一行，PR时不要提交此修改
+   - 'packages/ui/**'
+```
+
+### 安装依赖和初始化:
+```shell
+# 安装pnpm，如果提示npm命令不存在，就需要先安装nodejs
+npm install -g pnpm@8.15.7 --registry=https://registry.npmmirror.com
+
+# 使用国内镜像源，如果有代理，就不需要
+pnpm config set registry https://registry.npmmirror.com
 # 安装依赖
-npm install -g pnpm@8.15.7
 pnpm install
 
 # 初始化构建
 npm run init
 ```
 
-启动 server:    
+### 启动 server:    
 ```shell
 cd packages/ui/certd-server
 npm run dev
 ```
 
-启动 client:    
+### 启动 client:    
 ```shell
 cd packages/ui/certd-client
 npm run dev
@@ -48,7 +64,7 @@ npm run dev
 这样用户就可以在`certd`后台中创建这种授权凭证了
 
 ### 3. dns-provider
-如果域名是这个平台进行解析的，那么你需要实现dns-provider
+如果域名是这个平台进行解析的，那么你需要实现dns-provider，（申请证书需要）    
 参考`plugin-cloudflare/dns-provider.ts` 修改为你要做的平台的`dns-provider`
 
 ### 4. plugin-deploy
@@ -66,7 +82,7 @@ export * from './plugins/plugin-deploy-to-xx'
 在`./src/plugins/index.ts`中增加`import`
 
 ```ts
-export * from "./plugin-cloudflare"
+export * from "./plugin-cloudflare.js"
 ```
 
 ## 重启服务进行调试

doc/google/google.md

@@ -7,16 +7,18 @@ https://console.cloud.google.com/apis/library/publicca.googleapis.com
 
 打开该链接后点击“启用”，随后等待右侧出现“API已启用”则可以关闭该页。
 
-## 2、 申请Key
-随后打开“Google Cloud Shell”（在右上角点击激活CloudShell图标）。
+## 2、 获取授权
+以下两种方式任选其一
+### 2.1 直接获取EAB 【推荐】
 
+
+1. 打开“Google Cloud Shell”（在右上角点击激活CloudShell图标）。   
 等待分配完成后在 Shell 窗口内输入如下命令：
     
 ```shell
 gcloud beta publicca external-account-keys create
 ```
-此时会弹出“为 Cloud Shell 提供授权”，点击授权即可。
-
+2. 此时会弹出“为 Cloud Shell 提供授权”，点击授权即可。    
 执行完成后会返回类似如下输出；注意不要在没有收到 Google 的邮件时执行该命令，会返回命令不存在。
 
 ```shell
@@ -24,14 +26,31 @@ Created an external account key
 [b64MacKey: xxxxxxxxxxxxxxxx
 keyId: xxxxxxxxxxxxx]
 ```
-记录以上信息备用（注意keyId是不带中括号的）
+
+3. 到Certd中，创建一条EAB授权记录，填写keyId(=kid) 和 b64MacKey 信息    
+   注意：keyId没有`]`结尾，不要把`]`也复制了   
+
+注意：EAB授权使用过一次之后，会绑定邮箱，后续再次使用时，要使用相同的邮箱    
+否则会报错 `Unknown external account binding (EAB) key. This may be due to the EAB key expiring which occurs 7 days after creation`
+
+### 2.2 通过服务账号获取EAB
+
+此方式可以自动EAB，需要配置代理
+
+1. 创建服务账号    
+https://console.cloud.google.com/projectselector2/iam-admin/serviceaccounts/create?walkthrough_id=iam--create-service-account&hl=zh-cn#step_index=1
+
+2. 选择一个项目，进入创建服务账号页面
+3. 给服务账号起一个名字，点击`创建并继续`
+4. 向此服务账号授予对项目的访问权限： `选择角色`->`基本`->`Owner`
+5. 点击完成
+6. 点击服务账号，进入服务账号详情页面
+7. 点击`添加密钥`->`创建新密钥`->`JSON`，下载密钥文件
+8. 将json文件内容粘贴到 certd中 Google服务授权输入框中
 
 
 ## 3、 创建证书流水线
-选择证书提供商为google， 开启使用代理
+选择证书提供商为google， 选择EAB授权 或 服务账号授权
 
-## 4、 将key信息作为EAB授权信息
-google证书需要EAB授权， 使用第二步中的 keyId 和 b64MacKey 信息创建一条EAB授权记录         
-注意：keyId没有`]`结尾，不要把`]`也复制了
-## 5、 其他就跟正常申请证书一样了
+## 4、 其他就跟正常申请证书一样了
 

docker/run/docker-compose.yaml

@@ -1,4 +1,4 @@
-#version: '3.3'
+version: '3.3' # 兼容旧版docker-compose
 services:
   certd:
     # 镜像                                                  #  ↓↓↓↓↓ --- 镜像版本号，建议改成固定版本号
@@ -30,14 +30,11 @@ services:
                                      #  ↑↑↑↑↑--------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false
       - certd_cron_immediateTriggerOnce=false
                                      #  ↑↑↑↑↑--------------------------- 如果设置为true，启动后所有配置了cron的流水线任务都将被立即触发一次
-      - VITE_APP_ICP_NO=
+      - certd_site_icp_no=
                       #  ↑↑↑↑↑ ----------------------------------------- 这里可以设置备案号
       #- certd_koa_key=./data/ssl/cert.key
       #- certd_koa_cert=./data/ssl/cert.crt
                       #  ↑↑↑↑↑ ----------------------------------------- 配置证书和key，则表示https方式启动，使用https协议访问，https://your.domain:7001
       # 设置环境变量即可自定义certd配置
-      # 服务端配置项见： packages/ui/certd-server/src/config/config.default.ts
-      # 服务端配置规则： certd_ + 配置项, 点号用_代替
-
-      # 客户端配置项见： packages/ui/certd-client/.env
-      # 按实际名称配置环境变量即可，如： VITE_APP_API=http://localhost:7001
+      # 配置项见： packages/ui/certd-server/src/config/config.default.ts
+      # 配置规则： certd_ + 配置项, 点号用_代替

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.25.5"
+  "version": "1.26.0"
 }

package.json

@@ -4,26 +4,28 @@
   "private": true,
   "type": "module",
   "devDependencies": {
-    "@lerna-lite/cli": "^3.2.1",
-    "@lerna-lite/publish": "^3.2.1",
-    "@lerna-lite/run": "^3.2.1",
-    "@lerna-lite/version": "^3.2.1"
+    "@lerna-lite/cli": "^3.9.3",
+    "@lerna-lite/publish": "^3.9.3",
+    "@lerna-lite/run": "^3.9.3",
+    "@lerna-lite/version": "^3.9.3"
   },
   "scripts": {
     "start": "lerna bootstrap --hoist",
     "i-all": "lerna link && lerna exec npm install  ",
-    "publish": "npm run prepublishOnly2  && lerna publish --conventional-commits --create-release github && npm run afterpublishOnly",
+    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
     "afterpublishOnly": "time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
+    "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
+    "commitPro": "cd ./packages/core/ && git add . && git commit -m \"build: publish\" && git push",
     "prepublishOnly1": "npm run check && lerna run build ",
     "prepublishOnly2": "npm run check && npm run before-build && lerna run build ",
-    "before-build": "cd ./packages/pro/plus-core && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
+    "before-build": "cd ./packages/core/basic && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
     "deploy1": "node --experimental-json-modules deploy.js ",
     "check": "node --experimental-json-modules publish-check.js",
     "init": "lerna run build"
   },
   "license": "AGPL-3.0",
   "dependencies": {
-    "axios": "^1.7.2",
+    "axios": "^1.7.7",
     "lodash-es": "^4.17.21"
   },
   "workspaces": [

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.26.0](https://github.com/publishlab/node-acme-client/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+### Features
+
+* 域名验证方法支持CNAME间接方式，此方式支持所有域名注册商，且无需提供Access授权，但是需要手动添加cname解析 ([f3d3508](https://github.com/publishlab/node-acme-client/commit/f3d35084ed44f9f33845f7045e520be5c27eed93))
+
+## [1.25.9](https://github.com/publishlab/node-acme-client/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.8](https://github.com/publishlab/node-acme-client/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.7](https://github.com/publishlab/node-acme-client/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.25.6](https://github.com/publishlab/node-acme-client/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/publishlab/node-acme-client/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+
 ## [1.25.5](https://github.com/publishlab/node-acme-client/compare/v1.25.4...v1.25.5) (2024-09-26)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.25.5",
+    "version": "1.26.0",
     "main": "src/index.js",
     "types": "types/index.d.ts",
     "license": "MIT",
@@ -20,7 +20,7 @@
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
         "debug": "^4.3.5",
-        "https-proxy-agent": "^7.0.4",
+        "https-proxy-agent": "^7.0.5",
         "node-forge": "^1.3.1"
     },
     "devDependencies": {
@@ -34,7 +34,7 @@
         "mocha": "^10.6.0",
         "nock": "^13.5.4",
         "tsd": "^0.31.1",
-        "typescript": "^4.8.4",
+        "typescript": "^5.4.2",
         "uuid": "^8.3.2"
     },
     "scripts": {
@@ -59,5 +59,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "03ce69dbfb317db7a3688d33ccc17ef06fd68393"
+    "gitHead": "afa8155fda10f9a32427b351454b460897295a2c"
 }

packages/core/acme-client/src/auto.js

@@ -118,16 +118,16 @@ module.exports = async (client, userOpts) => {
             /* Trigger challengeCreateFn() */
             log(`[auto] [${d}] Trigger challengeCreateFn()`);
             const keyAuthorization = await client.getChallengeKeyAuthorization(challenge);
-            let recordItem = null;
+
             try {
-                recordItem = await opts.challengeCreateFn(authz, challenge, keyAuthorization);
+                const { recordReq, recordRes, dnsProvider } = await opts.challengeCreateFn(authz, challenge, keyAuthorization);
                 log(`[auto] [${d}] challengeCreateFn success`);
                 log(`[auto] [${d}] add challengeRemoveFn()`);
                 clearTasks.push(async () => {
                     /* Trigger challengeRemoveFn(), suppress errors */
                     log(`[auto] [${d}] Trigger challengeRemoveFn()`);
                     try {
-                        await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordItem);
+                        await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider);
                     }
                     catch (e) {
                         log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);

packages/core/acme-client/src/index.js

@@ -45,3 +45,5 @@ exports.axios = require('./axios');
  */
 
 exports.setLogger = require('./logger').setLogger;
+
+exports.walkTxtRecord = require('./verify').walkTxtRecord;

packages/core/acme-client/src/verify.js

@@ -66,17 +66,35 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
         log(`Checking name for TXT records: ${recordName}`);
         const txtRecords = await resolver.resolveTxt(recordName);
 
-        if (txtRecords.length) {
+        if (txtRecords && txtRecords.length) {
             log(`Found ${txtRecords.length} TXT records at ${recordName}`);
+            log(`TXT records: ${JSON.stringify(txtRecords)}`);
             return [].concat(...txtRecords);
         }
+        return [];
     }
     catch (e) {
-        log(`No TXT records found for name: ${recordName}`);
+        log(`Resolve TXT records error, ${recordName} :${e.message}`);
+        throw e;
     }
+}
 
-    /* Found nothing */
-    throw new Error(`No TXT records found for name: ${recordName}`);
+async function walkTxtRecord(recordName) {
+    try {
+        /* Default DNS resolver first */
+        log('Attempting to resolve TXT with default DNS resolver first');
+        const res = await walkDnsChallengeRecord(recordName);
+        if (res && res.length > 0) {
+            return res;
+        }
+        throw new Error('No TXT records found');
+    }
+    catch (e) {
+        /* Authoritative DNS resolver */
+        log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`);
+        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
+        return await walkDnsChallengeRecord(recordName, authoritativeResolver);
+    }
 }
 
 /**
@@ -92,24 +110,10 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
  */
 
 async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
-    let recordValues = [];
     const recordName = `${prefix}${authz.identifier.value}`;
     log(`Resolving DNS TXT from record: ${recordName}`);
-
-    try {
-        /* Default DNS resolver first */
-        log('Attempting to resolve TXT with default DNS resolver first');
-        recordValues = await walkDnsChallengeRecord(recordName);
-    }
-    catch (e) {
-        /* Authoritative DNS resolver */
-        log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`);
-        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
-        recordValues = await walkDnsChallengeRecord(recordName, authoritativeResolver);
-    }
-
+    const recordValues = await walkTxtRecord(recordName);
     log(`DNS query finished successfully, found ${recordValues.length} TXT records`);
-
     if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
         throw new Error(`Authorization not found in DNS TXT record: ${recordName}，need:${keyAuthorization},found:${recordValues}`);
     }
@@ -153,4 +157,5 @@ module.exports = {
     'http-01': verifyHttpChallenge,
     'dns-01': verifyDnsChallenge,
     'tls-alpn-01': verifyTlsAlpnChallenge,
+    walkTxtRecord,
 };

packages/core/acme-client/types/index.d.ts

@@ -55,8 +55,8 @@ export interface ClientExternalAccountBindingOptions {
 
 export interface ClientAutoOptions {
     csr: CsrBuffer | CsrString;
-    challengeCreateFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string) => Promise<any>;
-    challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string, recordRes:any) => Promise<any>;
+    challengeCreateFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string) => Promise<{recordReq:any,recordRes:any,dnsProvider:any}>;
+    challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string,recordReq:any, recordRes:any,dnsProvider:any) => Promise<any>;
     email?: string;
     termsOfServiceAgreed?: boolean;
     skipChallengeVerification?: boolean;
@@ -197,3 +197,5 @@ export const axios: AxiosInstance;
  */
 
 export function setLogger(fn: (msg: string) => void): void;
+
+export function walkTxtRecord(record: any): Promise<string[]>;

packages/core/basic/.eslintrc

@@ -0,0 +1,22 @@
+{
+  "parser": "@typescript-eslint/parser",
+  "plugins": [
+    "@typescript-eslint"
+  ],
+  "extends": [
+    "plugin:@typescript-eslint/recommended",
+    "plugin:prettier/recommended",
+    "prettier"
+  ],
+  "env": {
+    "mocha": true
+  },
+  "rules": {
+    "@typescript-eslint/no-var-requires": "off",
+    "@typescript-eslint/ban-ts-comment": "off",
+    "@typescript-eslint/ban-ts-ignore": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+//    "no-unused-expressions": "off",
+    "max-len": [0, 160, 2, { "ignoreUrls": true }]
+  }
+}

packages/core/basic/.gitignore

@@ -0,0 +1,28 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+node_modules
+dist
+dist-ssr
+*.local
+
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?
+
+test/user.secret.*
+test/**/*.js
+src/**/*.spec.ts

packages/core/basic/.npmignore

@@ -0,0 +1,3 @@
+node_modules
+src
+dist/**/*.spec.*

packages/core/basic/.npmrc

@@ -0,0 +1,2 @@
+link-workspace-packages=true
+prefer-workspace-packages=true

packages/core/basic/CHANGELOG.md

@@ -0,0 +1,10 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
+
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+### Performance Improvements
+
+* 检查cname是否正确配置 ([b5d8935](https://github.com/certd/certd/commit/b5d8935159374fbe7fc7d4c48ae0ed9396861bdd))

packages/core/basic/build.md

@@ -0,0 +1 @@
+00:24

packages/core/basic/package.json

@@ -0,0 +1,68 @@
+{
+  "name": "@certd/basic",
+  "private": false,
+  "version": "1.26.0",
+  "type": "module",
+  "main": "./dist/index.js",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "scripts": {
+    "dev": "vite",
+    "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
+    "build": "npm run before-build && tsc --skipLibCheck",
+    "dev-build": "npm run build",
+    "preview": "vite preview",
+    "test": "mocha   --loader=ts-node/esm"
+  },
+  "dependencies": {
+    "axios": "^1.7.2",
+    "dayjs": "^1.11.7",
+    "fix-path": "^4.0.0",
+    "http-proxy-agent": "^7.0.2",
+    "https-proxy-agent": "^7.0.5",
+    "lodash-es": "^4.17.21",
+    "lru-cache": "^10.0.0",
+    "nanoid": "^5.0.7",
+    "node-forge": "^1.3.1",
+    "nodemailer": "^6.9.3",
+    "proxy-agent": "^6.4.0",
+    "qs": "^6.11.2"
+  },
+  "devDependencies": {
+    "@rollup/plugin-commonjs": "^23.0.4",
+    "@rollup/plugin-json": "^6.0.0",
+    "@rollup/plugin-node-resolve": "^15.0.1",
+    "@rollup/plugin-terser": "^0.4.3",
+    "@rollup/plugin-typescript": "^11.0.0",
+    "@types/chai": "^4.3.10",
+    "@types/lodash-es": "^4.17.12",
+    "@types/mocha": "^10.0.1",
+    "@types/node-forge": "^1.3.2",
+    "@types/uuid": "^9.0.2",
+    "@typescript-eslint/eslint-plugin": "^5.59.7",
+    "@typescript-eslint/parser": "^5.59.7",
+    "chai": "4.3.10",
+    "dayjs": "^1.11.7",
+    "eslint": "^8.41.0",
+    "eslint-config-prettier": "^8.8.0",
+    "eslint-plugin-import": "^2.27.5",
+    "eslint-plugin-node": "^11.1.0",
+    "eslint-plugin-prettier": "^4.2.1",
+    "iconv-lite": "^0.6.3",
+    "log4js": "^6.9.1",
+    "mocha": "^10.2.0",
+    "prettier": "^2.8.8",
+    "reflect-metadata": "^0.1.13",
+    "rimraf": "^5.0.5",
+    "rollup": "^3.7.4",
+    "rollup-plugin-typescript2": "^0.34.1",
+    "rollup-plugin-visualizer": "^5.8.2",
+    "ts-node": "^10.9.1",
+    "tsc-esm-fix": "^3.0.0",
+    "tslib": "^2.5.2",
+    "typescript": "^5.4.2",
+    "vite": "^4.3.8",
+    "vue-tsc": "^1.6.5"
+  },
+  "gitHead": "afa8155fda10f9a32427b351454b460897295a2c"
+}

packages/core/basic/src/index.ts

@@ -0,0 +1 @@
+export * from './utils/index.js';

packages/core/basic/src/utils/index.ts

@@ -0,0 +1,33 @@
+export * from './util.request.js';
+export * from './util.log.js';
+export * from './util.file.js';
+export * from './util.sp.js';
+export * from './util.promise.js';
+export * from './util.hash.js';
+export * from './util.merge.js';
+export * from './util.cache.js';
+import sleep from './util.sleep.js';
+import { http } from './util.request.js';
+import { nanoid } from 'nanoid';
+import { mergeUtils } from './util.merge.js';
+import { sp } from './util.sp.js';
+import { hashUtils } from './util.hash.js';
+import { promises } from './util.promise.js';
+import { fileUtils } from './util.file.js';
+import * as _ from 'lodash-es';
+import { cache } from './util.cache.js';
+import dayjs from 'dayjs';
+
+export const utils = {
+  sleep,
+  http,
+  sp,
+  hash: hashUtils,
+  promises,
+  file: fileUtils,
+  _,
+  mergeUtils,
+  cache,
+  nanoid,
+  dayjs,
+};

packages/core/basic/src/utils/util.cache.ts

@@ -0,0 +1,8 @@
+// LRUCache
+
+import { LRUCache } from "lru-cache";
+
+export const cache = new LRUCache<string, any>({
+  max: 1000,
+  ttl: 1000 * 60 * 10,
+});

packages/core/basic/src/utils/util.merge.ts

@@ -0,0 +1,64 @@
+import _ from "lodash-es";
+function isUnMergeable(srcValue: any) {
+  return srcValue != null && srcValue instanceof UnMergeable;
+}
+function isUnCloneable(value: any) {
+  return isUnMergeable(value) && !value.cloneable;
+}
+function merge(target: any, ...sources: any) {
+  /**
+   * 如果目标为不可合并对象，比如array、unMergeable、ref,则直接覆盖不合并
+   * @param objValue 被合并对象
+   * @param srcValue 来源对象
+   */
+  function customizer(objValue: any, srcValue: any) {
+    if (srcValue == null) {
+      return;
+    }
+    // 如果被合并对象为数组，则直接被覆盖对象覆盖，只要覆盖对象不为空
+    if (_.isArray(objValue)) {
+      //原对象如果是数组
+      return srcValue; //来源对象
+    }
+
+    if (isUnMergeable(srcValue)) {
+      return srcValue;
+    }
+  }
+
+  let found: any = null;
+  for (const item of sources) {
+    if (isUnMergeable(item)) {
+      found = item;
+    }
+  }
+  if (found) {
+    return found;
+  }
+  return _.mergeWith(target, ...sources, customizer);
+}
+
+function cloneDeep(target: any) {
+  if (isUnCloneable(target)) {
+    return target;
+  }
+  function customizer(value: any) {
+    if (isUnCloneable(value)) {
+      return value;
+    }
+  }
+
+  return _.cloneDeepWith(target, customizer);
+}
+export class UnMergeable {
+  cloneable = false;
+
+  setCloneable(cloneable: any) {
+    this.cloneable = cloneable;
+  }
+}
+
+export const mergeUtils = {
+  merge,
+  cloneDeep,
+};

packages/core/basic/src/utils/util.promise.ts

@@ -25,7 +25,26 @@ export function safePromise<T>(callback: (resolve: (ret: T) => void, reject: (re
   });
 }
 
+export function promisify(func: any) {
+  return function (...args: any) {
+    return new Promise((resolve, reject) => {
+      try {
+        func(...args, (err: any, data: any) => {
+          if (err) {
+            reject(err);
+          } else {
+            resolve(data);
+          }
+        });
+      } catch (e) {
+        reject(e);
+      }
+    });
+  };
+}
+
 export const promises = {
   TimeoutPromise,
   safePromise,
+  promisify,
 };

packages/core/basic/src/utils/util.request.ts

@@ -1,14 +1,15 @@
-import axios, { AxiosRequestConfig } from "axios";
-import { logger } from "./util.log.js";
-import { Logger } from "log4js";
-import { HttpProxyAgent } from "http-proxy-agent";
-import { HttpsProxyAgent } from "https-proxy-agent";
-import nodeHttp from "http";
+import axios, { AxiosRequestConfig } from 'axios';
+import { logger } from './util.log.js';
+import { Logger } from 'log4js';
+import { HttpProxyAgent } from 'http-proxy-agent';
+import { HttpsProxyAgent } from 'https-proxy-agent';
+import nodeHttp from 'http';
+import * as https from 'node:https';
 export class HttpError extends Error {
   status?: number;
   statusText?: string;
   code?: string;
-  request?: { url: string; method: string; params?: any; data?: any };
+  request?: { baseURL: string; url: string; method: string; params?: any; data?: any };
   response?: { data: any };
   cause?: any;
   constructor(error: any) {
@@ -16,6 +17,11 @@ export class HttpError extends Error {
       return;
     }
     super(error.message);
+
+    if (error?.message?.indexOf('ssl3_get_record:wrong version number') >= 0) {
+      this.message = 'http协议错误，服务端要求http协议，请检查是否使用了https请求';
+    }
+
     this.name = error.name;
     this.code = error.code;
     this.cause = error.cause;
@@ -23,6 +29,7 @@ export class HttpError extends Error {
     this.status = error.response?.status;
     this.statusText = error.response?.statusText;
     this.request = {
+      baseURL: error.config?.baseURL,
       url: error.config?.url,
       method: error.config?.method,
       params: error.config?.params,
@@ -57,62 +64,62 @@ export function createAxiosService({ logger }: { logger: Logger }) {
       }
       let agents = defaultAgents;
       if (config.skipSslVerify) {
-        logger.info("跳过SSL验证");
+        logger.info('跳过SSL验证');
         agents = createAgent({ rejectUnauthorized: false } as any);
       }
       delete config.skipSslVerify;
       config.httpsAgent = agents.httpsAgent;
       config.httpAgent = agents.httpAgent;
-
+      config.proxy = false; //必须 否则还会走一层代理，
       return config;
     },
     (error: Error) => {
       // 发送失败
-      logger.error("接口请求失败：", error);
+      logger.error('接口请求失败：', error);
       return Promise.reject(error);
     }
   );
   // 响应拦截
   service.interceptors.response.use(
     (response: any) => {
-      logger.info("http response:", JSON.stringify(response?.data));
+      logger.info('http response:', JSON.stringify(response?.data));
       return response.data;
     },
     (error: any) => {
       const status = error.response?.status;
       switch (status) {
         case 400:
-          error.message = "请求错误";
+          error.message = '请求错误';
           break;
         case 401:
-          error.message = "未授权，请登录";
+          error.message = '未授权，请登录';
           break;
         case 403:
-          error.message = "拒绝访问";
+          error.message = '拒绝访问';
           break;
         case 404:
           error.message = `请求地址出错: ${error.response.config.url}`;
           break;
         case 408:
-          error.message = "请求超时";
+          error.message = '请求超时';
           break;
         case 500:
-          error.message = "服务器内部错误";
+          error.message = '服务器内部错误';
           break;
         case 501:
-          error.message = "服务未实现";
+          error.message = '服务未实现';
           break;
         case 502:
-          error.message = "网关错误";
+          error.message = '网关错误';
           break;
         case 503:
-          error.message = "服务不可用";
+          error.message = '服务不可用';
           break;
         case 504:
-          error.message = "网关超时";
+          error.message = '网关超时';
           break;
         case 505:
-          error.message = "HTTP版本不受支持";
+          error.message = 'HTTP版本不受支持';
           break;
         default:
           break;
@@ -120,12 +127,12 @@ export function createAxiosService({ logger }: { logger: Logger }) {
       logger.error(
         `请求出错：status:${error.response?.status},statusText:${error.response?.statusText},url:${error.config?.url},method:${error.config?.method}。`
       );
-      logger.error("返回数据:", JSON.stringify(error.response?.data));
+      logger.error('返回数据:', JSON.stringify(error.response?.data));
       if (error.response?.data) {
         error.message = error.response.data.message || error.response.data.msg || error.response.data.error || error.response.data;
       }
       if (error instanceof AggregateError) {
-        logger.error("AggregateError", error);
+        logger.error('AggregateError', error);
       }
       const err = new HttpError(error);
       return Promise.reject(err);
@@ -138,6 +145,7 @@ export const http = createAxiosService({ logger }) as HttpClient;
 export type HttpClientResponse<R> = any;
 export type HttpRequestConfig<D> = {
   skipSslVerify?: boolean;
+  skipCheckRes?: boolean;
 } & AxiosRequestConfig<D>;
 export type HttpClient = {
   request<D = any, R = any>(config: HttpRequestConfig<D>): Promise<HttpClientResponse<R>>;
@@ -147,13 +155,18 @@ export function createAgent(opts: nodeHttp.AgentOptions = {}) {
   let httpAgent, httpsAgent;
   const httpProxy = process.env.HTTP_PROXY || process.env.http_proxy;
   if (httpProxy) {
+    logger.info('use httpProxy:', httpProxy);
     httpAgent = new HttpProxyAgent(httpProxy, opts as any);
+  } else {
+    httpAgent = new nodeHttp.Agent(opts);
   }
   const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;
   if (httpsProxy) {
+    logger.info('use httpsProxy:', httpsProxy);
     httpsAgent = new HttpsProxyAgent(httpsProxy, opts as any);
+  } else {
+    httpsAgent = new https.Agent(opts);
   }
-
   return {
     httpAgent,
     httpsAgent,

packages/core/basic/tsconfig.json

@@ -0,0 +1,42 @@
+{
+  "compileOnSave": true,
+  "compilerOptions": {
+    "target": "ESNext",
+    "module": "ESNext",
+    "moduleResolution": "node",
+    "esModuleInterop": true,
+    "experimentalDecorators": true,
+    "emitDecoratorMetadata": true,
+    "inlineSourceMap":true,
+    "noImplicitThis": true,
+    "noUnusedLocals": true,
+    "stripInternal": true,
+    "skipLibCheck": true,
+    "pretty": true,
+    "declaration": true,
+    "forceConsistentCasingInFileNames": true,
+    "typeRoots": [ "./typings", "./node_modules/@types"],
+    "outDir": "dist",
+    "rootDir": "src",
+    "composite": true,
+    "useDefineForClassFields": true,
+    "strict": true,
+//    "sourceMap": true,
+    "resolveJsonModule": true,
+    "isolatedModules": false,
+    "lib": ["ESNext", "DOM"],
+  },
+  "include": [
+    "src/**/*.ts",
+    "src/**/*.d.ts",
+    "src/**/*.json"
+  ],
+  "exclude": [
+    "*.js",
+    "*.ts",
+    "*.spec.ts",
+    "dist",
+    "node_modules",
+    "test"
+  ],
+}

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,43 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+### Bug Fixes
+
+* 修复某些代理情况下 报 400 The plain HTTP request was sent to HTTPS port use proxy 的bug ([a13203f](https://github.com/certd/certd/commit/a13203fb3f48c427d0d81a504912248dcc07df1a))
+
+### Features
+
+* 域名验证方法支持CNAME间接方式，此方式支持所有域名注册商，且无需提供Access授权，但是需要手动添加cname解析 ([f3d3508](https://github.com/certd/certd/commit/f3d35084ed44f9f33845f7045e520be5c27eed93))
+* 站点个性化设置 ([11a9fe9](https://github.com/certd/certd/commit/11a9fe9014d96cba929e5a066e78f2af7ae59d14))
+
+### Performance Improvements
+
+* 调整全部静态资源到static目录 ([a218890](https://github.com/certd/certd/commit/a21889080d6c7ffdf0af526a3a21f0b2d1c77288))
+* 检查cname是否正确配置 ([b5d8935](https://github.com/certd/certd/commit/b5d8935159374fbe7fc7d4c48ae0ed9396861bdd))
+* cname校验配置增加未校验通过提示 ([77cc3c4](https://github.com/certd/certd/commit/77cc3c4a5cbd81f8233a8e0bb33fab0621c0905f))
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+### Bug Fixes
+
+* 修复某些地区被屏蔽无法激活专业版的bug ([7532a96](https://github.com/certd/certd/commit/7532a960851b84d4f2cc3dba02353c5235e1a364))
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/certd/certd/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+
 ## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.25.5",
+  "version": "1.26.0",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -9,18 +9,22 @@
     "dev": "vite",
     "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
     "build": "npm run before-build && tsc --skipLibCheck",
+    "dev-build": "npm run build",
     "build3": "rollup -c",
-    "build2": "vue-tsc --noEmit && vite build",
     "preview": "vite preview",
     "test": "mocha   --loader=ts-node/esm"
   },
   "dependencies": {
-    "@certd/plus-core": "^1.25.4",
+    "@certd/basic": "^1.26.0",
+    "@certd/plus-core": "^1.26.0",
     "axios": "^1.7.2",
+    "dayjs": "^1.11.7",
     "fix-path": "^4.0.0",
     "http-proxy-agent": "^7.0.2",
     "https-proxy-agent": "^7.0.5",
     "lodash-es": "^4.17.21",
+    "lru-cache": "^10.0.0",
+    "nanoid": "^5.0.7",
     "node-forge": "^1.3.1",
     "nodemailer": "^6.9.3",
     "proxy-agent": "^6.4.0",
@@ -58,9 +62,9 @@
     "ts-node": "^10.9.1",
     "tsc-esm-fix": "^3.0.0",
     "tslib": "^2.5.2",
-    "typescript": "^5.0.4",
+    "typescript": "^5.4.2",
     "vite": "^4.3.8",
     "vue-tsc": "^1.6.5"
   },
-  "gitHead": "03ce69dbfb317db7a3688d33ccc17ef06fd68393"
+  "gitHead": "afa8155fda10f9a32427b351454b460897295a2c"
 }

packages/core/pipeline/src/access/api.ts

@@ -1,5 +1,8 @@
 import { Registrable } from "../registry/index.js";
 import { FormItemProps } from "../dt/index.js";
+import { HttpClient, ILogger, utils } from "../utils/index.js";
+import _ from "lodash-es";
+import { AccessRequestHandleReq } from "../core";
 
 export type AccessInputDefine = FormItemProps & {
   title: string;
@@ -15,5 +18,36 @@ export interface IAccessService {
   getById<T = any>(id: any): Promise<T>;
 }
 
-// eslint-disable-next-line @typescript-eslint/no-empty-interface
-export interface IAccess {}
+export interface IAccess {
+  ctx: AccessContext;
+  [key: string]: any;
+}
+
+export type AccessContext = {
+  http: HttpClient;
+  logger: ILogger;
+  utils: typeof utils;
+};
+
+export abstract class BaseAccess implements IAccess {
+  ctx!: AccessContext;
+
+  async onRequest(req: AccessRequestHandleReq) {
+    if (!req.action) {
+      throw new Error("action is required");
+    }
+
+    let methodName = req.action;
+    if (!req.action.startsWith("on")) {
+      methodName = `on${_.upperFirst(req.action)}`;
+    }
+
+    // @ts-ignore
+    const method = this[methodName];
+    if (method) {
+      // @ts-ignore
+      return await this[methodName](req.data);
+    }
+    throw new Error(`action ${req.action} not found`);
+  }
+}

packages/core/pipeline/src/access/decorator.ts

@@ -1,8 +1,9 @@
 // src/decorator/memoryCache.decorator.ts
-import { AccessDefine, AccessInputDefine } from "./api.js";
+import { AccessContext, AccessDefine, AccessInputDefine } from "./api.js";
 import { Decorator } from "../decorator/index.js";
 import _ from "lodash-es";
 import { accessRegistry } from "./registry.js";
+import { http, logger, utils } from "../utils/index.js";
 
 // 提供一个唯一 key
 export const ACCESS_CLASS_KEY = "pipeline:access";
@@ -37,3 +38,24 @@ export function AccessInput(input?: AccessInputDefine): PropertyDecorator {
     Reflect.defineMetadata(ACCESS_INPUT_KEY, input, target, propertyKey);
   };
 }
+
+export function newAccess(type: string, input: any, ctx?: AccessContext) {
+  const register = accessRegistry.get(type);
+  if (register == null) {
+    throw new Error(`access ${type} not found`);
+  }
+  // @ts-ignore
+  const access = new register.target();
+  for (const key in input) {
+    access[key] = input[key];
+  }
+  if (!ctx) {
+    ctx = {
+      http,
+      logger,
+      utils,
+    };
+  }
+  access.ctx = ctx;
+  return access;
+}

packages/core/pipeline/src/core/executor.ts

@@ -1,28 +1,28 @@
 import { ConcurrencyStrategy, NotificationWhen, Pipeline, ResultType, Runnable, RunStrategy, Stage, Step, Task } from "../dt/index.js";
 import _ from "lodash-es";
 import { RunHistory, RunnableCollection } from "./run-history.js";
-import { AbstractTaskPlugin, PluginDefine, pluginRegistry, TaskInstanceContext } from "../plugin/index.js";
+import { AbstractTaskPlugin, PluginDefine, pluginRegistry, TaskInstanceContext, UserInfo } from "../plugin/index.js";
 import { ContextFactory, IContext } from "./context.js";
 import { IStorage } from "./storage.js";
-import { logger } from "../utils/util.log.js";
+import { logger } from "../utils/index.js";
 import { Logger } from "log4js";
-import { createAxiosService } from "../utils/util.request.js";
+import { createAxiosService } from "../utils/index.js";
 import { IAccessService } from "../access/index.js";
 import { RegistryItem } from "../registry/index.js";
 import { Decorator } from "../decorator/index.js";
-import { IEmailService } from "../service/index.js";
+import { ICnameProxyService, IEmailService } from "../service/index.js";
 import { FileStore } from "./file-store.js";
 import { hashUtils, utils } from "../utils/index.js";
-// import { TimeoutPromise } from "../utils/util.promise.js";
 
 export type ExecutorOptions = {
-  userId: any;
   pipeline: Pipeline;
   storage: IStorage;
   onChanged: (history: RunHistory) => Promise<void>;
   accessService: IAccessService;
   emailService: IEmailService;
+  cnameProxyService: ICnameProxyService;
   fileRootDir?: string;
+  user: UserInfo;
 };
 
 export class Executor {
@@ -46,7 +46,7 @@ export class Executor {
     this.onChanged = async (history: RunHistory) => {
       await options.onChanged(history);
     };
-    this.pipeline.userId = options.userId;
+    this.pipeline.userId = options.user.id;
     this.contextFactory = new ContextFactory(options.storage);
     this.logger = logger;
     this.pipelineContext = this.contextFactory.getContext("pipeline", this.pipeline.id);
@@ -221,7 +221,7 @@ export class Executor {
     //从outputContext读取输入参数
     const input = _.cloneDeep(step.input);
     Decorator.inject(define.input, instance, input, (item, key) => {
-      if (item.component?.name === "pi-output-selector") {
+      if (item.component?.name === "output-selector") {
         const contextKey = input[key];
         if (contextKey != null) {
           if (typeof contextKey !== "string") {
@@ -268,8 +268,9 @@ export class Executor {
       inputChanged,
       accessService: this.options.accessService,
       emailService: this.options.emailService,
+      cnameProxyService: this.options.cnameProxyService,
       pipelineContext: this.pipelineContext,
-      userContext: this.contextFactory.getContext("user", this.options.userId),
+      userContext: this.contextFactory.getContext("user", this.options.user.id),
       fileStore: new FileStore({
         scope: this.pipeline.id,
         parent: this.runtime.id,
@@ -277,6 +278,7 @@ export class Executor {
       }),
       signal: this.abort.signal,
       utils,
+      user: this.options.user,
     };
     instance.setCtx(taskCtx);
 

packages/core/pipeline/src/core/handler.ts

@@ -1,33 +1,21 @@
-import _ from "lodash-es";
-import { HttpClient, ILogger } from "../utils";
+import { HttpClient, ILogger, utils } from "../utils/index.js";
 
-export type PluginRequest = {
-  type: "plugin" | "access";
+export type PluginRequestHandleReq<T = any> = {
   typeName: string;
   action: string;
-  input: any;
+  input: T;
   data: any;
 };
 
-export type RequestHandleContext = {
+export type AccessRequestHandleReqInput<T = any> = {
+  id?: number;
+  title?: string;
+  access: T;
+};
+export type AccessRequestHandleContext = {
   http: HttpClient;
   logger: ILogger;
+  utils: typeof utils;
 };
 
-export class RequestHandler {
-  async onRequest(req: PluginRequest, ctx: RequestHandleContext) {
-    if (!req.action) {
-      throw new Error("action is required");
-    }
-
-    const methodName = `on${_.upperFirst(req.action)}`;
-
-    // @ts-ignore
-    const method = this[methodName];
-    if (method) {
-      // @ts-ignore
-      return await this[methodName](req.data, ctx);
-    }
-    throw new Error(`action ${req.action} not found`);
-  }
-}
+export type AccessRequestHandleReq<T = any> = PluginRequestHandleReq<AccessRequestHandleReqInput<T>>;

packages/core/pipeline/src/core/license.ts

@@ -1,5 +1,5 @@
 import { logger } from "../utils/index.js";
-import { setLogger, isPlus } from "@certd/plus-core";
+import { setLogger, isPlus, isComm } from "@certd/plus-core";
 setLogger(logger);
 export * from "@certd/plus-core";
 
@@ -8,3 +8,9 @@ export function checkPlus() {
     throw new Error("此为专业版功能，请升级到专业版");
   }
 }
+
+export function checkComm() {
+  if (!isComm()) {
+    throw new Error("此为商业版功能，请升级到商业版");
+  }
+}

packages/core/pipeline/src/core/run-history.ts

@@ -1,6 +1,6 @@
 import { HistoryResult, Pipeline, ResultType, Runnable, RunnableMap, Stage, Step, Task } from "../dt/index.js";
 import _ from "lodash-es";
-import { buildLogger } from "../utils/util.log.js";
+import { buildLogger } from "../utils/index.js";
 import { Logger } from "log4js";
 
 export type HistoryStatus = {

packages/core/pipeline/src/core/storage.ts

@@ -1,6 +1,6 @@
 import fs from "fs";
 import path from "path";
-import { fileUtils } from "../utils/util.file.js";
+import { fileUtils } from "../utils/index.js";
 
 export interface IStorage {
   get(scope: string, namespace: string, version: string, key: string): Promise<string | null>;

packages/core/pipeline/src/index.ts

@@ -1,4 +1,3 @@
-import "util";
 export * from "./core/index.js";
 export * from "./dt/index.js";
 export * from "./access/index.js";

packages/core/pipeline/src/plugin/api.ts

@@ -3,12 +3,16 @@ import { FileItem, FormItemProps, Pipeline, Runnable, Step } from "../dt/index.j
 import { FileStore } from "../core/file-store.js";
 import { Logger } from "log4js";
 import { IAccessService } from "../access/index.js";
-import { IEmailService } from "../service/index.js";
-import { IContext } from "../core/index.js";
-import { ILogger, logger } from "../utils/index.js";
-import { HttpClient } from "../utils/util.request";
-import { utils } from "../utils/index.js";
+import { ICnameProxyService, IEmailService } from "../service/index.js";
+import { IContext, PluginRequestHandleReq, RunnableCollection } from "../core/index.js";
+import { ILogger, logger, utils } from "../utils/index.js";
+import { HttpClient } from "../utils/index.js";
 import dayjs from "dayjs";
+import _ from "lodash-es";
+export type UserInfo = {
+  role: "admin" | "user";
+  id: any;
+};
 export enum ContextScope {
   global,
   pipeline,
@@ -38,18 +42,13 @@ export type PluginDefine = Registrable & {
     [key: string]: any;
   };
 
-  reference?: {
-    src: string;
-    dest: string;
-    type: "computed";
-  }[];
-
   needPlus?: boolean;
 };
 
 export type ITaskPlugin = {
   onInstance(): Promise<void>;
   execute(): Promise<void>;
+  onRequest(req: PluginRequestHandleReq<any>): Promise<any>;
   [key: string]: any;
 };
 
@@ -71,6 +70,8 @@ export type TaskInstanceContext = {
   accessService: IAccessService;
   //邮件服务
   emailService: IEmailService;
+  //cname记录服务
+  cnameProxyService: ICnameProxyService;
   //流水线上下文
   pipelineContext: IContext;
   //用户上下文
@@ -85,6 +86,8 @@ export type TaskInstanceContext = {
   signal: AbortSignal;
   //工具类
   utils: typeof utils;
+  //用户信息
+  user: UserInfo;
 };
 
 export abstract class AbstractTaskPlugin implements ITaskPlugin {
@@ -107,6 +110,17 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     this.accessService = ctx.accessService;
   }
 
+  async getAccess(accessId: string) {
+    if (accessId == null) {
+      throw new Error("您还没有配置授权");
+    }
+    const res = await this.ctx.accessService.getById(accessId);
+    if (res == null) {
+      throw new Error("授权不存在，可能已被删除，请前往任务配置里面重新选择授权");
+    }
+    return res;
+  }
+
   randomFileId() {
     return Math.random().toString(36).substring(2, 9);
   }
@@ -147,6 +161,44 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     }
     return name + "_" + dayjs().format("YYYYMMDDHHmmss");
   }
+
+  async onRequest(req: PluginRequestHandleReq<any>) {
+    if (!req.action) {
+      throw new Error("action is required");
+    }
+
+    let methodName = req.action;
+    if (!req.action.startsWith("on")) {
+      methodName = `on${_.upperFirst(req.action)}`;
+    }
+
+    // @ts-ignore
+    const method = this[methodName];
+    if (method) {
+      // @ts-ignore
+      return await this[methodName](req.data);
+    }
+    throw new Error(`action ${req.action} not found`);
+  }
+
+  isAdmin() {
+    return this.ctx.user.role === "admin";
+  }
+
+  getStepFromPipeline(stepId: string) {
+    let found: any = null;
+    RunnableCollection.each(this.ctx.pipeline.stages, (step) => {
+      if (step.id === stepId) {
+        found = step;
+        return;
+      }
+    });
+    return found;
+  }
+
+  getStepIdFromRefInput(ref = ".") {
+    return ref.split(".")[1];
+  }
 }
 
 export type OutputVO = {

packages/core/pipeline/src/plugin/group.ts

@@ -22,5 +22,6 @@ export const pluginGroups = {
   tencent: new PluginGroup("tencent", "腾讯云", 4),
   host: new PluginGroup("host", "主机", 5),
   cdn: new PluginGroup("cdn", "CDN", 6),
-  other: new PluginGroup("other", "其他", 7),
+  panel: new PluginGroup("panel", "面板", 7),
+  other: new PluginGroup("other", "其他", 8),
 };

packages/core/pipeline/src/plugin/test/echo-plugin.ts

@@ -1,25 +0,0 @@
-import { ITaskPlugin } from "../api.js";
-import { IsTaskPlugin, TaskInput } from "../decorator.js";
-
-@IsTaskPlugin({
-  name: "EchoPlugin",
-  title: "测试插件",
-  desc: "test",
-})
-export class EchoPlugin implements ITaskPlugin {
-  @TaskInput({
-    title: "测试属性",
-    component: {
-      name: "text",
-    },
-  })
-  test?: string;
-
-  onInstance(): Promise<void> {
-    throw new Error("Method not implemented.");
-  }
-
-  async execute(): Promise<void> {
-    return Promise.resolve(undefined);
-  }
-}

packages/core/pipeline/src/registry/registry.ts

@@ -5,6 +5,7 @@ export type Registrable = {
   title: string;
   desc?: string;
   group?: string;
+  deprecated?: string;
 };
 
 export type RegistryItem<T> = {
@@ -67,6 +68,9 @@ export class Registry<T> {
     for (const key in this.storage) {
       const define = this.getDefine(key);
       if (define) {
+        if (define?.deprecated) {
+          continue;
+        }
         list.push({ ...define, key });
       }
     }

packages/core/pipeline/src/service/cname.ts

@@ -0,0 +1,17 @@
+export type CnameProvider = {
+  id: any;
+  domain: string;
+  dnsProviderType: string;
+  accessId: any;
+};
+export type CnameRecord = {
+  id: any;
+  domain: string;
+  hostRecord: string;
+  recordValue: string;
+  cnameProvider: CnameProvider;
+  status: string;
+};
+export type ICnameProxyService = {
+  getByDomain: (domain: string) => Promise<CnameRecord>;
+};

packages/core/pipeline/src/service/index.ts

@@ -1 +1,2 @@
 export * from "./email.js";
+export * from "./cname.js";

packages/core/pipeline/src/utils/index.ts

@@ -1,22 +1 @@
-import sleep from "./util.sleep.js";
-import { http } from "./util.request.js";
-export * from "./util.request.js";
-export * from "./util.log.js";
-export * from "./util.file.js";
-export * from "./util.sp.js";
-export * from "./util.promise.js";
-export * from "./util.hash.js";
-import { sp } from "./util.sp.js";
-import { hashUtils } from "./util.hash.js";
-import { promises } from "./util.promise.js";
-import { fileUtils } from "./util.file.js";
-import _ from "lodash-es";
-export const utils = {
-  sleep,
-  http,
-  sp,
-  hash: hashUtils,
-  promises,
-  file: fileUtils,
-  _,
-};
+export * from "@certd/basic";

packages/core/pipeline/test/echo-plugin.ts

@@ -1,27 +0,0 @@
-import { Autowire, IsTaskPlugin, ITaskPlugin, TaskInput, TaskOutput } from "../src";
-
-@IsTaskPlugin({
-  name: "EchoPlugin",
-  title: "测试插件【echo】",
-})
-export class EchoPlugin implements ITaskPlugin {
-  @TaskInput({
-    title: "cert",
-    component: {
-      name: "pi-output-selector",
-    },
-    helper: "输出选择",
-  })
-  cert!: any;
-
-  @TaskOutput({
-    title: "cert info",
-  })
-  certInfo!: any;
-
-  // eslint-disable-next-line @typescript-eslint/no-empty-function
-  async onInstance(): Promise<void> {}
-  async execute(): Promise<void> {
-    console.log("input :cert", this.cert);
-  }
-}

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,26 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.25.5",
+  "version": "1.26.0",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -9,7 +9,7 @@
     "dev": "vite",
     "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
     "build": "npm run before-build && rollup -c ",
-    "build2": "vue-tsc --noEmit && vite build",
+    "dev-build": "npm run build",
     "preview": "vite preview"
   },
   "dependencies": {
@@ -17,5 +17,5 @@
     "rimraf": "^5.0.5",
     "rollup": "^3.7.4"
   },
-  "gitHead": "c49ccbde93dbad7062ac39d4f18eca7d561f573f"
+  "gitHead": "afa8155fda10f9a32427b351454b460897295a2c"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,28 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/certd/certd/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+
 ## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.25.5",
+  "version": "1.26.0",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -9,6 +9,7 @@
     "dev": "vite",
     "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
     "build": "npm run before-build && tsc --skipLibCheck",
+    "dev-build": "npm run build",
     "build3": "rollup -c",
     "build2": "vue-tsc --noEmit && vite build",
     "preview": "vite preview"
@@ -36,7 +37,7 @@
     "rollup-plugin-visualizer": "^5.8.2",
     "ts-node": "^10.9.1",
     "tslib": "^2.5.2",
-    "typescript": "^4.8.4"
+    "typescript": "^5.4.2"
   },
-  "gitHead": "03ce69dbfb317db7a3688d33ccc17ef06fd68393"
+  "gitHead": "afa8155fda10f9a32427b351454b460897295a2c"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,26 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-jdcloud
+
 ## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
 
 **Note:** Version bump only for package @certd/lib-jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-jdcloud",
   "private": false,
-  "version": "1.25.5",
+  "version": "1.26.0",
   "main": "./dist/bundle.mjs",
   "module": "./dist/bundle.mjs",
   "types": "./dist/d/index.d.ts",
@@ -9,7 +9,7 @@
     "dev": "vite",
     "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
     "build": "npm run before-build && rollup -c ",
-    "build2": "vue-tsc --noEmit && vite build",
+    "dev-build": "npm run build",
     "preview": "vite preview"
   },
   "dependencies": {
@@ -27,5 +27,5 @@
     "rimraf": "^5.0.5",
     "rollup": "^3.7.4"
   },
-  "gitHead": "03ce69dbfb317db7a3688d33ccc17ef06fd68393"
+  "gitHead": "afa8155fda10f9a32427b351454b460897295a2c"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,28 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/certd/certd/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+
 ## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.25.5",
+  "version": "1.26.0",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -9,6 +9,7 @@
     "dev": "vite",
     "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
     "build": "npm run before-build && tsc --skipLibCheck",
+    "dev-build": "npm run build",
     "build3": "rollup -c",
     "build2": "vue-tsc --noEmit && vite build",
     "preview": "vite preview"
@@ -17,7 +18,7 @@
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
-    "@certd/pipeline": "^1.25.5",
+    "@certd/pipeline": "^1.26.0",
     "@rollup/plugin-commonjs": "^23.0.4",
     "@rollup/plugin-json": "^6.0.0",
     "@rollup/plugin-node-resolve": "^15.0.1",
@@ -37,7 +38,7 @@
     "rollup-plugin-visualizer": "^5.8.2",
     "ts-node": "^10.9.1",
     "tslib": "^2.5.2",
-    "typescript": "^4.8.4"
+    "typescript": "^5.4.2"
   },
-  "gitHead": "03ce69dbfb317db7a3688d33ccc17ef06fd68393"
+  "gitHead": "afa8155fda10f9a32427b351454b460897295a2c"
 }

packages/libs/lib-server/.dockerignore

@@ -0,0 +1,16 @@
+logs/
+npm-debug.log
+yarn-error.log
+node_modules/
+package-lock.json
+yarn.lock
+coverage/
+!dist/
+.idea/
+run/
+.DS_Store
+*.sw*
+*.un~
+.tsbuildinfo
+.tsbuildinfo.*
+/data/db.sqlite

packages/libs/lib-server/.editorconfig

@@ -0,0 +1,11 @@
+# 🎨 editorconfig.org
+
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_style = space
+indent_size = 2
+trim_trailing_whitespace = true
+insert_final_newline = true

packages/libs/lib-server/.eslintrc.json

@@ -0,0 +1,7 @@
+{
+  "extends": "./node_modules/mwts/",
+  "ignorePatterns": ["node_modules", "dist", "test", "jest.config.js", "typings"],
+  "env": {
+    "jest": true
+  }
+}

packages/libs/lib-server/.gitignore

@@ -0,0 +1,28 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+node_modules
+dist
+dist-ssr
+*.local
+
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?
+
+test/user.secret.ts
+
+tsconfig.tsbuildinfo

packages/libs/lib-server/.npmignore

@@ -0,0 +1,2 @@
+node_modules
+src

packages/libs/lib-server/.prettierrc

@@ -0,0 +1,7 @@
+{
+  "printWidth": 160,
+  "bracketSpacing": true,
+  "singleQuote": true,
+  "trailingComma": "es5",
+  "arrowParens": "avoid"
+}

packages/libs/lib-server/CHANGELOG.md

@@ -0,0 +1,89 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
+
+# [1.26.0](https://github.com/certd/certd/compare/v1.25.9...v1.26.0) (2024-10-10)
+
+### Bug Fixes
+
+* 修复历史记录根据流水线名称查询报错的bug ([ce9a986](https://github.com/certd/certd/commit/ce9a9862f122fce2186e7727eaa4b251b59e6032))
+
+### Features
+
+* 域名验证方法支持CNAME间接方式，此方式支持所有域名注册商，且无需提供Access授权，但是需要手动添加cname解析 ([f3d3508](https://github.com/certd/certd/commit/f3d35084ed44f9f33845f7045e520be5c27eed93))
+* 站点个性化设置 ([11a9fe9](https://github.com/certd/certd/commit/11a9fe9014d96cba929e5a066e78f2af7ae59d14))
+
+### Performance Improvements
+
+* 调整全部静态资源到static目录 ([a218890](https://github.com/certd/certd/commit/a21889080d6c7ffdf0af526a3a21f0b2d1c77288))
+* 检查cname是否正确配置 ([b5d8935](https://github.com/certd/certd/commit/b5d8935159374fbe7fc7d4c48ae0ed9396861bdd))
+
+## [1.25.9](https://github.com/certd/certd/compare/v1.25.8...v1.25.9) (2024-10-01)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.25.8](https://github.com/certd/certd/compare/v1.25.7...v1.25.8) (2024-09-30)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.25.7](https://github.com/certd/certd/compare/v1.25.6...v1.25.7) (2024-09-29)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.25.6](https://github.com/certd/certd/compare/v1.25.5...v1.25.6) (2024-09-29)
+
+### Performance Improvements
+
+* 部署支持1Panel ([d047234](https://github.com/certd/certd/commit/d047234d98d31504f2e5a472b66e1b75806af26e))
+
+## [1.25.5](https://github.com/certd/certd/compare/v1.25.4...v1.25.5) (2024-09-26)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.25.4](https://github.com/certd/certd/compare/v1.25.3...v1.25.4) (2024-09-25)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.25.3](https://github.com/certd/certd/compare/v1.25.2...v1.25.3) (2024-09-24)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.25.2](https://github.com/certd/certd/compare/v1.25.1...v1.25.2) (2024-09-24)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.25.1](https://github.com/certd/certd/compare/v1.25.0...v1.25.1) (2024-09-24)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+# [1.25.0](https://github.com/certd/certd/compare/v1.24.4...v1.25.0) (2024-09-24)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.24.4](https://github.com/certd/certd/compare/v1.24.3...v1.24.4) (2024-09-09)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.22.6](https://github.com/certd/certd/compare/v1.22.5...v1.22.6) (2024-08-03)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.22.3](https://github.com/certd/certd/compare/v1.22.2...v1.22.3) (2024-07-25)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.22.2](https://github.com/certd/certd/compare/v1.22.1...v1.22.2) (2024-07-23)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.22.1](https://github.com/certd/certd/compare/v1.22.0...v1.22.1) (2024-07-20)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+# [1.22.0](https://github.com/certd/certd/compare/v1.21.2...v1.22.0) (2024-07-19)
+
+### Features
+
+* 升级midway，支持esm ([485e603](https://github.com/certd/certd/commit/485e603b5165c28bc08694997726eaf2a585ebe7))
+* 支持postgresql ([3b19bfb](https://github.com/certd/certd/commit/3b19bfb4291e89064b3b407a80dae092d54747d5))

packages/libs/lib-server/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 Greper
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

packages/libs/lib-server/README.md

@@ -0,0 +1,16 @@
+# Vue 3 + TypeScript + Vite
+
+This template should help get you started developing with Vue 3 and TypeScript in Vite. The template uses Vue 3 `<script setup>` SFCs, check out the [script setup docs](https://v3.vuejs.org/api/sfc-script-setup.html#sfc-script-setup) to learn more.
+
+## Recommended IDE Setup
+
+- [VS Code](https://code.visualstudio.com/) + [Volar](https://marketplace.visualstudio.com/items?itemName=Vue.volar)
+
+## Type Support For `.vue` Imports in TS
+
+Since TypeScript cannot handle type information for `.vue` imports, they are shimmed to be a generic Vue component type by default. In most cases this is fine if you don't really care about component prop types outside of templates. However, if you wish to get actual prop types in `.vue` imports (for example to get props validation when using manual `h(...)` calls), you can enable Volar's Take Over mode by following these steps:
+
+1. Run `Extensions: Show Built-in Extensions` from VS Code's command palette, look for `TypeScript and JavaScript Language Features`, then right click and select `Disable (Workspace)`. By default, Take Over mode will enable itself if the default TypeScript extension is disabled.
+2. Reload the VS Code window by running `Developer: Reload Window` from the command palette.
+
+You can learn more about Take Over mode [here](https://github.com/johnsoncodehk/volar/discussions/471).

packages/libs/lib-server/README_zhCN.md

@@ -0,0 +1,125 @@
+# midway-flyway-js
+
+[English](./README.md) | [简体中文](./README_zhCN.md)
+
+
+`midway-flyway-js`是基于typeorm的flyway的js实现。
+本项目被构建为midway组件，可与midway无缝集成。
+
+# flyway
+flyway是一款java版本的数据库升级迁移解决方案。
+它能在server启动时自动检查脚本目录，执行sql升级脚本，记录执行历史。
+
+本项目根据类似flyway的思路实现数据库升级迁移方案
+
+# 快速开始
+
+## 1. 准备
+* nodejs环境
+* midway项目
+* [配置typeorm](https://www.yuque.com/midwayjs/midway_v2/orm)
+
+## 2. 安装
+```
+npm install midway-flyway-js
+# or
+yarn add midway-flyway-js
+```
+## 3. 集成
+```js
+import * as orm from 'typeorm';
+import * as flyway from 'midway-flyway-js';
+@Configuration({
+  imports: [
+    orm, // 加载 orm 组件
+    flyway, //加载flyway组件
+  ],
+})
+export class ContainerConfiguration {}
+```
+
+
+## 4. 配置参数【可选】
+`/src/config/config.default.js`文件
+```js
+export const flyway ={
+  // 脚本目录
+  // 默认值 "./db/migrition"
+  scriptDir:"./db/migrition",
+  // 基线，基线脚本及之前的脚本都跳过不执行
+  // 默认值：null
+  // 如果你原本就是空数据库，那么不需要配置此项
+  baseline: 'v1__init.sql',
+  // 执行记录表名
+  // 默认值 flyway_history
+  flywayTableName:'flyway_history',
+  // 是否允许hash值不同
+  // 默认值：false
+  // 相同名称sql文件被改动后，hash会变化
+  // 此时运行会报hash conflict错误
+  // 配置此参数为true，将忽略hash conflict错误
+  allowHashNotMatch:false
+}
+
+```
+## 5. 编写升级sql
+
+将你的sql升级脚本，放到 `/src/db/migrition`目录下
+
+建议命名规则`v{version}__{name}.sql`,例如`v1__init.sql`
+
+
+## 6. 启动你的midway服务
+```
+npm run dev
+```
+
+## 7. 运行效果
+以下效果为midway自动启动后，自动执行`v1__init.sql`脚本的记录
+```
+2021-06-26 15:45:39,630 INFO 12245 [ midfly ] start-------------
+query: SELECT * FROM "sqlite_master" WHERE "type" = 'table' AND "name" = 'flyway_history'
+query: CREATE TABLE "flyway_history" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "timestamp" bigint NOT NULL, "name" varchar NOT NULL, "hash" varchar, "success" boolean)
+query: BEGIN TRANSACTION
+query: SELECT "FlywayHistory"."id" AS "FlywayHistory_id", "FlywayHistory"."name" AS "FlywayHistory_name", "FlywayHistory"."hash" AS "FlywayHistory_hash", "FlywayHistory"."timestamp" AS "FlywayHistory_timestamp", "FlywayHistory"."success" AS "FlywayHistory_success" FROM "flyway_history" "FlywayHistory" WHERE "FlywayHistory"."name" = ? AND "FlywayHistory"."success" = ? LIMIT 1 -- PARAMETERS: ["v1__init.sql",1]
+2021-06-26 15:45:39,664 INFO 12245 need exec script file:
+2021-06-26 15:45:39,666 INFO 12245 [ midfly ] exec
+query: -- 表：sys_permission
+CREATE TABLE "sys_permission" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "title" varchar(100) NOT NULL, "permission" varchar(100), "parent_id" integer NOT NULL DEFAULT (-1), "sort" integer NOT NULL, "create_time" datetime NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" datetime NOT NULL DEFAULT (CURRENT_TIMESTAMP));
+query: INSERT INTO sys_permission (id, title, permission, parent_id, sort, create_time, update_time) VALUES (1, '系统管理', 'sys', -1, 1, 1, 1624085863636);
+query: -- 表：sys_role
+CREATE TABLE "sys_role" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar(100) NOT NULL, "create_time" datetime NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" datetime NOT NULL DEFAULT (CURRENT_TIMESTAMP));
+query: INSERT INTO sys_role (id, name, create_time, update_time) VALUES (1, '管理员', 1, 1623749138537);
+query: -- 表：sys_role_permission
+CREATE TABLE "sys_role_permission" ("role_id" integer NOT NULL, "permission_id" integer NOT NULL, PRIMARY KEY ("role_id", "permission_id"));
+query: INSERT INTO sys_role_permission (role_id, permission_id) VALUES (1, 1);
+query: -- 表：sys_user
+CREATE TABLE "sys_user" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "username" varchar(100) NOT NULL, "password" varchar(50) NOT NULL, "nick_name" varchar(50), "avatar" varchar(255), "phone_code" varchar(20), "mobile" varchar(20), "email" varchar(100),"remark" varchar(100), "status" integer NOT NULL DEFAULT (1), "create_time" datetime NOT NULL DEFAULT (CURRENT_TIMESTAMP), "update_time" datetime NOT NULL DEFAULT (CURRENT_TIMESTAMP));
+query: INSERT INTO sys_user (id, username, password, nick_name, avatar, phone_code, mobile, email, status, create_time, update_time,remark) VALUES (1, 'admin', 'e10adc3949ba59abbe56e057f20f883e', 'admin', NULL, NULL, NULL, NULL, 1, 2011123132, 123132,NULL);
+query: -- 表：sys_user_role
+CREATE TABLE "sys_user_role" ("role_id" integer NOT NULL, "user_id" integer NOT NULL, PRIMARY KEY ("role_id", "user_id"));
+query: INSERT INTO sys_user_role (role_id, user_id) VALUES (1, 1);
+query: -- 索引：IDX_223de54d6badbe43a5490450c3
+CREATE UNIQUE INDEX "IDX_223de54d6badbe43a5490450c3" ON "sys_role" ("name");
+query: -- 索引：IDX_9e7164b2f1ea1348bc0eb0a7da
+CREATE UNIQUE INDEX "IDX_9e7164b2f1ea1348bc0eb0a7da" ON "sys_user" ("username");
+query: DELETE FROM "flyway_history" WHERE "name" = ? -- PARAMETERS: ["v1__init.sql"]
+query: INSERT INTO "flyway_history"("id", "name", "hash", "timestamp", "success") VALUES (NULL, ?, ?, ?, ?) -- PARAMETERS: ["v1__init.sql","0c661bd7afebac224bbaa60bc5bb56e9",1624693539781,1]
+query: SELECT "FlywayHistory"."id" AS "FlywayHistory_id", "FlywayHistory"."success" AS "FlywayHistory_success" FROM "flyway_history" "FlywayHistory" WHERE "FlywayHistory"."id" = ? -- PARAMETERS: [1]
+query: COMMIT
+2021-06-26 15:45:39,800 INFO 12245 [ midfly ] end-------------
+```
+
+# 注意事项
+1. 升级sql文件最后一行请不要有注释，应该以一条sql语句的分号结尾。
+
+# 他们在用
+* [fs-server-js](https://github.com/fast-crud/fs-server-js)
+
+# 参考项目
+* [flyway](https://github.com/flyway/flyway) : java版flyway
+* [flyway-js](https://github.com/wanglihui/flyway-js) : Sequelize版flyway
+
+感谢以上项目
+
+

packages/libs/lib-server/jest.config.js

@@ -0,0 +1,6 @@
+module.exports = {
+  preset: 'ts-jest',
+  testEnvironment: 'node',
+  testPathIgnorePatterns: ['<rootDir>/test/fixtures'],
+  coveragePathIgnorePatterns: ['<rootDir>/test/'],
+};

packages/libs/lib-server/ormconfig.json

@@ -0,0 +1,7 @@
+{
+  "type": "sqlite",
+  "database": "./data/db.sqlite",
+  "synchronize": false,
+  "logging": true,
+  "entities": [ "src/**/entity.ts"]
+}

packages/libs/lib-server/package.json

@@ -0,0 +1,72 @@
+{
+  "name": "@certd/lib-server",
+  "version": "1.26.0",
+  "description": "midway with flyway, sql upgrade way ",
+  "private": false,
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "scripts": {
+    "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
+    "build": "npm run before-build && tsc --skipLibCheck",
+    "dev-build": "npm run build",
+    "test": "midway-bin test --ts -V",
+    "test1": "midway-bin test --ts -V -f test/blank.test.ts -t 'hash-check'",
+    "cov": "midway-bin cov --ts",
+    "lint": "mwts check",
+    "lint:fix": "mwts fix",
+    "prepublish": "npm run build",
+    "pub": "npm publish"
+  },
+  "keywords": [],
+  "author": "greper",
+  "files": [
+    "dist/**/*.js",
+    "dist/**/*.d.ts"
+  ],
+  "license": "AGPL",
+  "dependencies": {
+    "@certd/basic": "^1.26.0",
+    "@certd/pipeline": "^1.26.0",
+    "@midwayjs/cache": "~3.14.0",
+    "@midwayjs/core": "~3.17.1",
+    "@midwayjs/i18n": "~3.17.3",
+    "@midwayjs/info": "~3.17.3",
+    "@midwayjs/koa": "~3.17.1",
+    "@midwayjs/logger": "~3.4.2",
+    "@midwayjs/typeorm": "~3.17.1",
+    "@midwayjs/upload": "^3.17.3",
+    "better-sqlite3": "^11.1.2",
+    "dayjs": "^1.11.7",
+    "lodash-es": "^4.17.21",
+    "typeorm": "^0.3.20"
+  },
+  "devDependencies": {
+    "@rollup/plugin-commonjs": "^23.0.4",
+    "@rollup/plugin-json": "^6.0.0",
+    "@rollup/plugin-node-resolve": "^15.0.1",
+    "@rollup/plugin-terser": "^0.4.3",
+    "@rollup/plugin-typescript": "^11.0.0",
+    "@types/chai": "^4.3.3",
+    "@types/node": "^18",
+    "@typescript-eslint/eslint-plugin": "^5.38.1",
+    "@typescript-eslint/parser": "^5.38.1",
+    "cross-env": "^6.0.0",
+    "eslint": "^8.24.0",
+    "eslint-config-prettier": "^8.5.0",
+    "eslint-plugin-import": "^2.26.0",
+    "eslint-plugin-node": "^11.1.0",
+    "eslint-plugin-prettier": "^4.2.1",
+    "mwts": "^1.3.0",
+    "mwtsc": "^1.4.0",
+    "prettier": "^2.8.8",
+    "rimraf": "^5.0.5",
+    "rollup": "^3.7.4",
+    "rollup-plugin-visualizer": "^5.8.2",
+    "ts-node": "^10.9.1",
+    "tslib": "^2.5.2",
+    "typeorm": "^0.3.11",
+    "typescript": "^5.4.2"
+  },
+  "gitHead": "afa8155fda10f9a32427b351454b460897295a2c"
+}

packages/libs/lib-server/src/basic/base-controller.ts

@@ -1,10 +1,10 @@
 import { Inject } from '@midwayjs/core';
-import { Context } from '@midwayjs/koa';
+import * as koa from '@midwayjs/koa';
 import { Constants } from './constants.js';
 
 export abstract class BaseController {
   @Inject()
-  ctx: Context;
+  ctx: koa.Context;
 
   /**
    * 成功返回

packages/libs/lib-server/src/basic/base-service.ts

@@ -1,7 +1,7 @@
-import { ValidateException } from './exception/validation-exception.js';
+import { ValidateException } from './exception/index.js';
 import * as _ from 'lodash-es';
-import { PermissionException } from './exception/permission-exception.js';
-import { Repository } from 'typeorm';
+import { PermissionException } from './exception/index.js';
+import { In, Repository } from 'typeorm';
 import { Inject } from '@midwayjs/core';
 import { TypeORMDataSourceManager } from '@midwayjs/typeorm';
 import { EntityManager } from 'typeorm/entity-manager/EntityManager.js';
@@ -49,16 +49,22 @@ export abstract class BaseService<T> {
   /**
    * 删除
    * @param ids 删除的ID集合 如：[1,2,3] 或者 1,2,3
+   * @param where
    */
-  async delete(ids) {
-    if (ids instanceof Array) {
-      await this.getRepository().delete(ids);
-    } else if (typeof ids === 'string') {
-      await this.getRepository().delete(ids.split(','));
-    } else {
-      //ids是一个condition
-      await this.getRepository().delete(ids);
+  async delete(ids: any, where?: any) {
+    if (!ids) {
+      throw new ValidateException('ids不能为空');
     }
+    if (typeof ids === 'string') {
+      ids = ids.split(',');
+    }
+    if (ids.length === 0) {
+      return;
+    }
+    await this.getRepository().delete({
+      id: In(ids),
+      ...where,
+    });
     await this.modifyAfter(ids);
   }
 
@@ -90,7 +96,7 @@ export abstract class BaseService<T> {
    * @param param 数据
    */
   async update(param) {
-    if (!param.id) throw new ValidateException('no id');
+    if (!param.id) throw new ValidateException('id 不能为空');
     param.updateTime = new Date();
     await this.addOrUpdate(param);
     await this.modifyAfter(param);
@@ -192,18 +198,17 @@ export abstract class BaseService<T> {
     return await qb.getMany();
   }
 
-  async checkUserId(id: any = 0, userId, userKey = 'userId') {
-    // @ts-ignore
+  async checkUserId(id: any = 0, userId: number, userKey = 'userId') {
     const res = await this.getRepository().findOne({
+      // eslint-disable-next-line @typescript-eslint/ban-ts-comment
       // @ts-ignore
       select: { [userKey]: true },
-      // @ts-ignore
       where: {
+        // eslint-disable-next-line @typescript-eslint/ban-ts-comment
         // @ts-ignore
         id,
       },
     });
-    // @ts-ignore
     if (!res || res[userKey] === userId) {
       return;
     }

packages/libs/lib-server/src/basic/constants.ts

@@ -44,6 +44,14 @@ export const Constants = {
       code: 402,
       message: '您没有权限',
     },
+    param: {
+      code: 400,
+      message: '参数错误',
+    },
+    notFound: {
+      code: 404,
+      message: '页面/文件/资源不存在',
+    },
     preview: {
       code: 10001,
       message: '对不起，预览环境不允许修改此数据',

packages/libs/lib-server/src/basic/exception/index.ts

@@ -0,0 +1,9 @@
+export * from './auth-exception.js';
+export * from './base-exception.js';
+export * from './permission-exception.js';
+export * from './preview-exception.js';
+export * from './validation-exception.js';
+export * from './vip-exception.js';
+export * from './common-exception.js';
+export * from './not-found-exception.js';
+export * from './param-exception.js';

packages/libs/lib-server/src/basic/exception/not-found-exception.ts

@@ -0,0 +1,10 @@
+import { Constants } from '../constants.js';
+import { BaseException } from './base-exception.js';
+/**
+ * 资源不存在
+ */
+export class NotFoundException extends BaseException {
+  constructor(message) {
+    super('NotFoundException', Constants.res.notFound.code, message ? message : Constants.res.notFound.message);
+  }
+}

packages/libs/lib-server/src/basic/exception/param-exception.ts

@@ -0,0 +1,10 @@
+import { Constants } from '../constants.js';
+import { BaseException } from './base-exception.js';
+/**
+ * 参数异常
+ */
+export class ParamException extends BaseException {
+  constructor(message) {
+    super('ParamException', Constants.res.param.code, message ? message : Constants.res.param.message);
+  }
+}

packages/libs/lib-server/src/basic/exception/permission-exception.ts

@@ -5,10 +5,6 @@ import { BaseException } from './base-exception.js';
  */
 export class PermissionException extends BaseException {
   constructor(message?: string) {
-    super(
-      'PermissionException',
-      Constants.res.permission.code,
-      message ? message : Constants.res.permission.message
-    );
+    super('PermissionException', Constants.res.permission.code, message ? message : Constants.res.permission.message);
   }
 }

packages/libs/lib-server/src/basic/exception/validation-exception.ts

@@ -5,10 +5,6 @@ import { BaseException } from './base-exception.js';
  */
 export class ValidateException extends BaseException {
   constructor(message) {
-    super(
-      'ValidateException',
-      Constants.res.validation.code,
-      message ? message : Constants.res.validation.message
-    );
+    super('ValidateException', Constants.res.validation.code, message ? message : Constants.res.validation.message);
   }
 }

packages/libs/lib-server/src/basic/index.ts

@@ -0,0 +1,7 @@
+export * from './base-controller.js';
+export * from './constants.js';
+export * from './crud-controller.js';
+export * from './enum-item.js';
+export * from './exception/index.js';
+export * from './result.js';
+export * from './base-service.js';

packages/libs/lib-server/src/configuration.ts

@@ -0,0 +1,11 @@
+import type { IMidwayContainer } from '@midwayjs/core';
+import { Configuration } from '@midwayjs/core';
+import { logger } from '@certd/pipeline';
+@Configuration({
+  namespace: 'lib-server',
+})
+export class LibServerConfiguration {
+  async onReady(container: IMidwayContainer) {
+    logger.info('lib start');
+  }
+}

packages/libs/lib-server/src/index.ts

@@ -0,0 +1,7 @@
+import { SysSettingsEntity } from './system/index.js';
+
+export * from './basic/index.js';
+export * from './system/index.js';
+export { LibServerConfiguration as Configuration } from './configuration.js';
+
+export const libServerEntities = [SysSettingsEntity];

packages/libs/lib-server/src/system/basic/index.ts

@@ -0,0 +1,2 @@
+export * from './service/plus-service.js';
+export * from './service/file-service.js';

packages/libs/lib-server/src/system/basic/service/file-service.ts

@@ -0,0 +1,86 @@
+import { Provide } from '@midwayjs/core';
+import dayjs from 'dayjs';
+import path from 'path';
+import fs from 'fs';
+import { cache, logger, utils } from '@certd/pipeline';
+import { NotFoundException, ParamException, PermissionException } from '../../../basic/index.js';
+
+export type UploadFileItem = {
+  filename: string;
+  tmpFilePath: string;
+};
+const uploadRootDir = './data/upload';
+export const uploadTmpFileCacheKey = 'tmpfile_key_';
+/**
+ */
+@Provide()
+export class FileService {
+  async saveFile(userId: number, tmpCacheKey: any, permission: 'public' | 'private') {
+    if (tmpCacheKey.startsWith(`/${permission}`)) {
+      //已经保存过，不需要再次保存
+      return tmpCacheKey;
+    }
+    let fileName = '';
+    let tmpFilePath = tmpCacheKey;
+    if (uploadTmpFileCacheKey && tmpCacheKey.startsWith(uploadTmpFileCacheKey)) {
+      const tmpFile: UploadFileItem = cache.get(tmpCacheKey);
+      if (!tmpFile) {
+        throw new ParamException('文件已过期，请重新上传');
+      }
+      tmpFilePath = tmpFile.tmpFilePath;
+      fileName = tmpFile.filename || path.basename(tmpFilePath);
+    }
+    if (!tmpFilePath || !fs.existsSync(tmpFilePath)) {
+      throw new Error('文件不存在,请重新上传');
+    }
+    const date = dayjs().format('YYYY_MM_DD');
+    const random = Math.random().toString(36).substring(7);
+    const userIdMd5 = Buffer.from(Buffer.from(userId + '').toString('base64')).toString('hex');
+    const key = `/${permission}/${userIdMd5}/${date}/${random}_${fileName}`;
+    let savePath = path.join(uploadRootDir, key);
+    savePath = path.resolve(savePath);
+    const parentDir = path.dirname(savePath);
+    if (!fs.existsSync(parentDir)) {
+      fs.mkdirSync(parentDir, { recursive: true });
+    }
+    // eslint-disable-next-line node/no-unsupported-features/node-builtins
+    const copyFile = utils.promises.promisify(fs.copyFile);
+    await copyFile(tmpFilePath, savePath);
+    try {
+      fs.unlinkSync(tmpFilePath);
+    } catch (e) {
+      logger.error(e);
+    }
+
+    return key;
+  }
+
+  getFile(key: string, userId?: number) {
+    if (!key) {
+      throw new ParamException('参数错误');
+    }
+    if (key.indexOf('..') >= 0) {
+      //安全性判断
+      throw new ParamException('参数错误');
+    }
+    if (!key.startsWith('/')) {
+      throw new ParamException('参数错误');
+    }
+    const keyArr = key.split('/');
+    const permission = keyArr[1];
+    const userIdMd5 = keyArr[2];
+    if (permission !== 'public') {
+      //非公开文件需要验证用户
+      const userIdStr = Buffer.from(Buffer.from(userIdMd5, 'hex').toString('base64')).toString();
+      const userIdInt: number = parseInt(userIdStr, 10);
+      if (userId == null || userIdInt !== userId) {
+        throw new PermissionException('无访问权限');
+      }
+    }
+    const filePath = path.join(uploadRootDir, key);
+    if (!fs.existsSync(filePath)) {
+      throw new NotFoundException('文件不存在');
+    }
+    return filePath;
+  }
+}

packages/libs/lib-server/src/system/basic/service/plus-service.ts

@@ -1,16 +1,15 @@
 import { Config, Init, Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
-import { SysSettingsService } from '../../system/service/sys-settings-service.js';
-import { SysInstallInfo, SysLicenseInfo } from '../../system/service/models.js';
-import { AppKey, http, PlusRequestService, verify } from '@certd/pipeline';
-import { logger } from '../../../utils/logger.js';
+import { AppKey, PlusRequestService, verify } from '@certd/pipeline';
+import { logger } from '@certd/basic';
+import { SysInstallInfo, SysLicenseInfo, SysSettingsService } from '../../settings/index.js';
 
 @Provide()
 @Scope(ScopeEnum.Singleton)
 export class PlusService {
   @Inject()
   sysSettingsService: SysSettingsService;
-  @Config('plus.server.baseUrl')
-  plusServerBaseUrl;
+  @Config('plus.server.baseUrls')
+  plusServerBaseUrls: string[];
 
   plusRequestService: PlusRequestService;
 
@@ -18,9 +17,7 @@ export class PlusService {
   async init() {
     const installInfo: SysInstallInfo = await this.sysSettingsService.getSetting(SysInstallInfo);
     this.plusRequestService = new PlusRequestService({
-      plusServerBaseUrl: this.plusServerBaseUrl,
-      http: http,
-      logger,
+      plusServerBaseUrls: this.plusServerBaseUrls,
       subjectId: installInfo.siteId,
     });
   }