v1.30.2

Update README.md

.github/workflows/build-image.yml

@@ -91,14 +91,14 @@ jobs:
 #            greper/certd:armv7
 #            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
 
-      - name: Build agent
-        uses: docker/build-push-action@v6
-        with:
-          platforms: linux/amd64,linux/arm64
-          push: true
-          context: ./packages/ui/agent/
-          tags: |
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:latest
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
-            greper/certd-agent:latest
-            greper/certd-agent:${{steps.get_certd_version.outputs.result}}
+#      - name: Build agent
+#        uses: docker/build-push-action@v6
+#        with:
+#          platforms: linux/amd64,linux/arm64
+#          push: true
+#          context: ./packages/ui/agent/
+#          tags: |
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:latest
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
+#            greper/certd-agent:latest
+#            greper/certd-agent:${{steps.get_certd_version.outputs.result}}

CHANGELOG.md

@@ -3,6 +3,201 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+### Bug Fixes
+
+* 当前置任务被删除时进行校验 ([c89686a](https://github.com/certd/certd/commit/c89686a2fda251484930f0ae715417b618c21690))
+* 修复cloudflare删除解析记录报错的bug ([00c2da4](https://github.com/certd/certd/commit/00c2da444f84adb89f3f1226d03294d7c6e3e4f1))
+
+### Performance Improvements
+
+* 上传自定义证书 ([75a38d9](https://github.com/certd/certd/commit/75a38d95f305b4271d9106babe7cffc1c89ae8f3))
+
+## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+### Bug Fixes
+
+* 修复部署到阿里云ALB、NLB插件加载混乱的bug ([6ab83b6](https://github.com/certd/certd/commit/6ab83b662a2c5e715b9cb7eb1244de2ebb7f47b0))
+* 修复腾讯clb重复执行会报错的bug ([e95d29f](https://github.com/certd/certd/commit/e95d29f446d06eced315a3087fc9e105a30b20bd))
+* 修复tg消息内容中存在.和*就会发送失败的bug ([ae5dfc3](https://github.com/certd/certd/commit/ae5dfc3bee950267123ae2fbd1c11e7ce36626ea))
+
+### Performance Improvements
+
+* 创建流水线时，默认成功时也发送通知 ([52ae690](https://github.com/certd/certd/commit/52ae6902d203ca56e0312692b50c55cb6ddd3e39))
+* http方式校验，选择sftp时，支持修改文件访问权限比如777 ([15d6eaf](https://github.com/certd/certd/commit/15d6eaf5532ed25acd4f8d58c429353a2f44206c))
+
+# [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+### Bug Fixes
+
+* 修复查看任务日志偶发性无法自动滚动底部的bug ([7e482f7](https://github.com/certd/certd/commit/7e482f798c0142bce1866f84676cb40210f9638a))
+* 修复namesilo ttl太短的问题 ([865f26d](https://github.com/certd/certd/commit/865f26d75c0d3dd4dc8b41448f8830068e45957c))
+
+### Features
+
+* 支持open api接口，根据域名获取证书 ([52a4fd3](https://github.com/certd/certd/commit/52a4fd33180e9b3f71b8dc9f7671d7cd8e448c3b))
+
+### Performance Improvements
+
+* 证书仓库 ([91e7f45](https://github.com/certd/certd/commit/91e7f45a1c5ea1e0ec0aa3236b80028f03a6d0aa))
+* 支持部署到阿里云ALB ([653940a](https://github.com/certd/certd/commit/653940a0ca64fc380178c1b0b58ae0af64dfaf07))
+* 支持部署到阿里云NLB、SLB ([c085bac](https://github.com/certd/certd/commit/c085bac5d877c4250a8a79e17eb8673b8e4fc89c))
+* 支持部署到腾讯云直播 ([417d37b](https://github.com/certd/certd/commit/417d37b199b79a42f790f9edab8f178eedf8fbf7))
+* 支持部署证书到proxmox ([d10795e](https://github.com/certd/certd/commit/d10795ecd97eb8cf2ffa46aabfdbfc6812636396))
+
+## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+### Bug Fixes
+
+* 修复复制到本机插件，pfx格式复制时报错的bug ([f57116d](https://github.com/certd/certd/commit/f57116d2bebf33e47ad93e0b39c4efe8e4aea25c))
+* 修复授权管理，点击了查看原文按钮后，无法修改值的bug ([85c99f7](https://github.com/certd/certd/commit/85c99f7f80761ac6efaf3255c03b933442db1686))
+
+## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+### Bug Fixes
+
+* 修复站点监控域名校验无法通过的bug ([1cb4a53](https://github.com/certd/certd/commit/1cb4a539cc523721ffd4b22d40d0e3d2d68cd915))
+
+### Performance Improvements
+
+* 优化腾讯云CLB插件，支持非sni情况，sni情况支持填写多个域名 ([635b042](https://github.com/certd/certd/commit/635b042690637bff85e97e07c7aac4b87a8a124b))
+
+## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+### Bug Fixes
+
+* 修复系统级授权无法查看密钥的bug ([8644348](https://github.com/certd/certd/commit/8644348fc41ae2e1672f946ca37e5d3a674e0218))
+
+### Performance Improvements
+
+* 优化站点证书检查页面，检查增加3次重试 ([e6dd7cd](https://github.com/certd/certd/commit/e6dd7cd54a3e23897031b5df6e0c3cdc0545d35a))
+* 优化acme sdk ([54db744](https://github.com/certd/certd/commit/54db74428259de64d12230c2ab7353ae11197bbc))
+* 支持http校验方式申请证书 ([405591c](https://github.com/certd/certd/commit/405591c5d08fa1a3b228ee3980199e7731cfec4a))
+* http校验方式，支持七牛云oss、阿里云oss、腾讯云cos ([3f74d4d](https://github.com/certd/certd/commit/3f74d4d9e5f5d0e629b44cff1895b3f7a8fbcafc))
+
+## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+### Bug Fixes
+
+* 修复套餐关闭状态下，仍然限制用户流水线数量的bug ([66fb9e5](https://github.com/certd/certd/commit/66fb9e5f49491f9c159363b48af14720a37673b1))
+
+## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+### Bug Fixes
+
+* 免费套餐支持购买 ([f5ec987](https://github.com/certd/certd/commit/f5ec9870fd6af1f0c9099852bbdb4d07813ccce8))
+* 修复某处金额转换丢失精度的bug ([d2d6f12](https://github.com/certd/certd/commit/d2d6f12218cbe7bd55f4ae082b93084be85f0a7b))
+* 修复新版本小红点显示错误问题 ([fe4786e](https://github.com/certd/certd/commit/fe4786e168afe03a5243dd67971476c348339809))
+
+### Performance Improvements
+
+* 用户创建证书流水线没有购买套餐或者超限时提前报错 ([472f06c](https://github.com/certd/certd/commit/472f06c2d190d0ae48e8b53c18bc278437656a1c))
+* 优化插件名称显示 ([26adf7d](https://github.com/certd/certd/commit/26adf7d437e674385f26a8f92fded6521a620671))
+
+# [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+### Bug Fixes
+
+* 修复手机模式下，查询框被文字遮盖的bug ([040788c](https://github.com/certd/certd/commit/040788c793642c3bb2a3ede87fe30fcf3be471bd))
+* 修复左侧菜单收起时无法展开子菜单的bug ([0056223](https://github.com/certd/certd/commit/005622307e612717a5408aa1484717ef03003a22))
+
+### Features
+
+* 基础版不再限制流水线数量 ([cb27d4b](https://github.com/certd/certd/commit/cb27d4b4906b2782eaceb0a95bbdc5d0534370d2))
+* 套餐购买支持易支付、支付宝支付 ([faa28f8](https://github.com/certd/certd/commit/faa28f88f954cba4c1dd29125562e5acd2fd99af))
+* 用户套餐，用户支付功能 ([a019956](https://github.com/certd/certd/commit/a019956698acaf2c4beb620b5ad8c18918ead6a1))
+* 站点证书监控 ([9c8c7a7](https://github.com/certd/certd/commit/9c8c7a781223f4217f45510db1e89495600e3cd5))
+* 支持微信支付 ([45d6347](https://github.com/certd/certd/commit/45d6347f5b6199493b11aabdd74177f6dca2cea4))
+
+### Performance Improvements
+
+* 调整创建证书表单字段的顺序 ([d393521](https://github.com/certd/certd/commit/d3935219f2aa50d6662c5b5ebf7ee25ad696ab2b))
+* 同一时间只允许一个套餐生效 ([8ebf95a](https://github.com/certd/certd/commit/8ebf95a222a900d1707716c7b1f3b39f8a6d8f94))
+* 用户名支持修改 ([89c7f07](https://github.com/certd/certd/commit/89c7f070343e86453c84677ebe1669f9b266d871))
+* 优化证书申请跳过的状态显示，成功通知现在在跳过时不会发送 ([67d762b](https://github.com/certd/certd/commit/67d762b6a520f1fa24719a124e5ae975a81f5f82))
+* 站点证书监控通知发送，每天定时检查 ([bb4910f](https://github.com/certd/certd/commit/bb4910f4e57234e42b44505f4620ae7af66025c5))
+* 支持一体证书 ([53c38cf](https://github.com/certd/certd/commit/53c38cf714a6f7486abbf1d71c9f48f56a790100))
+* 支持plesk网站证书部署 ([eda45c1](https://github.com/certd/certd/commit/eda45c1528199648b3970505e87f492d398226cd))
+
+## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+### Bug Fixes
+
+* 修复证书成功通知发送失败的bug ([0f5c690](https://github.com/certd/certd/commit/0f5c69040ba77340c909813220a26bc7ddada3ea))
+
+### Performance Improvements
+
+* 群晖支持6.x ([79f7ec4](https://github.com/certd/certd/commit/79f7ec4672f4fd5744cc45e4a6f104da943f4026))
+
+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+### Bug Fixes
+
+* 修复没有配置eab时，报order无法读取的问题 ([657a2ae](https://github.com/certd/certd/commit/657a2ae032e6f61ac27fbdd26c7bf169c041219e))
+* 修复授权被删除后，无法清空的bug ([b45977c](https://github.com/certd/certd/commit/b45977c29a29084c11e496bec3415eaaebafdd74))
+* mysql下access.setting字段改成text ([b7f5740](https://github.com/certd/certd/commit/b7f5740c57743914f754f3b4fdd94b59a2e8338c))
+
+### Performance Improvements
+
+* 点击版本红点按钮，跳转到升级帮助页面 ([454fbda](https://github.com/certd/certd/commit/454fbda581bbe22abca5b91e5086ea9d9d58a020))
+* 通知标题优化 ([ff083ce](https://github.com/certd/certd/commit/ff083ce6848a8bee3c8248e4b881086ae1517c28))
+* 支持腾讯虚拟机开关机([@wujingke](https://github.com/wujingke)) ([8039e8b](https://github.com/certd/certd/commit/8039e8baf83c82d03f1a6198cf61c372026b962b))
+* 支持aws cloudfront ([0ae39f1](https://github.com/certd/certd/commit/0ae39f160a7c6b6696b3bf513d68aa28905810ad))
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+### Bug Fixes
+
+* 修复创建流水线通知设置无效的bug ([498cf34](https://github.com/certd/certd/commit/498cf34999fddfa24ce088e2e678469fa669abb8))
+* 修复流水线分组可以被所有人看见的bug ([a0e838d](https://github.com/certd/certd/commit/a0e838d1eec918e5dc92fe95dc72ac14facb930e))
+
+### Performance Improvements
+
+* 优化数据表索引 ([228fdf0](https://github.com/certd/certd/commit/228fdf0a0d28013f5dd156a97bbde80537e8e97e))
+* 支持mysql ([7cde1fd](https://github.com/certd/certd/commit/7cde1fdc4a9ed851900d231a5460c8dbfbcd148e))
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Bug Fixes
+
+* 修复cname排查方法 nslookup命令显示黑色的问题 ([3dfeeec](https://github.com/certd/certd/commit/3dfeeec899d7d0d7292695ce410f78548e076c03))
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+* 新增七牛云插件分组 ([49e7dc5](https://github.com/certd/certd/commit/49e7dc56e1a95fbdea3e30cdeb945b48415b69e3))
+* 新增server酱3通知 ([6aa4872](https://github.com/certd/certd/commit/6aa487269c9f6862e188b37a0d6c73f79c937d94))
+* 支持邀请奖励 ([618ec93](https://github.com/certd/certd/commit/618ec937866b24ebcf8164db43acb1ed66a5b329))
+* 支持易发云短信 ([94fa77f](https://github.com/certd/certd/commit/94fa77fcd2b9bea294fb05736c0d8cdc81f56103))
+* cname value优化 ([e8c9c2a](https://github.com/certd/certd/commit/e8c9c2a47d47048ae743b16f7bc932dbe18a89e9))
+* favicon支持自定义 ([8b9c47d](https://github.com/certd/certd/commit/8b9c47daf194515006689a212ae9cf586bdf5993))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Bug Fixes
+
+* 修复自定义webhook contextType的bug ([7e5ea0c](https://github.com/certd/certd/commit/7e5ea0cee003acda952d922ca70592f1e8a2ed80))
+
+### Features
+
+* 手机号登录、邮箱验证码注册 ([7b55337](https://github.com/certd/certd/commit/7b55337c5edb470cca7aa62201eda8d274784004))
+
+### Performance Improvements
+
+* 部署到IIS插件 ([1534f45](https://github.com/certd/certd/commit/1534f4523633265d219d7b3a249a9ea1af99c512))
+* 登录失败增加重试次数限制及冷却时间 ([954b6df](https://github.com/certd/certd/commit/954b6df3608695fe074130f8149a33e311d80cc4))
+* 流水线支持批量修改分组，批量删除 ([a847e66](https://github.com/certd/certd/commit/a847e66c4fc843b98f1520b2b8072d3586ce8b81))
+* 取消docker-compose的dns配置 ([87bbf6f](https://github.com/certd/certd/commit/87bbf6f14080b9fa287c250d7fc4d33279c83ff7))
+* 首页新增修改密码提示 ([0772d3b](https://github.com/certd/certd/commit/0772d3b3fd24afdde4086d9f09ef19d037b431b4))
+* 选项显示图标 ([aedc462](https://github.com/certd/certd/commit/aedc46213571a3bd93809b7af7fa17a08d546237))
+* 优化七牛云cdn，获取域名列表可以选择 ([5a20242](https://github.com/certd/certd/commit/5a20242111d6bd255b25dac86fe1f062c8543096))
+* 优化七牛云cdn部署，保持http2和forceHttp设置，当未开启https时，主动开启https ([196f7d9](https://github.com/certd/certd/commit/196f7d9dc23d7dd96b663c686542e85270b81aef))
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+* 支持威联通证书部署 ([0d8913e](https://github.com/certd/certd/commit/0d8913ea2f56fdebbcc9bb207eae59e8ddbb8cad))
+* 自定义webhook显示详细的错误信息 ([3254afc](https://github.com/certd/certd/commit/3254afc75640eed3729d0fc02a818fefbe5c7fc3))
+
 ## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
 
 ### Performance Improvements

README.md

@@ -9,15 +9,23 @@ Certd 是一个免费全自动申请和自动部署更新SSL证书的管理系
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
 
 * 全自动申请证书（支持所有注册商注册的域名）
-* 全自动部署更新证书（目前支持部署到主机、部署到阿里云、腾讯云等，目前已支持30+部署插件）
+* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等，目前已支持40+部署插件）
+* 支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式
 * 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
-* 邮件通知
-* 私有化部署，数据保存本地，镜像由Github Actions构建，过程公开透明
-* 支持sqlite，postgresql数据库
+* 邮件通知、webhook通知
+* 私有化部署，数据保存本地，授权信息加密存储，镜像由Github Actions构建，过程公开透明
+* 支持SQLite，PostgreSQL、MySQL数据库
 
 
+>
+> 流水线数量现已调整为无限制，欢迎大家使用
+>
 
+> 关于证书续期：
+ >* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
+ >* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
 
+ 
 ## 二、在线体验
 
 官方Demo地址，自助注册后体验    
@@ -86,11 +94,13 @@ https://certd.handfree.work/
 
 
 ## 五、 升级
-如果使用固定版本号
+
+### docker-compose方式部署
+#### 1. 如果使用固定版本号
 1. 修改`docker-compose.yaml`中的镜像版本号
 2. 运行`docker compose up -d` 即可
 
-如果使用`latest`版本
+#### 2. 如果需要使用最新版本
 ```shell
 #重新拉取镜像
 docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
@@ -98,19 +108,54 @@ docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
 docker compose down
 docker compose up -d
 ```
+> 数据默认存在`/data/certd`目录下，不用担心数据丢失
 
-> 数据默认存在`/data/certd`目录下，不用担心数据丢失   
+### 自动升级(仅限尝鲜建议非生产使用)
+```yaml
+version: '3.3'
+services:
+  certd:
+    image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
+    container_name: certd
+    restart: unless-stopped
+    volumes:
+      - /data/certd:/app/data
+    ports:
+      - "7001:7001"
+      - "7002:7002"
+    environment:
+      - certd_system_resetAdminPasswd=false
+    labels:
+      com.centurylinklabs.watchtower.enable: "true"
+
+  certd-updater:  # 添加 Watchtower 服务
+    image: containrrr/watchtower:latest
+    container_name: certd-updater
+    restart: unless-stopped
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    # 配置 自动更新
+    environment:
+      - WATCHTOWER_CLEANUP=true            # 自动清理旧版本容器
+      - WATCHTOWER_INCLUDE_STOPPED=false   # 不更新已停止的容器
+      - WATCHTOWER_LABEL_ENABLE=true       # 根据容器标签进行更新
+      - WATCHTOWER_POLL_INTERVAL=300       # 每 5 分钟检查一次更新
+
+```
+
+### 其他部署方式升级方法
+请参考 https://certd.docmirror.cn/guide/install/upgrade.html
 
 
-更新日志： [CHANGELOG](./CHANGELOG.md)
+
+###  更新日志：
+
+[CHANGELOG](./CHANGELOG.md)
 
 
 ## 六、一些说明
 * 本项目ssl证书提供商为letencrypt/Google/ZeroSSL
 * 申请过程遵循acme协议
-* 需要验证域名所有权，一般有两种方式（目前本项目仅支持dns-01）
-  * http-01： 在网站根目录下放置一份txt文件
-  * dns-01： 需要给域名添加txt解析记录，通配符域名只能用这种方式
 * 证书续期：
   * 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
   * 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
@@ -155,12 +200,14 @@ https://afdian.com/a/greper
 
 专业版特权对比
 
-| 功能      | 免费版               | 专业版                   |
-|---------|-------------------|-----------------------|
-| 免费证书申请  | 免费无限制             | 免费无限制                 |
-| 自动部署插件  | 阿里云、腾讯云、七牛云、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中 |
-| 发邮件功能   | 需要配置              | 免配置                   |
-| 证书流水线条数 | 10条               | 无限制                   |
+| 功能   | 基础版             | 专业版               |
+|------|-----------------|-------------------|
+| 免费证书申请 | 免费无限制           | 无限制               |
+| 域名数量 | 免费无限制           | 无限制               |
+| 证书流水线条数 | 免费无限制           | 无限制               |
+| 站点证书监控 | 1条              | 无限制               |
+| 自动部署插件 | 阿里云、腾讯云、七牛云、SSH | 支持群晖、宝塔、1Panel等，持续开发中 |
+| 通知   | 邮件、webhook      | server酱、企微、anpush等 |
 
 ************************
 

build.trigger

@@ -1 +1 @@
-02:09
+23:39

docker/run/docker-compose.yaml

@@ -1,7 +1,7 @@
 version: '3.3' # 兼容旧版docker-compose
 services:
   certd:
-    # 镜像                                                  #  ↓↓↓↓↓ ---- 镜像版本号，建议改成固定版本号
+    # 镜像                                                  #  ↓↓↓↓↓ ---- 镜像版本号，建议改成固定版本号,例如：certd:1.29.0
     image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
     container_name: certd # 容器名
     restart: unless-stopped # 自动重启
@@ -14,27 +14,34 @@ services:
       #  ↓↓↓↓ ---------------------------------------------------------- https端口，可以根据实际情况，是否暴露该端口
       - "7002:7002"
     #↓↓↓↓ -------------------------------------------------------------- 如果出现getaddrinfo ENOTFOUND错误，可以尝试设置dns
-    dns:
-      - 223.5.5.5      # 阿里云公共dns
-      - 223.6.6.6
+#    dns:
+#      - 223.5.5.5      # 阿里云公共dns
+#      - 223.6.6.6
 #       # ↓↓↓↓ --------------------------------------------------------- 如果你服务器在腾讯云，可以用这个替换上面阿里云的公共dns
 #      - 119.29.29.29  # 腾讯云公共dns
 #      - 182.254.116.116
 #       # ↓↓↓↓ --------------------------------------------------------- 如果你服务器部署在国外，可以用这个替换上面阿里云的公共dns
 #      - 8.8.8.8       # 谷歌公共dns
 #      - 8.8.4.4
-
 #    extra_hosts:
 #        # ↓↓↓↓ -------------------------------------------------------- 这里可以配置自定义hosts，外网域名可以指向本地局域网ip地址
-#      - "localdomain.comm:192.168.1.3"
-
+#      - "localdomain.com:192.168.1.3"
+    labels:
+      com.centurylinklabs.watchtower.enable: "true"
+#    ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络，还需要把下面networks的注释放开
+#    networks:
+#      - ip6net
     environment:
 #     设置环境变量即可自定义certd配置
 #     配置项见： packages/ui/certd-server/src/config/config.default.ts
 #     配置规则： certd_ + 配置项, 点号用_代替
 #                                    #↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false
       - certd_system_resetAdminPasswd=false
-#                                    #↓↓↓↓ ----------------------------- 使用postgresql数据库
+
+#     默认使用sqlite文件数据库，如果需要使用其他数据库，请设置以下环境变量
+#     注意： 选定使用一种数据库之后，不支持更换数据库。
+#     数据库迁移方法：1、使用新数据库重新部署一套，然后将旧数据同步过去，注意flyway_history表的数据不要同步
+#                                    #↓↓↓↓ ----------------------------- 使用postgresql数据库，需要提前创建数据库
 #      - certd_flyway_scriptDir=./db/migration-pg                        # 升级脚本目录
 #      - certd_typeorm_dataSource_default_type=postgres                  # 数据库类型
 #      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
@@ -43,9 +50,31 @@ services:
 #      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
 #      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
 
-#    #↓↓↓↓ ------------------------------------------------------------- 启用ipv6网络
-#    networks:
-#      - ip6net
+#                                    #↓↓↓↓ ----------------------------- 使用mysql数据库，需要提前创建数据库 charset=utf8mb4, collation=utf8mb4_bin
+#      - certd_flyway_scriptDir=./db/migration-mysql                     # 升级脚本目录
+#      - certd_typeorm_dataSource_default_type=mysql                     # 数据库类型， 或者 mariadb
+#      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
+#      - certd_typeorm_dataSource_default_port=3306                      # 数据库端口
+#      - certd_typeorm_dataSource_default_username=root                  # 用户名
+#      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
+#      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
+
+#         ↓↓↓↓ ---------------------------------------------------------  自动升级，上面certd的版本号要保持为latest
+#  certd-updater:  # 添加 Watchtower 服务
+#    image: containrrr/watchtower:latest
+#    container_name: certd-updater
+#    restart: unless-stopped
+#    volumes:
+#      - /var/run/docker.sock:/var/run/docker.sock
+#    # 配置 自动更新
+#    environment:
+#      - WATCHTOWER_CLEANUP=true            # 自动清理旧版本容器
+#      - WATCHTOWER_INCLUDE_STOPPED=false   # 不更新已停止的容器
+#      - WATCHTOWER_LABEL_ENABLE=true       # 根据容器标签进行更新
+#      - WATCHTOWER_POLL_INTERVAL=600       # 每 10 分钟检查一次更新
+
+
+#    ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络，还需要把上面networks的注释放开
 #networks:
 #  ip6net:
 #    enable_ipv6: true

docs/.vitepress/config.ts

@@ -57,6 +57,7 @@ export default defineConfig({
     nav: [
       { text: "首页", link: "/" },
       { text: "指南", link: "/guide/" },
+      { text: "商业版", link: "/comm/" },
       { text: "Demo体验", link: "https://certd.handfree.work" }
     ],
     sidebar: {
@@ -76,8 +77,9 @@ export default defineConfig({
                 { text: "源码部署", link: "/guide/install/source/" }
               ]
             },
-            { text: "演示教程", link: "/guide/tutorial.md" }
-
+            { text: "演示教程", link: "/guide/tutorial.md" },
+            { text: "版本升级", link: "/guide/install/upgrade.md" },
+            { text: "切换数据库", link: "/guide/install/database.md" }
           ]
         },
         {
@@ -101,12 +103,12 @@ export default defineConfig({
             { text: "js脚本插件使用", link: "/guide/use/custom-script/index.md" },
             { text: "邮箱配置", link: "/guide/use/email/index.md" },
             { text: "IPv6支持", link: "/guide/use/setting/ipv6.md" },
-            { text: "如何贡献代码", link: "/guide/development/index.md" },
           ]
         },
         {
           text: "其他",
           items: [
+            { text: "贡献代码", link: "/guide/development/index.md" },
             { text: "更新日志", link: "/guide/changelogs/CHANGELOG.md" },
             { text: "镜像说明", link: "/guide/image.md" },
             { text: "联系我们", link: "/guide/contact/" },
@@ -116,8 +118,20 @@ export default defineConfig({
 
           ]
         }
+      ],
+      "/comm/": [
+        {
+          text: "商业版",
+          items: [
+            { text: "支付宝配置", link: "/comm/payments/alipay.md" },
+            { text: "微信支付配置", link: "/comm/payments/wxpay.md" },
+            { text: "彩虹易支付配置", link: "/comm/payments/yizhifu.md" },
+          ]
+        }
       ]
+      ,
     },
+
     socialLinks: [
       { icon: "github", link: "https://github.com/certd/certd" }
     ],

docs/comm/index.md

@@ -0,0 +1,9 @@
+# 商业版文档
+
+![](./images/index.png)
+
+## 支付方式配置
+
+* [支付宝支付配置](./payments/alipay.md)
+* [微信支付配置](./payments/wxpay.md)
+* [彩虹易支付配置](./payments/yizhifu.md)

docs/comm/payments/alipay.md

@@ -0,0 +1,21 @@
+# 支付宝配置
+
+## 配置步骤
+
+1. 创建应用，获取APPID
+   * 登录支付宝开放平台，进入开发者中心，创建网页应用，获取应用的AppId（左上角复制）
+   * 开发者中心：https://open.alipay.com/develop/manage
+
+
+2. 进入应用详情，选择开发设置，配置接口加签方式 （选择密钥类型）
+
+   * 参考文档：https://opendocs.alipay.com/common/02kdnc?pathHash=fb0c752a
+   * 此步骤完成后，可以获取应用的私钥、支付宝公钥。     
+   * 注意：支付宝不会保存应用的私钥，你需要自己保管好私钥。
+
+
+3. 在Certd后台配置支付宝 
+
+   * 进入“系统”->"设置"->“支付设置”
+   * 启用支付宝，选择“支付宝配置”，点击添加
+   * 填写支付宝AppId、应用私钥、支付宝公钥等信息即可。

docs/comm/payments/wxpay.md

@@ -0,0 +1,27 @@
+# 微信支付配置
+
+## 配置步骤
+
+1. 开通Native支付
+   * 登录微信支付平台
+   * 进入产品中心： https://pay.weixin.qq.com/index.php/extend/product/lists?tid=3
+   * 选择开通Native支付
+
+2. 申请证书
+
+   * 进入“账户中心”->“API安全”->“商户API证书”->“管理证书”
+   * 根据指引生成证书
+   * 得到私钥和公钥
+
+
+3. 填写APIv3密钥
+
+   * 进入“账户中心”->“API安全”->“解密回调”
+   * 填写APIv3密钥 
+   * 参考文档 https://kf.qq.com/faq/180830E36vyQ180830AZFZvu.html
+
+
+4. 在Certd后台配置微信支付
+   * 进入“系统”->"设置"->“支付设置”
+   * 启用微信支付，选择“微信支付配置”，点击添加
+   * 填写微信支付商户号、证书私钥、证书公钥、APIv3密钥即可。

docs/comm/payments/yizhifu.md

@@ -0,0 +1,19 @@
+# 彩虹易支付配置
+
+彩虹易支付是一款非常流行的php聚合支付系统。
+
+## 配置步骤
+
+1. 获取商户ID、商户密钥
+
+   * 登录彩虹易支付平台
+   * 进入用户中心：https://xxxxxx.com/user/userinfo.php?mod=api
+   * 点击API信息
+   * 可以复制：接口地址、商户ID、商户密钥（key）
+   * 点击查看文档，了解支持的签名类型，一般为MD5
+
+2. 进入Certd后台配置彩虹易支付
+
+   * 进入“系统”->"设置"->“支付设置”
+   * 启用彩虹易支付，选择“彩虹易支付配置”，点击添加
+   * 填写接口地址、商户ID、商户密钥、签名方式等信息即可。

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,197 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+### Bug Fixes
+
+* 修复部署到阿里云ALB、NLB插件加载混乱的bug ([6ab83b6](https://github.com/certd/certd/commit/6ab83b662a2c5e715b9cb7eb1244de2ebb7f47b0))
+* 修复腾讯clb重复执行会报错的bug ([e95d29f](https://github.com/certd/certd/commit/e95d29f446d06eced315a3087fc9e105a30b20bd))
+* 修复tg消息内容中存在.和*就会发送失败的bug ([ae5dfc3](https://github.com/certd/certd/commit/ae5dfc3bee950267123ae2fbd1c11e7ce36626ea))
+
+### Performance Improvements
+
+* 创建流水线时，默认成功时也发送通知 ([52ae690](https://github.com/certd/certd/commit/52ae6902d203ca56e0312692b50c55cb6ddd3e39))
+* http方式校验，选择sftp时，支持修改文件访问权限比如777 ([15d6eaf](https://github.com/certd/certd/commit/15d6eaf5532ed25acd4f8d58c429353a2f44206c))
+
+# [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+### Bug Fixes
+
+* 修复查看任务日志偶发性无法自动滚动底部的bug ([7e482f7](https://github.com/certd/certd/commit/7e482f798c0142bce1866f84676cb40210f9638a))
+* 修复namesilo ttl太短的问题 ([865f26d](https://github.com/certd/certd/commit/865f26d75c0d3dd4dc8b41448f8830068e45957c))
+
+### Features
+
+* 支持open api接口，根据域名获取证书 ([52a4fd3](https://github.com/certd/certd/commit/52a4fd33180e9b3f71b8dc9f7671d7cd8e448c3b))
+
+### Performance Improvements
+
+* 证书仓库 ([91e7f45](https://github.com/certd/certd/commit/91e7f45a1c5ea1e0ec0aa3236b80028f03a6d0aa))
+* 支持部署到阿里云ALB ([653940a](https://github.com/certd/certd/commit/653940a0ca64fc380178c1b0b58ae0af64dfaf07))
+* 支持部署到阿里云NLB、SLB ([c085bac](https://github.com/certd/certd/commit/c085bac5d877c4250a8a79e17eb8673b8e4fc89c))
+* 支持部署到腾讯云直播 ([417d37b](https://github.com/certd/certd/commit/417d37b199b79a42f790f9edab8f178eedf8fbf7))
+* 支持部署证书到proxmox ([d10795e](https://github.com/certd/certd/commit/d10795ecd97eb8cf2ffa46aabfdbfc6812636396))
+
+## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+### Bug Fixes
+
+* 修复复制到本机插件，pfx格式复制时报错的bug ([f57116d](https://github.com/certd/certd/commit/f57116d2bebf33e47ad93e0b39c4efe8e4aea25c))
+* 修复授权管理，点击了查看原文按钮后，无法修改值的bug ([85c99f7](https://github.com/certd/certd/commit/85c99f7f80761ac6efaf3255c03b933442db1686))
+
+## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+### Bug Fixes
+
+* 修复站点监控域名校验无法通过的bug ([1cb4a53](https://github.com/certd/certd/commit/1cb4a539cc523721ffd4b22d40d0e3d2d68cd915))
+
+### Performance Improvements
+
+* 优化腾讯云CLB插件，支持非sni情况，sni情况支持填写多个域名 ([635b042](https://github.com/certd/certd/commit/635b042690637bff85e97e07c7aac4b87a8a124b))
+
+## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+### Bug Fixes
+
+* 修复系统级授权无法查看密钥的bug ([8644348](https://github.com/certd/certd/commit/8644348fc41ae2e1672f946ca37e5d3a674e0218))
+
+### Performance Improvements
+
+* 优化站点证书检查页面，检查增加3次重试 ([e6dd7cd](https://github.com/certd/certd/commit/e6dd7cd54a3e23897031b5df6e0c3cdc0545d35a))
+* 优化acme sdk ([54db744](https://github.com/certd/certd/commit/54db74428259de64d12230c2ab7353ae11197bbc))
+* 支持http校验方式申请证书 ([405591c](https://github.com/certd/certd/commit/405591c5d08fa1a3b228ee3980199e7731cfec4a))
+* http校验方式，支持七牛云oss、阿里云oss、腾讯云cos ([3f74d4d](https://github.com/certd/certd/commit/3f74d4d9e5f5d0e629b44cff1895b3f7a8fbcafc))
+
+## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+### Bug Fixes
+
+* 修复套餐关闭状态下，仍然限制用户流水线数量的bug ([66fb9e5](https://github.com/certd/certd/commit/66fb9e5f49491f9c159363b48af14720a37673b1))
+
+## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+### Bug Fixes
+
+* 免费套餐支持购买 ([f5ec987](https://github.com/certd/certd/commit/f5ec9870fd6af1f0c9099852bbdb4d07813ccce8))
+* 修复某处金额转换丢失精度的bug ([d2d6f12](https://github.com/certd/certd/commit/d2d6f12218cbe7bd55f4ae082b93084be85f0a7b))
+* 修复新版本小红点显示错误问题 ([fe4786e](https://github.com/certd/certd/commit/fe4786e168afe03a5243dd67971476c348339809))
+
+### Performance Improvements
+
+* 用户创建证书流水线没有购买套餐或者超限时提前报错 ([472f06c](https://github.com/certd/certd/commit/472f06c2d190d0ae48e8b53c18bc278437656a1c))
+* 优化插件名称显示 ([26adf7d](https://github.com/certd/certd/commit/26adf7d437e674385f26a8f92fded6521a620671))
+
+# [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+### Bug Fixes
+
+* 修复手机模式下，查询框被文字遮盖的bug ([040788c](https://github.com/certd/certd/commit/040788c793642c3bb2a3ede87fe30fcf3be471bd))
+* 修复左侧菜单收起时无法展开子菜单的bug ([0056223](https://github.com/certd/certd/commit/005622307e612717a5408aa1484717ef03003a22))
+
+### Features
+
+* 基础版不再限制流水线数量 ([cb27d4b](https://github.com/certd/certd/commit/cb27d4b4906b2782eaceb0a95bbdc5d0534370d2))
+* 套餐购买支持易支付、支付宝支付 ([faa28f8](https://github.com/certd/certd/commit/faa28f88f954cba4c1dd29125562e5acd2fd99af))
+* 用户套餐，用户支付功能 ([a019956](https://github.com/certd/certd/commit/a019956698acaf2c4beb620b5ad8c18918ead6a1))
+* 站点证书监控 ([9c8c7a7](https://github.com/certd/certd/commit/9c8c7a781223f4217f45510db1e89495600e3cd5))
+* 支持微信支付 ([45d6347](https://github.com/certd/certd/commit/45d6347f5b6199493b11aabdd74177f6dca2cea4))
+
+### Performance Improvements
+
+* 调整创建证书表单字段的顺序 ([d393521](https://github.com/certd/certd/commit/d3935219f2aa50d6662c5b5ebf7ee25ad696ab2b))
+* 同一时间只允许一个套餐生效 ([8ebf95a](https://github.com/certd/certd/commit/8ebf95a222a900d1707716c7b1f3b39f8a6d8f94))
+* 用户名支持修改 ([89c7f07](https://github.com/certd/certd/commit/89c7f070343e86453c84677ebe1669f9b266d871))
+* 优化证书申请跳过的状态显示，成功通知现在在跳过时不会发送 ([67d762b](https://github.com/certd/certd/commit/67d762b6a520f1fa24719a124e5ae975a81f5f82))
+* 站点证书监控通知发送，每天定时检查 ([bb4910f](https://github.com/certd/certd/commit/bb4910f4e57234e42b44505f4620ae7af66025c5))
+* 支持一体证书 ([53c38cf](https://github.com/certd/certd/commit/53c38cf714a6f7486abbf1d71c9f48f56a790100))
+* 支持plesk网站证书部署 ([eda45c1](https://github.com/certd/certd/commit/eda45c1528199648b3970505e87f492d398226cd))
+
+## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+### Bug Fixes
+
+* 修复证书成功通知发送失败的bug ([0f5c690](https://github.com/certd/certd/commit/0f5c69040ba77340c909813220a26bc7ddada3ea))
+
+### Performance Improvements
+
+* 群晖支持6.x ([79f7ec4](https://github.com/certd/certd/commit/79f7ec4672f4fd5744cc45e4a6f104da943f4026))
+
+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+### Bug Fixes
+
+* 修复没有配置eab时，报order无法读取的问题 ([657a2ae](https://github.com/certd/certd/commit/657a2ae032e6f61ac27fbdd26c7bf169c041219e))
+* 修复授权被删除后，无法清空的bug ([b45977c](https://github.com/certd/certd/commit/b45977c29a29084c11e496bec3415eaaebafdd74))
+* mysql下access.setting字段改成text ([b7f5740](https://github.com/certd/certd/commit/b7f5740c57743914f754f3b4fdd94b59a2e8338c))
+
+### Performance Improvements
+
+* 点击版本红点按钮，跳转到升级帮助页面 ([454fbda](https://github.com/certd/certd/commit/454fbda581bbe22abca5b91e5086ea9d9d58a020))
+* 通知标题优化 ([ff083ce](https://github.com/certd/certd/commit/ff083ce6848a8bee3c8248e4b881086ae1517c28))
+* 支持腾讯虚拟机开关机([@wujingke](https://github.com/wujingke)) ([8039e8b](https://github.com/certd/certd/commit/8039e8baf83c82d03f1a6198cf61c372026b962b))
+* 支持aws cloudfront ([0ae39f1](https://github.com/certd/certd/commit/0ae39f160a7c6b6696b3bf513d68aa28905810ad))
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+### Bug Fixes
+
+* 修复创建流水线通知设置无效的bug ([498cf34](https://github.com/certd/certd/commit/498cf34999fddfa24ce088e2e678469fa669abb8))
+* 修复流水线分组可以被所有人看见的bug ([a0e838d](https://github.com/certd/certd/commit/a0e838d1eec918e5dc92fe95dc72ac14facb930e))
+
+### Performance Improvements
+
+* 优化数据表索引 ([228fdf0](https://github.com/certd/certd/commit/228fdf0a0d28013f5dd156a97bbde80537e8e97e))
+* 支持mysql ([7cde1fd](https://github.com/certd/certd/commit/7cde1fdc4a9ed851900d231a5460c8dbfbcd148e))
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Bug Fixes
+
+* 修复cname排查方法 nslookup命令显示黑色的问题 ([3dfeeec](https://github.com/certd/certd/commit/3dfeeec899d7d0d7292695ce410f78548e076c03))
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+* 新增七牛云插件分组 ([49e7dc5](https://github.com/certd/certd/commit/49e7dc56e1a95fbdea3e30cdeb945b48415b69e3))
+* 新增server酱3通知 ([6aa4872](https://github.com/certd/certd/commit/6aa487269c9f6862e188b37a0d6c73f79c937d94))
+* 支持邀请奖励 ([618ec93](https://github.com/certd/certd/commit/618ec937866b24ebcf8164db43acb1ed66a5b329))
+* 支持易发云短信 ([94fa77f](https://github.com/certd/certd/commit/94fa77fcd2b9bea294fb05736c0d8cdc81f56103))
+* cname value优化 ([e8c9c2a](https://github.com/certd/certd/commit/e8c9c2a47d47048ae743b16f7bc932dbe18a89e9))
+* favicon支持自定义 ([8b9c47d](https://github.com/certd/certd/commit/8b9c47daf194515006689a212ae9cf586bdf5993))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Bug Fixes
+
+* 修复自定义webhook contextType的bug ([7e5ea0c](https://github.com/certd/certd/commit/7e5ea0cee003acda952d922ca70592f1e8a2ed80))
+
+### Features
+
+* 手机号登录、邮箱验证码注册 ([7b55337](https://github.com/certd/certd/commit/7b55337c5edb470cca7aa62201eda8d274784004))
+
+### Performance Improvements
+
+* 部署到IIS插件 ([1534f45](https://github.com/certd/certd/commit/1534f4523633265d219d7b3a249a9ea1af99c512))
+* 登录失败增加重试次数限制及冷却时间 ([954b6df](https://github.com/certd/certd/commit/954b6df3608695fe074130f8149a33e311d80cc4))
+* 流水线支持批量修改分组，批量删除 ([a847e66](https://github.com/certd/certd/commit/a847e66c4fc843b98f1520b2b8072d3586ce8b81))
+* 取消docker-compose的dns配置 ([87bbf6f](https://github.com/certd/certd/commit/87bbf6f14080b9fa287c250d7fc4d33279c83ff7))
+* 首页新增修改密码提示 ([0772d3b](https://github.com/certd/certd/commit/0772d3b3fd24afdde4086d9f09ef19d037b431b4))
+* 选项显示图标 ([aedc462](https://github.com/certd/certd/commit/aedc46213571a3bd93809b7af7fa17a08d546237))
+* 优化七牛云cdn，获取域名列表可以选择 ([5a20242](https://github.com/certd/certd/commit/5a20242111d6bd255b25dac86fe1f062c8543096))
+* 优化七牛云cdn部署，保持http2和forceHttp设置，当未开启https时，主动开启https ([196f7d9](https://github.com/certd/certd/commit/196f7d9dc23d7dd96b663c686542e85270b81aef))
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+* 支持威联通证书部署 ([0d8913e](https://github.com/certd/certd/commit/0d8913ea2f56fdebbcc9bb207eae59e8ddbb8cad))
+* 自定义webhook显示详细的错误信息 ([3254afc](https://github.com/certd/certd/commit/3254afc75640eed3729d0fc02a818fefbe5c7fc3))
+
+## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+### Performance Improvements
+
+* 通知支持自定义webhook、anpush、iyuu、server酱 ([cbccd9e](https://github.com/certd/certd/commit/cbccd9e3d0a4c24aba772af62734666d40b22c57))
+* 通知支持vocechat、bark、telegram、discord、slack ([642f57f](https://github.com/certd/certd/commit/642f57ff6d7152a9e14f59c7fc0e32a6b1751fb7))
+
 ## [1.27.8](https://github.com/certd/certd/compare/v1.27.7...v1.27.8) (2024-11-25)
 
 **Note:** Version bump only for package root

docs/guide/development/index.md

@@ -14,9 +14,6 @@ git clone https://github.com/certd/certd --depth=1
 #进入项目目录
 cd certd
 
-# 切换到最新版本代码【如果v2分支无法编译，请尝试切换到最新版tag】
-# git checkout v1.27.0  # 这里换成最新版本号
-
 ```
 
 ### 修改pnpm-workspace.yaml文件
@@ -109,4 +106,4 @@ throw new Error("错误信息")
 ## 五、贡献插件送激活码
 
 - PR要求，插件功能完整，代码规范
-- PR通过后，联系我们，送您一个专业版激活码
+- PR通过后，联系我们，送您一个半年期专业版激活码

docs/guide/index.md

@@ -14,7 +14,7 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 * 支持通配符域名/泛域名，支持多个域名打到一个证书上
 * 邮件通知
 * 私有化部署，保障数据安全
-* 支持sqlite，postgresql数据库
+* 支持SQLite、Postgresql、MySQL数据库
 
 
 ## 二、一些说明
@@ -30,5 +30,5 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 
 ## 三、证书颁发机构对比
 * Let's Encrypt：申请最简单。
-* Google: 大厂光环，兼容性好，需要翻墙获取EAB。
-* ZeroSSL： 有数量限制，获取EAB无需翻墙。
+* Google: 大厂光环，兼容性好，首次需要翻墙获取EAB。
+* ZeroSSL： 需要EAB，获取EAB无需翻墙。

docs/guide/install/1panel/index.md

@@ -19,7 +19,8 @@ https://1panel.cn/docs/installation/online_installation/
 3. 点击确定，启动容器   
    ![](./images/2.png)
 
-> 默认数据保存在`/data/certd`目录下，可以手动备份
+> 默认使用sqlite数据库，数据保存在`/data/certd`目录下，您可以手动备份该目录   
+> certd还支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../../database/)
 
 3. 访问测试
 
@@ -31,15 +32,12 @@ admin/123456
 
 ## 三、升级
 
-1. 找到容器，点击编辑
-   ![](./images/edit1.png)
+1. 找到容器，点击更多->升级
+   ![](./images/upgrade-1.png)
 
-2. 将latest修改为最新版本号
-   ![](https://img.shields.io/npm/v/%40certd%2Fpipeline)
+2. 选择强制拉取镜像，点击确认即可
+![img.png](./images/upgrade-2.png)
 
-![img.png](./images/edit2.png)
-
-3. 点击确定，重启容器
 
 ## 四、数据备份
 
@@ -48,4 +46,4 @@ admin/123456
 
 ## 五、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置，重启certd即可
+将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可

docs/guide/install/baota/index.md

@@ -29,6 +29,9 @@
 点击确定，等待启动完成   
 ![](./images/2.png)
 
+> certd默认使用sqlite数据库，另外支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../../database/)
+
+
 ## 二、访问应用
 
 http://ip:7001    
@@ -38,28 +41,12 @@ admin/123456
 登录后请及时修改密码
 
 ## 三、如何升级
+宝塔升级certd非常简单
 
-### 1. 应用商店安装，直接更新镜像即可
-`docker`->`容器编排`->`左侧选择Certd-xxxx`->`更新镜像`
+`docker`->`容器编排`->`左侧选择Certd`->`更新镜像`
 ![img.png](./images/upgrade.png)
 
 
-### 2. latest更新方式
-在主机上拉取最新镜像，然后面板上重启容器
-```shell
-docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
-```
-
-### 3. 固定版本号方式
-
-修改容器编排模版中的镜像版本号，然后面板上重启容器
-```shell
-services:
-  certd:
-    # 镜像                                #  修改最新版本号  ---- ↓↓↓↓↓ 
-    image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:v1.xx.x
-```
-
 ## 四、数据备份
 
 ### 4.1 应用商店部署方式
@@ -75,10 +62,11 @@ services:
 数据默认保存在`/data/certd`目录下，可以手动备份
 
 
+
 ### 4.3 自动备份
 
 > 建议配置一条 [数据库备份流水线](../../use/backup/)，自动备份
 
 ## 五、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置，重启certd即可
+将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可

docs/guide/install/database.md

@@ -0,0 +1,73 @@
+# 切换数据库
+
+certd支持如下几种数据库：
+1. sqlite3 (默认)
+2. mysql 
+3. postgresql
+   
+您可以按如下两种方式切换数据库
+
+
+## 一、全新安装
+::: tip   
+以下按照`docker-compose`安装方式介绍如何使用mysql或postgresql数据库    
+如果您使用其他方式部署，请自行修改对应的环境变量即可。   
+:::
+
+### 1.1、使用mysql数据库
+
+1. 安装mysql，创建数据库 `(注意：charset=utf8mb4, collation=utf8mb4_bin)`
+2. 下载最新的docker-compose.yaml
+3. 修改环境变量配置
+```yaml
+services:
+  certd:
+    environment:
+      # 使用mysql数据库，需要提前创建数据库 charset=utf8mb4, collation=utf8mb4_bin
+      - certd_flyway_scriptDir=./db/migration-mysql                     # 升级脚本目录 【照抄】
+      - certd_typeorm_dataSource_default_type=mysql                     # 数据库类型， 或者 mariadb 
+      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
+      - certd_typeorm_dataSource_default_port=3306                      # 数据库端口
+      - certd_typeorm_dataSource_default_username=root                  # 用户名
+      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
+      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
+
+```
+4. 启动certd
+```shell
+docker-compose up -d
+```
+
+
+### 1.2、使用Postgresql数据库
+
+1. 安装postgresql，创建数据库
+2. 下载最新的docker-compose.yaml
+3. 修改环境变量配置
+```yaml
+services:
+  certd:
+    environment:
+      # 使用postgresql数据库，需要提前创建数据库
+      - certd_flyway_scriptDir=./db/migration-pg                        # 升级脚本目录 【照抄】
+      - certd_typeorm_dataSource_default_type=postgres                  # 数据库类型 【照抄】
+      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
+      - certd_typeorm_dataSource_default_port=5433                      # 数据库端口
+      - certd_typeorm_dataSource_default_username=postgres              # 用户名
+      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
+      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
+
+```
+4. 启动certd
+```shell
+docker-compose up -d
+```
+
+## 二、从旧版的sqlite切换数据库
+
+1. 先将`旧certd`升级到最新版 （`建议：备份sqlite数据库` ）
+2. 按照上面全新安装方式部署一套`新的certd` （`注意：新旧版本的certd要一致`）
+3. 使用数据库工具将数据从sqlite导入到mysql或postgresql （`注意：flyway_history数据表不要导入`）
+4. 重启新certd
+5. 确认没有问题之后，删除旧版certd
+

docs/guide/install/docker/index.md

@@ -41,7 +41,9 @@ docker compose up -d
 
 > 如果提示 没有docker compose命令,请安装docker-compose   
 > https://docs.docker.com/compose/install/linux/   
-> 然后使用 `docker-compose up -d` 启动
+
+> certd默认使用sqlite数据库，另外还支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../../database/)
+
 
 ### 3. 访问测试
 
@@ -71,4 +73,4 @@ docker compose up -d
 
 ## 四、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置，重启certd即可
+将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可

docs/guide/install/source/index.md

@@ -1,11 +1,14 @@
 # 源码部署
-
+不推荐
 ## 一、源码安装
+
+### 环境要求
+- nodejs 20 及以上
 ### 源码启动
 ```shell
 # 克隆代码
 git clone https://github.com/certd/certd
-# git checkout v1.x.x  # 1.x.x换成最新版本号，当v2主干分支代码无法正常启动时，可以尝试此命令
+# git checkout v1.x.x  # 当v2主干分支代码无法正常启动时，可以尝试此命令，1.x.x换成最新版本号
 cd certd
 # 启动服务
 ./start.sh  
@@ -26,9 +29,15 @@ https://your_server_ip:7002
 ## 二、升级
 
 ```shell
-# 更新代码并启动
+
 cd certd
+# 确保数据安全，备份一下数据
+cp -rf ./packages/ui/certd-server/data ../certd-data-backup
+
 git pull
+# 如果提示pull失败，可以尝试强制更新
+# git checkout v2 -f && git pull 
+
 # 先停止旧的服务,7001是certd的默认端口
 kill -9 $(lsof -t -i:7001)
 # 重新编译启动
@@ -42,4 +51,4 @@ kill -9 $(lsof -t -i:7001)
 
 ## 四、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置，重启certd即可
+将备份的`db.sqlite`及同目录下的其他文件覆盖到原来的位置，重启certd即可

docs/guide/install/upgrade.md

@@ -0,0 +1,12 @@
+# 版本升级
+
+## 升级方法
+根据不同部署方式查看升级方法
+
+1. [Docker方式部署升级](./docker/#二、升级)
+2. [宝塔面板方式部署升级](./baota/#三、如何升级)
+3. [1Panel面板方式部署升级](./1panel/#三、升级)
+4. [源码方式部署](./source/#二、升级)
+
+## 升级日志
+[CHANGELOG](../changelogs/CHANGELOG.md)

docs/guide/use/cert/index.md

@@ -0,0 +1,10 @@
+# 证书申请失败情况
+
+
+## DNS记录问题
+
+1. DNS 不要设置CAA记录，删除即可
+
+2. DNSSEC相关报错，DNSSEC管理中删除即可
+
+3. DNS 有其他平台申请过的_acme-challenge记录，删除即可

docs/guide/use/host/windows.md

@@ -25,3 +25,15 @@ win+R  弹出运行对话框，输入 services.msc 打开服务管理器
 C:\Users\xxxxx>
           ↑↑↑↑---------这个就是windows ssh的登录用户名
 ```
+
+### 4. 切换默认shell终端
+安装openssh后，默认终端是cmd，建议切换成powershell
+```shell
+# powershell中执行如下命令切换
+# 设置默认shell为powershell 【推荐】
+New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
+
+# 恢复默认shell为cmd 【不推荐】
+New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\cmd.exe" -PropertyType String -Force
+
+```

docs/guide/use/synology/index.md

@@ -1,8 +1,12 @@
 # 群晖部署和证书更新
 
+支持群晖`6.x`、`7.x`
 
 ## 一、群晖部署Certd
 
+以下是群晖`7.x`的部署`certd`步骤。   
+群晖`6.x`请参考[docker部署](./../../install/docker/)
+
 ### 1. 打开Container Manager
 
 ![](./images/1.png)
@@ -32,6 +36,8 @@
 
 ## 二、更新群晖证书
 
+证书部署插件支持群晖`6.x`、`7.x`
+
 ## 1. 前提条件
 * 已经部署了certd
 * 群晖上已经设置好了证书(证书建议设置好描述，插件需要根据描述查找证书)

docs/index.md

@@ -30,7 +30,7 @@ features:
   - title: 多证书格式支持
     details: 支持pem、pfx、der、jks等多种证书格式，支持Google、Letsencrypt、ZeroSSL证书颁发机构
   - title: 支持私有化部署
-    details: 保障数据安全
+    details: 授权数据加密存储，保障数据安全
   - title: 多数据库支持
-    details: 支持sqlite，postgresql数据库
+    details: 支持SQLite、Postgresql、MySQL数据库
 ---

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.27.9"
+  "version": "1.30.2"
 }

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,68 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.30.2](https://github.com/publishlab/node-acme-client/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.30.1](https://github.com/publishlab/node-acme-client/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.30.0](https://github.com/publishlab/node-acme-client/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+### Bug Fixes
+
+* 修复查看任务日志偶发性无法自动滚动底部的bug ([7e482f7](https://github.com/publishlab/node-acme-client/commit/7e482f798c0142bce1866f84676cb40210f9638a))
+
+## [1.29.5](https://github.com/publishlab/node-acme-client/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.29.4](https://github.com/publishlab/node-acme-client/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.29.3](https://github.com/publishlab/node-acme-client/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+### Performance Improvements
+
+* 优化acme sdk ([54db744](https://github.com/publishlab/node-acme-client/commit/54db74428259de64d12230c2ab7353ae11197bbc))
+
+## [1.29.2](https://github.com/publishlab/node-acme-client/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.29.1](https://github.com/publishlab/node-acme-client/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.29.0](https://github.com/publishlab/node-acme-client/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.28.4](https://github.com/publishlab/node-acme-client/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.28.3](https://github.com/publishlab/node-acme-client/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.28.2](https://github.com/publishlab/node-acme-client/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+### Performance Improvements
+
+* 支持mysql ([7cde1fd](https://github.com/publishlab/node-acme-client/commit/7cde1fdc4a9ed851900d231a5460c8dbfbcd148e))
+
+## [1.28.1](https://github.com/publishlab/node-acme-client/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.28.0](https://github.com/publishlab/node-acme-client/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.27.9](https://github.com/publishlab/node-acme-client/compare/v1.27.8...v1.27.9) (2024-11-26)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.27.9",
+    "version": "1.30.2",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.27.9",
+        "@certd/basic": "^1.30.2",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
@@ -65,5 +65,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "ff1d7b115ad211e65fdbbcb625837aa7cc911cfd"
+    "gitHead": "089825d3602440188392f7018d0eb9038617c1d6"
 }

packages/core/acme-client/src/auto.js

@@ -99,31 +99,14 @@ export default  async (client, userOpts) => {
             return;
         }
 
+        const keyAuthorizationGetter = async (challenge) => {
+            return await client.getChallengeKeyAuthorization(challenge);
+        }
+
         try {
-            /* Select challenge based on priority */
-            const challenge = authz.challenges.sort((a, b) => {
-                const aidx = opts.challengePriority.indexOf(a.type);
-                const bidx = opts.challengePriority.indexOf(b.type);
-
-                if (aidx === -1) return 1;
-                if (bidx === -1) return -1;
-                return aidx - bidx;
-            }).slice(0, 1)[0];
-
-            if (!challenge) {
-                throw new Error(`Unable to select challenge for ${d}, no challenge found`);
-            }
-
-            log(`[auto] [${d}] Found ${authz.challenges.length} challenges, selected type: ${challenge.type}`);
-
-            /* Trigger challengeCreateFn() */
             log(`[auto] [${d}] Trigger challengeCreateFn()`);
-            const keyAuthorization = await client.getChallengeKeyAuthorization(challenge);
-
             try {
-                const { recordReq, recordRes, dnsProvider } = await opts.challengeCreateFn(authz, challenge, keyAuthorization);
-                log(`[auto] [${d}] challengeCreateFn success`);
-                log(`[auto] [${d}] add challengeRemoveFn()`);
+                const { recordReq, recordRes, dnsProvider,challenge ,keyAuthorization} = await opts.challengeCreateFn(authz, keyAuthorizationGetter);
                 clearTasks.push(async () => {
                     /* Trigger challengeRemoveFn(), suppress errors */
                     log(`[auto] [${d}] Trigger challengeRemoveFn()`);
@@ -141,7 +124,7 @@ export default  async (client, userOpts) => {
                     await wait(60 * 1000);
                 }
                 else {
-                    log(`[auto] [${d}] Running challenge verification`);
+                    log(`[auto] [${d}] Running challenge verification, type = ${challenge.type}`);
                     try {
                         await client.verifyChallenge(authz, challenge);
                     }

packages/core/acme-client/src/axios.js

@@ -126,6 +126,7 @@ instance.interceptors.response.use(null, async (error) => {
 
             /* Wait and retry the request */
             await new Promise((resolve) => { setTimeout(resolve, (retryAfter * 1000)); });
+            log(`Retrying request to URL ${config.url}`);
             return instance(config);
         }
     }

packages/core/acme-client/src/error.js

@@ -5,3 +5,5 @@ export class CancelError extends Error {
     }
 }
 
+
+

packages/core/acme-client/types/index.d.ts

@@ -4,6 +4,8 @@
 
 import { AxiosInstance } from 'axios';
 import * as rfc8555 from './rfc8555';
+import {CancelError} from '../src/error.js'
+export * from '../src/error.js'
 
 export type PrivateKeyBuffer = Buffer;
 export type PublicKeyBuffer = Buffer;
@@ -56,7 +58,7 @@ export interface ClientExternalAccountBindingOptions {
 
 export interface ClientAutoOptions {
     csr: CsrBuffer | CsrString;
-    challengeCreateFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string) => Promise<{recordReq:any,recordRes:any,dnsProvider:any}>;
+    challengeCreateFn: (authz: Authorization, keyAuthorization: (challenge:rfc8555.Challenge)=>Promise<string>) => Promise<{recordReq?:any,recordRes?:any,dnsProvider?:any,challenge: rfc8555.Challenge,keyAuthorization:string}>;
     challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string,recordReq:any, recordRes:any,dnsProvider:any) => Promise<any>;
     email?: string;
     termsOfServiceAgreed?: boolean;
@@ -202,4 +204,4 @@ export function setLogger(fn: (message: any, ...args: any[]) => void): void;
 
 export function walkTxtRecord(record: any): Promise<string[]>;
 
-export const CancelError: Error;
+export const CancelError: typeof CancelError;

packages/core/acme-client/types/index.test-d.js

@@ -0,0 +1,137 @@
+"use strict";
+/**
+ * acme-client type definition tests
+ */
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (g && (g = 0, op[0] && (_ = 0)), _) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+var acme = require("acme-client");
+(function () { return __awaiter(void 0, void 0, void 0, function () {
+    var accountKey, client, order, authorizations, authorization, challenge, _a, certKey, certCsr;
+    return __generator(this, function (_b) {
+        switch (_b.label) {
+            case 0: return [4 /*yield*/, acme.crypto.createPrivateKey()];
+            case 1:
+                accountKey = _b.sent();
+                client = new acme.Client({
+                    accountKey: accountKey,
+                    directoryUrl: acme.directory.letsencrypt.staging
+                });
+                /* Account */
+                return [4 /*yield*/, client.createAccount({
+                        termsOfServiceAgreed: true,
+                        contact: ['mailto:test@example.com']
+                    })];
+            case 2:
+                /* Account */
+                _b.sent();
+                return [4 /*yield*/, client.createOrder({
+                        identifiers: [
+                            { type: 'dns', value: 'example.com' },
+                            { type: 'dns', value: '*.example.com' },
+                        ]
+                    })];
+            case 3:
+                order = _b.sent();
+                return [4 /*yield*/, client.getOrder(order)];
+            case 4:
+                _b.sent();
+                return [4 /*yield*/, client.getAuthorizations(order)];
+            case 5:
+                authorizations = _b.sent();
+                authorization = authorizations[0];
+                challenge = authorization.challenges[0];
+                return [4 /*yield*/, client.getChallengeKeyAuthorization(challenge)];
+            case 6:
+                _b.sent();
+                return [4 /*yield*/, client.verifyChallenge(authorization, challenge)];
+            case 7:
+                _b.sent();
+                return [4 /*yield*/, client.completeChallenge(challenge)];
+            case 8:
+                _b.sent();
+                return [4 /*yield*/, client.waitForValidStatus(challenge)];
+            case 9:
+                _b.sent();
+                return [4 /*yield*/, acme.crypto.createCsr({
+                        commonName: 'example.com',
+                        altNames: ['example.com', '*.example.com']
+                    })];
+            case 10:
+                _a = _b.sent(), certKey = _a[0], certCsr = _a[1];
+                return [4 /*yield*/, client.finalizeOrder(order, certCsr)];
+            case 11:
+                _b.sent();
+                return [4 /*yield*/, client.getCertificate(order)];
+            case 12:
+                _b.sent();
+                return [4 /*yield*/, client.getCertificate(order, 'DST Root CA X3')];
+            case 13:
+                _b.sent();
+                /* Auto */
+                return [4 /*yield*/, client.auto({
+                        csr: certCsr,
+                        challengeCreateFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
+                            return [2 /*return*/];
+                        }); }); },
+                        challengeRemoveFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
+                            return [2 /*return*/];
+                        }); }); }
+                    })];
+            case 14:
+                /* Auto */
+                _b.sent();
+                return [4 /*yield*/, client.auto({
+                        csr: certCsr,
+                        email: 'test@example.com',
+                        termsOfServiceAgreed: false,
+                        skipChallengeVerification: false,
+                        challengePriority: ['http-01', 'dns-01'],
+                        preferredChain: 'DST Root CA X3',
+                        challengeCreateFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
+                            return [2 /*return*/];
+                        }); }); },
+                        challengeRemoveFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
+                            return [2 /*return*/];
+                        }); }); }
+                    })];
+            case 15:
+                _b.sent();
+                return [2 /*return*/];
+        }
+    });
+}); })();

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,77 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+**Note:** Version bump only for package @certd/basic
+
+# [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+### Bug Fixes
+
+* 修复某处金额转换丢失精度的bug ([d2d6f12](https://github.com/certd/certd/commit/d2d6f12218cbe7bd55f4ae082b93084be85f0a7b))
+
+# [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+### Features
+
+* 用户套餐，用户支付功能 ([a019956](https://github.com/certd/certd/commit/a019956698acaf2c4beb620b5ad8c18918ead6a1))
+* 支持微信支付 ([45d6347](https://github.com/certd/certd/commit/45d6347f5b6199493b11aabdd74177f6dca2cea4))
+
+### Performance Improvements
+
+* 站点证书监控通知发送，每天定时检查 ([bb4910f](https://github.com/certd/certd/commit/bb4910f4e57234e42b44505f4620ae7af66025c5))
+* 支持plesk网站证书部署 ([eda45c1](https://github.com/certd/certd/commit/eda45c1528199648b3970505e87f492d398226cd))
+
+## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Performance Improvements
+
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+
 ## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
 
 **Note:** Version bump only for package @certd/basic

packages/core/basic/build.md

@@ -1 +1 @@
-15:25
+16:07

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.27.9",
+  "version": "1.30.2",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -23,6 +23,7 @@
     "lodash-es": "^4.17.21",
     "log4js": "^6.9.1",
     "lru-cache": "^10.0.0",
+    "mitt": "^3.0.1",
     "nanoid": "^5.0.7",
     "node-forge": "^1.3.1",
     "nodemailer": "^6.9.3"
@@ -43,5 +44,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ff1d7b115ad211e65fdbbcb625837aa7cc911cfd"
+  "gitHead": "089825d3602440188392f7018d0eb9038617c1d6"
 }

packages/core/basic/src/utils/index.ts

@@ -8,6 +8,11 @@ export * from './util.hash.js';
 export * from './util.merge.js';
 export * from './util.cache.js';
 export * from './util.string.js';
+export * from './util.lock.js';
+export * from './util.mitter.js';
+export * from './util.id.js';
+export * from './util.domain.js';
+export * from './util.amount.js';
 import { stringUtils } from './util.string.js';
 import sleep from './util.sleep.js';
 import { http, download } from './util.request.js';
@@ -22,8 +27,11 @@ import { cache } from './util.cache.js';
 import dayjs from 'dayjs';
 import { domainUtils } from './util.domain.js';
 import { optionsUtils } from './util.options.js';
+import { amountUtils } from './util.amount.js';
 import { nanoid } from 'nanoid';
 import * as id from './util.id.js';
+import { locker } from './util.lock.js';
+import { mitter } from './util.mitter.js';
 export const utils = {
   sleep,
   http,
@@ -41,4 +49,7 @@ export const utils = {
   domain: domainUtils,
   options: optionsUtils,
   string: stringUtils,
+  locker,
+  mitter,
+  amount: amountUtils,
 };

packages/core/basic/src/utils/util.amount.ts

@@ -0,0 +1,9 @@
+export const amountUtils = {
+  toCent(amount: number): number {
+    return parseInt((amount * 100).toFixed(0));
+  },
+
+  toYuan(amount: number): number {
+    return parseFloat((amount / 100).toFixed(2));
+  },
+};

packages/core/basic/src/utils/util.env.ts

@@ -1,4 +1,4 @@
 export function isDev() {
   const nodeEnv = process.env.NODE_ENV || '';
-  return nodeEnv === 'development' || nodeEnv.indexOf('local') >= 0;
+  return nodeEnv === 'development' || nodeEnv.includes('local') || nodeEnv.startsWith('dev');
 }

packages/core/basic/src/utils/util.hash.ts

@@ -3,7 +3,10 @@ import crypto from 'crypto';
 function md5(data: string) {
   return crypto.createHash('md5').update(data).digest('hex');
 }
-
+function sha256(data: string) {
+  return crypto.createHash('sha256').update(data).digest('hex');
+}
 export const hashUtils = {
   md5,
+  sha256,
 };

packages/core/basic/src/utils/util.id.ts

@@ -1,3 +1,4 @@
 import { customAlphabet } from 'nanoid';
 
+export const randomNumber = customAlphabet('1234567890', 4);
 export const simpleNanoId = customAlphabet('1234567890abcdefghijklmopqrstuvwxyz', 12);

packages/core/basic/src/utils/util.lock.ts

@@ -0,0 +1,47 @@
+import { logger, utils } from './index.js';
+
+export class Locker {
+  locked: Record<string, any> = {};
+
+  async execute(lockStr: string, callback: any) {
+    await this.lock(lockStr);
+    const timeoutId = setTimeout(() => {
+      logger.warn('Lock timeout,自动解锁', lockStr);
+      this.unlock(lockStr);
+    }, 20000);
+    try {
+      return await callback();
+    } finally {
+      clearTimeout(timeoutId);
+      this.unlock(lockStr);
+    }
+  }
+
+  async lock(str: string) {
+    const isLocked = this.isLocked(str);
+    if (isLocked) {
+      let count = 0;
+      while (true) {
+        await utils.sleep(100);
+        if (!this.isLocked(str)) {
+          break;
+        }
+        count++;
+        if (count > 20) {
+          throw new Error('Lock timeout');
+        }
+      }
+    }
+    this.locked[str] = true;
+  }
+
+  unlock(str: string) {
+    delete this.locked[str];
+  }
+
+  isLocked(str: string) {
+    return this.locked[str] ?? false;
+  }
+}
+
+export const locker = new Locker();

packages/core/basic/src/utils/util.mitter.ts

@@ -0,0 +1,2 @@
+import mitt from 'mitt';
+export const mitter = mitt();

packages/core/basic/src/utils/util.options.ts

@@ -37,6 +37,8 @@ function buildGroupOptions(options: any[], inDomains: string[]) {
 }
 
 export const optionsUtils = {
+  //获取分组
   groupByDomain,
+  //构建分组后的选项列表，常用
   buildGroupOptions,
 };

packages/core/basic/src/utils/util.request.ts

@@ -1,4 +1,4 @@
-import axios, { AxiosRequestConfig } from 'axios';
+import axios, { AxiosHeaders, AxiosRequestConfig } from 'axios';
 import { ILogger, logger } from './util.log.js';
 import { Logger } from 'log4js';
 import { HttpProxyAgent } from 'http-proxy-agent';
@@ -13,7 +13,7 @@ export class HttpError extends Error {
   statusText?: string;
   code?: string;
   request?: { baseURL: string; url: string; method: string; params?: any; data?: any };
-  response?: { data: any };
+  response?: { data: any; headers: AxiosHeaders };
   cause?: any;
   constructor(error: any) {
     if (!error) {
@@ -55,6 +55,7 @@ export class HttpError extends Error {
 
     this.response = {
       data: error.response?.data,
+      headers: error.response?.headers,
     };
 
     const { stack, cause } = error;
@@ -98,10 +99,22 @@ export function createAxiosService({ logger }: { logger: Logger }) {
         config.timeout = 15000;
       }
       let agents = defaultAgents;
-      if (config.skipSslVerify) {
-        logger.info('跳过SSL验证');
-        agents = createAgent({ rejectUnauthorized: false } as any);
+      if (config.skipSslVerify || config.httpProxy) {
+        let rejectUnauthorized = true;
+        if (config.skipSslVerify) {
+          logger.info('跳过SSL验证');
+          rejectUnauthorized = false;
+        }
+        const proxy: any = {};
+        if (config.httpProxy) {
+          logger.info('使用自定义http代理:', config.httpProxy);
+          proxy.httpProxy = config.httpProxy;
+          proxy.httpsProxy = config.httpProxy;
+        }
+
+        agents = createAgent({ rejectUnauthorized, ...proxy } as any);
       }
+
       delete config.skipSslVerify;
       config.httpsAgent = agents.httpsAgent;
       config.httpAgent = agents.httpAgent;
@@ -132,6 +145,9 @@ export function createAxiosService({ logger }: { logger: Logger }) {
       } else {
         logger.info('http response status:', response?.status);
       }
+      if (response?.config?.returnResponse) {
+        return response;
+      }
       return response.data;
     },
     (error: any) => {
@@ -141,13 +157,13 @@ export function createAxiosService({ logger }: { logger: Logger }) {
           error.message = '请求错误';
           break;
         case 401:
-          error.message = '未授权，请登录';
+          error.message = '认证/登录失败';
           break;
         case 403:
           error.message = '拒绝访问';
           break;
         case 404:
-          error.message = `请求地址出错: ${error.response.config.url}`;
+          error.message = `请求地址出错`;
           break;
         case 408:
           error.message = '请求超时';
@@ -200,6 +216,8 @@ export type HttpRequestConfig<D = any> = {
   skipCheckRes?: boolean;
   logParams?: boolean;
   logRes?: boolean;
+  httpProxy?: string;
+  returnResponse?: boolean;
 } & AxiosRequestConfig<D>;
 export type HttpClient = {
   request<D = any, R = any>(config: HttpRequestConfig<D>): Promise<HttpClientResponse<R>>;
@@ -236,8 +254,8 @@ export function createAgent(opts: CreateAgentOptions = {}) {
   }
   const httpsProxy = opts.httpsProxy;
   if (httpsProxy) {
-    process.env.HTTPS_PROXY = httpProxy;
-    process.env.https_proxy = httpProxy;
+    process.env.HTTPS_PROXY = httpsProxy;
+    process.env.https_proxy = httpsProxy;
     logger.info('use httpsProxy:', httpsProxy);
     httpsAgent = new HttpsProxyAgent(httpsProxy, opts as any);
     merge(httpsAgent.options, opts);

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,96 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+### Bug Fixes
+
+* 修复tg消息内容中存在.和*就会发送失败的bug ([ae5dfc3](https://github.com/certd/certd/commit/ae5dfc3bee950267123ae2fbd1c11e7ce36626ea))
+
+# [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+### Performance Improvements
+
+* 证书仓库 ([91e7f45](https://github.com/certd/certd/commit/91e7f45a1c5ea1e0ec0aa3236b80028f03a6d0aa))
+
+## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+### Performance Improvements
+
+* 支持http校验方式申请证书 ([405591c](https://github.com/certd/certd/commit/405591c5d08fa1a3b228ee3980199e7731cfec4a))
+
+## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+### Performance Improvements
+
+* 用户创建证书流水线没有购买套餐或者超限时提前报错 ([472f06c](https://github.com/certd/certd/commit/472f06c2d190d0ae48e8b53c18bc278437656a1c))
+
+# [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+### Features
+
+* 套餐购买支持易支付、支付宝支付 ([faa28f8](https://github.com/certd/certd/commit/faa28f88f954cba4c1dd29125562e5acd2fd99af))
+* 支持微信支付 ([45d6347](https://github.com/certd/certd/commit/45d6347f5b6199493b11aabdd74177f6dca2cea4))
+
+### Performance Improvements
+
+* 同一时间只允许一个套餐生效 ([8ebf95a](https://github.com/certd/certd/commit/8ebf95a222a900d1707716c7b1f3b39f8a6d8f94))
+* 优化证书申请跳过的状态显示，成功通知现在在跳过时不会发送 ([67d762b](https://github.com/certd/certd/commit/67d762b6a520f1fa24719a124e5ae975a81f5f82))
+* 支持plesk网站证书部署 ([eda45c1](https://github.com/certd/certd/commit/eda45c1528199648b3970505e87f492d398226cd))
+
+## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+### Bug Fixes
+
+* 修复证书成功通知发送失败的bug ([0f5c690](https://github.com/certd/certd/commit/0f5c69040ba77340c909813220a26bc7ddada3ea))
+
+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+### Performance Improvements
+
+* 通知标题优化 ([ff083ce](https://github.com/certd/certd/commit/ff083ce6848a8bee3c8248e4b881086ae1517c28))
+* 支持aws cloudfront ([0ae39f1](https://github.com/certd/certd/commit/0ae39f160a7c6b6696b3bf513d68aa28905810ad))
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+* 新增七牛云插件分组 ([49e7dc5](https://github.com/certd/certd/commit/49e7dc56e1a95fbdea3e30cdeb945b48415b69e3))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Features
+
+* 手机号登录、邮箱验证码注册 ([7b55337](https://github.com/certd/certd/commit/7b55337c5edb470cca7aa62201eda8d274784004))
+
+### Performance Improvements
+
+* 首页新增修改密码提示 ([0772d3b](https://github.com/certd/certd/commit/0772d3b3fd24afdde4086d9f09ef19d037b431b4))
+* 选项显示图标 ([aedc462](https://github.com/certd/certd/commit/aedc46213571a3bd93809b7af7fa17a08d546237))
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+
 ## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
 
 ### Performance Improvements

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.27.9",
+  "version": "1.30.2",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -16,8 +16,8 @@
     "test": "mocha   --loader=ts-node/esm"
   },
   "dependencies": {
-    "@certd/basic": "^1.27.9",
-    "@certd/plus-core": "^1.27.9",
+    "@certd/basic": "^1.30.2",
+    "@certd/plus-core": "^1.30.2",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -43,5 +43,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ff1d7b115ad211e65fdbbcb625837aa7cc911cfd"
+  "gitHead": "089825d3602440188392f7018d0eb9038617c1d6"
 }

packages/core/pipeline/src/access/api.ts

@@ -18,6 +18,7 @@ export type AccessInputDefine = FormItemProps & {
   encrypt?: boolean;
 };
 export type AccessDefine = Registrable & {
+  icon?: string;
   input?: {
     [key: string]: AccessInputDefine;
   };

packages/core/pipeline/src/core/executor.ts

@@ -10,7 +10,13 @@ import { Decorator } from "../decorator/index.js";
 import { ICnameProxyService, IEmailService, IPluginConfigService, IUrlService } from "../service/index.js";
 import { FileStore } from "./file-store.js";
 import { cloneDeep, forEach, merge } from "lodash-es";
-import { INotificationService, NotificationBody, NotificationContext, notificationRegistry } from "../notification/index.js";
+import { INotificationService } from "../notification/index.js";
+import { taskEmitterCreate } from "../service/emit.js";
+
+export type SysInfo = {
+  //系统标题
+  title?: string;
+};
 
 export type ExecutorOptions = {
   pipeline: Pipeline;
@@ -25,6 +31,7 @@ export type ExecutorOptions = {
   fileRootDir?: string;
   user: UserInfo;
   baseURL?: string;
+  sysInfo?: SysInfo;
 };
 
 export class Executor {
@@ -86,20 +93,30 @@ export class Executor {
         await this.onChanged(this.runtime);
       }, 5000);
 
-      await this.runWithHistory(this.pipeline, "pipeline", async () => {
+      const result = await this.runWithHistory(this.pipeline, "pipeline", async () => {
         return await this.runStages(this.pipeline);
       });
-      if (this.lastRuntime && this.lastRuntime.pipeline.status?.status === ResultType.error) {
-        await this.notification("turnToSuccess");
+      if (result === ResultType.success) {
+        if (this.lastRuntime && this.lastRuntime.pipeline.status?.status === ResultType.error) {
+          await this.notification("turnToSuccess");
+        } else {
+          await this.notification("success");
+        }
       }
-      await this.notification("success");
+      return result;
     } catch (e: any) {
       await this.notification("error", e);
       this.logger.error("pipeline 执行失败", e);
     } finally {
       clearInterval(intervalFlushLogId);
       await this.onChanged(this.runtime);
-      await this.pipelineContext.setObj("lastRuntime", this.runtime);
+      //保存之前移除logs
+      const lastRuntime: any = {
+        ...this.runtime,
+      };
+      delete lastRuntime.logs;
+      delete lastRuntime._loggers;
+      await this.pipelineContext.setObj("lastRuntime", lastRuntime);
       this.logger.info(`pipeline.${this.pipeline.id}  end`);
     }
   }
@@ -303,6 +320,7 @@ export class Executor {
     };
     const taskCtx: TaskInstanceContext = {
       pipeline: this.pipeline,
+      runtime: this.runtime,
       step,
       lastStatus,
       http,
@@ -313,6 +331,8 @@ export class Executor {
       emailService: this.options.emailService,
       cnameProxyService: this.options.cnameProxyService,
       pluginConfigService: this.options.pluginConfigService,
+      notificationService: this.options.notificationService,
+      urlService: this.options.urlService,
       pipelineContext: this.pipelineContext,
       userContext: this.contextFactory.getContext("user", this.options.user.id),
       fileStore: new FileStore({
@@ -323,11 +343,15 @@ export class Executor {
       signal: this.abort.signal,
       utils,
       user: this.options.user,
+      emitter: taskEmitterCreate({
+        step,
+        pipeline: this.pipeline,
+      }),
     };
     instance.setCtx(taskCtx);
 
     await instance.onInstance();
-    await instance.execute();
+    const result = await instance.execute();
     //执行结果处理
     if (instance._result.clearLastStatus) {
       //是否需要清除所有状态
@@ -355,6 +379,8 @@ export class Executor {
       merge(vars, instance._result.pipelinePrivateVars);
       await this.pipelineContext.setObj("privateVars", vars);
     }
+
+    return result;
   }
 
   async notification(when: NotificationWhen, error?: any) {
@@ -366,17 +392,17 @@ export class Executor {
     let content = "";
     const errorMessage = error?.message;
     if (when === "start") {
-      subject = `【Certd】开始执行，${this.pipeline.title}【${this.pipeline.id}】`;
+      subject = `开始执行，${this.pipeline.title}【${this.pipeline.id}】`;
       content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
     } else if (when === "success") {
-      subject = `【Certd】执行成功，${this.pipeline.title}【${this.pipeline.id}】`;
+      subject = `执行成功，${this.pipeline.title}【${this.pipeline.id}】`;
       content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
     } else if (when === "turnToSuccess") {
-      subject = `【Certd】执行成功（失败转成功），${this.pipeline.title}【${this.pipeline.id}】`;
+      subject = `执行成功（失败转成功），${this.pipeline.title}【${this.pipeline.id}】`;
       content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
     } else if (when === "error") {
-      subject = `【Certd】执行失败，${this.pipeline.title}【${this.pipeline.id}】`;
-      content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n错误详情:${error.message}`;
+      subject = `执行失败，${this.pipeline.title}【${this.pipeline.id}】`;
+      content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n${this.currentStatusMap?.currentStep?.title} 执行失败\n\n错误详情:${error.message}`;
     } else {
       return;
     }
@@ -385,10 +411,10 @@ export class Executor {
       if (!notification.when.includes(when)) {
         continue;
       }
+
       if (notification.type === "email") {
         try {
           await this.options.emailService?.send({
-            userId: this.pipeline.userId,
             subject,
             content,
             receivers: notification.options.receivers,
@@ -398,34 +424,24 @@ export class Executor {
         }
       } else {
         try {
-          //构建notification插件，发送通知
-          const notifyConfig = await this.options.notificationService.getById(notification.notificationId);
-          const notificationPlugin = notificationRegistry.get(notifyConfig.type);
-          const notificationCls: any = notificationPlugin.target;
-          const notificationSender = new notificationCls();
-          const notificationCtx: NotificationContext = {
-            http: utils.http,
-            logger,
-            utils,
-            emailService: this.options.emailService,
-          };
-          //设置参数
-          merge(notificationSender, notifyConfig.setting);
-          notificationSender.setCtx(notificationCtx);
-          await notificationSender.onInstance();
-          const body: NotificationBody = {
-            title: subject,
-            content,
-            userId: this.pipeline.userId,
-            pipeline: this.pipeline,
-            result: this.lastRuntime.pipeline.status,
-            pipelineId: this.pipeline.id,
-            historyId: this.runtime.id,
-            errorMessage,
-            url,
-          };
           //发送通知
-          await notificationSender.send(body);
+          await this.options.notificationService.send({
+            id: notification.notificationId,
+            useDefault: true,
+            useEmail: false,
+            logger: this.logger,
+            body: {
+              title: subject,
+              content,
+              userId: this.pipeline.userId,
+              pipeline: this.pipeline,
+              result: this.lastRuntime?.pipeline?.status,
+              pipelineId: this.pipeline.id,
+              historyId: this.runtime.id,
+              errorMessage,
+              url,
+            },
+          });
         } catch (e) {
           logger.error("send notification error", e);
         }

packages/core/pipeline/src/core/run-history.ts

@@ -134,6 +134,7 @@ export class RunHistory {
 export class RunnableCollection {
   private collection: RunnableMap = {};
   private pipeline!: Pipeline;
+  currentStep!: Step;
   constructor(pipeline?: Pipeline) {
     if (!pipeline) {
       return;
@@ -143,6 +144,23 @@ export class RunnableCollection {
     this.collection = map;
   }
 
+  static initPipelineRunnableType(pipeline: Pipeline) {
+    pipeline.runnableType = "pipeline";
+    if (pipeline.stages === undefined) {
+      pipeline.stages = [];
+      return;
+    }
+    pipeline.stages.forEach((stage) => {
+      stage.runnableType = "stage";
+      stage.tasks.forEach((task) => {
+        task.runnableType = "task";
+        task.steps.forEach((step) => {
+          step.runnableType = "step";
+        });
+      });
+    });
+  }
+
   static each<T extends Runnable>(list: T[], exec: (item: Runnable) => void) {
     list.forEach((item) => {
       exec(item);
@@ -193,5 +211,8 @@ export class RunnableCollection {
 
   add(runnable: Runnable) {
     this.collection[runnable.id] = runnable;
+    if (runnable.runnableType === "step") {
+      this.currentStep = runnable as Step;
+    }
   }
 }

packages/core/pipeline/src/notification/api.ts

@@ -4,15 +4,16 @@ import { FormItemProps, HistoryResult, Pipeline } from "../dt/index.js";
 import { HttpClient, ILogger, utils } from "@certd/basic";
 import * as _ from "lodash-es";
 import { IEmailService } from "../service/index.js";
+import { isPlus } from "@certd/plus-core";
 
 export type NotificationBody = {
-  userId: number;
+  userId?: number;
   title: string;
   content: string;
-  pipeline: Pipeline;
-  pipelineId: number;
+  pipeline?: Pipeline;
+  pipelineId?: number;
   result?: HistoryResult;
-  historyId: number;
+  historyId?: number;
   errorMessage?: string;
   url?: string;
 };
@@ -31,6 +32,7 @@ export type NotificationInputDefine = FormItemProps & {
   encrypt?: boolean;
 };
 export type NotificationDefine = Registrable & {
+  needPlus?: boolean;
   input?: {
     [key: string]: NotificationInputDefine;
   };
@@ -39,14 +41,25 @@ export type NotificationDefine = Registrable & {
 export type NotificationInstanceConfig = {
   id: number;
   type: string;
+  name: string;
   userId: number;
   setting: {
     [key: string]: any;
   };
 };
 
+export type NotificationSendReq = {
+  id?: number;
+  useDefault?: boolean;
+  useEmail?: boolean;
+  emailAddress?: string;
+  logger: ILogger;
+  body: NotificationBody;
+};
 export interface INotificationService {
   getById(id: number): Promise<NotificationInstanceConfig>;
+  getDefault(): Promise<NotificationInstanceConfig>;
+  send(req: NotificationSendReq): Promise<void>;
 }
 
 export interface INotification {
@@ -62,9 +75,17 @@ export type NotificationContext = {
 };
 
 export abstract class BaseNotification implements INotification {
+  define!: NotificationDefine;
   ctx!: NotificationContext;
   http!: HttpClient;
   logger!: ILogger;
+
+  async doSend(body: NotificationBody) {
+    if (this.define.needPlus && !isPlus()) {
+      body.content = `${body.content}\n\n注意：此通知渠道已调整为专业版功能，后续版本将不再支持发送，请尽快修改或升级为专业版`;
+    }
+    return await this.send(body);
+  }
   abstract send(body: NotificationBody): Promise<void>;
 
   // eslint-disable-next-line @typescript-eslint/no-empty-function
@@ -74,6 +95,9 @@ export abstract class BaseNotification implements INotification {
     this.http = ctx.http;
     this.logger = ctx.logger;
   }
+  setDefine = (define: NotificationDefine) => {
+    this.define = define;
+  };
 
   async onRequest(req: NotificationRequestHandleReq) {
     if (!req.action) {
@@ -95,13 +119,13 @@ export abstract class BaseNotification implements INotification {
   }
 
   async onTestRequest() {
-    await this.send({
+    await this.doSend({
       userId: 0,
-      title: "【Certd】测试通知",
-      content: "测试通知",
+      title: "【Certd】测试通知【*.foo.com】，标题长度测试、测试、测试",
+      content: "测试通知,*.foo.com",
       pipeline: {
         id: 1,
-        title: "测试流水线",
+        title: "证书申请成功【测试流水线】",
       } as any,
       pipelineId: 1,
       historyId: 1,

packages/core/pipeline/src/notification/decorator.ts

@@ -1,8 +1,9 @@
 // src/decorator/memoryCache.decorator.ts
 import { Decorator } from "../decorator/index.js";
 import * as _ from "lodash-es";
+import { merge } from "lodash-es";
 import { notificationRegistry } from "./registry.js";
-import { NotificationContext, NotificationDefine, NotificationInputDefine } from "./api.js";
+import { BaseNotification, NotificationBody, NotificationContext, NotificationDefine, NotificationInputDefine, NotificationInstanceConfig } from "./api.js";
 
 // 提供一个唯一 key
 export const NOTIFICATION_CLASS_KEY = "pipeline:notification";
@@ -38,19 +39,25 @@ export function NotificationInput(input?: NotificationInputDefine): PropertyDeco
   };
 }
 
-export function newNotification(type: string, input: any, ctx: NotificationContext) {
+export async function newNotification(type: string, input: any, ctx: NotificationContext) {
   const register = notificationRegistry.get(type);
   if (register == null) {
     throw new Error(`notification ${type} not found`);
   }
+
   // @ts-ignore
   const plugin = new register.target();
-  for (const key in input) {
-    plugin[key] = input[key];
-  }
+  merge(plugin, input);
   if (!ctx) {
     throw new Error("ctx is required");
   }
+  plugin.setDefine(register.define);
   plugin.setCtx(ctx);
+  await plugin.onInstance();
   return plugin;
 }
+
+export async function sendNotification(opts: { config: NotificationInstanceConfig; ctx: NotificationContext; body: NotificationBody }) {
+  const notification: BaseNotification = await newNotification(opts.config.type, opts.config.setting, opts.ctx);
+  await notification.doSend(opts.body);
+}

packages/core/pipeline/src/plugin/api.ts

@@ -2,13 +2,15 @@ import { Registrable } from "../registry/index.js";
 import { FileItem, FormItemProps, Pipeline, Runnable, Step } from "../dt/index.js";
 import { FileStore } from "../core/file-store.js";
 import { IAccessService } from "../access/index.js";
-import { ICnameProxyService, IEmailService } from "../service/index.js";
-import { CancelError, IContext, RunnableCollection } from "../core/index.js";
+import { ICnameProxyService, IEmailService, IUrlService } from "../service/index.js";
+import { CancelError, IContext, RunHistory, RunnableCollection } from "../core/index.js";
 import { HttpRequestConfig, ILogger, logger, utils } from "@certd/basic";
 import { HttpClient } from "@certd/basic";
 import dayjs from "dayjs";
-import { IPluginConfigService } from "../service/config";
+import { IPluginConfigService } from "../service/config.js";
 import { upperFirst } from "lodash-es";
+import { INotificationService } from "../notification/index.js";
+import { TaskEmitter } from "../service/emit.js";
 
 export type PluginRequestHandleReq<T = any> = {
   typeName: string;
@@ -58,7 +60,7 @@ export type PluginDefine = Registrable & {
 
 export type ITaskPlugin = {
   onInstance(): Promise<void>;
-  execute(): Promise<void>;
+  execute(): Promise<void | string>;
   onRequest(req: PluginRequestHandleReq<any>): Promise<any>;
   [key: string]: any;
 };
@@ -72,6 +74,8 @@ export type TaskResult = {
 export type TaskInstanceContext = {
   //流水线定义
   pipeline: Pipeline;
+  //运行时历史
+  runtime: RunHistory;
   //步骤定义
   step: Step;
   //日志
@@ -86,6 +90,10 @@ export type TaskInstanceContext = {
   cnameProxyService: ICnameProxyService;
   //插件配置服务
   pluginConfigService: IPluginConfigService;
+  //通知服务
+  notificationService: INotificationService;
+  //url构建
+  urlService: IUrlService;
   //流水线上下文
   pipelineContext: IContext;
   //用户上下文
@@ -104,6 +112,8 @@ export type TaskInstanceContext = {
   utils: typeof utils;
   //用户信息
   user: UserInfo;
+
+  emitter: TaskEmitter;
 };
 
 export abstract class AbstractTaskPlugin implements ITaskPlugin {
@@ -177,7 +187,7 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     return;
   }
 
-  abstract execute(): Promise<void>;
+  abstract execute(): Promise<void | string>;
 
   appendTimeSuffix(name?: string) {
     if (name == null) {

packages/core/pipeline/src/plugin/group.ts

@@ -20,8 +20,10 @@ export const pluginGroups = {
   aliyun: new PluginGroup("aliyun", "阿里云", 2),
   huawei: new PluginGroup("huawei", "华为云", 3),
   tencent: new PluginGroup("tencent", "腾讯云", 4),
-  host: new PluginGroup("host", "主机", 5),
-  cdn: new PluginGroup("cdn", "CDN", 6),
-  panel: new PluginGroup("panel", "面板", 7),
-  other: new PluginGroup("other", "其他", 8),
+  qiniu: new PluginGroup("qiniu", "七牛云", 5),
+  aws: new PluginGroup("aws", "亚马逊云", 6),
+  host: new PluginGroup("host", "主机", 7),
+  cdn: new PluginGroup("cdn", "CDN", 8),
+  panel: new PluginGroup("panel", "面板", 9),
+  other: new PluginGroup("other", "其他", 10),
 };

packages/core/pipeline/src/service/cname.ts

@@ -18,6 +18,7 @@ export type CnameRecord = {
   status: string;
   commonDnsProvider?: any;
 };
+
 export type ICnameProxyService = {
   getByDomain: (domain: string) => Promise<CnameRecord>;
 };

packages/core/pipeline/src/service/email.ts

@@ -1,5 +1,4 @@
 export type EmailSend = {
-  userId: number;
   subject: string;
   content: string;
   receivers: string[];

packages/core/pipeline/src/service/emit.ts

@@ -0,0 +1,68 @@
+import { logger } from "@certd/basic";
+import { Pipeline, Runnable } from "../dt";
+
+export type PipelineEventListener = (...args: any[]) => Promise<void>;
+export type PipelineEvent<T> = {
+  pipeline: Pipeline;
+  step: Runnable;
+  event: T;
+};
+export class PipelineEmitter {
+  events: Record<string, PipelineEventListener[]>;
+  constructor() {
+    this.events = {};
+  }
+  on(event: string, listener: PipelineEventListener) {
+    if (!this.events[event]) {
+      this.events[event] = [];
+    }
+    this.events[event].push(listener);
+  }
+  async emit<T>(name: string, event: PipelineEvent<T>) {
+    const listeners = this.events[name];
+    if (listeners) {
+      for (const listener of listeners) {
+        try {
+          await listener(event);
+        } catch (e) {
+          logger.error(`事件<${name}>监听器执行失败:`, e);
+        }
+      }
+    }
+  }
+  off(event: string, listener: PipelineEventListener) {
+    if (this.events[event]) {
+      this.events[event] = this.events[event].filter((l) => l !== listener);
+    }
+  }
+  once(event: string, listener: PipelineEventListener) {
+    const onceListener = async (...args: any[]) => {
+      this.off(event, onceListener);
+      await listener(...args);
+    };
+    this.on(event, onceListener);
+  }
+}
+
+export const pipelineEmitter = new PipelineEmitter();
+
+export type TaskEmitterCreateReq = {
+  step: Runnable;
+  pipeline: Pipeline;
+};
+
+export type TaskEmitter = {
+  emit: <T>(name: string, event: T) => Promise<void>;
+};
+
+export function taskEmitterCreate(req: TaskEmitterCreateReq) {
+  return {
+    emit: async <T>(name: string, event: T) => {
+      await pipelineEmitter.emit(name, {
+        pipeline: req.pipeline,
+        step: req.step,
+        event,
+      });
+    },
+  } as TaskEmitter;
+}

packages/core/pipeline/src/service/index.ts

@@ -2,3 +2,4 @@ export * from "./email.js";
 export * from "./cname.js";
 export * from "./config.js";
 export * from "./url.js";
+export * from "./emit.js";

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,62 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.27.9",
+  "version": "1.30.2",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -21,5 +21,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "ff1d7b115ad211e65fdbbcb625837aa7cc911cfd"
+  "gitHead": "089825d3602440188392f7018d0eb9038617c1d6"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,62 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.27.9",
+  "version": "1.30.2",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -30,5 +30,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ff1d7b115ad211e65fdbbcb625837aa7cc911cfd"
+  "gitHead": "089825d3602440188392f7018d0eb9038617c1d6"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,62 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.27.9",
+  "version": "1.30.2",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -16,7 +16,7 @@
     "preview": "vite preview"
   },
   "dependencies": {
-    "@certd/basic": "^1.27.9",
+    "@certd/basic": "^1.30.2",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ff1d7b115ad211e65fdbbcb625837aa7cc911cfd"
+  "gitHead": "089825d3602440188392f7018d0eb9038617c1d6"
 }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,80 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+**Note:** Version bump only for package @certd/lib-server
+
+# [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+### Features
+
+* 支持open api接口，根据域名获取证书 ([52a4fd3](https://github.com/certd/certd/commit/52a4fd33180e9b3f71b8dc9f7671d7cd8e448c3b))
+
+## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+### Bug Fixes
+
+* 修复系统级授权无法查看密钥的bug ([8644348](https://github.com/certd/certd/commit/8644348fc41ae2e1672f946ca37e5d3a674e0218))
+
+## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+**Note:** Version bump only for package @certd/lib-server
+
+# [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+### Features
+
+* 基础版不再限制流水线数量 ([cb27d4b](https://github.com/certd/certd/commit/cb27d4b4906b2782eaceb0a95bbdc5d0534370d2))
+* 套餐购买支持易支付、支付宝支付 ([faa28f8](https://github.com/certd/certd/commit/faa28f88f954cba4c1dd29125562e5acd2fd99af))
+* 用户套餐，用户支付功能 ([a019956](https://github.com/certd/certd/commit/a019956698acaf2c4beb620b5ad8c18918ead6a1))
+
+### Performance Improvements
+
+* 站点证书监控通知发送，每天定时检查 ([bb4910f](https://github.com/certd/certd/commit/bb4910f4e57234e42b44505f4620ae7af66025c5))
+
+## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Performance Improvements
+
+* favicon支持自定义 ([8b9c47d](https://github.com/certd/certd/commit/8b9c47daf194515006689a212ae9cf586bdf5993))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Performance Improvements
+
+* 登录失败增加重试次数限制及冷却时间 ([954b6df](https://github.com/certd/certd/commit/954b6df3608695fe074130f8149a33e311d80cc4))
+* 流水线支持批量修改分组，批量删除 ([a847e66](https://github.com/certd/certd/commit/a847e66c4fc843b98f1520b2b8072d3586ce8b81))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+
 ## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
 
 **Note:** Version bump only for package @certd/lib-server

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.27.9",
+  "version": "1.30.2",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -27,10 +27,10 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.27.9",
-    "@certd/basic": "^1.27.9",
-    "@certd/pipeline": "^1.27.9",
-    "@certd/plus-core": "^1.27.9",
+    "@certd/acme-client": "^1.30.2",
+    "@certd/basic": "^1.30.2",
+    "@certd/pipeline": "^1.30.2",
+    "@certd/plus-core": "^1.30.2",
     "@midwayjs/cache": "~3.14.0",
     "@midwayjs/core": "~3.17.1",
     "@midwayjs/i18n": "~3.17.3",
@@ -61,5 +61,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ff1d7b115ad211e65fdbbcb625837aa7cc911cfd"
+  "gitHead": "089825d3602440188392f7018d0eb9038617c1d6"
 }

packages/libs/lib-server/src/basic/base-controller.ts

@@ -25,7 +25,7 @@ export abstract class BaseController {
    * @param msg
    * @param code
    */
-  fail(msg: string, code: any) {
+  fail(msg: string, code?: any) {
     return {
       code: code ? code : Constants.res.error.code,
       msg: msg ? msg : Constants.res.error.code,
@@ -39,4 +39,12 @@ export abstract class BaseController {
     }
     return userId;
   }
+
+  getLoginUser() {
+    const user = this.ctx.user;
+    if (user == null) {
+      throw new Error('Token已过期');
+    }
+    return user;
+  }
 }

packages/libs/lib-server/src/basic/base-service.ts

@@ -1,10 +1,9 @@
-import { ValidateException } from './exception/index.js';
-import * as _ from 'lodash-es';
-import { PermissionException } from './exception/index.js';
+import { PermissionException, ValidateException } from './exception/index.js';
 import { In, Repository, SelectQueryBuilder } from 'typeorm';
 import { Inject } from '@midwayjs/core';
 import { TypeORMDataSourceManager } from '@midwayjs/typeorm';
 import { EntityManager } from 'typeorm/entity-manager/EntityManager.js';
+import { FindManyOptions } from 'typeorm';
 
 export type PageReq<T = any> = {
   page?: { offset: number; limit: number };
@@ -17,6 +16,7 @@ export type ListReq<T = any> = {
     asc: boolean;
   };
   buildQuery?: (bq: SelectQueryBuilder<any>) => void;
+  select?: any;
 };
 
 /**
@@ -55,7 +55,7 @@ export abstract class BaseService<T> {
    * 非分页查询
    * @param options
    */
-  async find(options) {
+  async find(options: FindManyOptions<T>) {
     return await this.getRepository().find(options);
   }
 
@@ -101,7 +101,7 @@ export abstract class BaseService<T> {
    * 新增|修改
    * @param param 数据
    */
-  async addOrUpdate(param) {
+  async addOrUpdate(param: any) {
     await this.getRepository().save(param);
   }
 
@@ -109,7 +109,7 @@ export abstract class BaseService<T> {
    * 新增
    * @param param 数据
    */
-  async add(param) {
+  async add(param: any) {
     const now = new Date();
     param.createTime = now;
     param.updateTime = now;
@@ -124,7 +124,7 @@ export abstract class BaseService<T> {
    * 修改
    * @param param 数据
    */
-  async update(param) {
+  async update(param: any) {
     if (!param.id) throw new ValidateException('id 不能为空');
     param.updateTime = new Date();
     await this.addOrUpdate(param);
@@ -150,6 +150,7 @@ export abstract class BaseService<T> {
       page.limit = 20;
     }
     const qb = this.buildListQuery(pageReq);
+
     qb.offset(page.offset).limit(page.limit);
     const list = await qb.getMany();
     const total = await qb.getCount();
@@ -164,28 +165,27 @@ export abstract class BaseService<T> {
   private buildListQuery(listReq: ListReq<T>) {
     const { query, sort, buildQuery } = listReq;
     const qb = this.getRepository().createQueryBuilder('main');
-    if (sort && sort.prop) {
-      qb.addOrderBy('main.' + sort.prop, sort.asc ? 'ASC' : 'DESC');
-    }
-    qb.addOrderBy('id', 'DESC');
-    //根据bean query
     if (query) {
-      let whereSql = '';
-      let index = 0;
-      _.forEach(query, (value, key) => {
-        if (!value) {
-          return;
+      const keys = Object.keys(query);
+      for (const key of keys) {
+        const value = query[key];
+        if (value == null) {
+          delete query[key];
         }
-        if (index !== 0) {
-          whereSql += ' and ';
+      }
+      qb.where(query);
+    }
+    if (sort && sort.prop) {
+      const found = this.getRepository().metadata.columns.find(column => {
+        if (column.propertyName === sort.prop) {
+          return true;
         }
-        whereSql += ` main.${key} = :${key} `;
-        index++;
       });
-      if (index > 0) {
-        qb.andWhere(whereSql, query);
+      if (found) {
+        qb.addOrderBy('main.' + sort.prop, sort.asc ? 'ASC' : 'DESC');
       }
     }
+    qb.addOrderBy('id', 'DESC');
     //自定义query
     if (buildQuery) {
       buildQuery(qb);

packages/libs/lib-server/src/basic/constants.ts

@@ -12,6 +12,8 @@ export const Constants = {
     authOnly: '_authOnly_',
     //仅需要登录
     loginOnly: '_authOnly_',
+
+    open: '_open_',
   },
   res: {
     serverError(message: string) {
@@ -36,6 +38,18 @@ export const Constants = {
       code: 88,
       message: '需要VIP',
     },
+    needsuite: {
+      code: 89,
+      message: '需要购买或升级套餐',
+    },
+    loginError: {
+      code: 2,
+      message: '登录失败',
+    },
+    codeError: {
+      code: 3,
+      message: '验证码错误',
+    },
     auth: {
       code: 401,
       message: '您还未登录或token已过期',
@@ -56,5 +70,33 @@ export const Constants = {
       code: 10001,
       message: '对不起，预览环境不允许修改此数据',
     },
+    openKeyError: {
+      code: 20000,
+      message: 'ApiToken错误',
+    },
+    openKeySignError: {
+      code: 20001,
+      message: 'ApiToken签名错误',
+    },
+    openKeyExpiresError: {
+      code: 20002,
+      message: 'ApiToken时间戳错误',
+    },
+    openKeySignTypeError: {
+      code: 20003,
+      message: 'ApiToken签名类型不支持',
+    },
+    openParamError: {
+      code: 20010,
+      message: '请求参数错误',
+    },
+    openCertNotFound: {
+      code: 20011,
+      message: '证书不存在',
+    },
+    openCertNotReady: {
+      code: 20012,
+      message: '证书还未生成',
+    },
   },
 };

packages/libs/lib-server/src/basic/crud-controller.ts

@@ -49,4 +49,10 @@ export abstract class CrudController<T> extends BaseController {
     await this.getService().delete([id]);
     return this.ok(null);
   }
+
+  @Post('/deleteByIds')
+  async deleteByIds(@Body('ids') ids: number[]) {
+    await this.getService().delete(ids);
+    return this.ok(null);
+  }
 }

packages/libs/lib-server/src/basic/exception/auth-exception.ts

@@ -5,10 +5,6 @@ import { BaseException } from './base-exception.js';
  */
 export class AuthException extends BaseException {
   constructor(message) {
-    super(
-      'AuthException',
-      Constants.res.auth.code,
-      message ? message : Constants.res.auth.message
-    );
+    super('AuthException', Constants.res.auth.code, message ? message : Constants.res.auth.message);
   }
 }

packages/libs/lib-server/src/basic/exception/base-exception.ts

@@ -2,10 +2,10 @@
  * 异常基类
  */
 export class BaseException extends Error {
-  status: number;
+  code: number;
   constructor(name, code, message) {
     super(message);
     this.name = name;
-    this.status = code;
+    this.code = code;
   }
 }

packages/libs/lib-server/src/basic/exception/code-error-exception.ts

@@ -0,0 +1,10 @@
+import { Constants } from '../constants.js';
+import { BaseException } from './base-exception.js';
+/**
+ * 验证码异常
+ */
+export class CodeErrorException extends BaseException {
+  constructor(message) {
+    super('CodeErrorException', Constants.res.codeError.code, message ? message : Constants.res.codeError.message);
+  }
+}

packages/libs/lib-server/src/basic/exception/common-exception.ts

@@ -5,10 +5,12 @@ import { BaseException } from './base-exception.js';
  */
 export class CommonException extends BaseException {
   constructor(message) {
-    super(
-      'CommonException',
-      Constants.res.error.code,
-      message ? message : Constants.res.error.message
-    );
+    super('CommonException', Constants.res.error.code, message ? message : Constants.res.error.message);
+  }
+}
+
+export class CodeException extends BaseException {
+  constructor(res: { code: number; message: string }) {
+    super('CodeException', res.code, res.message);
   }
 }

packages/libs/lib-server/src/basic/exception/login-error-exception.ts

@@ -0,0 +1,12 @@
+import { Constants } from '../constants.js';
+import { BaseException } from './base-exception.js';
+/**
+ * 通用异常
+ */
+export class LoginErrorException extends BaseException {
+  leftCount: number;
+  constructor(message, leftCount: number) {
+    super('LoginErrorException', Constants.res.loginError.code, message ? message : Constants.res.loginError.message);
+    this.leftCount = leftCount;
+  }
+}

packages/libs/lib-server/src/basic/exception/vip-exception.ts

@@ -8,3 +8,9 @@ export class NeedVIPException extends BaseException {
     super('NeedVIPException', Constants.res.needvip.code, message ? message : Constants.res.needvip.message);
   }
 }
+
+export class NeedSuiteException extends BaseException {
+  constructor(message) {
+    super('NeedSuiteException', Constants.res.needsuite.code, message ? message : Constants.res.needsuite.message);
+  }
+}

packages/libs/lib-server/src/basic/result.ts

@@ -9,7 +9,7 @@ export class Result<T> {
   }
 
   static error(code = 1, msg) {
-    return new Result(code, msg, null);
+    return new Result(code, msg);
   }
 
   static success(msg, data?) {

packages/libs/lib-server/src/index.ts

@@ -1,7 +1,8 @@
 import { SysSettingsEntity } from './system/index.js';
-
+import { AccessEntity } from './user/access/entity/access.js';
 export * from './basic/index.js';
 export * from './system/index.js';
+export * from './user/index.js';
 export { LibServerConfiguration as Configuration } from './configuration.js';
 
-export const libServerEntities = [SysSettingsEntity];
+export const libServerEntities = [SysSettingsEntity, AccessEntity];

packages/libs/lib-server/src/system/basic/index.ts

@@ -1,2 +1,3 @@
 export * from './service/plus-service.js';
 export * from './service/file-service.js';
+export * from './service/encryptor.js';

packages/libs/lib-server/src/system/basic/service/encryptor.ts

@@ -1,25 +1,10 @@
-import { Init, Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
 import crypto from 'crypto';
-import { SysSettingsService } from '@certd/lib-server';
-import { SysPrivateSettings } from '@certd/lib-server';
 
-/**
- * 授权
- */
-@Provide()
-@Scope(ScopeEnum.Singleton)
-export class EncryptService {
+export class Encryptor {
   secretKey: Buffer;
-
-  @Inject()
-  sysSettingService: SysSettingsService;
-
-  @Init()
-  async init() {
-    const privateInfo: SysPrivateSettings = await this.sysSettingService.getSetting(SysPrivateSettings);
-    this.secretKey = Buffer.from(privateInfo.encryptSecret, 'base64');
+  constructor(encryptSecret: string, encoding: BufferEncoding = 'base64') {
+    this.secretKey = Buffer.from(encryptSecret, encoding);
   }
-
   // 加密函数
   encrypt(text: string) {
     const iv = crypto.randomBytes(16); // 初始化向量

packages/libs/lib-server/src/system/basic/service/file-service.ts

@@ -14,7 +14,7 @@ export const uploadTmpFileCacheKey = 'tmpfile_key_';
 /**
  */
 @Provide()
-@Scope(ScopeEnum.Singleton)
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class FileService {
   async saveFile(userId: number, tmpCacheKey: any, permission: 'public' | 'private') {
     if (tmpCacheKey.startsWith(`/${permission}`)) {

packages/libs/lib-server/src/system/basic/service/plus-service.ts

@@ -5,7 +5,7 @@ import { SysInstallInfo, SysLicenseInfo, SysSettingsService } from '../../settin
 import { merge } from 'lodash-es';
 
 @Provide()
-@Scope(ScopeEnum.Singleton)
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class PlusService {
   @Inject()
   sysSettingsService: SysSettingsService;
@@ -38,9 +38,9 @@ export class PlusService {
     return installInfo.siteId;
   }
 
-  async active(code: string) {
+  async active(code: string, inviteCode?: string) {
     const plusRequestService = await this.getPlusRequestService();
-    return await plusRequestService.active(code);
+    return await plusRequestService.active(code, inviteCode);
   }
 
   async updateLicense(license: string) {

packages/libs/lib-server/src/system/settings/service/models.ts

@@ -14,13 +14,17 @@ export class SysPublicSettings extends BaseSettings {
   static __key__ = 'sys.public';
   static __title__ = '系统公共设置';
   static __access__ = 'public';
+
   registerEnabled = false;
+  passwordLoginEnabled = true;
+  usernameRegisterEnabled = true;
+  mobileRegisterEnabled = false;
+  smsLoginEnabled = false;
+  emailRegisterEnabled = false;
+
   limitUserPipelineCount = 0;
   managerOtherUserPipeline = false;
   icpNo?: string;
-  defaultCron?: string;
-  defaultNotification?: number;
-  // triggerOnStartup = false;
 }
 
 export class SysPrivateSettings extends BaseSettings {
@@ -35,6 +39,14 @@ export class SysPrivateSettings extends BaseSettings {
   dnsResultOrder? = '';
   commonCnameEnabled?: boolean = true;
 
+  sms?: {
+    type?: string;
+    config?: any;
+  } = {
+    type: 'aliyun',
+    config: {},
+  };
+
   removeSecret() {
     const clone = cloneDeep(this);
     delete clone.jwtKey;
@@ -100,6 +112,17 @@ export class SysSecretBackup extends BaseSettings {
   encryptSecret?: string;
 }
 
+/**
+ * 不要修改
+ */
+export class SysSecret extends BaseSettings {
+  static __title__ = '密钥信息';
+  static __key__ = 'sys.secret';
+  static __access__ = 'private';
+  siteId?: string;
+  encryptSecret?: string;
+}
+
 export class SysSiteEnv {
   agent?: {
     enabled?: boolean;
@@ -124,3 +147,35 @@ export class SysHeaderMenus extends BaseSettings {
 
   menus: MenuItem[];
 }
+
+export type PaymentItem = {
+  enabled: boolean;
+  accessId?: number;
+};
+
+export class SysPaymentSetting extends BaseSettings {
+  static __title__ = '支付设置';
+  static __key__ = 'sys.payment';
+  static __access__ = 'private';
+
+  yizhifu?: PaymentItem = { enabled: false };
+
+  alipay?: PaymentItem = { enabled: false };
+
+  wxpay?: PaymentItem = { enabled: false };
+}
+
+export class SysSuiteSetting extends BaseSettings {
+  static __title__ = '套餐设置';
+  static __key__ = 'sys.suite';
+  static __access__ = 'private';
+
+  enabled = false;
+
+  registerGift?: {
+    productId: number;
+    duration: number;
+  };
+
+  intro?: string;
+}

packages/libs/lib-server/src/system/settings/service/sys-settings-service.ts

@@ -1,13 +1,13 @@
-import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
+import { Provide, Scope, ScopeEnum } from '@midwayjs/core';
 import { InjectEntityModel } from '@midwayjs/typeorm';
 import { Repository } from 'typeorm';
 import { SysSettingsEntity } from '../entity/sys-settings.js';
-import { CacheManager } from '@midwayjs/cache';
-import { BaseSettings, SysInstallInfo, SysPrivateSettings, SysPublicSettings, SysSecretBackup } from './models.js';
+import { BaseSettings, SysInstallInfo, SysPrivateSettings, SysPublicSettings, SysSecret, SysSecretBackup } from './models.js';
 import * as _ from 'lodash-es';
 import { BaseService } from '../../../basic/index.js';
-import { logger, setGlobalProxy } from '@certd/basic';
+import { cache, logger, setGlobalProxy } from '@certd/basic';
 import * as dns from 'node:dns';
+
 /**
  * 设置
  */
@@ -17,9 +17,6 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
   @InjectEntityModel(SysSettingsEntity)
   repository: Repository<SysSettingsEntity>;
 
-  @Inject()
-  cache: CacheManager; // 依赖注入CacheManager
-
   getRepository() {
     return this.repository;
   }
@@ -72,7 +69,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
   async getSetting<T>(type: any): Promise<T> {
     const key = type.__key__;
     const cacheKey = type.getCacheKey();
-    const settings: T = await this.cache.get(cacheKey);
+    const settings: T = cache.get(cacheKey);
     if (settings) {
       return settings;
     }
@@ -80,7 +77,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
     const savedSettings = await this.getSettingByKey(key);
     newSetting = _.merge(newSetting, savedSettings);
     await this.saveSetting(newSetting);
-    await this.cache.set(cacheKey, newSetting);
+    cache.set(cacheKey, newSetting);
     return newSetting;
   }
 
@@ -93,6 +90,12 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
     if (entity) {
       entity.setting = JSON.stringify(bean);
       entity.access = type.__access__;
+
+      if (key === SysSecretBackup.__key__) {
+        //备份密钥不允许更新
+        return;
+      }
+
       await this.repository.save(entity);
     } else {
       const newEntity = new SysSettingsEntity();
@@ -103,7 +106,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
       await this.repository.save(newEntity);
     }
 
-    await this.cache.set(cacheKey, bean);
+    cache.set(cacheKey, bean);
   }
 
   async getPublicSettings(): Promise<SysPublicSettings> {
@@ -146,7 +149,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
     } else {
       throw new Error('该设置不存在');
     }
-    await this.cache.del(`settings.${key}`);
+    cache.delete(`settings.${key}`);
   }
 
   async backupSecret() {
@@ -173,4 +176,20 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
       }
     }
   }
+  async getSecret() {
+    const sysSecret = await this.getSetting<SysSecret>(SysSecret);
+    if (sysSecret.encryptSecret) {
+      return sysSecret;
+    }
+    //从备份中读取
+    const settings = await this.getSettingByKey(SysSecretBackup.__key__);
+    if (settings == null || !settings.encryptSecret) {
+      throw new Error('密钥备份不存在');
+    }
+    sysSecret.siteId = settings.siteId;
+    sysSecret.encryptSecret = settings.encryptSecret;
+    await this.saveSetting(sysSecret);
+    logger.info('密钥恢复成功');
+    return sysSecret;
+  }
 }

packages/libs/lib-server/src/user/access/index.ts

@@ -0,0 +1,5 @@
+export * from './entity/access.js';
+export * from './service/access-service.js';
+export * from './service/access-sys-getter.js';
+export * from './service/access-getter.js';
+export * from './service/encrypt-service.js';

packages/libs/lib-server/src/user/access/service/access-service.ts

@@ -1,7 +1,7 @@
 import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
 import { InjectEntityModel } from '@midwayjs/typeorm';
 import { Repository } from 'typeorm';
-import { BaseService, PageReq, PermissionException, ValidateException } from '@certd/lib-server';
+import { BaseService, PageReq, PermissionException, ValidateException } from '../../../index.js';
 import { AccessEntity } from '../entity/access.js';
 import { AccessDefine, accessRegistry, newAccess } from '@certd/pipeline';
 import { EncryptService } from './encrypt-service.js';
@@ -10,7 +10,7 @@ import { EncryptService } from './encrypt-service.js';
  * 授权
  */
 @Provide()
-@Scope(ScopeEnum.Singleton)
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class AccessService extends BaseService<AccessEntity> {
   @InjectEntityModel(AccessEntity)
   repository: Repository<AccessEntity>;
@@ -18,6 +18,7 @@ export class AccessService extends BaseService<AccessEntity> {
   @Inject()
   encryptService: EncryptService;
 
+  // eslint-disable-next-line @typescript-eslint/ban-ts-comment
   //@ts-ignore
   getRepository() {
     return this.repository;

packages/libs/lib-server/src/user/access/service/access-sys-getter.ts

@@ -0,0 +1,17 @@
+import { IAccessService } from '@certd/pipeline';
+import { AccessService } from './access-service.js';
+
+export class AccessSysGetter implements IAccessService {
+  accessService: AccessService;
+  constructor(accessService: AccessService) {
+    this.accessService = accessService;
+  }
+
+  async getById<T = any>(id: any) {
+    return await this.accessService.getAccessById(id, false);
+  }
+
+  async getCommonById<T = any>(id: any) {
+    return await this.accessService.getAccessById(id, false);
+  }
+}

packages/libs/lib-server/src/user/access/service/encrypt-service.ts

@@ -0,0 +1,30 @@
+import { Init, Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
+import { Encryptor, SysSecret, SysSettingsService } from '../../../system/index.js';
+
+/**
+ * 授权
+ */
+@Provide()
+@Scope(ScopeEnum.Singleton)
+export class EncryptService {
+  encryptor: Encryptor;
+
+  @Inject()
+  sysSettingService: SysSettingsService;
+
+  @Init()
+  async init() {
+    const secret: SysSecret = await this.sysSettingService.getSecret();
+    this.encryptor = new Encryptor(secret.encryptSecret);
+  }
+
+  // 加密函数
+  encrypt(text: string) {
+    return this.encryptor.encrypt(text);
+  }
+
+  // 解密函数
+  decrypt(encryptedText: string) {
+    return this.encryptor.decrypt(encryptedText);
+  }
+}

packages/libs/lib-server/src/user/index.ts

@@ -0,0 +1 @@
+export * from './access/index.js';

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,62 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+# [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+# [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.27.9",
+  "version": "1.30.2",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ff1d7b115ad211e65fdbbcb625837aa7cc911cfd"
+  "gitHead": "089825d3602440188392f7018d0eb9038617c1d6"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,99 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+### Performance Improvements
+
+* http方式校验，选择sftp时，支持修改文件访问权限比如777 ([15d6eaf](https://github.com/certd/certd/commit/15d6eaf5532ed25acd4f8d58c429353a2f44206c))
+
+# [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+### Bug Fixes
+
+* 修复namesilo ttl太短的问题 ([865f26d](https://github.com/certd/certd/commit/865f26d75c0d3dd4dc8b41448f8830068e45957c))
+
+### Performance Improvements
+
+* 证书仓库 ([91e7f45](https://github.com/certd/certd/commit/91e7f45a1c5ea1e0ec0aa3236b80028f03a6d0aa))
+
+## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+### Bug Fixes
+
+* 修复复制到本机插件，pfx格式复制时报错的bug ([f57116d](https://github.com/certd/certd/commit/f57116d2bebf33e47ad93e0b39c4efe8e4aea25c))
+
+## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+### Performance Improvements
+
+* 优化acme sdk ([54db744](https://github.com/certd/certd/commit/54db74428259de64d12230c2ab7353ae11197bbc))
+* 支持http校验方式申请证书 ([405591c](https://github.com/certd/certd/commit/405591c5d08fa1a3b228ee3980199e7731cfec4a))
+* http校验方式，支持七牛云oss、阿里云oss、腾讯云cos ([3f74d4d](https://github.com/certd/certd/commit/3f74d4d9e5f5d0e629b44cff1895b3f7a8fbcafc))
+
+## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+# [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+### Bug Fixes
+
+* 修复左侧菜单收起时无法展开子菜单的bug ([0056223](https://github.com/certd/certd/commit/005622307e612717a5408aa1484717ef03003a22))
+
+### Performance Improvements
+
+* 调整创建证书表单字段的顺序 ([d393521](https://github.com/certd/certd/commit/d3935219f2aa50d6662c5b5ebf7ee25ad696ab2b))
+* 优化证书申请跳过的状态显示，成功通知现在在跳过时不会发送 ([67d762b](https://github.com/certd/certd/commit/67d762b6a520f1fa24719a124e5ae975a81f5f82))
+* 站点证书监控通知发送，每天定时检查 ([bb4910f](https://github.com/certd/certd/commit/bb4910f4e57234e42b44505f4620ae7af66025c5))
+* 支持一体证书 ([53c38cf](https://github.com/certd/certd/commit/53c38cf714a6f7486abbf1d71c9f48f56a790100))
+
+## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+### Bug Fixes
+
+* 修复没有配置eab时，报order无法读取的问题 ([657a2ae](https://github.com/certd/certd/commit/657a2ae032e6f61ac27fbdd26c7bf169c041219e))
+
+### Performance Improvements
+
+* 通知标题优化 ([ff083ce](https://github.com/certd/certd/commit/ff083ce6848a8bee3c8248e4b881086ae1517c28))
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Features
+
+* 手机号登录、邮箱验证码注册 ([7b55337](https://github.com/certd/certd/commit/7b55337c5edb470cca7aa62201eda8d274784004))
+
+### Performance Improvements
+
+* 部署到IIS插件 ([1534f45](https://github.com/certd/certd/commit/1534f4523633265d219d7b3a249a9ea1af99c512))
+* 选项显示图标 ([aedc462](https://github.com/certd/certd/commit/aedc46213571a3bd93809b7af7fa17a08d546237))
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+
 ## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
 
 **Note:** Version bump only for package @certd/plugin-cert

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.27.9",
+  "version": "1.30.2",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -15,9 +15,10 @@
     "preview": "vite preview"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.27.9",
-    "@certd/basic": "^1.27.9",
-    "@certd/pipeline": "^1.27.9",
+    "@certd/acme-client": "^1.30.2",
+    "@certd/basic": "^1.30.2",
+    "@certd/pipeline": "^1.30.2",
+    "@certd/plugin-lib": "^1.30.2",
     "@google-cloud/publicca": "^1.3.0",
     "dayjs": "^1.11.7",
     "jszip": "^3.10.1",
@@ -40,5 +41,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ff1d7b115ad211e65fdbbcb625837aa7cc911cfd"
+  "gitHead": "089825d3602440188392f7018d0eb9038617c1d6"
 }

packages/plugins/plugin-cert/src/access/eab-access.ts

@@ -4,6 +4,7 @@ import { IsAccess, AccessInput, BaseAccess } from "@certd/pipeline";
   name: "eab",
   title: "EAB授权",
   desc: "ZeroSSL证书申请需要EAB授权",
+  icon: "ic:outline-lock",
 })
 export class EabAccess extends BaseAccess {
   @AccessInput({

packages/plugins/plugin-cert/src/access/google-access.ts

@@ -4,6 +4,7 @@ import { IsAccess, AccessInput, BaseAccess } from "@certd/pipeline";
   name: "google",
   title: "google cloud",
   desc: "谷歌云授权",
+  icon: "flat-color-icons:google",
 })
 export class GoogleAccess extends BaseAccess {
   @AccessInput({

packages/plugins/plugin-cert/src/dns-provider/api.ts

@@ -3,6 +3,7 @@ import { IAccess, Registrable } from "@certd/pipeline";
 
 export type DnsProviderDefine = Registrable & {
   accessType: string;
+  icon?: string;
   autowire?: {
     [key: string]: any;
   };