v1.31.1

build: prepare to build
build: trigger build image
2026-04-05 15:38:11 +08:00 · 2025-03-11 23:32:00 +08:00 · 2025-03-11 23:29:21 +08:00 · 2025-03-11 23:27:04 +08:00 · 2025-03-11 23:23:44 +08:00 · 2025-03-11 23:22:44 +08:00
1048 changed files with 76433 additions and 2290 deletions
--- a/.github/workflows/build-image.yml
+++ b/.github/workflows/build-image.yml
@@ -91,14 +91,14 @@ jobs:
 #            greper/certd:armv7
 #            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
-      - name: Build agent
+#      - name: Build agent
-        uses: docker/build-push-action@v6
+#        uses: docker/build-push-action@v6
-        with:
+#        with:
-          platforms: linux/amd64,linux/arm64
+#          platforms: linux/amd64,linux/arm64
-          push: true
+#          push: true
-          context: ./packages/ui/agent/
+#          context: ./packages/ui/agent/
-          tags: |
+#          tags: |
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:latest
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:latest
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
-            greper/certd-agent:latest
+#            greper/certd-agent:latest
-            greper/certd-agent:${{steps.get_certd_version.outputs.result}}
+#            greper/certd-agent:${{steps.get_certd_version.outputs.result}}
--- a/.gitignore
+++ b/.gitignore
@@ -21,7 +21,7 @@ gen
 /packages/ui/*/.idea
 /packages/ui/*/node_modules
 /packages/*/node_modules
-/pnpm-lock.yaml
+#/pnpm-lock.yaml
 tsconfig.tsbuildinfo
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,199 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.31.1](https://github.com/certd/certd/compare/v1.31.0...v1.31.1) (2025-03-11)
 ### Performance Improvements
 * 一些手机端适配优化 ([5b8d5dd](https://github.com/certd/certd/commit/5b8d5dd97536456a9d5d1384216eac1093b2dc3d))
 # [1.31.0](https://github.com/certd/certd/compare/v1.30.6...v1.31.0) (2025-03-10)
 ### Bug Fixes
 * 修复CDN插件我爱云因更换接口导致部署失败的问题 ([5641c19](https://github.com/certd/certd/commit/5641c19502970f67af19709bddf8c781b1a25bdc))
 * 修复CDN插件我爱云因更换接口导致部署失败的问题 ([0110dfd](https://github.com/certd/certd/commit/0110dfdb70b12dfb0a7a067717f3773ed75aae7c))
 * 修复webhook headers value中带等号是解析错误的bug ([1fe3365](https://github.com/certd/certd/commit/1fe3365e10c464c4c60c82f424cf74fe35b883e0))
 * ProxmoxUploadCert 增加强制部署证书 ([441b15e](https://github.com/certd/certd/commit/441b15ed2fe5a143a5bd5508613b3816ddbff596))
 ### Performance Improvements
 * 历史记录查看详情，可以切换到对应的历史记录日志上去 ([082802e](https://github.com/certd/certd/commit/082802e1197156837800f814728ee0f6b300b18c))
 * 流水线同一个阶段任务优化为并行执行 ([efa9c74](https://github.com/certd/certd/commit/efa9c748c5c07fc950af3db742ef9310f1ac9a4b))
 * 升级midwayjs版本 ([057b0b4](https://github.com/certd/certd/commit/057b0b4565e19bb93195633f767b2942e8e40e59))
 * 是否允许爬虫爬取增加ui设置选项 ([779db9d](https://github.com/certd/certd/commit/779db9da705d2dfef36fec21f52bd38af9fc5f2e))
 * 通知支持钉钉群聊机器人 ([fc8bef5](https://github.com/certd/certd/commit/fc8bef5aae522d75d408d8c3aa74543269da5398))
 * 易支付支持固定支付方式，适合没有收银台版本使用 ([81df96b](https://github.com/certd/certd/commit/81df96bf4542ce8d8ef4a428a4460dd554e4719a))
 * 支持易盾RCDN部署 ([065713c](https://github.com/certd/certd/commit/065713cdb6953d16df08585c316c1a7a8eaec437))
 ## [1.30.6](https://github.com/certd/certd/compare/v1.30.5...v1.30.6) (2025-02-24)
 ### Performance Improvements
 * 禁止爬虫爬取本网站 ([5164116](https://github.com/certd/certd/commit/5164116bde60dabac774cdf94f5317ff386e95ca))
 * 上传到阿里云证书名称后缀增加毫秒时间戳 ([9f0ee21](https://github.com/certd/certd/commit/9f0ee219d02907ffe128a5cf10173397d934ccd7))
 * 支持部署到阿里云FC3.0 ([bcaf54d](https://github.com/certd/certd/commit/bcaf54d4cb7bc469486aae6cdb127ae017eb3abb))
 * 支持新版本LeCDN ([44d43f4](https://github.com/certd/certd/commit/44d43f45cb9094619df7494c2a64a51ba77ad116))
 ## [1.30.5](https://github.com/certd/certd/compare/v1.30.4...v1.30.5) (2025-02-14)
 **Note:** Version bump only for package root
 ## [1.30.4](https://github.com/certd/certd/compare/v1.30.3...v1.30.4) (2025-02-14)
 ### Bug Fixes
 * 适配最新版1panel密码编码方式 ([78044c0](https://github.com/certd/certd/commit/78044c062e20cdd04f08baef9fb6745bf25eddcf))
 ## [1.30.3](https://github.com/certd/certd/compare/v1.30.2...v1.30.3) (2025-02-13)
 ### Bug Fixes
 * 修复腾讯云CLB多域名同证书部署报错的bug ([c3a5542](https://github.com/certd/certd/commit/c3a55429357e78f4b78c9592d3e5897db2d4d549))
 * 修复新版本1panel密码需要加密，无法登录的问题 ([ada0b71](https://github.com/certd/certd/commit/ada0b7106e97e551783829e4e719f76793a7123d))
 ## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
 ### Bug Fixes
 * 当前置任务被删除时进行校验 ([c89686a](https://github.com/certd/certd/commit/c89686a2fda251484930f0ae715417b618c21690))
 * 修复cloudflare删除解析记录报错的bug ([00c2da4](https://github.com/certd/certd/commit/00c2da444f84adb89f3f1226d03294d7c6e3e4f1))
 ### Performance Improvements
 * 上传自定义证书 ([75a38d9](https://github.com/certd/certd/commit/75a38d95f305b4271d9106babe7cffc1c89ae8f3))
 ## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
 ### Bug Fixes
 * 修复部署到阿里云ALB、NLB插件加载混乱的bug ([6ab83b6](https://github.com/certd/certd/commit/6ab83b662a2c5e715b9cb7eb1244de2ebb7f47b0))
 * 修复腾讯clb重复执行会报错的bug ([e95d29f](https://github.com/certd/certd/commit/e95d29f446d06eced315a3087fc9e105a30b20bd))
 * 修复tg消息内容中存在.和*就会发送失败的bug ([ae5dfc3](https://github.com/certd/certd/commit/ae5dfc3bee950267123ae2fbd1c11e7ce36626ea))
 ### Performance Improvements
 * 创建流水线时，默认成功时也发送通知 ([52ae690](https://github.com/certd/certd/commit/52ae6902d203ca56e0312692b50c55cb6ddd3e39))
 * http方式校验，选择sftp时，支持修改文件访问权限比如777 ([15d6eaf](https://github.com/certd/certd/commit/15d6eaf5532ed25acd4f8d58c429353a2f44206c))
 # [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
 ### Bug Fixes
 * 修复查看任务日志偶发性无法自动滚动底部的bug ([7e482f7](https://github.com/certd/certd/commit/7e482f798c0142bce1866f84676cb40210f9638a))
 * 修复namesilo ttl太短的问题 ([865f26d](https://github.com/certd/certd/commit/865f26d75c0d3dd4dc8b41448f8830068e45957c))
 ### Features
 * 支持open api接口，根据域名获取证书 ([52a4fd3](https://github.com/certd/certd/commit/52a4fd33180e9b3f71b8dc9f7671d7cd8e448c3b))
 ### Performance Improvements
 * 证书仓库 ([91e7f45](https://github.com/certd/certd/commit/91e7f45a1c5ea1e0ec0aa3236b80028f03a6d0aa))
 * 支持部署到阿里云ALB ([653940a](https://github.com/certd/certd/commit/653940a0ca64fc380178c1b0b58ae0af64dfaf07))
 * 支持部署到阿里云NLB、SLB ([c085bac](https://github.com/certd/certd/commit/c085bac5d877c4250a8a79e17eb8673b8e4fc89c))
 * 支持部署到腾讯云直播 ([417d37b](https://github.com/certd/certd/commit/417d37b199b79a42f790f9edab8f178eedf8fbf7))
 * 支持部署证书到proxmox ([d10795e](https://github.com/certd/certd/commit/d10795ecd97eb8cf2ffa46aabfdbfc6812636396))
 ## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
 ### Bug Fixes
 * 修复复制到本机插件，pfx格式复制时报错的bug ([f57116d](https://github.com/certd/certd/commit/f57116d2bebf33e47ad93e0b39c4efe8e4aea25c))
 * 修复授权管理，点击了查看原文按钮后，无法修改值的bug ([85c99f7](https://github.com/certd/certd/commit/85c99f7f80761ac6efaf3255c03b933442db1686))
 ## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
 ### Bug Fixes
 * 修复站点监控域名校验无法通过的bug ([1cb4a53](https://github.com/certd/certd/commit/1cb4a539cc523721ffd4b22d40d0e3d2d68cd915))
 ### Performance Improvements
 * 优化腾讯云CLB插件，支持非sni情况，sni情况支持填写多个域名 ([635b042](https://github.com/certd/certd/commit/635b042690637bff85e97e07c7aac4b87a8a124b))
 ## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
 ### Bug Fixes
 * 修复系统级授权无法查看密钥的bug ([8644348](https://github.com/certd/certd/commit/8644348fc41ae2e1672f946ca37e5d3a674e0218))
 ### Performance Improvements
 * 优化站点证书检查页面，检查增加3次重试 ([e6dd7cd](https://github.com/certd/certd/commit/e6dd7cd54a3e23897031b5df6e0c3cdc0545d35a))
 * 优化acme sdk ([54db744](https://github.com/certd/certd/commit/54db74428259de64d12230c2ab7353ae11197bbc))
 * 支持http校验方式申请证书 ([405591c](https://github.com/certd/certd/commit/405591c5d08fa1a3b228ee3980199e7731cfec4a))
 * http校验方式，支持七牛云oss、阿里云oss、腾讯云cos ([3f74d4d](https://github.com/certd/certd/commit/3f74d4d9e5f5d0e629b44cff1895b3f7a8fbcafc))
 ## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
 ### Bug Fixes
 * 修复套餐关闭状态下，仍然限制用户流水线数量的bug ([66fb9e5](https://github.com/certd/certd/commit/66fb9e5f49491f9c159363b48af14720a37673b1))
 ## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
 ### Bug Fixes
 * 免费套餐支持购买 ([f5ec987](https://github.com/certd/certd/commit/f5ec9870fd6af1f0c9099852bbdb4d07813ccce8))
 * 修复某处金额转换丢失精度的bug ([d2d6f12](https://github.com/certd/certd/commit/d2d6f12218cbe7bd55f4ae082b93084be85f0a7b))
 * 修复新版本小红点显示错误问题 ([fe4786e](https://github.com/certd/certd/commit/fe4786e168afe03a5243dd67971476c348339809))
 ### Performance Improvements
 * 用户创建证书流水线没有购买套餐或者超限时提前报错 ([472f06c](https://github.com/certd/certd/commit/472f06c2d190d0ae48e8b53c18bc278437656a1c))
 * 优化插件名称显示 ([26adf7d](https://github.com/certd/certd/commit/26adf7d437e674385f26a8f92fded6521a620671))
 # [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
 ### Bug Fixes
 * 修复手机模式下，查询框被文字遮盖的bug ([040788c](https://github.com/certd/certd/commit/040788c793642c3bb2a3ede87fe30fcf3be471bd))
 * 修复左侧菜单收起时无法展开子菜单的bug ([0056223](https://github.com/certd/certd/commit/005622307e612717a5408aa1484717ef03003a22))
 ### Features
 * 基础版不再限制流水线数量 ([cb27d4b](https://github.com/certd/certd/commit/cb27d4b4906b2782eaceb0a95bbdc5d0534370d2))
 * 套餐购买支持易支付、支付宝支付 ([faa28f8](https://github.com/certd/certd/commit/faa28f88f954cba4c1dd29125562e5acd2fd99af))
 * 用户套餐，用户支付功能 ([a019956](https://github.com/certd/certd/commit/a019956698acaf2c4beb620b5ad8c18918ead6a1))
 * 站点证书监控 ([9c8c7a7](https://github.com/certd/certd/commit/9c8c7a781223f4217f45510db1e89495600e3cd5))
 * 支持微信支付 ([45d6347](https://github.com/certd/certd/commit/45d6347f5b6199493b11aabdd74177f6dca2cea4))
 ### Performance Improvements
 * 调整创建证书表单字段的顺序 ([d393521](https://github.com/certd/certd/commit/d3935219f2aa50d6662c5b5ebf7ee25ad696ab2b))
 * 同一时间只允许一个套餐生效 ([8ebf95a](https://github.com/certd/certd/commit/8ebf95a222a900d1707716c7b1f3b39f8a6d8f94))
 * 用户名支持修改 ([89c7f07](https://github.com/certd/certd/commit/89c7f070343e86453c84677ebe1669f9b266d871))
 * 优化证书申请跳过的状态显示，成功通知现在在跳过时不会发送 ([67d762b](https://github.com/certd/certd/commit/67d762b6a520f1fa24719a124e5ae975a81f5f82))
 * 站点证书监控通知发送，每天定时检查 ([bb4910f](https://github.com/certd/certd/commit/bb4910f4e57234e42b44505f4620ae7af66025c5))
 * 支持一体证书 ([53c38cf](https://github.com/certd/certd/commit/53c38cf714a6f7486abbf1d71c9f48f56a790100))
 * 支持plesk网站证书部署 ([eda45c1](https://github.com/certd/certd/commit/eda45c1528199648b3970505e87f492d398226cd))
 ## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
 ### Bug Fixes
 * 修复证书成功通知发送失败的bug ([0f5c690](https://github.com/certd/certd/commit/0f5c69040ba77340c909813220a26bc7ddada3ea))
 ### Performance Improvements
 * 群晖支持6.x ([79f7ec4](https://github.com/certd/certd/commit/79f7ec4672f4fd5744cc45e4a6f104da943f4026))
 ## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
 ### Bug Fixes
 * 修复没有配置eab时，报order无法读取的问题 ([657a2ae](https://github.com/certd/certd/commit/657a2ae032e6f61ac27fbdd26c7bf169c041219e))
 * 修复授权被删除后，无法清空的bug ([b45977c](https://github.com/certd/certd/commit/b45977c29a29084c11e496bec3415eaaebafdd74))
 * mysql下access.setting字段改成text ([b7f5740](https://github.com/certd/certd/commit/b7f5740c57743914f754f3b4fdd94b59a2e8338c))
 ### Performance Improvements
 * 点击版本红点按钮，跳转到升级帮助页面 ([454fbda](https://github.com/certd/certd/commit/454fbda581bbe22abca5b91e5086ea9d9d58a020))
 * 通知标题优化 ([ff083ce](https://github.com/certd/certd/commit/ff083ce6848a8bee3c8248e4b881086ae1517c28))
 * 支持腾讯虚拟机开关机([@wujingke](https://github.com/wujingke)) ([8039e8b](https://github.com/certd/certd/commit/8039e8baf83c82d03f1a6198cf61c372026b962b))
 * 支持aws cloudfront ([0ae39f1](https://github.com/certd/certd/commit/0ae39f160a7c6b6696b3bf513d68aa28905810ad))
 ## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
 ### Bug Fixes
--- a/README.md
+++ b/README.md
@@ -9,15 +9,22 @@ Certd 是一个免费全自动申请和自动部署更新SSL证书的管理系
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
 * 全自动申请证书（支持所有注册商注册的域名）
-* 全自动部署更新证书（目前支持部署到主机、部署到阿里云、腾讯云等，目前已支持30+部署插件）
+* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等，目前已支持60+部署插件）
 * 支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式
 * 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
-* 邮件通知
+* 邮件通知、webhook通知
-* 私有化部署，数据保存本地，镜像由Github Actions构建，过程公开透明
+* 私有化部署，数据保存本地，授权信息加密存储，镜像由Github Actions构建，过程公开透明
-* 支持sqlite，postgresql数据库
+* 支持SQLite，PostgreSQL、MySQL数据库
 >
 > 流水线数量现已调整为无限制，欢迎大家使用
 >
 > 关于证书续期：
 >* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
 >* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
 ## 二、在线体验
 官方Demo地址，自助注册后体验    
@@ -86,11 +93,13 @@ https://certd.handfree.work/
 ## 五、 升级
-如果使用固定版本号
+
 ### docker-compose方式部署
 #### 1. 如果使用固定版本号
 1. 修改`docker-compose.yaml`中的镜像版本号
 2. 运行`docker compose up -d` 即可
-如果使用`latest`版本
+#### 2. 如果需要使用最新版本
 ```shell
 #重新拉取镜像
 docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
@@ -98,19 +107,54 @@ docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
 docker compose down
 docker compose up -d
 ```
 > 数据默认存在`/data/certd`目录下，不用担心数据丢失
-> 数据默认存在`/data/certd`目录下，不用担心数据丢失   
+### 自动升级(仅限尝鲜建议非生产使用)
 ```yaml
 version: '3.3'
 services:
  certd:
    image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
    container_name: certd
    restart: unless-stopped
    volumes:
      - /data/certd:/app/data
    ports:
      - "7001:7001"
      - "7002:7002"
    environment:
      - certd_system_resetAdminPasswd=false
    labels:
      com.centurylinklabs.watchtower.enable: "true"
  certd-updater:  # 添加 Watchtower 服务
    image: containrrr/watchtower:latest
    container_name: certd-updater
    restart: unless-stopped
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    # 配置 自动更新
    environment:
      - WATCHTOWER_CLEANUP=true            # 自动清理旧版本容器
      - WATCHTOWER_INCLUDE_STOPPED=false   # 不更新已停止的容器
      - WATCHTOWER_LABEL_ENABLE=true       # 根据容器标签进行更新
      - WATCHTOWER_POLL_INTERVAL=300       # 每 5 分钟检查一次更新
 ```
 ### 其他部署方式升级方法
 请参考 https://certd.docmirror.cn/guide/install/upgrade.html
-更新日志： [CHANGELOG](./CHANGELOG.md)
+
 ###  更新日志：
 [CHANGELOG](./CHANGELOG.md)
 ## 六、一些说明
 * 本项目ssl证书提供商为letencrypt/Google/ZeroSSL
 * 申请过程遵循acme协议
 * 需要验证域名所有权，一般有两种方式（目前本项目仅支持dns-01）
  * http-01： 在网站根目录下放置一份txt文件
  * dns-01： 需要给域名添加txt解析记录，通配符域名只能用这种方式
 * 证书续期：
  * 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
  * 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
@@ -155,12 +199,14 @@ https://afdian.com/a/greper
 专业版特权对比
-| 功能      | 免费版               | 专业版                   |
+| 功能   | 基础版             | 专业版               |
-|---------|-------------------|-----------------------|
+|------|-----------------|-------------------|
-| 免费证书申请  | 免费无限制             | 免费无限制                 |
+| 免费证书申请 | 免费无限制           | 无限制               |
-| 自动部署插件  | 阿里云、腾讯云、七牛云、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中 |
+| 域名数量 | 免费无限制           | 无限制               |
-| 发邮件功能   | 需要配置              | 免配置                   |
+| 证书流水线条数 | 免费无限制           | 无限制               |
-| 证书流水线条数 | 10条               | 无限制                   |
+| 站点证书监控 | 1条              | 无限制               |
 | 自动部署插件 | 阿里云、腾讯云、七牛云、SSH | 支持群晖、宝塔、1Panel等，持续开发中 |
 | 通知   | 邮件、webhook      | server酱、企微、anpush等 |
 ************************
--- a/build.trigger
+++ b/build.trigger
@@ -1 +1 @@
-01:55
+23:27
--- a/docker/run/docker-compose.yaml
+++ b/docker/run/docker-compose.yaml
@@ -1,15 +1,16 @@
 version: '3.3' # 兼容旧版docker-compose
 services:
  certd:
-    # 镜像                                                  #  ↓↓↓↓↓ ---- 镜像版本号，建议改成固定版本号
+    # 镜像                                                  #  ↓↓↓↓↓ ---- 镜像版本号，建议改成固定版本号,例如：certd:1.29.0
    image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
    container_name: certd # 容器名
    restart: unless-stopped # 自动重启
    volumes:
      #   ↓↓↓↓↓ -------------------------------------------------------- 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下，【您需要定时备份此目录，以保障数据容灾】
      #                                                                  只要修改冒号前面的，冒号后面的/app/data不要动
      - /data/certd:/app/data
    ports: # 端口映射
-      #  ↓↓↓↓ ---------------------------------------------------------- 如果端口有冲突，可以修改第一个7001为其他不冲突的端口号
+      #  ↓↓↓↓ ---------------------------------------------------------- 如果端口有冲突，可以修改第一个7001为其他不冲突的端口号，第二个7001不要动
      - "7001:7001"
      #  ↓↓↓↓ ---------------------------------------------------------- https端口，可以根据实际情况，是否暴露该端口
      - "7002:7002"
@@ -25,14 +26,24 @@ services:
 #      - 8.8.4.4
 #    extra_hosts:
 #        # ↓↓↓↓ -------------------------------------------------------- 这里可以配置自定义hosts，外网域名可以指向本地局域网ip地址
-#      - "localdomain.comm:192.168.1.3"
+#      - "localdomain.com:192.168.1.3"
-
+#        #         ↓↓↓↓ ------------------------------------------------ 直接使用主机的网络，如果网络问题实在找不到原因，可以尝试打开此参数
 #    network_mode: host
    labels:
      com.centurylinklabs.watchtower.enable: "true"
 #    ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络，还需要把下面networks的注释放开
 #    networks:
 #      - ip6net
    environment:
 #     设置环境变量即可自定义certd配置
 #     配置项见： packages/ui/certd-server/src/config/config.default.ts
 #     配置规则： certd_ + 配置项, 点号用_代替
 #                                    #↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false
      - certd_system_resetAdminPasswd=false
 #     默认使用sqlite文件数据库，如果需要使用其他数据库，请设置以下环境变量
 #     注意： 选定使用一种数据库之后，不支持更换数据库。
 #     数据库迁移方法：1、使用新数据库重新部署一套，然后将旧数据同步过去，注意flyway_history表的数据不要同步
 #                                    #↓↓↓↓ ----------------------------- 使用postgresql数据库，需要提前创建数据库
 #      - certd_flyway_scriptDir=./db/migration-pg                        # 升级脚本目录
 #      - certd_typeorm_dataSource_default_type=postgres                  # 数据库类型
@@ -51,13 +62,22 @@ services:
 #      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
 #      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
 #         ↓↓↓↓ ---------------------------------------------------------  自动升级，上面certd的版本号要保持为latest
 #  certd-updater:  # 添加 Watchtower 服务
 #    image: containrrr/watchtower:latest
 #    container_name: certd-updater
 #    restart: unless-stopped
 #    volumes:
 #      - /var/run/docker.sock:/var/run/docker.sock
 #    # 配置 自动更新
 #    environment:
 #      - WATCHTOWER_CLEANUP=true            # 自动清理旧版本容器
 #      - WATCHTOWER_INCLUDE_STOPPED=false   # 不更新已停止的容器
 #      - WATCHTOWER_LABEL_ENABLE=true       # 根据容器标签进行更新
 #      - WATCHTOWER_POLL_INTERVAL=600       # 每 10 分钟检查一次更新
-
+#    ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络，还需要把上面networks的注释放开
 #    #↓↓↓↓ ------------------------------------------------------------- 启用ipv6网络
 #    networks:
 #      - ip6net
 #networks:
 #  ip6net:
 #    enable_ipv6: true
--- a/docs/.vitepress/config.ts
+++ b/docs/.vitepress/config.ts
@@ -57,6 +57,7 @@ export default defineConfig({
    nav: [
      { text: "首页", link: "/" },
      { text: "指南", link: "/guide/" },
      { text: "商业版", link: "/comm/" },
      { text: "Demo体验", link: "https://certd.handfree.work" }
    ],
    sidebar: {
@@ -76,15 +77,17 @@ export default defineConfig({
                { text: "源码部署", link: "/guide/install/source/" }
              ]
            },
-            { text: "演示教程", link: "/guide/tutorial.md" }
+            { text: "演示教程", link: "/guide/tutorial.md" },
-
+            { text: "版本升级", link: "/guide/install/upgrade.md" }
          ]
        },
        {
          text: "特性",
          items: [
            { text: "CNAME代理校验", link: "/guide/feature/cname/index.md" },
-            { text: "插件列表", link: "/guide/plugins.md" }
+            { text: "插件列表", link: "/guide/plugins.md" },
            { text: "多数据库支持", link: "/guide/install/database.md" },
            { text: "开放接口", link: "/guide/open/index.md" }
          ]
        },
        {
@@ -101,12 +104,12 @@ export default defineConfig({
            { text: "js脚本插件使用", link: "/guide/use/custom-script/index.md" },
            { text: "邮箱配置", link: "/guide/use/email/index.md" },
            { text: "IPv6支持", link: "/guide/use/setting/ipv6.md" },
            { text: "如何贡献代码", link: "/guide/development/index.md" },
          ]
        },
        {
          text: "其他",
          items: [
            { text: "贡献代码", link: "/guide/development/index.md" },
            { text: "更新日志", link: "/guide/changelogs/CHANGELOG.md" },
            { text: "镜像说明", link: "/guide/image.md" },
            { text: "联系我们", link: "/guide/contact/" },
@@ -116,8 +119,20 @@ export default defineConfig({
          ]
        }
      ],
      "/comm/": [
        {
          text: "商业版",
          items: [
            { text: "支付宝配置", link: "/comm/payments/alipay.md" },
            { text: "微信支付配置", link: "/comm/payments/wxpay.md" },
            { text: "彩虹易支付配置", link: "/comm/payments/yizhifu.md" },
          ]
        }
      ]
      ,
    },
    socialLinks: [
      { icon: "github", link: "https://github.com/certd/certd" }
    ],
--- a/docs/comm/images/index.png
+++ b/docs/comm/images/index.png
--- a/docs/comm/index.md
+++ b/docs/comm/index.md
@@ -0,0 +1,9 @@
 # 商业版文档
 ![](./images/index.png)
 ## 支付方式配置
 * [支付宝支付配置](./payments/alipay.md)
 * [微信支付配置](./payments/wxpay.md)
 * [彩虹易支付配置](./payments/yizhifu.md)
--- a/docs/comm/payments/alipay.md
+++ b/docs/comm/payments/alipay.md
@@ -0,0 +1,21 @@
 # 支付宝配置
 ## 配置步骤
 1. 创建应用，获取APPID
   * 登录支付宝开放平台，进入开发者中心，创建网页应用，获取应用的AppId（左上角复制）
   * 开发者中心：https://open.alipay.com/develop/manage
 2. 进入应用详情，选择开发设置，配置接口加签方式 （选择密钥类型）
   * 参考文档：https://opendocs.alipay.com/common/02kdnc?pathHash=fb0c752a
   * 此步骤完成后，可以获取应用的私钥、支付宝公钥。     
   * 注意：支付宝不会保存应用的私钥，你需要自己保管好私钥。
 3. 在Certd后台配置支付宝 
   * 进入“系统”->"设置"->“支付设置”
   * 启用支付宝，选择“支付宝配置”，点击添加
   * 填写支付宝AppId、应用私钥、支付宝公钥等信息即可。
--- a/docs/comm/payments/wxpay.md
+++ b/docs/comm/payments/wxpay.md
@@ -0,0 +1,27 @@
 # 微信支付配置
 ## 配置步骤
 1. 开通Native支付
   * 登录微信支付平台
   * 进入产品中心： https://pay.weixin.qq.com/index.php/extend/product/lists?tid=3
   * 选择开通Native支付
 2. 申请证书
   * 进入“账户中心”->“API安全”->“商户API证书”->“管理证书”
   * 根据指引生成证书
   * 得到私钥和公钥
 3. 填写APIv3密钥
   * 进入“账户中心”->“API安全”->“解密回调”
   * 填写APIv3密钥 
   * 参考文档 https://kf.qq.com/faq/180830E36vyQ180830AZFZvu.html
 4. 在Certd后台配置微信支付
   * 进入“系统”->"设置"->“支付设置”
   * 启用微信支付，选择“微信支付配置”，点击添加
   * 填写微信支付商户号、证书私钥、证书公钥、APIv3密钥即可。
--- a/docs/comm/payments/yizhifu.md
+++ b/docs/comm/payments/yizhifu.md
@@ -0,0 +1,19 @@
 # 彩虹易支付配置
 彩虹易支付是一款非常流行的php聚合支付系统。
 ## 配置步骤
 1. 获取商户ID、商户密钥
   * 登录彩虹易支付平台
   * 进入用户中心：https://xxxxxx.com/user/userinfo.php?mod=api
   * 点击API信息
   * 可以复制：接口地址、商户ID、商户密钥（key）
   * 点击查看文档，了解支持的签名类型，一般为MD5
 2. 进入Certd后台配置彩虹易支付
   * 进入“系统”->"设置"->“支付设置”
   * 启用彩虹易支付，选择“彩虹易支付配置”，点击添加
   * 填写接口地址、商户ID、商户密钥、签名方式等信息即可。
--- a/docs/guide/changelogs/CHANGELOG.md
+++ b/docs/guide/changelogs/CHANGELOG.md
@@ -3,6 +3,205 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 # [1.31.0](https://github.com/certd/certd/compare/v1.30.6...v1.31.0) (2025-03-10)
 ### Bug Fixes
 * 修复CDN插件我爱云因更换接口导致部署失败的问题 ([5641c19](https://github.com/certd/certd/commit/5641c19502970f67af19709bddf8c781b1a25bdc))
 * 修复CDN插件我爱云因更换接口导致部署失败的问题 ([0110dfd](https://github.com/certd/certd/commit/0110dfdb70b12dfb0a7a067717f3773ed75aae7c))
 * 修复webhook headers value中带等号是解析错误的bug ([1fe3365](https://github.com/certd/certd/commit/1fe3365e10c464c4c60c82f424cf74fe35b883e0))
 * ProxmoxUploadCert 增加强制部署证书 ([441b15e](https://github.com/certd/certd/commit/441b15ed2fe5a143a5bd5508613b3816ddbff596))
 ### Performance Improvements
 * 历史记录查看详情，可以切换到对应的历史记录日志上去 ([082802e](https://github.com/certd/certd/commit/082802e1197156837800f814728ee0f6b300b18c))
 * 流水线同一个阶段任务优化为并行执行 ([efa9c74](https://github.com/certd/certd/commit/efa9c748c5c07fc950af3db742ef9310f1ac9a4b))
 * 升级midwayjs版本 ([057b0b4](https://github.com/certd/certd/commit/057b0b4565e19bb93195633f767b2942e8e40e59))
 * 是否允许爬虫爬取增加ui设置选项 ([779db9d](https://github.com/certd/certd/commit/779db9da705d2dfef36fec21f52bd38af9fc5f2e))
 * 通知支持钉钉群聊机器人 ([fc8bef5](https://github.com/certd/certd/commit/fc8bef5aae522d75d408d8c3aa74543269da5398))
 * 易支付支持固定支付方式，适合没有收银台版本使用 ([81df96b](https://github.com/certd/certd/commit/81df96bf4542ce8d8ef4a428a4460dd554e4719a))
 * 支持易盾RCDN部署 ([065713c](https://github.com/certd/certd/commit/065713cdb6953d16df08585c316c1a7a8eaec437))
 ## [1.30.6](https://github.com/certd/certd/compare/v1.30.5...v1.30.6) (2025-02-24)
 ### Performance Improvements
 * 禁止爬虫爬取本网站 ([5164116](https://github.com/certd/certd/commit/5164116bde60dabac774cdf94f5317ff386e95ca))
 * 上传到阿里云证书名称后缀增加毫秒时间戳 ([9f0ee21](https://github.com/certd/certd/commit/9f0ee219d02907ffe128a5cf10173397d934ccd7))
 * 支持部署到阿里云FC3.0 ([bcaf54d](https://github.com/certd/certd/commit/bcaf54d4cb7bc469486aae6cdb127ae017eb3abb))
 * 支持新版本LeCDN ([44d43f4](https://github.com/certd/certd/commit/44d43f45cb9094619df7494c2a64a51ba77ad116))
 ## [1.30.5](https://github.com/certd/certd/compare/v1.30.4...v1.30.5) (2025-02-14)
 **Note:** Version bump only for package root
 ## [1.30.4](https://github.com/certd/certd/compare/v1.30.3...v1.30.4) (2025-02-14)
 ### Bug Fixes
 * 适配最新版1panel密码编码方式 ([78044c0](https://github.com/certd/certd/commit/78044c062e20cdd04f08baef9fb6745bf25eddcf))
 ## [1.30.3](https://github.com/certd/certd/compare/v1.30.2...v1.30.3) (2025-02-13)
 ### Bug Fixes
 * 修复腾讯云CLB多域名同证书部署报错的bug ([c3a5542](https://github.com/certd/certd/commit/c3a55429357e78f4b78c9592d3e5897db2d4d549))
 * 修复新版本1panel密码需要加密，无法登录的问题 ([ada0b71](https://github.com/certd/certd/commit/ada0b7106e97e551783829e4e719f76793a7123d))
 ## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
 ### Bug Fixes
 * 当前置任务被删除时进行校验 ([c89686a](https://github.com/certd/certd/commit/c89686a2fda251484930f0ae715417b618c21690))
 * 修复cloudflare删除解析记录报错的bug ([00c2da4](https://github.com/certd/certd/commit/00c2da444f84adb89f3f1226d03294d7c6e3e4f1))
 ### Performance Improvements
 * 上传自定义证书 ([75a38d9](https://github.com/certd/certd/commit/75a38d95f305b4271d9106babe7cffc1c89ae8f3))
 ## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
 ### Bug Fixes
 * 修复部署到阿里云ALB、NLB插件加载混乱的bug ([6ab83b6](https://github.com/certd/certd/commit/6ab83b662a2c5e715b9cb7eb1244de2ebb7f47b0))
 * 修复腾讯clb重复执行会报错的bug ([e95d29f](https://github.com/certd/certd/commit/e95d29f446d06eced315a3087fc9e105a30b20bd))
 * 修复tg消息内容中存在.和*就会发送失败的bug ([ae5dfc3](https://github.com/certd/certd/commit/ae5dfc3bee950267123ae2fbd1c11e7ce36626ea))
 ### Performance Improvements
 * 创建流水线时，默认成功时也发送通知 ([52ae690](https://github.com/certd/certd/commit/52ae6902d203ca56e0312692b50c55cb6ddd3e39))
 * http方式校验，选择sftp时，支持修改文件访问权限比如777 ([15d6eaf](https://github.com/certd/certd/commit/15d6eaf5532ed25acd4f8d58c429353a2f44206c))
 # [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
 ### Bug Fixes
 * 修复查看任务日志偶发性无法自动滚动底部的bug ([7e482f7](https://github.com/certd/certd/commit/7e482f798c0142bce1866f84676cb40210f9638a))
 * 修复namesilo ttl太短的问题 ([865f26d](https://github.com/certd/certd/commit/865f26d75c0d3dd4dc8b41448f8830068e45957c))
 ### Features
 * 支持open api接口，根据域名获取证书 ([52a4fd3](https://github.com/certd/certd/commit/52a4fd33180e9b3f71b8dc9f7671d7cd8e448c3b))
 ### Performance Improvements
 * 证书仓库 ([91e7f45](https://github.com/certd/certd/commit/91e7f45a1c5ea1e0ec0aa3236b80028f03a6d0aa))
 * 支持部署到阿里云ALB ([653940a](https://github.com/certd/certd/commit/653940a0ca64fc380178c1b0b58ae0af64dfaf07))
 * 支持部署到阿里云NLB、SLB ([c085bac](https://github.com/certd/certd/commit/c085bac5d877c4250a8a79e17eb8673b8e4fc89c))
 * 支持部署到腾讯云直播 ([417d37b](https://github.com/certd/certd/commit/417d37b199b79a42f790f9edab8f178eedf8fbf7))
 * 支持部署证书到proxmox ([d10795e](https://github.com/certd/certd/commit/d10795ecd97eb8cf2ffa46aabfdbfc6812636396))
 ## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
 ### Bug Fixes
 * 修复复制到本机插件，pfx格式复制时报错的bug ([f57116d](https://github.com/certd/certd/commit/f57116d2bebf33e47ad93e0b39c4efe8e4aea25c))
 * 修复授权管理，点击了查看原文按钮后，无法修改值的bug ([85c99f7](https://github.com/certd/certd/commit/85c99f7f80761ac6efaf3255c03b933442db1686))
 ## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
 ### Bug Fixes
 * 修复站点监控域名校验无法通过的bug ([1cb4a53](https://github.com/certd/certd/commit/1cb4a539cc523721ffd4b22d40d0e3d2d68cd915))
 ### Performance Improvements
 * 优化腾讯云CLB插件，支持非sni情况，sni情况支持填写多个域名 ([635b042](https://github.com/certd/certd/commit/635b042690637bff85e97e07c7aac4b87a8a124b))
 ## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
 ### Bug Fixes
 * 修复系统级授权无法查看密钥的bug ([8644348](https://github.com/certd/certd/commit/8644348fc41ae2e1672f946ca37e5d3a674e0218))
 ### Performance Improvements
 * 优化站点证书检查页面，检查增加3次重试 ([e6dd7cd](https://github.com/certd/certd/commit/e6dd7cd54a3e23897031b5df6e0c3cdc0545d35a))
 * 优化acme sdk ([54db744](https://github.com/certd/certd/commit/54db74428259de64d12230c2ab7353ae11197bbc))
 * 支持http校验方式申请证书 ([405591c](https://github.com/certd/certd/commit/405591c5d08fa1a3b228ee3980199e7731cfec4a))
 * http校验方式，支持七牛云oss、阿里云oss、腾讯云cos ([3f74d4d](https://github.com/certd/certd/commit/3f74d4d9e5f5d0e629b44cff1895b3f7a8fbcafc))
 ## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
 ### Bug Fixes
 * 修复套餐关闭状态下，仍然限制用户流水线数量的bug ([66fb9e5](https://github.com/certd/certd/commit/66fb9e5f49491f9c159363b48af14720a37673b1))
 ## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
 ### Bug Fixes
 * 免费套餐支持购买 ([f5ec987](https://github.com/certd/certd/commit/f5ec9870fd6af1f0c9099852bbdb4d07813ccce8))
 * 修复某处金额转换丢失精度的bug ([d2d6f12](https://github.com/certd/certd/commit/d2d6f12218cbe7bd55f4ae082b93084be85f0a7b))
 * 修复新版本小红点显示错误问题 ([fe4786e](https://github.com/certd/certd/commit/fe4786e168afe03a5243dd67971476c348339809))
 ### Performance Improvements
 * 用户创建证书流水线没有购买套餐或者超限时提前报错 ([472f06c](https://github.com/certd/certd/commit/472f06c2d190d0ae48e8b53c18bc278437656a1c))
 * 优化插件名称显示 ([26adf7d](https://github.com/certd/certd/commit/26adf7d437e674385f26a8f92fded6521a620671))
 # [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
 ### Bug Fixes
 * 修复手机模式下，查询框被文字遮盖的bug ([040788c](https://github.com/certd/certd/commit/040788c793642c3bb2a3ede87fe30fcf3be471bd))
 * 修复左侧菜单收起时无法展开子菜单的bug ([0056223](https://github.com/certd/certd/commit/005622307e612717a5408aa1484717ef03003a22))
 ### Features
 * 基础版不再限制流水线数量 ([cb27d4b](https://github.com/certd/certd/commit/cb27d4b4906b2782eaceb0a95bbdc5d0534370d2))
 * 套餐购买支持易支付、支付宝支付 ([faa28f8](https://github.com/certd/certd/commit/faa28f88f954cba4c1dd29125562e5acd2fd99af))
 * 用户套餐，用户支付功能 ([a019956](https://github.com/certd/certd/commit/a019956698acaf2c4beb620b5ad8c18918ead6a1))
 * 站点证书监控 ([9c8c7a7](https://github.com/certd/certd/commit/9c8c7a781223f4217f45510db1e89495600e3cd5))
 * 支持微信支付 ([45d6347](https://github.com/certd/certd/commit/45d6347f5b6199493b11aabdd74177f6dca2cea4))
 ### Performance Improvements
 * 调整创建证书表单字段的顺序 ([d393521](https://github.com/certd/certd/commit/d3935219f2aa50d6662c5b5ebf7ee25ad696ab2b))
 * 同一时间只允许一个套餐生效 ([8ebf95a](https://github.com/certd/certd/commit/8ebf95a222a900d1707716c7b1f3b39f8a6d8f94))
 * 用户名支持修改 ([89c7f07](https://github.com/certd/certd/commit/89c7f070343e86453c84677ebe1669f9b266d871))
 * 优化证书申请跳过的状态显示，成功通知现在在跳过时不会发送 ([67d762b](https://github.com/certd/certd/commit/67d762b6a520f1fa24719a124e5ae975a81f5f82))
 * 站点证书监控通知发送，每天定时检查 ([bb4910f](https://github.com/certd/certd/commit/bb4910f4e57234e42b44505f4620ae7af66025c5))
 * 支持一体证书 ([53c38cf](https://github.com/certd/certd/commit/53c38cf714a6f7486abbf1d71c9f48f56a790100))
 * 支持plesk网站证书部署 ([eda45c1](https://github.com/certd/certd/commit/eda45c1528199648b3970505e87f492d398226cd))
 ## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
 ### Bug Fixes
 * 修复证书成功通知发送失败的bug ([0f5c690](https://github.com/certd/certd/commit/0f5c69040ba77340c909813220a26bc7ddada3ea))
 ### Performance Improvements
 * 群晖支持6.x ([79f7ec4](https://github.com/certd/certd/commit/79f7ec4672f4fd5744cc45e4a6f104da943f4026))
 ## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
 ### Bug Fixes
 * 修复没有配置eab时，报order无法读取的问题 ([657a2ae](https://github.com/certd/certd/commit/657a2ae032e6f61ac27fbdd26c7bf169c041219e))
 * 修复授权被删除后，无法清空的bug ([b45977c](https://github.com/certd/certd/commit/b45977c29a29084c11e496bec3415eaaebafdd74))
 * mysql下access.setting字段改成text ([b7f5740](https://github.com/certd/certd/commit/b7f5740c57743914f754f3b4fdd94b59a2e8338c))
 ### Performance Improvements
 * 点击版本红点按钮，跳转到升级帮助页面 ([454fbda](https://github.com/certd/certd/commit/454fbda581bbe22abca5b91e5086ea9d9d58a020))
 * 通知标题优化 ([ff083ce](https://github.com/certd/certd/commit/ff083ce6848a8bee3c8248e4b881086ae1517c28))
 * 支持腾讯虚拟机开关机([@wujingke](https://github.com/wujingke)) ([8039e8b](https://github.com/certd/certd/commit/8039e8baf83c82d03f1a6198cf61c372026b962b))
 * 支持aws cloudfront ([0ae39f1](https://github.com/certd/certd/commit/0ae39f160a7c6b6696b3bf513d68aa28905810ad))
 ## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
 ### Bug Fixes
 * 修复创建流水线通知设置无效的bug ([498cf34](https://github.com/certd/certd/commit/498cf34999fddfa24ce088e2e678469fa669abb8))
 * 修复流水线分组可以被所有人看见的bug ([a0e838d](https://github.com/certd/certd/commit/a0e838d1eec918e5dc92fe95dc72ac14facb930e))
 ### Performance Improvements
 * 优化数据表索引 ([228fdf0](https://github.com/certd/certd/commit/228fdf0a0d28013f5dd156a97bbde80537e8e97e))
 * 支持mysql ([7cde1fd](https://github.com/certd/certd/commit/7cde1fdc4a9ed851900d231a5460c8dbfbcd148e))
 ## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
 ### Bug Fixes
--- a/docs/guide/development/index.md
+++ b/docs/guide/development/index.md
@@ -28,7 +28,7 @@ packages:
 ### 安装依赖和初始化:
 ```shell
 # 安装pnpm，如果提示npm命令不存在，就需要先安装nodejs
-npm install -g pnpm@8.15.7 --registry=https://registry.npmmirror.com
+npm install -g pnpm--registry=https://registry.npmmirror.com
 # 使用国内镜像源，如果有代理，就不需要
 pnpm config set registry https://registry.npmmirror.com
@@ -36,19 +36,19 @@ pnpm config set registry https://registry.npmmirror.com
 pnpm install
 # 初始化构建
-npm run init
+pnpm init
 ```
 ### 启动 server:
 ```shell
 cd packages/ui/certd-server
-npm run dev
+pnpm dev
 ```
 ### 启动 client:
 ```shell
 cd packages/ui/certd-client
-npm run dev
+pnpm dev
 # 会自动打开浏览器，确认正常运行
@@ -106,4 +106,4 @@ throw new Error("错误信息")
 ## 五、贡献插件送激活码
 - PR要求，插件功能完整，代码规范
- PR通过后，联系我们，送您一个专业版激活码
+- PR通过后，联系我们，送您一个半年期专业版激活码
--- a/docs/guide/index.md
+++ b/docs/guide/index.md
@@ -10,11 +10,11 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。
 * 全自动申请证书（支持所有注册商注册的域名）
-* 全自动部署更新证书（目前支持部署到主机、部署到阿里云、腾讯云等，目前已支持30+部署插件）
+* 全自动部署更新证书（目前支持部署到主机、部署到阿里云、腾讯云等，目前已支持60+部署插件）
 * 支持通配符域名/泛域名，支持多个域名打到一个证书上
 * 邮件通知
 * 私有化部署，保障数据安全
-* 支持sqlite，postgresql数据库
+* 支持SQLite、Postgresql、MySQL数据库
 ## 二、一些说明
--- a/docs/guide/install/1panel/images/upgrade-1.png
+++ b/docs/guide/install/1panel/images/upgrade-1.png
--- a/docs/guide/install/1panel/images/upgrade-2.png
+++ b/docs/guide/install/1panel/images/upgrade-2.png
--- a/docs/guide/install/1panel/index.md
+++ b/docs/guide/install/1panel/index.md
@@ -19,7 +19,8 @@ https://1panel.cn/docs/installation/online_installation/
 3. 点击确定，启动容器   
   ![](./images/2.png)
-> 默认数据保存在`/data/certd`目录下，可以手动备份
+> 默认使用sqlite数据库，数据保存在`/data/certd`目录下，您可以手动备份该目录   
 > certd还支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
 3. 访问测试
@@ -31,15 +32,12 @@ admin/123456
 ## 三、升级
-1. 找到容器，点击编辑
+1. 找到容器，点击更多->升级
-   ![](./images/edit1.png)
+   ![](./images/upgrade-1.png)
-2. 将latest修改为最新版本号
+2. 选择强制拉取镜像，点击确认即可
-   ![](https://img.shields.io/npm/v/%40certd%2Fpipeline)
+![img.png](./images/upgrade-2.png)
 ![img.png](./images/edit2.png)
 3. 点击确定，重启容器
 ## 四、数据备份
--- a/docs/guide/install/baota/index.md
+++ b/docs/guide/install/baota/index.md
@@ -29,6 +29,9 @@
 点击确定，等待启动完成   
 ![](./images/2.png)
 > certd默认使用sqlite数据库，另外支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
 ## 二、访问应用
 http://ip:7001    
@@ -38,28 +41,12 @@ admin/123456
 登录后请及时修改密码
 ## 三、如何升级
 宝塔升级certd非常简单
-### 1. 应用商店安装，直接更新镜像即可
+`docker`->`容器编排`->`左侧选择Certd`->`更新镜像`
 `docker`->`容器编排`->`左侧选择Certd-xxxx`->`更新镜像`
 ![img.png](./images/upgrade.png)
 ### 2. latest更新方式
 在主机上拉取最新镜像，然后面板上重启容器
 ```shell
 docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
 ```
 ### 3. 固定版本号方式
 修改容器编排模版中的镜像版本号，然后面板上重启容器
 ```shell
 services:
  certd:
    # 镜像                                #  修改最新版本号  ---- ↓↓↓↓↓ 
    image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:v1.xx.x
 ```
 ## 四、数据备份
 ### 4.1 应用商店部署方式
@@ -75,6 +62,7 @@ services:
 数据默认保存在`/data/certd`目录下，可以手动备份
 ### 4.3 自动备份
 > 建议配置一条 [数据库备份流水线](../../use/backup/)，自动备份
--- a/docs/guide/install/database.md
+++ b/docs/guide/install/database.md
@@ -0,0 +1,73 @@
 # 切换数据库
 certd支持如下几种数据库：
 1. sqlite3 (默认)
 2. mysql 
 3. postgresql
 您可以按如下两种方式切换数据库
 ## 一、全新安装
 ::: tip   
 以下按照`docker-compose`安装方式介绍如何使用mysql或postgresql数据库    
 如果您使用其他方式部署，请自行修改对应的环境变量即可。   
 :::
 ### 1.1、使用mysql数据库
 1. 安装mysql，创建数据库 `(注意：charset=utf8mb4, collation=utf8mb4_bin)`
 2. 下载最新的docker-compose.yaml
 3. 修改环境变量配置
 ```yaml
 services:
  certd:
    environment:
      # 使用mysql数据库，需要提前创建数据库 charset=utf8mb4, collation=utf8mb4_bin
      - certd_flyway_scriptDir=./db/migration-mysql                     # 升级脚本目录 【照抄】
      - certd_typeorm_dataSource_default_type=mysql                     # 数据库类型， 或者 mariadb 
      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
      - certd_typeorm_dataSource_default_port=3306                      # 数据库端口
      - certd_typeorm_dataSource_default_username=root                  # 用户名
      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
 ```
 4. 启动certd
 ```shell
 docker-compose up -d
 ```
 ### 1.2、使用Postgresql数据库
 1. 安装postgresql，创建数据库
 2. 下载最新的docker-compose.yaml
 3. 修改环境变量配置
 ```yaml
 services:
  certd:
    environment:
      # 使用postgresql数据库，需要提前创建数据库
      - certd_flyway_scriptDir=./db/migration-pg                        # 升级脚本目录 【照抄】
      - certd_typeorm_dataSource_default_type=postgres                  # 数据库类型 【照抄】
      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
      - certd_typeorm_dataSource_default_port=5433                      # 数据库端口
      - certd_typeorm_dataSource_default_username=postgres              # 用户名
      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
 ```
 4. 启动certd
 ```shell
 docker-compose up -d
 ```
 ## 二、从旧版的sqlite切换数据库
 1. 先将`旧certd`升级到最新版 （`建议：备份sqlite数据库` ）
 2. 按照上面全新安装方式部署一套`新的certd` （`注意：新旧版本的certd要一致`）
 3. 使用数据库工具将数据从sqlite导入到mysql或postgresql （`注意：flyway_history数据表不要导入`）
 4. 重启新certd
 5. 确认没有问题之后，删除旧版certd
--- a/docs/guide/install/docker/index.md
+++ b/docs/guide/install/docker/index.md
@@ -42,6 +42,8 @@ docker compose up -d
 > 如果提示 没有docker compose命令,请安装docker-compose   
 > https://docs.docker.com/compose/install/linux/   
 > certd默认使用sqlite数据库，另外还支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
 ### 3. 访问测试
--- a/docs/guide/install/source/index.md
+++ b/docs/guide/install/source/index.md
@@ -1,5 +1,5 @@
 # 源码部署
-不推荐
+如果没有`git`和`nodejs`基础，则不推荐
 ## 一、源码安装
 ### 环境要求
@@ -7,8 +7,8 @@
 ### 源码启动
 ```shell
 # 克隆代码
-git clone https://github.com/certd/certd
+git clone https://github.com/certd/certd --depth=1
-# git checkout v1.x.x  # 1.x.x换成最新版本号，当v2主干分支代码无法正常启动时，可以尝试此命令
+# git checkout v1.x.x  # 当v2主干分支代码无法正常启动时，可以尝试此命令，1.x.x换成最新版本号
 cd certd
 # 启动服务
 ./start.sh  
@@ -29,9 +29,15 @@ https://your_server_ip:7002
 ## 二、升级
 ```shell
-# 更新代码并启动
+
 cd certd
 # 确保数据安全，备份一下数据
 cp -rf ./packages/ui/certd-server/data ../certd-data-backup
 git pull
 # 如果提示pull失败，可以尝试强制更新
 # git checkout v2 -f && git pull 
 # 先停止旧的服务,7001是certd的默认端口
 kill -9 $(lsof -t -i:7001)
 # 重新编译启动
--- a/docs/guide/install/upgrade.md
+++ b/docs/guide/install/upgrade.md
@@ -0,0 +1,12 @@
 # 版本升级
 ## 升级方法
 根据不同部署方式查看升级方法
 1. [Docker方式部署升级](./docker/#二、升级)
 2. [宝塔面板方式部署升级](./baota/#三、如何升级)
 3. [1Panel面板方式部署升级](./1panel/#三、升级)
 4. [源码方式部署](./source/#二、升级)
 ## 升级日志
 [CHANGELOG](../changelogs/CHANGELOG.md)
--- a/docs/guide/open/images/1.png
+++ b/docs/guide/open/images/1.png
--- a/docs/guide/open/index.md
+++ b/docs/guide/open/index.md
@@ -0,0 +1,21 @@
 # 开放接口
 被动方式对第三方提供证书， 支持根据域名或证书id获取证书。
 ## 获取keyId和KeySecret
 ![](./images/1.png)
 ## 接口文档
 https://apifox.com/apidoc/shared-2e76f8c4-7c58-413b-a32d-a1316529af44/254949529e0
 ## Token生成方法
 header中传入x-certd-token即可调用开放接口   
 1、首先从OpenKey页面生成keyId，keySecret；    
 2、准备一个content( json字符串)： content={"keyId":keyId, t:时间戳秒数, encrypt:false, signType:"md5"} `// encrypt返回结果是否加密`   
 3、将content加上keySecret进行签名： sign = md5(content + keySecret)   
 4、然后将content和sign分别base64后用.号连接： x-certd-token = base64(content) +"."+base64(sign)   
 ## SDK
 待开发
--- a/docs/guide/use/cert/index.md
+++ b/docs/guide/use/cert/index.md
@@ -0,0 +1,10 @@
 # 证书申请失败情况
 ## DNS记录问题
 1. DNS 不要设置CAA记录，删除即可
 2. DNSSEC相关报错，DNSSEC管理中删除即可
 3. DNS 有其他平台申请过的_acme-challenge记录，删除即可
--- a/docs/guide/use/synology/images/deploy1.png
+++ b/docs/guide/use/synology/images/deploy1.png
--- a/docs/guide/use/synology/index.md
+++ b/docs/guide/use/synology/index.md
@@ -1,8 +1,12 @@
 # 群晖部署和证书更新
 支持群晖`6.x`、`7.x`
 ## 一、群晖部署Certd
 以下是群晖`7.x`的部署`certd`步骤。   
 群晖`6.x`请参考[docker部署](./../../install/docker/)
 ### 1. 打开Container Manager
 ![](./images/1.png)
@@ -32,6 +36,8 @@
 ## 二、更新群晖证书
 证书部署插件支持群晖`6.x`、`7.x`
 ## 1. 前提条件
 * 已经部署了certd
 * 群晖上已经设置好了证书(证书建议设置好描述，插件需要根据描述查找证书)
--- a/docs/index.md
+++ b/docs/index.md
@@ -24,13 +24,13 @@ features:
  - title: 全自动申请证书
    details: 支持所有注册商注册的域名
  - title: 全自动部署证书
-    details: 支持部署到主机、阿里云、腾讯云等，目前已支持30+部署插件
+    details: 支持部署到主机、阿里云、腾讯云等，目前已支持60+部署插件
  - title: 多域名、泛域名打到一个证书上
    details: 支持通配符域名/泛域名，支持多个域名打到一个证书上
  - title: 多证书格式支持
    details: 支持pem、pfx、der、jks等多种证书格式，支持Google、Letsencrypt、ZeroSSL证书颁发机构
  - title: 支持私有化部署
-    details: 保障数据安全
+    details: 授权数据加密存储，保障数据安全
  - title: 多数据库支持
-    details: 支持sqlite，postgresql数据库
+    details: 支持SQLite、Postgresql、MySQL数据库
 ---
--- a/lerna.json
+++ b/lerna.json
@@ -9,5 +9,5 @@
    }
  },
  "npmClient": "pnpm",
-  "version": "1.28.2"
+  "version": "1.31.1"
 }
--- a/package.json
+++ b/package.json
@@ -41,5 +41,8 @@
  },
  "workspaces": [
    "packages/**"
-  ]
+  ],
  "pnpm": {
    "neverBuiltDependencies": []
  }
 }
--- a/packages/core/acme-client/CHANGELOG.md
+++ b/packages/core/acme-client/CHANGELOG.md
@@ -3,6 +3,78 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.31.1](https://github.com/publishlab/node-acme-client/compare/v1.31.0...v1.31.1) (2025-03-11)
 **Note:** Version bump only for package @certd/acme-client
 # [1.31.0](https://github.com/publishlab/node-acme-client/compare/v1.30.6...v1.31.0) (2025-03-10)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.30.6](https://github.com/publishlab/node-acme-client/compare/v1.30.5...v1.30.6) (2025-02-24)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.30.5](https://github.com/publishlab/node-acme-client/compare/v1.30.4...v1.30.5) (2025-02-14)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.30.4](https://github.com/publishlab/node-acme-client/compare/v1.30.3...v1.30.4) (2025-02-14)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.30.3](https://github.com/publishlab/node-acme-client/compare/v1.30.2...v1.30.3) (2025-02-13)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.30.2](https://github.com/publishlab/node-acme-client/compare/v1.30.1...v1.30.2) (2025-02-09)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.30.1](https://github.com/publishlab/node-acme-client/compare/v1.30.0...v1.30.1) (2025-01-20)
 **Note:** Version bump only for package @certd/acme-client
 # [1.30.0](https://github.com/publishlab/node-acme-client/compare/v1.29.5...v1.30.0) (2025-01-19)
 ### Bug Fixes
 * 修复查看任务日志偶发性无法自动滚动底部的bug ([7e482f7](https://github.com/publishlab/node-acme-client/commit/7e482f798c0142bce1866f84676cb40210f9638a))
 ## [1.29.5](https://github.com/publishlab/node-acme-client/compare/v1.29.4...v1.29.5) (2025-01-07)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.29.4](https://github.com/publishlab/node-acme-client/compare/v1.29.3...v1.29.4) (2025-01-06)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.29.3](https://github.com/publishlab/node-acme-client/compare/v1.29.2...v1.29.3) (2025-01-04)
 ### Performance Improvements
 * 优化acme sdk ([54db744](https://github.com/publishlab/node-acme-client/commit/54db74428259de64d12230c2ab7353ae11197bbc))
 ## [1.29.2](https://github.com/publishlab/node-acme-client/compare/v1.29.1...v1.29.2) (2024-12-25)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.29.1](https://github.com/publishlab/node-acme-client/compare/v1.29.0...v1.29.1) (2024-12-25)
 **Note:** Version bump only for package @certd/acme-client
 # [1.29.0](https://github.com/publishlab/node-acme-client/compare/v1.28.4...v1.29.0) (2024-12-24)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.28.4](https://github.com/publishlab/node-acme-client/compare/v1.28.3...v1.28.4) (2024-12-12)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.28.3](https://github.com/publishlab/node-acme-client/compare/v1.28.2...v1.28.3) (2024-12-12)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.28.2](https://github.com/publishlab/node-acme-client/compare/v1.28.1...v1.28.2) (2024-12-09)
 ### Performance Improvements
--- a/packages/core/acme-client/package.json
+++ b/packages/core/acme-client/package.json
@@ -3,7 +3,7 @@
    "description": "Simple and unopinionated ACME client",
    "private": false,
    "author": "nmorsman",
-    "version": "1.28.2",
+    "version": "1.31.1",
    "type": "module",
    "module": "scr/index.js",
    "main": "src/index.js",
@@ -18,7 +18,7 @@
        "types"
    ],
    "dependencies": {
-        "@certd/basic": "^1.28.2",
+        "@certd/basic": "^1.31.1",
        "@peculiar/x509": "^1.11.0",
        "asn1js": "^3.0.5",
        "axios": "^1.7.2",
@@ -65,5 +65,5 @@
    "bugs": {
        "url": "https://github.com/publishlab/node-acme-client/issues"
    },
-    "gitHead": "a6cd532035f55a7ce122ea1229bb65f9d41e7125"
+    "gitHead": "bddef199ff275c1dc95273cff7d3c2391317d1d8"
 }
--- a/packages/core/acme-client/src/auto.js
+++ b/packages/core/acme-client/src/auto.js
@@ -99,31 +99,14 @@ export default  async (client, userOpts) => {
            return;
        }
        const keyAuthorizationGetter = async (challenge) => {
            return await client.getChallengeKeyAuthorization(challenge);
        }
        try {
            /* Select challenge based on priority */
            const challenge = authz.challenges.sort((a, b) => {
                const aidx = opts.challengePriority.indexOf(a.type);
                const bidx = opts.challengePriority.indexOf(b.type);
                if (aidx === -1) return 1;
                if (bidx === -1) return -1;
                return aidx - bidx;
            }).slice(0, 1)[0];
            if (!challenge) {
                throw new Error(`Unable to select challenge for ${d}, no challenge found`);
            }
            log(`[auto] [${d}] Found ${authz.challenges.length} challenges, selected type: ${challenge.type}`);
            /* Trigger challengeCreateFn() */
            log(`[auto] [${d}] Trigger challengeCreateFn()`);
            const keyAuthorization = await client.getChallengeKeyAuthorization(challenge);
            try {
-                const { recordReq, recordRes, dnsProvider } = await opts.challengeCreateFn(authz, challenge, keyAuthorization);
+                const { recordReq, recordRes, dnsProvider,challenge ,keyAuthorization} = await opts.challengeCreateFn(authz, keyAuthorizationGetter);
                log(`[auto] [${d}] challengeCreateFn success`);
                log(`[auto] [${d}] add challengeRemoveFn()`);
                clearTasks.push(async () => {
                    /* Trigger challengeRemoveFn(), suppress errors */
                    log(`[auto] [${d}] Trigger challengeRemoveFn()`);
@@ -141,7 +124,7 @@ export default  async (client, userOpts) => {
                    await wait(60 * 1000);
                }
                else {
-                    log(`[auto] [${d}] Running challenge verification`);
+                    log(`[auto] [${d}] Running challenge verification, type = ${challenge.type}`);
                    try {
                        await client.verifyChallenge(authz, challenge);
                    }
--- a/packages/core/acme-client/src/axios.js
+++ b/packages/core/acme-client/src/axios.js
@@ -126,6 +126,7 @@ instance.interceptors.response.use(null, async (error) => {
            /* Wait and retry the request */
            await new Promise((resolve) => { setTimeout(resolve, (retryAfter * 1000)); });
            log(`Retrying request to URL ${config.url}`);
            return instance(config);
        }
    }
--- a/packages/core/acme-client/src/error.js
+++ b/packages/core/acme-client/src/error.js
@@ -5,3 +5,5 @@ export class CancelError extends Error {
    }
 }
--- a/packages/core/acme-client/types/index.d.ts
+++ b/packages/core/acme-client/types/index.d.ts
@@ -4,6 +4,8 @@
 import { AxiosInstance } from 'axios';
 import * as rfc8555 from './rfc8555';
 import {CancelError} from '../src/error.js'
 export * from '../src/error.js'
 export type PrivateKeyBuffer = Buffer;
 export type PublicKeyBuffer = Buffer;
@@ -56,7 +58,7 @@ export interface ClientExternalAccountBindingOptions {
 export interface ClientAutoOptions {
    csr: CsrBuffer | CsrString;
-    challengeCreateFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string) => Promise<{recordReq:any,recordRes:any,dnsProvider:any}>;
+    challengeCreateFn: (authz: Authorization, keyAuthorization: (challenge:rfc8555.Challenge)=>Promise<string>) => Promise<{recordReq?:any,recordRes?:any,dnsProvider?:any,challenge: rfc8555.Challenge,keyAuthorization:string}>;
    challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string,recordReq:any, recordRes:any,dnsProvider:any) => Promise<any>;
    email?: string;
    termsOfServiceAgreed?: boolean;
@@ -202,4 +204,4 @@ export function setLogger(fn: (message: any, ...args: any[]) => void): void;
 export function walkTxtRecord(record: any): Promise<string[]>;
-export const CancelError: Error;
+export const CancelError: typeof CancelError;
--- a/packages/core/basic/CHANGELOG.md
+++ b/packages/core/basic/CHANGELOG.md
@@ -3,6 +3,89 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.31.1](https://github.com/certd/certd/compare/v1.31.0...v1.31.1) (2025-03-11)
 **Note:** Version bump only for package @certd/basic
 # [1.31.0](https://github.com/certd/certd/compare/v1.30.6...v1.31.0) (2025-03-10)
 ### Performance Improvements
 * 流水线同一个阶段任务优化为并行执行 ([efa9c74](https://github.com/certd/certd/commit/efa9c748c5c07fc950af3db742ef9310f1ac9a4b))
 * 支持易盾RCDN部署 ([065713c](https://github.com/certd/certd/commit/065713cdb6953d16df08585c316c1a7a8eaec437))
 ## [1.30.6](https://github.com/certd/certd/compare/v1.30.5...v1.30.6) (2025-02-24)
 ### Performance Improvements
 * 支持新版本LeCDN ([44d43f4](https://github.com/certd/certd/commit/44d43f45cb9094619df7494c2a64a51ba77ad116))
 ## [1.30.5](https://github.com/certd/certd/compare/v1.30.4...v1.30.5) (2025-02-14)
 **Note:** Version bump only for package @certd/basic
 ## [1.30.4](https://github.com/certd/certd/compare/v1.30.3...v1.30.4) (2025-02-14)
 **Note:** Version bump only for package @certd/basic
 ## [1.30.3](https://github.com/certd/certd/compare/v1.30.2...v1.30.3) (2025-02-13)
 **Note:** Version bump only for package @certd/basic
 ## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
 **Note:** Version bump only for package @certd/basic
 ## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
 **Note:** Version bump only for package @certd/basic
 # [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
 **Note:** Version bump only for package @certd/basic
 ## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
 **Note:** Version bump only for package @certd/basic
 ## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
 **Note:** Version bump only for package @certd/basic
 ## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
 **Note:** Version bump only for package @certd/basic
 ## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
 **Note:** Version bump only for package @certd/basic
 ## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
 ### Bug Fixes
 * 修复某处金额转换丢失精度的bug ([d2d6f12](https://github.com/certd/certd/commit/d2d6f12218cbe7bd55f4ae082b93084be85f0a7b))
 # [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
 ### Features
 * 用户套餐，用户支付功能 ([a019956](https://github.com/certd/certd/commit/a019956698acaf2c4beb620b5ad8c18918ead6a1))
 * 支持微信支付 ([45d6347](https://github.com/certd/certd/commit/45d6347f5b6199493b11aabdd74177f6dca2cea4))
 ### Performance Improvements
 * 站点证书监控通知发送，每天定时检查 ([bb4910f](https://github.com/certd/certd/commit/bb4910f4e57234e42b44505f4620ae7af66025c5))
 * 支持plesk网站证书部署 ([eda45c1](https://github.com/certd/certd/commit/eda45c1528199648b3970505e87f492d398226cd))
 ## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
 **Note:** Version bump only for package @certd/basic
 ## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
 **Note:** Version bump only for package @certd/basic
 ## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
 **Note:** Version bump only for package @certd/basic
--- a/packages/core/basic/build.md
+++ b/packages/core/basic/build.md
@@ -1 +1 @@
-22:42
+23:29
--- a/packages/core/basic/package.json
+++ b/packages/core/basic/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/basic",
  "private": false,
-  "version": "1.28.2",
+  "version": "1.31.1",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -23,6 +23,7 @@
    "lodash-es": "^4.17.21",
    "log4js": "^6.9.1",
    "lru-cache": "^10.0.0",
    "mitt": "^3.0.1",
    "nanoid": "^5.0.7",
    "node-forge": "^1.3.1",
    "nodemailer": "^6.9.3"
@@ -43,5 +44,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a6cd532035f55a7ce122ea1229bb65f9d41e7125"
+  "gitHead": "bddef199ff275c1dc95273cff7d3c2391317d1d8"
 }
--- a/packages/core/basic/src/utils/index.ts
+++ b/packages/core/basic/src/utils/index.ts
@@ -8,6 +8,11 @@ export * from './util.hash.js';
 export * from './util.merge.js';
 export * from './util.cache.js';
 export * from './util.string.js';
 export * from './util.lock.js';
 export * from './util.mitter.js';
 export * from './util.id.js';
 export * from './util.domain.js';
 export * from './util.amount.js';
 import { stringUtils } from './util.string.js';
 import sleep from './util.sleep.js';
 import { http, download } from './util.request.js';
@@ -22,8 +27,13 @@ import { cache } from './util.cache.js';
 import dayjs from 'dayjs';
 import { domainUtils } from './util.domain.js';
 import { optionsUtils } from './util.options.js';
 import { amountUtils } from './util.amount.js';
 import { nanoid } from 'nanoid';
 import * as id from './util.id.js';
 import { locker } from './util.lock.js';
 import { mitter } from './util.mitter.js';
 import * as request from './util.request.js';
 export const utils = {
  sleep,
  http,
@@ -41,4 +51,8 @@ export const utils = {
  domain: domainUtils,
  options: optionsUtils,
  string: stringUtils,
  locker,
  mitter,
  amount: amountUtils,
  request,
 };
--- a/packages/core/basic/src/utils/util.amount.ts
+++ b/packages/core/basic/src/utils/util.amount.ts
@@ -0,0 +1,9 @@
 export const amountUtils = {
  toCent(amount: number): number {
    return parseInt((amount * 100).toFixed(0));
  },
  toYuan(amount: number): number {
    return parseFloat((amount / 100).toFixed(2));
  },
 };
--- a/packages/core/basic/src/utils/util.env.ts
+++ b/packages/core/basic/src/utils/util.env.ts
@@ -1,4 +1,4 @@
 export function isDev() {
  const nodeEnv = process.env.NODE_ENV || '';
-  return nodeEnv === 'development' || nodeEnv.indexOf('local') >= 0;
+  return nodeEnv === 'development' || nodeEnv.includes('local') || nodeEnv.startsWith('dev');
 }
--- a/packages/core/basic/src/utils/util.hash.ts
+++ b/packages/core/basic/src/utils/util.hash.ts
@@ -1,9 +1,17 @@
-import crypto from 'crypto';
+import crypto, { BinaryToTextEncoding } from 'crypto';
-function md5(data: string) {
+function md5(data: string, digest: BinaryToTextEncoding = 'hex') {
-  return crypto.createHash('md5').update(data).digest('hex');
+  return crypto.createHash('md5').update(data).digest(digest);
 }
 function sha256(data: string, digest: BinaryToTextEncoding = 'hex') {
  return crypto.createHash('sha256').update(data).digest(digest);
 }
 function base64(data: string) {
  return Buffer.from(data).toString('base64');
 }
 export const hashUtils = {
  md5,
  sha256,
  base64,
 };
--- a/packages/core/basic/src/utils/util.lock.ts
+++ b/packages/core/basic/src/utils/util.lock.ts
@@ -0,0 +1,47 @@
 import { logger, utils } from './index.js';
 export class Locker {
  locked: Record<string, any> = {};
  async execute(lockStr: string, callback: any) {
    await this.lock(lockStr);
    const timeoutId = setTimeout(() => {
      logger.warn('Lock timeout,自动解锁', lockStr);
      this.unlock(lockStr);
    }, 20000);
    try {
      return await callback();
    } finally {
      clearTimeout(timeoutId);
      this.unlock(lockStr);
    }
  }
  async lock(str: string) {
    const isLocked = this.isLocked(str);
    if (isLocked) {
      let count = 0;
      while (true) {
        await utils.sleep(100);
        if (!this.isLocked(str)) {
          break;
        }
        count++;
        if (count > 20) {
          throw new Error('Lock timeout');
        }
      }
    }
    this.locked[str] = true;
  }
  unlock(str: string) {
    delete this.locked[str];
  }
  isLocked(str: string) {
    return this.locked[str] ?? false;
  }
 }
 export const locker = new Locker();
--- a/packages/core/basic/src/utils/util.mitter.ts
+++ b/packages/core/basic/src/utils/util.mitter.ts
@@ -0,0 +1,2 @@
 import mitt from 'mitt';
 export const mitter = mitt();
--- a/packages/core/basic/src/utils/util.options.ts
+++ b/packages/core/basic/src/utils/util.options.ts
@@ -37,6 +37,8 @@ function buildGroupOptions(options: any[], inDomains: string[]) {
 }
 export const optionsUtils = {
  //获取分组
  groupByDomain,
  //构建分组后的选项列表，常用
  buildGroupOptions,
 };
--- a/packages/core/basic/src/utils/util.request.ts
+++ b/packages/core/basic/src/utils/util.request.ts
@@ -1,4 +1,4 @@
-import axios, { AxiosRequestConfig } from 'axios';
+import axios, { AxiosHeaders, AxiosRequestConfig } from 'axios';
 import { ILogger, logger } from './util.log.js';
 import { Logger } from 'log4js';
 import { HttpProxyAgent } from 'http-proxy-agent';
@@ -13,7 +13,7 @@ export class HttpError extends Error {
  statusText?: string;
  code?: string;
  request?: { baseURL: string; url: string; method: string; params?: any; data?: any };
-  response?: { data: any };
+  response?: { data: any; headers: AxiosHeaders };
  cause?: any;
  constructor(error: any) {
    if (!error) {
@@ -55,6 +55,7 @@ export class HttpError extends Error {
    this.response = {
      data: error.response?.data,
      headers: error.response?.headers,
    };
    const { stack, cause } = error;
@@ -156,13 +157,13 @@ export function createAxiosService({ logger }: { logger: Logger }) {
          error.message = '请求错误';
          break;
        case 401:
-          error.message = '未授权，请登录';
+          error.message = '认证/登录失败';
          break;
        case 403:
          error.message = '拒绝访问';
          break;
        case 404:
-          error.message = `请求地址出错: ${error.response.config.url}`;
+          error.message = `请求地址出错`;
          break;
        case 408:
          error.message = '请求超时';
@@ -216,6 +217,7 @@ export type HttpRequestConfig<D = any> = {
  logParams?: boolean;
  logRes?: boolean;
  httpProxy?: string;
  returnResponse?: boolean;
 } & AxiosRequestConfig<D>;
 export type HttpClient = {
  request<D = any, R = any>(config: HttpRequestConfig<D>): Promise<HttpClientResponse<R>>;
@@ -308,3 +310,14 @@ export async function download(req: { http: HttpClient; config: HttpRequestConfi
      });
  });
 }
 export function getCookie(response: any, name: string) {
  const cookies = response.headers['set-cookie'];
  //根据name 返回对应的cookie
  const found = cookies.find((cookie: any) => cookie.includes(name));
  if (!found) {
    return null;
  }
  const cookie = found.split(';')[0];
  return cookie.substring(cookie.indexOf('=') + 1);
 }
--- a/packages/core/pipeline/CHANGELOG.md
+++ b/packages/core/pipeline/CHANGELOG.md
@@ -3,6 +3,100 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.31.1](https://github.com/certd/certd/compare/v1.31.0...v1.31.1) (2025-03-11)
 **Note:** Version bump only for package @certd/pipeline
 # [1.31.0](https://github.com/certd/certd/compare/v1.30.6...v1.31.0) (2025-03-10)
 ### Performance Improvements
 * 流水线同一个阶段任务优化为并行执行 ([efa9c74](https://github.com/certd/certd/commit/efa9c748c5c07fc950af3db742ef9310f1ac9a4b))
 ## [1.30.6](https://github.com/certd/certd/compare/v1.30.5...v1.30.6) (2025-02-24)
 ### Performance Improvements
 * 上传到阿里云证书名称后缀增加毫秒时间戳 ([9f0ee21](https://github.com/certd/certd/commit/9f0ee219d02907ffe128a5cf10173397d934ccd7))
 ## [1.30.5](https://github.com/certd/certd/compare/v1.30.4...v1.30.5) (2025-02-14)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.30.4](https://github.com/certd/certd/compare/v1.30.3...v1.30.4) (2025-02-14)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.30.3](https://github.com/certd/certd/compare/v1.30.2...v1.30.3) (2025-02-13)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
 ### Bug Fixes
 * 修复tg消息内容中存在.和*就会发送失败的bug ([ae5dfc3](https://github.com/certd/certd/commit/ae5dfc3bee950267123ae2fbd1c11e7ce36626ea))
 # [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
 ### Performance Improvements
 * 证书仓库 ([91e7f45](https://github.com/certd/certd/commit/91e7f45a1c5ea1e0ec0aa3236b80028f03a6d0aa))
 ## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
 ### Performance Improvements
 * 支持http校验方式申请证书 ([405591c](https://github.com/certd/certd/commit/405591c5d08fa1a3b228ee3980199e7731cfec4a))
 ## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
 ### Performance Improvements
 * 用户创建证书流水线没有购买套餐或者超限时提前报错 ([472f06c](https://github.com/certd/certd/commit/472f06c2d190d0ae48e8b53c18bc278437656a1c))
 # [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
 ### Features
 * 套餐购买支持易支付、支付宝支付 ([faa28f8](https://github.com/certd/certd/commit/faa28f88f954cba4c1dd29125562e5acd2fd99af))
 * 支持微信支付 ([45d6347](https://github.com/certd/certd/commit/45d6347f5b6199493b11aabdd74177f6dca2cea4))
 ### Performance Improvements
 * 同一时间只允许一个套餐生效 ([8ebf95a](https://github.com/certd/certd/commit/8ebf95a222a900d1707716c7b1f3b39f8a6d8f94))
 * 优化证书申请跳过的状态显示，成功通知现在在跳过时不会发送 ([67d762b](https://github.com/certd/certd/commit/67d762b6a520f1fa24719a124e5ae975a81f5f82))
 * 支持plesk网站证书部署 ([eda45c1](https://github.com/certd/certd/commit/eda45c1528199648b3970505e87f492d398226cd))
 ## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
 ### Bug Fixes
 * 修复证书成功通知发送失败的bug ([0f5c690](https://github.com/certd/certd/commit/0f5c69040ba77340c909813220a26bc7ddada3ea))
 ## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
 ### Performance Improvements
 * 通知标题优化 ([ff083ce](https://github.com/certd/certd/commit/ff083ce6848a8bee3c8248e4b881086ae1517c28))
 * 支持aws cloudfront ([0ae39f1](https://github.com/certd/certd/commit/0ae39f160a7c6b6696b3bf513d68aa28905810ad))
 ## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
 **Note:** Version bump only for package @certd/pipeline
--- a/packages/core/pipeline/package.json
+++ b/packages/core/pipeline/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/pipeline",
  "private": false,
-  "version": "1.28.2",
+  "version": "1.31.1",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -16,8 +16,8 @@
    "test": "mocha   --loader=ts-node/esm"
  },
  "dependencies": {
-    "@certd/basic": "^1.28.2",
+    "@certd/basic": "^1.31.1",
-    "@certd/plus-core": "^1.28.2",
+    "@certd/plus-core": "^1.31.1",
    "dayjs": "^1.11.7",
    "lodash-es": "^4.17.21",
    "reflect-metadata": "^0.1.13"
@@ -43,5 +43,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a6cd532035f55a7ce122ea1229bb65f9d41e7125"
+  "gitHead": "bddef199ff275c1dc95273cff7d3c2391317d1d8"
 }
--- a/packages/core/pipeline/src/core/exceptions.ts
+++ b/packages/core/pipeline/src/core/exceptions.ts
@@ -1,5 +1,15 @@
 import type { ResultError } from "../dt/index.js";
 export class CancelError extends Error {
  constructor(message: string) {
    super(message);
  }
 }
 export class RunnableError extends Error {
  errors: ResultError[];
  constructor(message: string, errors: ResultError[]) {
    super(message);
    this.errors = errors;
  }
 }
--- a/packages/core/pipeline/src/core/executor.ts
+++ b/packages/core/pipeline/src/core/executor.ts
@@ -1,4 +1,4 @@
-import { ConcurrencyStrategy, NotificationWhen, Pipeline, ResultType, Runnable, RunStrategy, Stage, Step, Task } from "../dt/index.js";
+import { ConcurrencyStrategy, NotificationWhen, Pipeline, ResultType, Runnable, RunStrategy, Stage, Step, Task, ResultError } from "../dt/index.js";
 import { RunHistory, RunnableCollection } from "./run-history.js";
 import { AbstractTaskPlugin, PluginDefine, pluginRegistry, TaskInstanceContext, UserInfo } from "../plugin/index.js";
 import { ContextFactory, IContext } from "./context.js";
@@ -10,7 +10,10 @@ import { Decorator } from "../decorator/index.js";
 import { ICnameProxyService, IEmailService, IPluginConfigService, IUrlService } from "../service/index.js";
 import { FileStore } from "./file-store.js";
 import { cloneDeep, forEach, merge } from "lodash-es";
-import { INotificationService, NotificationBody, NotificationContext, notificationRegistry } from "../notification/index.js";
+import { INotificationService } from "../notification/index.js";
 import { taskEmitterCreate } from "../service/emit.js";
 import { RunnableError } from "./exceptions.js";
 export type SysInfo = {
  //系统标题
  title?: string;
@@ -91,20 +94,30 @@ export class Executor {
        await this.onChanged(this.runtime);
      }, 5000);
-      await this.runWithHistory(this.pipeline, "pipeline", async () => {
+      const result = await this.runWithHistory(this.pipeline, "pipeline", async () => {
        return await this.runStages(this.pipeline);
      });
-      if (this.lastRuntime && this.lastRuntime.pipeline.status?.status === ResultType.error) {
+      if (result === ResultType.success) {
-        await this.notification("turnToSuccess");
+        if (this.lastRuntime && this.lastRuntime.pipeline.status?.status === ResultType.error) {
          await this.notification("turnToSuccess");
        } else {
          await this.notification("success");
        }
      }
-      await this.notification("success");
+      return result;
    } catch (e: any) {
      await this.notification("error", e);
      this.logger.error("pipeline 执行失败", e);
    } finally {
      clearInterval(intervalFlushLogId);
      await this.onChanged(this.runtime);
-      await this.pipelineContext.setObj("lastRuntime", this.runtime);
+      //保存之前移除logs
      const lastRuntime: any = {
        ...this.runtime,
      };
      delete lastRuntime.logs;
      delete lastRuntime._loggers;
      await this.pipelineContext.setObj("lastRuntime", lastRuntime);
      this.logger.info(`pipeline.${this.pipeline.id}  end`);
    }
  }
@@ -180,6 +193,8 @@ export class Executor {
    }
    let resList: ResultType[] = [];
    const errorList: ResultError[] = [];
    let errorMessage = "";
    if (stage.concurrency === ConcurrencyStrategy.Parallel) {
      //并行
      const pList = [];
@@ -188,10 +203,25 @@ export class Executor {
      }
      resList = await Promise.all(pList);
    } else {
-      //串行
+      //串行且报错继续
      for (let i = 0; i < runnerList.length; i++) {
        const runner = runnerList[i];
-        resList[i] = await runner();
+        try {
          resList[i] = await runner();
        } catch (e: any) {
          const t = stage.tasks[i];
          this.logger.error(`任务 ${t.title} 执行异常:`, e.message);
          resList[i] = ResultType.error;
          errorList.push({
            e,
            returnType: ResultType.error,
            runnable: t,
          });
          errorMessage += `任务${t.title}执行失败，错误详情:${e.message}；`;
        }
      }
      if (errorList.length > 0) {
        throw new RunnableError(errorMessage, errorList);
      }
    }
    return this.compositionResultType(resList);
@@ -331,11 +361,15 @@ export class Executor {
      signal: this.abort.signal,
      utils,
      user: this.options.user,
      emitter: taskEmitterCreate({
        step,
        pipeline: this.pipeline,
      }),
    };
    instance.setCtx(taskCtx);
    await instance.onInstance();
-    await instance.execute();
+    const result = await instance.execute();
    //执行结果处理
    if (instance._result.clearLastStatus) {
      //是否需要清除所有状态
@@ -363,6 +397,8 @@ export class Executor {
      merge(vars, instance._result.pipelinePrivateVars);
      await this.pipelineContext.setObj("privateVars", vars);
    }
    return result;
  }
  async notification(when: NotificationWhen, error?: any) {
@@ -373,19 +409,27 @@ export class Executor {
    let subject = "";
    let content = "";
    const errorMessage = error?.message;
    const sysTitle = this.options.sysInfo?.title || "Certd";
    if (when === "start") {
-      subject = `【${sysTitle}】开始执行，${this.pipeline.title}【${this.pipeline.id}】`;
+      subject = `开始执行，${this.pipeline.title}【${this.pipeline.id}】`;
      content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
    } else if (when === "success") {
-      subject = `【${sysTitle}】执行成功，${this.pipeline.title}【${this.pipeline.id}】`;
+      subject = `执行成功，${this.pipeline.title}【${this.pipeline.id}】`;
      content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
    } else if (when === "turnToSuccess") {
-      subject = `【${sysTitle}】执行成功（失败转成功），${this.pipeline.title}【${this.pipeline.id}】`;
+      subject = `执行成功（失败转成功），${this.pipeline.title}【${this.pipeline.id}】`;
      content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
    } else if (when === "error") {
-      subject = `【${sysTitle}】执行失败，${this.pipeline.title}【${this.pipeline.id}】`;
+      subject = `执行失败，${this.pipeline.title}【${this.pipeline.id}】`;
-      content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n错误详情:${error.message}`;
+
      if (error instanceof RunnableError) {
        const runnableError = error as RunnableError;
        content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n`;
        for (const re of runnableError.errors) {
          content += ` - ${re.runnable.title} 执行失败\n  错误详情:${re.e.message}\n\n`;
        }
      } else {
        content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n${this.currentStatusMap?.currentStep?.title} 执行失败\n\n错误详情:${error.message}`;
      }
    } else {
      return;
    }
@@ -407,43 +451,24 @@ export class Executor {
        }
      } else {
        try {
          //构建notification插件，发送通知
          let notifyConfig: any;
          if (notification.notificationId === 0) {
            notifyConfig = await this.options.notificationService.getDefault();
          } else {
            notifyConfig = await this.options.notificationService.getById(notification.notificationId);
          }
          if (notifyConfig == null) {
            throw new Error(`通知配置<id:${notification.notificationId}>不存在`);
          }
          const notificationPlugin = notificationRegistry.get(notifyConfig.type);
          const notificationCls: any = notificationPlugin.target;
          const notificationSender = new notificationCls();
          const notificationCtx: NotificationContext = {
            http: utils.http,
            logger,
            utils,
            emailService: this.options.emailService,
          };
          //设置参数
          merge(notificationSender, notifyConfig.setting);
          notificationSender.setCtx(notificationCtx);
          await notificationSender.onInstance();
          const body: NotificationBody = {
            title: subject,
            content,
            userId: this.pipeline.userId,
            pipeline: this.pipeline,
            result: this.lastRuntime.pipeline.status,
            pipelineId: this.pipeline.id,
            historyId: this.runtime.id,
            errorMessage,
            url,
          };
          //发送通知
-          await notificationSender.send(body);
+          await this.options.notificationService.send({
            id: notification.notificationId,
            useDefault: true,
            useEmail: false,
            logger: this.logger,
            body: {
              title: subject,
              content,
              userId: this.pipeline.userId,
              pipeline: this.pipeline,
              result: this.lastRuntime?.pipeline?.status,
              pipelineId: this.pipeline.id,
              historyId: this.runtime.id,
              errorMessage,
              url,
            },
          });
        } catch (e) {
          logger.error("send notification error", e);
        }
--- a/packages/core/pipeline/src/core/run-history.ts
+++ b/packages/core/pipeline/src/core/run-history.ts
@@ -134,6 +134,7 @@ export class RunHistory {
 export class RunnableCollection {
  private collection: RunnableMap = {};
  private pipeline!: Pipeline;
  currentStep!: Step;
  constructor(pipeline?: Pipeline) {
    if (!pipeline) {
      return;
@@ -143,6 +144,23 @@ export class RunnableCollection {
    this.collection = map;
  }
  static initPipelineRunnableType(pipeline: Pipeline) {
    pipeline.runnableType = "pipeline";
    if (pipeline.stages === undefined) {
      pipeline.stages = [];
      return;
    }
    pipeline.stages.forEach((stage) => {
      stage.runnableType = "stage";
      stage.tasks.forEach((task) => {
        task.runnableType = "task";
        task.steps.forEach((step) => {
          step.runnableType = "step";
        });
      });
    });
  }
  static each<T extends Runnable>(list: T[], exec: (item: Runnable) => void) {
    list.forEach((item) => {
      exec(item);
@@ -193,5 +211,8 @@ export class RunnableCollection {
  add(runnable: Runnable) {
    this.collection[runnable.id] = runnable;
    if (runnable.runnableType === "step") {
      this.currentStep = runnable as Step;
    }
  }
 }
--- a/packages/core/pipeline/src/dt/pipeline.ts
+++ b/packages/core/pipeline/src/dt/pipeline.ts
@@ -107,6 +107,12 @@ export type Log = {
  text: string;
 };
 export type ResultError = {
  e: any;
  returnType: ResultType;
  runnable: Runnable;
 };
 export enum ResultType {
  start = "start",
  success = "success",
--- a/packages/core/pipeline/src/notification/api.ts
+++ b/packages/core/pipeline/src/notification/api.ts
@@ -48,9 +48,18 @@ export type NotificationInstanceConfig = {
  };
 };
 export type NotificationSendReq = {
  id?: number;
  useDefault?: boolean;
  useEmail?: boolean;
  emailAddress?: string;
  logger: ILogger;
  body: NotificationBody;
 };
 export interface INotificationService {
  getById(id: number): Promise<NotificationInstanceConfig>;
  getDefault(): Promise<NotificationInstanceConfig>;
  send(req: NotificationSendReq): Promise<void>;
 }
 export interface INotification {
@@ -112,11 +121,11 @@ export abstract class BaseNotification implements INotification {
  async onTestRequest() {
    await this.doSend({
      userId: 0,
-      title: "【Certd】测试通知，标题长度测试、测试、测试",
+      title: "【Certd】测试通知【*.foo.com】，标题长度测试、测试、测试",
-      content: "测试通知",
+      content: "测试通知,*.foo.com",
      pipeline: {
        id: 1,
-        title: "测试流水线",
+        title: "证书申请成功【测试流水线】",
      } as any,
      pipelineId: 1,
      historyId: 1,
--- a/packages/core/pipeline/src/notification/decorator.ts
+++ b/packages/core/pipeline/src/notification/decorator.ts
@@ -1,9 +1,9 @@
 // src/decorator/memoryCache.decorator.ts
 import { Decorator } from "../decorator/index.js";
 import * as _ from "lodash-es";
 import { merge } from "lodash-es";
 import { notificationRegistry } from "./registry.js";
 import { BaseNotification, NotificationBody, NotificationContext, NotificationDefine, NotificationInputDefine, NotificationInstanceConfig } from "./api.js";
 import { isPlus } from "@certd/plus-core";
 // 提供一个唯一 key
 export const NOTIFICATION_CLASS_KEY = "pipeline:notification";
@@ -47,9 +47,7 @@ export async function newNotification(type: string, input: any, ctx: Notificatio
  // @ts-ignore
  const plugin = new register.target();
-  for (const key in input) {
+  merge(plugin, input);
    plugin[key] = input[key];
  }
  if (!ctx) {
    throw new Error("ctx is required");
  }
@@ -61,8 +59,5 @@ export async function newNotification(type: string, input: any, ctx: Notificatio
 export async function sendNotification(opts: { config: NotificationInstanceConfig; ctx: NotificationContext; body: NotificationBody }) {
  const notification: BaseNotification = await newNotification(opts.config.type, opts.config.setting, opts.ctx);
  if (notification.define.needPlus && !isPlus()) {
    opts.body.content = `${opts.body.content}\n\n注意：此通知渠道已调整为专业版功能，后续版本将不再支持发送，请尽快修改或升级为专业版`;
  }
  await notification.doSend(opts.body);
 }
--- a/packages/core/pipeline/src/plugin/api.ts
+++ b/packages/core/pipeline/src/plugin/api.ts
@@ -7,9 +7,10 @@ import { CancelError, IContext, RunHistory, RunnableCollection } from "../core/i
 import { HttpRequestConfig, ILogger, logger, utils } from "@certd/basic";
 import { HttpClient } from "@certd/basic";
 import dayjs from "dayjs";
-import { IPluginConfigService } from "../service/config";
+import { IPluginConfigService } from "../service/config.js";
 import { upperFirst } from "lodash-es";
-import { INotificationService } from "../notification";
+import { INotificationService } from "../notification/index.js";
 import { TaskEmitter } from "../service/emit.js";
 export type PluginRequestHandleReq<T = any> = {
  typeName: string;
@@ -59,7 +60,7 @@ export type PluginDefine = Registrable & {
 export type ITaskPlugin = {
  onInstance(): Promise<void>;
-  execute(): Promise<void>;
+  execute(): Promise<void | string>;
  onRequest(req: PluginRequestHandleReq<any>): Promise<any>;
  [key: string]: any;
 };
@@ -111,6 +112,8 @@ export type TaskInstanceContext = {
  utils: typeof utils;
  //用户信息
  user: UserInfo;
  emitter: TaskEmitter;
 };
 export abstract class AbstractTaskPlugin implements ITaskPlugin {
@@ -184,13 +187,13 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
    return;
  }
-  abstract execute(): Promise<void>;
+  abstract execute(): Promise<void | string>;
  appendTimeSuffix(name?: string) {
    if (name == null) {
      name = "certd";
    }
-    return name + "_" + dayjs().format("YYYYMMDDHHmmss");
+    return name + "_" + dayjs().format("YYYYMMDDHHmmssSSS");
  }
  async onRequest(req: PluginRequestHandleReq<any>) {
--- a/packages/core/pipeline/src/plugin/group.ts
+++ b/packages/core/pipeline/src/plugin/group.ts
@@ -21,8 +21,9 @@ export const pluginGroups = {
  huawei: new PluginGroup("huawei", "华为云", 3),
  tencent: new PluginGroup("tencent", "腾讯云", 4),
  qiniu: new PluginGroup("qiniu", "七牛云", 5),
-  host: new PluginGroup("host", "主机", 6),
+  aws: new PluginGroup("aws", "亚马逊云", 6),
-  cdn: new PluginGroup("cdn", "CDN", 7),
+  host: new PluginGroup("host", "主机", 7),
-  panel: new PluginGroup("panel", "面板", 8),
+  cdn: new PluginGroup("cdn", "CDN", 8),
-  other: new PluginGroup("other", "其他", 9),
+  panel: new PluginGroup("panel", "面板", 9),
  other: new PluginGroup("other", "其他", 10),
 };
--- a/packages/core/pipeline/src/service/cname.ts
+++ b/packages/core/pipeline/src/service/cname.ts
@@ -18,6 +18,7 @@ export type CnameRecord = {
  status: string;
  commonDnsProvider?: any;
 };
 export type ICnameProxyService = {
  getByDomain: (domain: string) => Promise<CnameRecord>;
 };
--- a/packages/core/pipeline/src/service/emit.ts
+++ b/packages/core/pipeline/src/service/emit.ts
@@ -0,0 +1,68 @@
 import { logger } from "@certd/basic";
 import { Pipeline, Runnable } from "../dt";
 export type PipelineEventListener = (...args: any[]) => Promise<void>;
 export type PipelineEvent<T> = {
  pipeline: Pipeline;
  step: Runnable;
  event: T;
 };
 export class PipelineEmitter {
  events: Record<string, PipelineEventListener[]>;
  constructor() {
    this.events = {};
  }
  on(event: string, listener: PipelineEventListener) {
    if (!this.events[event]) {
      this.events[event] = [];
    }
    this.events[event].push(listener);
  }
  async emit<T>(name: string, event: PipelineEvent<T>) {
    const listeners = this.events[name];
    if (listeners) {
      for (const listener of listeners) {
        try {
          await listener(event);
        } catch (e) {
          logger.error(`事件<${name}>监听器执行失败:`, e);
        }
      }
    }
  }
  off(event: string, listener: PipelineEventListener) {
    if (this.events[event]) {
      this.events[event] = this.events[event].filter((l) => l !== listener);
    }
  }
  once(event: string, listener: PipelineEventListener) {
    const onceListener = async (...args: any[]) => {
      this.off(event, onceListener);
      await listener(...args);
    };
    this.on(event, onceListener);
  }
 }
 export const pipelineEmitter = new PipelineEmitter();
 export type TaskEmitterCreateReq = {
  step: Runnable;
  pipeline: Pipeline;
 };
 export type TaskEmitter = {
  emit: <T>(name: string, event: T) => Promise<void>;
 };
 export function taskEmitterCreate(req: TaskEmitterCreateReq) {
  return {
    emit: async <T>(name: string, event: T) => {
      await pipelineEmitter.emit(name, {
        pipeline: req.pipeline,
        step: req.step,
        event,
      });
    },
  } as TaskEmitter;
 }
--- a/packages/core/pipeline/src/service/index.ts
+++ b/packages/core/pipeline/src/service/index.ts
@@ -2,3 +2,4 @@ export * from "./email.js";
 export * from "./cname.js";
 export * from "./config.js";
 export * from "./url.js";
 export * from "./emit.js";
--- a/packages/libs/lib-huawei/CHANGELOG.md
+++ b/packages/libs/lib-huawei/CHANGELOG.md
@@ -3,6 +3,74 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.31.1](https://github.com/certd/certd/compare/v1.31.0...v1.31.1) (2025-03-11)
 **Note:** Version bump only for package @certd/lib-huawei
 # [1.31.0](https://github.com/certd/certd/compare/v1.30.6...v1.31.0) (2025-03-10)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.30.6](https://github.com/certd/certd/compare/v1.30.5...v1.30.6) (2025-02-24)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.30.5](https://github.com/certd/certd/compare/v1.30.4...v1.30.5) (2025-02-14)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.30.4](https://github.com/certd/certd/compare/v1.30.3...v1.30.4) (2025-02-14)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.30.3](https://github.com/certd/certd/compare/v1.30.2...v1.30.3) (2025-02-13)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
 **Note:** Version bump only for package @certd/lib-huawei
 # [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
 **Note:** Version bump only for package @certd/lib-huawei
 # [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
 **Note:** Version bump only for package @certd/lib-huawei
--- a/packages/libs/lib-huawei/package.json
+++ b/packages/libs/lib-huawei/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-huawei",
  "private": false,
-  "version": "1.28.2",
+  "version": "1.31.1",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
  "types": "./dist/d/index.d.ts",
@@ -21,5 +21,5 @@
    "prettier": "^2.8.8",
    "tslib": "^2.8.1"
  },
-  "gitHead": "a6cd532035f55a7ce122ea1229bb65f9d41e7125"
+  "gitHead": "bddef199ff275c1dc95273cff7d3c2391317d1d8"
 }
--- a/packages/libs/lib-iframe/CHANGELOG.md
+++ b/packages/libs/lib-iframe/CHANGELOG.md
@@ -3,6 +3,74 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.31.1](https://github.com/certd/certd/compare/v1.31.0...v1.31.1) (2025-03-11)
 **Note:** Version bump only for package @certd/lib-iframe
 # [1.31.0](https://github.com/certd/certd/compare/v1.30.6...v1.31.0) (2025-03-10)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.30.6](https://github.com/certd/certd/compare/v1.30.5...v1.30.6) (2025-02-24)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.30.5](https://github.com/certd/certd/compare/v1.30.4...v1.30.5) (2025-02-14)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.30.4](https://github.com/certd/certd/compare/v1.30.3...v1.30.4) (2025-02-14)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.30.3](https://github.com/certd/certd/compare/v1.30.2...v1.30.3) (2025-02-13)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
 **Note:** Version bump only for package @certd/lib-iframe
 # [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
 **Note:** Version bump only for package @certd/lib-iframe
 # [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
 **Note:** Version bump only for package @certd/lib-iframe
--- a/packages/libs/lib-iframe/package.json
+++ b/packages/libs/lib-iframe/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-iframe",
  "private": false,
-  "version": "1.28.2",
+  "version": "1.31.1",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -30,5 +30,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a6cd532035f55a7ce122ea1229bb65f9d41e7125"
+  "gitHead": "bddef199ff275c1dc95273cff7d3c2391317d1d8"
 }
--- a/packages/libs/lib-k8s/CHANGELOG.md
+++ b/packages/libs/lib-k8s/CHANGELOG.md
@@ -3,6 +3,74 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.31.1](https://github.com/certd/certd/compare/v1.31.0...v1.31.1) (2025-03-11)
 **Note:** Version bump only for package @certd/lib-k8s
 # [1.31.0](https://github.com/certd/certd/compare/v1.30.6...v1.31.0) (2025-03-10)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.30.6](https://github.com/certd/certd/compare/v1.30.5...v1.30.6) (2025-02-24)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.30.5](https://github.com/certd/certd/compare/v1.30.4...v1.30.5) (2025-02-14)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.30.4](https://github.com/certd/certd/compare/v1.30.3...v1.30.4) (2025-02-14)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.30.3](https://github.com/certd/certd/compare/v1.30.2...v1.30.3) (2025-02-13)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
 **Note:** Version bump only for package @certd/lib-k8s
 # [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
 **Note:** Version bump only for package @certd/lib-k8s
 # [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
 **Note:** Version bump only for package @certd/lib-k8s
--- a/packages/libs/lib-k8s/package.json
+++ b/packages/libs/lib-k8s/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-k8s",
  "private": false,
-  "version": "1.28.2",
+  "version": "1.31.1",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -16,7 +16,7 @@
    "preview": "vite preview"
  },
  "dependencies": {
-    "@certd/basic": "^1.28.2",
+    "@certd/basic": "^1.31.1",
    "@kubernetes/client-node": "0.21.0"
  },
  "devDependencies": {
@@ -31,5 +31,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a6cd532035f55a7ce122ea1229bb65f9d41e7125"
+  "gitHead": "bddef199ff275c1dc95273cff7d3c2391317d1d8"
 }
--- a/packages/libs/lib-server/CHANGELOG.md
+++ b/packages/libs/lib-server/CHANGELOG.md
@@ -3,6 +3,89 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.31.1](https://github.com/certd/certd/compare/v1.31.0...v1.31.1) (2025-03-11)
 **Note:** Version bump only for package @certd/lib-server
 # [1.31.0](https://github.com/certd/certd/compare/v1.30.6...v1.31.0) (2025-03-10)
 ### Performance Improvements
 * 升级midwayjs版本 ([057b0b4](https://github.com/certd/certd/commit/057b0b4565e19bb93195633f767b2942e8e40e59))
 * 是否允许爬虫爬取增加ui设置选项 ([779db9d](https://github.com/certd/certd/commit/779db9da705d2dfef36fec21f52bd38af9fc5f2e))
 ## [1.30.6](https://github.com/certd/certd/compare/v1.30.5...v1.30.6) (2025-02-24)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.30.5](https://github.com/certd/certd/compare/v1.30.4...v1.30.5) (2025-02-14)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.30.4](https://github.com/certd/certd/compare/v1.30.3...v1.30.4) (2025-02-14)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.30.3](https://github.com/certd/certd/compare/v1.30.2...v1.30.3) (2025-02-13)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
 **Note:** Version bump only for package @certd/lib-server
 # [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
 ### Features
 * 支持open api接口，根据域名获取证书 ([52a4fd3](https://github.com/certd/certd/commit/52a4fd33180e9b3f71b8dc9f7671d7cd8e448c3b))
 ## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
 ### Bug Fixes
 * 修复系统级授权无法查看密钥的bug ([8644348](https://github.com/certd/certd/commit/8644348fc41ae2e1672f946ca37e5d3a674e0218))
 ## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
 **Note:** Version bump only for package @certd/lib-server
 # [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
 ### Features
 * 基础版不再限制流水线数量 ([cb27d4b](https://github.com/certd/certd/commit/cb27d4b4906b2782eaceb0a95bbdc5d0534370d2))
 * 套餐购买支持易支付、支付宝支付 ([faa28f8](https://github.com/certd/certd/commit/faa28f88f954cba4c1dd29125562e5acd2fd99af))
 * 用户套餐，用户支付功能 ([a019956](https://github.com/certd/certd/commit/a019956698acaf2c4beb620b5ad8c18918ead6a1))
 ### Performance Improvements
 * 站点证书监控通知发送，每天定时检查 ([bb4910f](https://github.com/certd/certd/commit/bb4910f4e57234e42b44505f4620ae7af66025c5))
 ## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
 **Note:** Version bump only for package @certd/lib-server
--- a/packages/libs/lib-server/package.json
+++ b/packages/libs/lib-server/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/lib-server",
-  "version": "1.28.2",
+  "version": "1.31.1",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -27,18 +27,18 @@
  ],
  "license": "AGPL",
  "dependencies": {
-    "@certd/acme-client": "^1.28.2",
+    "@certd/acme-client": "^1.31.1",
-    "@certd/basic": "^1.28.2",
+    "@certd/basic": "^1.31.1",
-    "@certd/pipeline": "^1.28.2",
+    "@certd/pipeline": "^1.31.1",
-    "@certd/plus-core": "^1.28.2",
+    "@certd/plus-core": "^1.31.1",
    "@midwayjs/cache": "~3.14.0",
-    "@midwayjs/core": "~3.17.1",
+    "@midwayjs/core": "~3.20.3",
-    "@midwayjs/i18n": "~3.17.3",
+    "@midwayjs/i18n": "~3.20.3",
-    "@midwayjs/info": "~3.17.3",
+    "@midwayjs/info": "~3.20.3",
-    "@midwayjs/koa": "~3.17.1",
+    "@midwayjs/koa": "~3.20.3",
    "@midwayjs/logger": "~3.4.2",
-    "@midwayjs/typeorm": "~3.17.1",
+    "@midwayjs/typeorm": "~3.20.3",
-    "@midwayjs/upload": "^3.17.3",
+    "@midwayjs/upload": "^3.20.3",
    "better-sqlite3": "^11.1.2",
    "cross-env": "^7.0.3",
    "dayjs": "^1.11.7",
@@ -61,5 +61,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a6cd532035f55a7ce122ea1229bb65f9d41e7125"
+  "gitHead": "bddef199ff275c1dc95273cff7d3c2391317d1d8"
 }
--- a/packages/libs/lib-server/src/basic/base-controller.ts
+++ b/packages/libs/lib-server/src/basic/base-controller.ts
@@ -25,7 +25,7 @@ export abstract class BaseController {
   * @param msg
   * @param code
   */
-  fail(msg: string, code: any) {
+  fail(msg: string, code?: any) {
    return {
      code: code ? code : Constants.res.error.code,
      msg: msg ? msg : Constants.res.error.code,
@@ -39,4 +39,12 @@ export abstract class BaseController {
    }
    return userId;
  }
  getLoginUser() {
    const user = this.ctx.user;
    if (user == null) {
      throw new Error('Token已过期');
    }
    return user;
  }
 }
--- a/packages/libs/lib-server/src/basic/base-service.ts
+++ b/packages/libs/lib-server/src/basic/base-service.ts
@@ -3,6 +3,7 @@ import { In, Repository, SelectQueryBuilder } from 'typeorm';
 import { Inject } from '@midwayjs/core';
 import { TypeORMDataSourceManager } from '@midwayjs/typeorm';
 import { EntityManager } from 'typeorm/entity-manager/EntityManager.js';
 import { FindManyOptions } from 'typeorm';
 export type PageReq<T = any> = {
  page?: { offset: number; limit: number };
@@ -15,6 +16,7 @@ export type ListReq<T = any> = {
    asc: boolean;
  };
  buildQuery?: (bq: SelectQueryBuilder<any>) => void;
  select?: any;
 };
 /**
@@ -53,7 +55,7 @@ export abstract class BaseService<T> {
   * 非分页查询
   * @param options
   */
-  async find(options) {
+  async find(options: FindManyOptions<T>) {
    return await this.getRepository().find(options);
  }
@@ -99,7 +101,7 @@ export abstract class BaseService<T> {
   * 新增|修改
   * @param param 数据
   */
-  async addOrUpdate(param) {
+  async addOrUpdate(param: any) {
    await this.getRepository().save(param);
  }
@@ -107,7 +109,7 @@ export abstract class BaseService<T> {
   * 新增
   * @param param 数据
   */
-  async add(param) {
+  async add(param: any) {
    const now = new Date();
    param.createTime = now;
    param.updateTime = now;
@@ -122,7 +124,7 @@ export abstract class BaseService<T> {
   * 修改
   * @param param 数据
   */
-  async update(param) {
+  async update(param: any) {
    if (!param.id) throw new ValidateException('id 不能为空');
    param.updateTime = new Date();
    await this.addOrUpdate(param);
@@ -148,6 +150,7 @@ export abstract class BaseService<T> {
      page.limit = 20;
    }
    const qb = this.buildListQuery(pageReq);
    qb.offset(page.offset).limit(page.limit);
    const list = await qb.getMany();
    const total = await qb.getCount();
--- a/packages/libs/lib-server/src/basic/constants.ts
+++ b/packages/libs/lib-server/src/basic/constants.ts
@@ -12,6 +12,8 @@ export const Constants = {
    authOnly: '_authOnly_',
    //仅需要登录
    loginOnly: '_authOnly_',
    open: '_open_',
  },
  res: {
    serverError(message: string) {
@@ -36,6 +38,10 @@ export const Constants = {
      code: 88,
      message: '需要VIP',
    },
    needsuite: {
      code: 89,
      message: '需要购买或升级套餐',
    },
    loginError: {
      code: 2,
      message: '登录失败',
@@ -64,5 +70,33 @@ export const Constants = {
      code: 10001,
      message: '对不起，预览环境不允许修改此数据',
    },
    openKeyError: {
      code: 20000,
      message: 'ApiToken错误',
    },
    openKeySignError: {
      code: 20001,
      message: 'ApiToken签名错误',
    },
    openKeyExpiresError: {
      code: 20002,
      message: 'ApiToken时间戳错误',
    },
    openKeySignTypeError: {
      code: 20003,
      message: 'ApiToken签名类型不支持',
    },
    openParamError: {
      code: 20010,
      message: '请求参数错误',
    },
    openCertNotFound: {
      code: 20011,
      message: '证书不存在',
    },
    openCertNotReady: {
      code: 20012,
      message: '证书还未生成',
    },
  },
 };
--- a/packages/libs/lib-server/src/basic/crud-controller.ts
+++ b/packages/libs/lib-server/src/basic/crud-controller.ts
@@ -49,4 +49,10 @@ export abstract class CrudController<T> extends BaseController {
    await this.getService().delete([id]);
    return this.ok(null);
  }
  @Post('/deleteByIds')
  async deleteByIds(@Body('ids') ids: number[]) {
    await this.getService().delete(ids);
    return this.ok(null);
  }
 }
--- a/packages/libs/lib-server/src/basic/exception/auth-exception.ts
+++ b/packages/libs/lib-server/src/basic/exception/auth-exception.ts
@@ -5,10 +5,6 @@ import { BaseException } from './base-exception.js';
 */
 export class AuthException extends BaseException {
  constructor(message) {
-    super(
+    super('AuthException', Constants.res.auth.code, message ? message : Constants.res.auth.message);
      'AuthException',
      Constants.res.auth.code,
      message ? message : Constants.res.auth.message
    );
  }
 }
--- a/packages/libs/lib-server/src/basic/exception/base-exception.ts
+++ b/packages/libs/lib-server/src/basic/exception/base-exception.ts
@@ -2,10 +2,10 @@
 * 异常基类
 */
 export class BaseException extends Error {
-  status: number;
+  code: number;
  constructor(name, code, message) {
    super(message);
    this.name = name;
-    this.status = code;
+    this.code = code;
  }
 }
--- a/packages/libs/lib-server/src/basic/exception/common-exception.ts
+++ b/packages/libs/lib-server/src/basic/exception/common-exception.ts
@@ -8,3 +8,9 @@ export class CommonException extends BaseException {
    super('CommonException', Constants.res.error.code, message ? message : Constants.res.error.message);
  }
 }
 export class CodeException extends BaseException {
  constructor(res: { code: number; message: string }) {
    super('CodeException', res.code, res.message);
  }
 }
--- a/packages/libs/lib-server/src/basic/exception/vip-exception.ts
+++ b/packages/libs/lib-server/src/basic/exception/vip-exception.ts
@@ -8,3 +8,9 @@ export class NeedVIPException extends BaseException {
    super('NeedVIPException', Constants.res.needvip.code, message ? message : Constants.res.needvip.message);
  }
 }
 export class NeedSuiteException extends BaseException {
  constructor(message) {
    super('NeedSuiteException', Constants.res.needsuite.code, message ? message : Constants.res.needsuite.message);
  }
 }
--- a/packages/libs/lib-server/src/basic/result.ts
+++ b/packages/libs/lib-server/src/basic/result.ts
@@ -9,7 +9,7 @@ export class Result<T> {
  }
  static error(code = 1, msg) {
-    return new Result(code, msg, null);
+    return new Result(code, msg);
  }
  static success(msg, data?) {
--- a/packages/libs/lib-server/src/index.ts
+++ b/packages/libs/lib-server/src/index.ts
@@ -1,7 +1,8 @@
 import { SysSettingsEntity } from './system/index.js';
-
+import { AccessEntity } from './user/access/entity/access.js';
 export * from './basic/index.js';
 export * from './system/index.js';
 export * from './user/index.js';
 export { LibServerConfiguration as Configuration } from './configuration.js';
-export const libServerEntities = [SysSettingsEntity];
+export const libServerEntities = [SysSettingsEntity, AccessEntity];
--- a/packages/libs/lib-server/src/system/basic/index.ts
+++ b/packages/libs/lib-server/src/system/basic/index.ts
@@ -1,2 +1,3 @@
 export * from './service/plus-service.js';
 export * from './service/file-service.js';
 export * from './service/encryptor.js';
--- a/packages/ui/certd-server/src/modules/pipeline/service/encrypt-service.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/encrypt-service.ts
@@ -1,25 +1,10 @@
 import { Init, Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
 import crypto from 'crypto';
 import { SysSettingsService } from '@certd/lib-server';
 import { SysPrivateSettings } from '@certd/lib-server';
-/**
+export class Encryptor {
 * 授权
 */
@Provide()
@Scope(ScopeEnum.Singleton)
 export class EncryptService {
  secretKey: Buffer;
-
+  constructor(encryptSecret: string, encoding: BufferEncoding = 'base64') {
-  @Inject()
+    this.secretKey = Buffer.from(encryptSecret, encoding);
  sysSettingService: SysSettingsService;
  @Init()
  async init() {
    const privateInfo: SysPrivateSettings = await this.sysSettingService.getSetting(SysPrivateSettings);
    this.secretKey = Buffer.from(privateInfo.encryptSecret, 'base64');
  }
  // 加密函数
  encrypt(text: string) {
    const iv = crypto.randomBytes(16); // 初始化向量
--- a/packages/libs/lib-server/src/system/basic/service/file-service.ts
+++ b/packages/libs/lib-server/src/system/basic/service/file-service.ts
@@ -14,7 +14,7 @@ export const uploadTmpFileCacheKey = 'tmpfile_key_';
 /**
 */
@Provide()
-@Scope(ScopeEnum.Singleton)
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class FileService {
  async saveFile(userId: number, tmpCacheKey: any, permission: 'public' | 'private') {
    if (tmpCacheKey.startsWith(`/${permission}`)) {
--- a/packages/libs/lib-server/src/system/basic/service/plus-service.ts
+++ b/packages/libs/lib-server/src/system/basic/service/plus-service.ts
@@ -5,7 +5,7 @@ import { SysInstallInfo, SysLicenseInfo, SysSettingsService } from '../../settin
 import { merge } from 'lodash-es';
@Provide()
-@Scope(ScopeEnum.Singleton)
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class PlusService {
  @Inject()
  sysSettingsService: SysSettingsService;
--- a/packages/libs/lib-server/src/system/settings/service/models.ts
+++ b/packages/libs/lib-server/src/system/settings/service/models.ts
@@ -25,6 +25,7 @@ export class SysPublicSettings extends BaseSettings {
  limitUserPipelineCount = 0;
  managerOtherUserPipeline = false;
  icpNo?: string;
  robots?: boolean = true;
 }
 export class SysPrivateSettings extends BaseSettings {
@@ -112,6 +113,17 @@ export class SysSecretBackup extends BaseSettings {
  encryptSecret?: string;
 }
 /**
 * 不要修改
 */
 export class SysSecret extends BaseSettings {
  static __title__ = '密钥信息';
  static __key__ = 'sys.secret';
  static __access__ = 'private';
  siteId?: string;
  encryptSecret?: string;
 }
 export class SysSiteEnv {
  agent?: {
    enabled?: boolean;
@@ -136,3 +148,35 @@ export class SysHeaderMenus extends BaseSettings {
  menus: MenuItem[];
 }
 export type PaymentItem = {
  enabled: boolean;
  accessId?: number;
 };
 export class SysPaymentSetting extends BaseSettings {
  static __title__ = '支付设置';
  static __key__ = 'sys.payment';
  static __access__ = 'private';
  yizhifu?: PaymentItem = { enabled: false };
  alipay?: PaymentItem = { enabled: false };
  wxpay?: PaymentItem = { enabled: false };
 }
 export class SysSuiteSetting extends BaseSettings {
  static __title__ = '套餐设置';
  static __key__ = 'sys.suite';
  static __access__ = 'private';
  enabled = false;
  registerGift?: {
    productId: number;
    duration: number;
  };
  intro?: string;
 }
--- a/packages/libs/lib-server/src/system/settings/service/sys-settings-service.ts
+++ b/packages/libs/lib-server/src/system/settings/service/sys-settings-service.ts
@@ -1,13 +1,13 @@
-import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
+import { Provide, Scope, ScopeEnum } from '@midwayjs/core';
 import { InjectEntityModel } from '@midwayjs/typeorm';
 import { Repository } from 'typeorm';
 import { SysSettingsEntity } from '../entity/sys-settings.js';
-import { CacheManager } from '@midwayjs/cache';
+import { BaseSettings, SysInstallInfo, SysPrivateSettings, SysPublicSettings, SysSecret, SysSecretBackup } from './models.js';
 import { BaseSettings, SysInstallInfo, SysPrivateSettings, SysPublicSettings, SysSecretBackup } from './models.js';
 import * as _ from 'lodash-es';
 import { BaseService } from '../../../basic/index.js';
-import { logger, setGlobalProxy } from '@certd/basic';
+import { cache, logger, setGlobalProxy } from '@certd/basic';
 import * as dns from 'node:dns';
 /**
 * 设置
 */
@@ -17,9 +17,6 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
  @InjectEntityModel(SysSettingsEntity)
  repository: Repository<SysSettingsEntity>;
  @Inject()
  cache: CacheManager; // 依赖注入CacheManager
  getRepository() {
    return this.repository;
  }
@@ -72,7 +69,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
  async getSetting<T>(type: any): Promise<T> {
    const key = type.__key__;
    const cacheKey = type.getCacheKey();
-    const settings: T = await this.cache.get(cacheKey);
+    const settings: T = cache.get(cacheKey);
    if (settings) {
      return settings;
    }
@@ -80,7 +77,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
    const savedSettings = await this.getSettingByKey(key);
    newSetting = _.merge(newSetting, savedSettings);
    await this.saveSetting(newSetting);
-    await this.cache.set(cacheKey, newSetting);
+    cache.set(cacheKey, newSetting);
    return newSetting;
  }
@@ -93,6 +90,12 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
    if (entity) {
      entity.setting = JSON.stringify(bean);
      entity.access = type.__access__;
      if (key === SysSecretBackup.__key__) {
        //备份密钥不允许更新
        return;
      }
      await this.repository.save(entity);
    } else {
      const newEntity = new SysSettingsEntity();
@@ -103,7 +106,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
      await this.repository.save(newEntity);
    }
-    await this.cache.set(cacheKey, bean);
+    cache.set(cacheKey, bean);
  }
  async getPublicSettings(): Promise<SysPublicSettings> {
@@ -146,7 +149,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
    } else {
      throw new Error('该设置不存在');
    }
-    await this.cache.del(`settings.${key}`);
+    cache.delete(`settings.${key}`);
  }
  async backupSecret() {
@@ -173,4 +176,20 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
      }
    }
  }
  async getSecret() {
    const sysSecret = await this.getSetting<SysSecret>(SysSecret);
    if (sysSecret.encryptSecret) {
      return sysSecret;
    }
    //从备份中读取
    const settings = await this.getSettingByKey(SysSecretBackup.__key__);
    if (settings == null || !settings.encryptSecret) {
      throw new Error('密钥备份不存在');
    }
    sysSecret.siteId = settings.siteId;
    sysSecret.encryptSecret = settings.encryptSecret;
    await this.saveSetting(sysSecret);
    logger.info('密钥恢复成功');
    return sysSecret;
  }
 }
--- a/packages/ui/certd-server/src/modules/pipeline/entity/access.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/entity/access.ts
--- a/packages/libs/lib-server/src/user/access/index.ts
+++ b/packages/libs/lib-server/src/user/access/index.ts
@@ -0,0 +1,5 @@
 export * from './entity/access.js';
 export * from './service/access-service.js';
 export * from './service/access-sys-getter.js';
 export * from './service/access-getter.js';
 export * from './service/encrypt-service.js';
--- a/packages/ui/certd-server/src/modules/pipeline/service/access-getter.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/access-getter.ts
--- a/packages/ui/certd-server/src/modules/pipeline/service/access-service.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/access-service.ts
@@ -1,7 +1,7 @@
 import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
 import { InjectEntityModel } from '@midwayjs/typeorm';
 import { Repository } from 'typeorm';
-import { BaseService, PageReq, PermissionException, ValidateException } from '@certd/lib-server';
+import { BaseService, PageReq, PermissionException, ValidateException } from '../../../index.js';
 import { AccessEntity } from '../entity/access.js';
 import { AccessDefine, accessRegistry, newAccess } from '@certd/pipeline';
 import { EncryptService } from './encrypt-service.js';
@@ -10,7 +10,7 @@ import { EncryptService } from './encrypt-service.js';
 * 授权
 */
@Provide()
-@Scope(ScopeEnum.Singleton)
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class AccessService extends BaseService<AccessEntity> {
  @InjectEntityModel(AccessEntity)
  repository: Repository<AccessEntity>;
@@ -18,6 +18,7 @@ export class AccessService extends BaseService<AccessEntity> {
  @Inject()
  encryptService: EncryptService;
  // eslint-disable-next-line @typescript-eslint/ban-ts-comment
  //@ts-ignore
  getRepository() {
    return this.repository;
--- a/packages/ui/certd-server/src/modules/pipeline/service/access-sys-getter.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/access-sys-getter.ts
--- a/packages/libs/lib-server/src/user/access/service/encrypt-service.ts
+++ b/packages/libs/lib-server/src/user/access/service/encrypt-service.ts
@@ -0,0 +1,30 @@
 import { Init, Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
 import { Encryptor, SysSecret, SysSettingsService } from '../../../system/index.js';
 /**
 * 授权
 */
@Provide()
@Scope(ScopeEnum.Singleton)
 export class EncryptService {
  encryptor: Encryptor;
  @Inject()
  sysSettingService: SysSettingsService;
  @Init()
  async init() {
    const secret: SysSecret = await this.sysSettingService.getSecret();
    this.encryptor = new Encryptor(secret.encryptSecret);
  }
  // 加密函数
  encrypt(text: string) {
    return this.encryptor.encrypt(text);
  }
  // 解密函数
  decrypt(encryptedText: string) {
    return this.encryptor.decrypt(encryptedText);
  }
 }
--- a/packages/libs/lib-server/src/user/index.ts
+++ b/packages/libs/lib-server/src/user/index.ts
@@ -0,0 +1 @@
 export * from './access/index.js';
--- a/packages/libs/midway-flyway-js/CHANGELOG.md
+++ b/packages/libs/midway-flyway-js/CHANGELOG.md
@@ -3,6 +3,76 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.31.1](https://github.com/certd/certd/compare/v1.31.0...v1.31.1) (2025-03-11)
 **Note:** Version bump only for package @certd/midway-flyway-js
 # [1.31.0](https://github.com/certd/certd/compare/v1.30.6...v1.31.0) (2025-03-10)
 ### Performance Improvements
 * 升级midwayjs版本 ([057b0b4](https://github.com/certd/certd/commit/057b0b4565e19bb93195633f767b2942e8e40e59))
 ## [1.30.6](https://github.com/certd/certd/compare/v1.30.5...v1.30.6) (2025-02-24)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.30.5](https://github.com/certd/certd/compare/v1.30.4...v1.30.5) (2025-02-14)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.30.4](https://github.com/certd/certd/compare/v1.30.3...v1.30.4) (2025-02-14)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.30.3](https://github.com/certd/certd/compare/v1.30.2...v1.30.3) (2025-02-13)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
 **Note:** Version bump only for package @certd/midway-flyway-js
 # [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
 **Note:** Version bump only for package @certd/midway-flyway-js
 # [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
 **Note:** Version bump only for package @certd/midway-flyway-js
--- a/packages/libs/midway-flyway-js/package.json
+++ b/packages/libs/midway-flyway-js/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/midway-flyway-js",
-  "version": "1.28.2",
+  "version": "1.31.1",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -25,9 +25,9 @@
  ],
  "license": "MIT",
  "dependencies": {
-    "@midwayjs/core": "~3.17.1",
+    "@midwayjs/core": "~3.20.3",
    "@midwayjs/logger": "~3.4.2",
-    "@midwayjs/typeorm": "~3.17.1",
+    "@midwayjs/typeorm": "~3.20.3",
    "better-sqlite3": "^11.1.2"
  },
  "devDependencies": {
@@ -46,5 +46,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a6cd532035f55a7ce122ea1229bb65f9d41e7125"
+  "gitHead": "bddef199ff275c1dc95273cff7d3c2391317d1d8"
 }
--- a/packages/plugins/plugin-cert/CHANGELOG.md
+++ b/packages/plugins/plugin-cert/CHANGELOG.md
@@ -3,6 +3,103 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.31.1](https://github.com/certd/certd/compare/v1.31.0...v1.31.1) (2025-03-11)
 **Note:** Version bump only for package @certd/plugin-cert
 # [1.31.0](https://github.com/certd/certd/compare/v1.30.6...v1.31.0) (2025-03-10)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.30.6](https://github.com/certd/certd/compare/v1.30.5...v1.30.6) (2025-02-24)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.30.5](https://github.com/certd/certd/compare/v1.30.4...v1.30.5) (2025-02-14)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.30.4](https://github.com/certd/certd/compare/v1.30.3...v1.30.4) (2025-02-14)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.30.3](https://github.com/certd/certd/compare/v1.30.2...v1.30.3) (2025-02-13)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
 ### Performance Improvements
 * http方式校验，选择sftp时，支持修改文件访问权限比如777 ([15d6eaf](https://github.com/certd/certd/commit/15d6eaf5532ed25acd4f8d58c429353a2f44206c))
 # [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
 ### Bug Fixes
 * 修复namesilo ttl太短的问题 ([865f26d](https://github.com/certd/certd/commit/865f26d75c0d3dd4dc8b41448f8830068e45957c))
 ### Performance Improvements
 * 证书仓库 ([91e7f45](https://github.com/certd/certd/commit/91e7f45a1c5ea1e0ec0aa3236b80028f03a6d0aa))
 ## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
 ### Bug Fixes
 * 修复复制到本机插件，pfx格式复制时报错的bug ([f57116d](https://github.com/certd/certd/commit/f57116d2bebf33e47ad93e0b39c4efe8e4aea25c))
 ## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
 ### Performance Improvements
 * 优化acme sdk ([54db744](https://github.com/certd/certd/commit/54db74428259de64d12230c2ab7353ae11197bbc))
 * 支持http校验方式申请证书 ([405591c](https://github.com/certd/certd/commit/405591c5d08fa1a3b228ee3980199e7731cfec4a))
 * http校验方式，支持七牛云oss、阿里云oss、腾讯云cos ([3f74d4d](https://github.com/certd/certd/commit/3f74d4d9e5f5d0e629b44cff1895b3f7a8fbcafc))
 ## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
 **Note:** Version bump only for package @certd/plugin-cert
 # [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
 ### Bug Fixes
 * 修复左侧菜单收起时无法展开子菜单的bug ([0056223](https://github.com/certd/certd/commit/005622307e612717a5408aa1484717ef03003a22))
 ### Performance Improvements
 * 调整创建证书表单字段的顺序 ([d393521](https://github.com/certd/certd/commit/d3935219f2aa50d6662c5b5ebf7ee25ad696ab2b))
 * 优化证书申请跳过的状态显示，成功通知现在在跳过时不会发送 ([67d762b](https://github.com/certd/certd/commit/67d762b6a520f1fa24719a124e5ae975a81f5f82))
 * 站点证书监控通知发送，每天定时检查 ([bb4910f](https://github.com/certd/certd/commit/bb4910f4e57234e42b44505f4620ae7af66025c5))
 * 支持一体证书 ([53c38cf](https://github.com/certd/certd/commit/53c38cf714a6f7486abbf1d71c9f48f56a790100))
 ## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
 ### Bug Fixes
 * 修复没有配置eab时，报order无法读取的问题 ([657a2ae](https://github.com/certd/certd/commit/657a2ae032e6f61ac27fbdd26c7bf169c041219e))
 ### Performance Improvements
 * 通知标题优化 ([ff083ce](https://github.com/certd/certd/commit/ff083ce6848a8bee3c8248e4b881086ae1517c28))
 ## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
 **Note:** Version bump only for package @certd/plugin-cert
--- a/packages/plugins/plugin-cert/package.json
+++ b/packages/plugins/plugin-cert/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-cert",
  "private": false,
-  "version": "1.28.2",
+  "version": "1.31.1",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -15,9 +15,10 @@
    "preview": "vite preview"
  },
  "dependencies": {
-    "@certd/acme-client": "^1.28.2",
+    "@certd/acme-client": "^1.31.1",
-    "@certd/basic": "^1.28.2",
+    "@certd/basic": "^1.31.1",
-    "@certd/pipeline": "^1.28.2",
+    "@certd/pipeline": "^1.31.1",
    "@certd/plugin-lib": "^1.31.1",
    "@google-cloud/publicca": "^1.3.0",
    "dayjs": "^1.11.7",
    "jszip": "^3.10.1",
@@ -40,5 +41,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a6cd532035f55a7ce122ea1229bb65f9d41e7125"
+  "gitHead": "bddef199ff275c1dc95273cff7d3c2391317d1d8"
 }
--- a/packages/plugins/plugin-cert/src/dns-provider/base.ts
+++ b/packages/plugins/plugin-cert/src/dns-provider/base.ts
@@ -1,4 +1,5 @@
 import { CreateRecordOptions, DnsProviderContext, DnsProviderDefine, IDnsProvider, RemoveRecordOptions } from "./api.js";
 //@ts-ignore
 import psl from "psl";
 import { dnsProviderRegistry } from "./registry.js";
 import { Decorator } from "@certd/pipeline";
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
@@ -6,31 +6,47 @@ import { Challenge } from "@certd/acme-client/types/rfc8555";
 import { IContext } from "@certd/pipeline";
 import { ILogger, utils } from "@certd/basic";
 import { IDnsProvider, parseDomain } from "../../dns-provider/index.js";
-
+import { HttpChallengeUploader } from "./uploads/api.js";
 export type CnameVerifyPlan = {
  type?: string;
  domain: string;
  fullRecord: string;
  dnsProvider: IDnsProvider;
 };
 export type HttpVerifyPlan = {
  type: string;
  domain: string;
  httpUploader: HttpChallengeUploader;
 };
 export type DomainVerifyPlan = {
  domain: string;
-  type: "cname" | "dns";
+  type: "cname" | "dns" | "http";
  dnsProvider?: IDnsProvider;
  cnameVerifyPlan?: Record<string, CnameVerifyPlan>;
  httpVerifyPlan?: Record<string, HttpVerifyPlan>;
 };
 export type DomainsVerifyPlan = {
  [key: string]: DomainVerifyPlan;
 };
 export type Providers = {
  dnsProvider?: IDnsProvider;
  domainsVerifyPlan?: DomainsVerifyPlan;
  httpUploader?: HttpChallengeUploader;
 };
 export type CertInfo = {
-  crt: string;
+  crt: string; //fullchain证书
-  key: string;
+  key: string; //私钥
-  csr: string;
+  csr: string; //csr
-  ic?: string;
+  oc?: string; //仅证书，非fullchain证书
  ic?: string; //中间证书
  pfx?: string;
  der?: string;
  jks?: string;
  one?: string;
 };
 export type SSLProvider = "letsencrypt" | "google" | "zerossl";
 export type PrivateKeyType = "rsa_1024" | "rsa_2048" | "rsa_3072" | "rsa_4096" | "ec_256" | "ec_384" | "ec_521";
@@ -153,58 +169,37 @@ export class AcmeService {
    return key.toString();
  }
-  async challengeCreateFn(authz: any, challenge: any, keyAuthorization: string, dnsProvider: IDnsProvider, domainsVerifyPlan: DomainsVerifyPlan) {
+  async challengeCreateFn(authz: any, keyAuthorizationGetter: (challenge: Challenge) => Promise<string>, providers: Providers) {
    this.logger.info("Triggered challengeCreateFn()");
    /* http-01 */
    const fullDomain = authz.identifier.value;
-    if (challenge.type === "http-01") {
+    let domain = parseDomain(fullDomain);
-      const filePath = `/var/www/html/.well-known/acme-challenge/${challenge.token}`;
+    this.logger.info("主域名为：" + domain);
    const getChallenge = (type: string) => {
      return authz.challenges.find((c: any) => c.type === type);
    };
    const doHttpVerify = async (challenge: any, httpUploader: HttpChallengeUploader) => {
      const keyAuthorization = await keyAuthorizationGetter(challenge);
      this.logger.info("http校验");
      const filePath = `.well-known/acme-challenge/${challenge.token}`;
      const fileContents = keyAuthorization;
      this.logger.info(`校验 ${fullDomain} ，准备上传文件：${filePath}`);
      await httpUploader.upload(filePath, Buffer.from(fileContents));
      this.logger.info(`上传文件【${filePath}】成功`);
      return {
        challenge,
        keyAuthorization,
        httpUploader,
      };
    };
-      this.logger.info(`Creating challenge response for ${fullDomain} at path: ${filePath}`);
+    const doDnsVerify = async (challenge: any, fullRecord: string, dnsProvider: IDnsProvider) => {
      this.logger.info("dns校验");
      const keyAuthorization = await keyAuthorizationGetter(challenge);
      /* Replace this */
      this.logger.info(`Would write "${fileContents}" to path "${filePath}"`);
      // await fs.writeFileAsync(filePath, fileContents);
    } else if (challenge.type === "dns-01") {
      /* dns-01 */
      let fullRecord = `_acme-challenge.${fullDomain}`;
      const recordValue = keyAuthorization;
      this.logger.info(`Creating TXT record for ${fullDomain}: ${fullRecord}`);
      /* Replace this */
      this.logger.info(`Would create TXT record "${fullRecord}" with value "${recordValue}"`);
      let domain = parseDomain(fullDomain);
      this.logger.info("解析到域名domain=" + domain);
      if (domainsVerifyPlan) {
        //按照计划执行
        const domainVerifyPlan = domainsVerifyPlan[domain];
        if (domainVerifyPlan) {
          if (domainVerifyPlan.type === "dns") {
            dnsProvider = domainVerifyPlan.dnsProvider;
          } else if (domainVerifyPlan.type === "cname") {
            const cnameVerifyPlan = domainVerifyPlan.cnameVerifyPlan;
            if (cnameVerifyPlan) {
              const cname = cnameVerifyPlan[fullDomain];
              if (cname) {
                dnsProvider = cname.dnsProvider;
                domain = parseDomain(cname.domain);
                fullRecord = cname.fullRecord;
              }
            } else {
              this.logger.error("未找到域名Cname校验计划，使用默认的dnsProvider");
            }
          } else {
            this.logger.error("不支持的校验类型", domainVerifyPlan.type);
          }
        } else {
          this.logger.info("未找到域名校验计划，使用默认的dnsProvider");
        }
      }
      let hostRecord = fullRecord.replace(`${domain}`, "");
      if (hostRecord.endsWith(".")) {
        hostRecord = hostRecord.substring(0, hostRecord.length - 1);
@@ -224,8 +219,54 @@ export class AcmeService {
        recordReq,
        recordRes,
        dnsProvider,
        challenge,
        keyAuthorization,
      };
    };
    let dnsProvider = providers.dnsProvider;
    let fullRecord = `_acme-challenge.${fullDomain}`;
    if (providers.domainsVerifyPlan) {
      //按照计划执行
      const domainVerifyPlan = providers.domainsVerifyPlan[domain];
      if (domainVerifyPlan) {
        if (domainVerifyPlan.type === "dns") {
          dnsProvider = domainVerifyPlan.dnsProvider;
        } else if (domainVerifyPlan.type === "cname") {
          const cnameVerifyPlan = domainVerifyPlan.cnameVerifyPlan;
          if (cnameVerifyPlan) {
            const cname = cnameVerifyPlan[fullDomain];
            if (cname) {
              dnsProvider = cname.dnsProvider;
              domain = parseDomain(cname.domain);
              fullRecord = cname.fullRecord;
            }
          } else {
            this.logger.error("未找到域名Cname校验计划，使用默认的dnsProvider");
          }
        } else if (domainVerifyPlan.type === "http") {
          const httpVerifyPlan = domainVerifyPlan.httpVerifyPlan;
          if (httpVerifyPlan) {
            const httpChallenge = getChallenge("http-01");
            if (httpChallenge == null) {
              throw new Error("该域名不支持http-01方式校验");
            }
            const plan = httpVerifyPlan[fullDomain];
            return await doHttpVerify(httpChallenge, plan.httpUploader);
          } else {
            throw new Error("未找到域名【" + fullDomain + "】的http校验配置");
          }
        } else {
          throw new Error("不支持的校验类型", domainVerifyPlan.type);
        }
      } else {
        this.logger.info("未找到域名校验计划，使用默认的dnsProvider");
      }
    }
    const dnsChallenge = getChallenge("dns-01");
    return await doDnsVerify(dnsChallenge, fullRecord, dnsProvider);
  }
  /**
@@ -237,22 +278,28 @@ export class AcmeService {
   * @param recordReq
   * @param recordRes
   * @param dnsProvider dnsProvider
   * @param httpUploader
   * @returns {Promise}
   */
-  async challengeRemoveFn(authz: any, challenge: any, keyAuthorization: string, recordReq: any, recordRes: any, dnsProvider: IDnsProvider) {
+  async challengeRemoveFn(
-    this.logger.info("Triggered challengeRemoveFn()");
+    authz: any,
    challenge: any,
    keyAuthorization: string,
    recordReq: any,
    recordRes: any,
    dnsProvider?: IDnsProvider,
    httpUploader?: HttpChallengeUploader
  ) {
    this.logger.info("执行清理");
    /* http-01 */
    const fullDomain = authz.identifier.value;
    if (challenge.type === "http-01") {
-      const filePath = `/var/www/html/.well-known/acme-challenge/${challenge.token}`;
+      const filePath = `.well-known/acme-challenge/${challenge.token}`;
-
+      this.logger.info(`Removing challenge response for ${fullDomain} at file: ${filePath}`);
-      this.logger.info(`Removing challenge response for ${fullDomain} at path: ${filePath}`);
+      await httpUploader.remove(filePath);
-
+      this.logger.info(`删除文件【${filePath}】成功`);
      /* Replace this */
      this.logger.info(`Would remove file on path "${filePath}"`);
      // await fs.unlinkAsync(filePath);
    } else if (challenge.type === "dns-01") {
      this.logger.info(`删除 TXT 解析记录:${JSON.stringify(recordReq)} ,recordRes = ${JSON.stringify(recordRes)}`);
      try {
@@ -273,11 +320,12 @@ export class AcmeService {
    domains: string | string[];
    dnsProvider?: any;
    domainsVerifyPlan?: DomainsVerifyPlan;
    httpUploader?: any;
    csrInfo: any;
    isTest?: boolean;
    privateKeyType?: string;
  }): Promise<CertInfo> {
-    const { email, isTest, domains, csrInfo, dnsProvider, domainsVerifyPlan } = options;
+    const { email, isTest, domains, csrInfo, dnsProvider, domainsVerifyPlan, httpUploader } = options;
    const client: acme.Client = await this.getAcmeClient(email, isTest);
    /* Create CSR */
@@ -317,22 +365,27 @@ export class AcmeService {
      privateKey
    );
-    if (dnsProvider == null && domainsVerifyPlan == null) {
+    if (dnsProvider == null && domainsVerifyPlan == null && httpUploader == null) {
-      throw new Error("dnsProvider 、 domainsVerifyPlan 不能都为空");
+      throw new Error("dnsProvider 、 domainsVerifyPlan 、 httpUploader不能都为空");
    }
    const providers: Providers = {
      dnsProvider,
      domainsVerifyPlan,
      httpUploader,
    };
    /* 自动申请证书 */
    const crt = await client.auto({
      csr,
      email: email,
      termsOfServiceAgreed: true,
      skipChallengeVerification: this.skipLocalVerify,
-      challengePriority: ["dns-01"],
+      challengePriority: ["dns-01", "http-01"],
      challengeCreateFn: async (
        authz: acme.Authorization,
-        challenge: Challenge,
+        keyAuthorizationGetter: (challenge: Challenge) => Promise<string>
-        keyAuthorization: string
+      ): Promise<{ recordReq?: any; recordRes?: any; dnsProvider?: any; challenge: Challenge; keyAuthorization: string }> => {
-      ): Promise<{ recordReq: any; recordRes: any; dnsProvider: any }> => {
+        return await this.challengeCreateFn(authz, keyAuthorizationGetter, providers);
        return await this.challengeCreateFn(authz, challenge, keyAuthorization, dnsProvider, domainsVerifyPlan);
      },
      challengeRemoveFn: async (
        authz: acme.Authorization,
@@ -342,7 +395,7 @@ export class AcmeService {
        recordRes: any,
        dnsProvider: IDnsProvider
      ): Promise<any> => {
-        return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider);
+        return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider, httpUploader);
      },
      signal: this.options.signal,
    });
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts
@@ -1,4 +1,4 @@
-import { AbstractTaskPlugin, IContext, NotificationBody, sendNotification, Step, TaskInput, TaskOutput } from "@certd/pipeline";
+import { AbstractTaskPlugin, IContext, NotificationBody, Step, TaskEmitter, TaskInput, TaskOutput } from "@certd/pipeline";
 import dayjs from "dayjs";
 import type { CertInfo } from "./acme.js";
 import { CertReader } from "./cert-reader.js";
@@ -6,8 +6,11 @@ import JSZip from "jszip";
 import { CertConverter } from "./convert.js";
 import { pick } from "lodash-es";
-export { CertReader };
+export const EVENT_CERT_APPLY_SUCCESS = "CertApply.success";
-export type { CertInfo };
+
 export async function emitCertApplySuccess(emitter: TaskEmitter, cert: CertReader) {
  await emitter.emit(EVENT_CERT_APPLY_SUCCESS, cert);
 }
 export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
  @TaskInput({
@@ -17,6 +20,7 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
      vModel: "value",
      mode: "tags",
      open: false,
      placeholder: "foo.com / *.foo.com / *.bar.com",
      tokenSeparators: [",", " ", "，", "、", "|"],
    },
    rules: [{ type: "domains" }],
@@ -26,9 +30,9 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
    },
    order: -999,
    helper:
-      "1、支持通配符域名，例如： *.foo.com、foo.com、*.test.handsfree.work\n" +
+      "1、支持多个域名打到一个证书上，例如： foo.com，*.foo.com，*.bar.com\n" +
-      "2、支持多个域名、多个子域名、多个通配符域名打到一个证书上（域名必须是在同一个DNS提供商解析）\n" +
+      "2、子域名被通配符包含的不要填写，例如：www.foo.com已经被*.foo.com包含，不要填写www.foo.com\n" +
-      "3、多级子域名要分成多个域名输入（*.foo.com的证书不能用于xxx.yyy.foo.com、foo.com）\n" +
+      "3、泛域名只能通配*号那一级（*.foo.com的证书不能用于xxx.yyy.foo.com、不能用于foo.com）\n" +
      "4、输入一个，空格之后，再输入下一个",
  })
  domains!: string[];
@@ -54,7 +58,7 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
    },
    required: false,
    order: 100,
-    helper: "PFX、jks格式证书是否加密；jks必须设置密码，不传则默认123456",
+    helper: "PFX、jks格式证书是否加密\njks必须设置密码，不传则默认123456\npfx不传则为空密码",
  })
  pfxPassword!: string;
@@ -62,12 +66,17 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
    title: "PFX证书转换参数",
    value: "-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES",
    component: {
-      name: "a-input",
+      name: "a-auto-complete",
      vModel: "value",
      options: [
        { value: "", label: "兼容 Windows Server 最新" },
        { value: "-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES", label: "兼容 Windows Server 2016" },
        { value: "-nomac -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES", label: "兼容 Windows Server 2008" },
      ],
    },
    required: false,
    order: 100,
-    helper: "兼容Server 2016，如果导入证书失败，请删除此参数",
+    helper: "兼容Windows Server各个版本",
  })
  pfxArgs = "-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES";
@@ -118,16 +127,19 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
  abstract onInit(): Promise<void>;
-  abstract doCertApply(): Promise<any>;
+  abstract doCertApply(): Promise<CertReader>;
-  async execute(): Promise<void> {
+  async execute(): Promise<string | void> {
    const oldCert = await this.condition();
    if (oldCert != null) {
-      return await this.output(oldCert, false);
+      await this.output(oldCert, false);
      return "skip";
    }
    const cert = await this.doCertApply();
    if (cert != null) {
      await this.output(cert, true);
      await emitCertApplySuccess(this.ctx.emitter, cert);
      //清空后续任务的状态，让后续任务能够重新执行
      this.clearLastStatus();
@@ -191,7 +203,8 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
    zip.file("cert.crt", cert.crt);
    zip.file("cert.key", cert.key);
    zip.file("intermediate.crt", cert.ic);
-
+    zip.file("origin.crt", cert.oc);
    zip.file("one.pem", cert.one);
    if (cert.pfx) {
      zip.file("cert.pfx", Buffer.from(cert.pfx, "base64"));
    }
@@ -201,6 +214,21 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
    if (cert.jks) {
      zip.file("cert.jks", Buffer.from(cert.jks, "base64"));
    }
    zip.file(
      "说明.txt",
      `证书文件说明
 cert.crt：证书文件，包含证书链，pem格式
 cert.key：私钥文件，pem格式
 intermediate.crt：中间证书文件，pem格式
 origin.crt：原始证书文件，不含证书链，pem格式
 one.pem： 证书和私钥简单合并成一个文件，pem格式，crt正文+key正文
 cert.pfx：pfx格式证书文件，iis服务器使用
 cert.der：der格式证书文件
 cert.jks：jks格式证书文件，java服务器使用
    `
    );
    const content = await zip.generateAsync({ type: "nodebuffer" });
    this.saveFile(filename, content);
    this.logger.info(`已保存文件:${filename}`);
@@ -216,39 +244,23 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
    //   return null;
    // }
-    let inputChanged = this.ctx.inputChanged;
+    const checkInputChanges = ["domains", "sslProvider", "privateKeyType", "dnsProviderType", "pfxPassword"];
-    if (inputChanged) {
+    const oldInput = JSON.stringify(pick(this.lastStatus?.input, checkInputChanges));
-      this.logger.info("input hash 有变更，检查是否需要重新申请证书");
+    const thisInput = JSON.stringify(pick(this, checkInputChanges));
-      //判断域名有没有变更
+    const inputChanged = oldInput !== thisInput;
      /**
       *                      "renewDays": 35,
       *                     "certApplyPlugin": "CertApply",
       *                     "sslProvider": "letsencrypt",
       *                     "privateKeyType": "rsa_2048_pkcs1",
       *                     "dnsProviderType": "aliyun",
       *                     "domains": [
       *                       "*.handsfree.work"
       *                     ],
       *                     "email": "xiaojunnuo@qq.com",
       *                     "dnsProviderAccess": 3,
       *                     "useProxy": false,
       *                     "skipLocalVerify": false,
       *                     "successNotify": true,
       *                     "pfxPassword": "123456"
       */
      const checkInputChanges = ["domains", "sslProvider", "privateKeyType", "dnsProviderType", "pfxPassword"];
      const oldInput = JSON.stringify(pick(this.lastStatus?.input, checkInputChanges));
      const thisInput = JSON.stringify(pick(this, checkInputChanges));
      inputChanged = oldInput !== thisInput;
-      if (inputChanged) {
+    this.logger.info(`旧参数：${oldInput}`);
-        this.logger.info("输入参数变更，准备申请新证书");
+    this.logger.info(`新参数：${thisInput}`);
-        return null;
+    if (inputChanged) {
-      }
+      this.logger.info("输入参数变更，准备申请新证书");
      return null;
    } else {
      this.logger.info("输入参数未变更，检查证书是否过期");
    }
    let oldCert: CertReader | undefined = undefined;
    try {
      this.logger.info("读取上次证书");
      oldCert = await this.readLastCert();
    } catch (e) {
      this.logger.warn("读取cert失败：", e);
@@ -286,6 +298,7 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
  async readLastCert(): Promise<CertReader | undefined> {
    const cert = this.lastStatus?.status?.output?.cert;
    if (cert == null) {
      this.logger.info("没有找到上次的证书");
      return undefined;
    }
    return new CertReader(cert);
@@ -295,7 +308,6 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
   * 检查是否过期，默认提前35天
   * @param expires
   * @param maxDays
   * @returns {boolean}
   */
  isWillExpire(expires: number, maxDays = 20) {
    if (expires == null) {
@@ -304,7 +316,7 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
    // 检查有效期
    const leftDays = dayjs(expires).diff(dayjs(), "day");
    return {
-      isWillExpire: leftDays < maxDays,
+      isWillExpire: leftDays <= maxDays,
      leftDays,
    };
  }
@@ -312,39 +324,20 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
    this.logger.info("发送证书申请成功通知");
    const url = await this.ctx.urlService.getPipelineDetailUrl(this.pipeline.id, this.ctx.runtime.id);
    const body: NotificationBody = {
-      title: `【Certd】证书申请成功【${this.pipeline.title}】`,
+      title: `证书申请成功【${this.pipeline.title}】`,
      content: `域名：${this.domains.join(",")}`,
      url: url,
    };
    try {
-      const defNotification = await this.ctx.notificationService.getDefault();
+      await this.ctx.notificationService.send({
-      if (defNotification) {
+        useDefault: true,
-        this.logger.info(`通知渠道：${defNotification.name}`);
+        useEmail: true,
-        const notificationCtx = {
+        emailAddress: this.email,
-          http: this.ctx.http,
+        logger: this.logger,
-          logger: this.logger,
+        body,
-          utils: this.ctx.utils,
+      });
          emailService: this.ctx.emailService,
        };
        await sendNotification({
          config: defNotification,
          ctx: notificationCtx,
          body,
        });
        return;
      }
      this.logger.warn("未配置默认通知，将发送邮件通知");
      await this.sendSuccessEmail(body);
    } catch (e) {
      this.logger.error("证书申请成功通知发送失败", e);
    }
  }
  async sendSuccessEmail(body: NotificationBody) {
    this.logger.info("发送邮件通知:" + this.email);
    await this.ctx.emailService.send({
      receivers: [this.email],
      subject: body.title,
      content: body.content,
    });
  }
 }
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts
@@ -2,7 +2,7 @@ import { CertInfo } from "./acme.js";
 import fs from "fs";
 import os from "os";
 import path from "path";
-import { crypto } from "@certd/acme-client";
+import { CertificateInfo, crypto } from "@certd/acme-client";
 import { ILogger } from "@certd/basic";
 import dayjs from "dayjs";
@@ -10,32 +10,33 @@ export type CertReaderHandleContext = {
  reader: CertReader;
  tmpCrtPath: string;
  tmpKeyPath: string;
  tmpOcPath?: string;
  tmpPfxPath?: string;
  tmpDerPath?: string;
  tmpIcPath?: string;
  tmpJksPath?: string;
  tmpOnePath?: string;
 };
 export type CertReaderHandle = (ctx: CertReaderHandleContext) => Promise<void>;
 export type HandleOpts = { logger: ILogger; handle: CertReaderHandle };
 export class CertReader {
  cert: CertInfo;
  crt: string;
  key: string;
  csr: string;
  ic: string; //中间证书
-  detail: any;
+  detail: CertificateInfo;
  expires: number;
  constructor(certInfo: CertInfo) {
    this.cert = certInfo;
    this.crt = certInfo.crt;
    this.key = certInfo.key;
    this.csr = certInfo.csr;
-    this.ic = certInfo.ic;
+    if (!certInfo.ic) {
-    if (!this.ic) {
+      this.cert.ic = this.getIc();
-      this.ic = this.getIc();
+    }
-      this.cert.ic = this.ic;
+
    if (!certInfo.oc) {
      this.cert.oc = this.getOc();
    }
    if (!certInfo.one) {
      this.cert.one = this.cert.crt + "\n" + this.cert.key;
    }
    const { detail, expires } = this.getCrtDetail(this.cert.crt);
@@ -46,14 +47,24 @@ export class CertReader {
  getIc() {
    //中间证书ic， 就是crt的第一个 -----END CERTIFICATE----- 之后的内容
    const endStr = "-----END CERTIFICATE-----";
-    const firstBlockEndIndex = this.crt.indexOf(endStr);
+    const firstBlockEndIndex = this.cert.crt.indexOf(endStr);
    const start = firstBlockEndIndex + endStr.length + 1;
-    if (this.crt.length <= start) {
+    if (this.cert.crt.length <= start) {
      return "";
    }
-    const ic = this.crt.substring(start);
+    const ic = this.cert.crt.substring(start);
-    return ic.trim();
+    if (ic == null) {
      return "";
    }
    return ic?.trim();
  }
  getOc() {
    //原始证书 就是crt的第一个 -----END CERTIFICATE----- 之前的内容
    const endStr = "-----END CERTIFICATE-----";
    const arr = this.cert.crt.split(endStr);
    return arr[0] + endStr;
  }
  toCertInfo(): CertInfo {
@@ -61,6 +72,10 @@ export class CertReader {
  }
  getCrtDetail(crt: string = this.cert.crt) {
    return CertReader.readCertDetail(crt);
  }
  static readCertDetail(crt: string) {
    const detail = crypto.readCertificateInfo(crt.toString());
    const expires = detail.notAfter;
    return { detail, expires };
@@ -73,7 +88,7 @@ export class CertReader {
    return domains;
  }
-  saveToFile(type: "crt" | "key" | "pfx" | "der" | "ic" | "jks", filepath?: string) {
+  saveToFile(type: "crt" | "key" | "pfx" | "der" | "oc" | "one" | "ic" | "jks", filepath?: string) {
    if (!this.cert[type]) {
      return;
    }
@@ -87,7 +102,7 @@ export class CertReader {
    if (!fs.existsSync(dir)) {
      fs.mkdirSync(dir, { recursive: true });
    }
-    if (type === "crt" || type === "key" || type === "ic") {
+    if (type === "crt" || type === "key" || type === "ic" || type === "oc" || type === "one") {
      fs.writeFileSync(filepath, this.cert[type]);
    } else {
      fs.writeFileSync(filepath, Buffer.from(this.cert[type], "base64"));
@@ -102,9 +117,11 @@ export class CertReader {
    const tmpKeyPath = this.saveToFile("key");
    const tmpPfxPath = this.saveToFile("pfx");
    const tmpIcPath = this.saveToFile("ic");
-    logger.info("本地文件写入成功");
+    const tmpOcPath = this.saveToFile("oc");
    const tmpDerPath = this.saveToFile("der");
    const tmpJksPath = this.saveToFile("jks");
    const tmpOnePath = this.saveToFile("one");
    logger.info("本地文件写入成功");
    try {
      return await opts.handle({
        reader: this,
@@ -114,12 +131,15 @@ export class CertReader {
        tmpDerPath: tmpDerPath,
        tmpIcPath: tmpIcPath,
        tmpJksPath: tmpJksPath,
        tmpOcPath: tmpOcPath,
        tmpOnePath,
      });
    } catch (err) {
      logger.error("处理失败", err);
      throw err;
    } finally {
      //删除临时文件
-      logger.info("删除临时文件");
+      logger.info("清理临时文件");
      function removeFile(filepath?: string) {
        if (filepath) {
          fs.unlinkSync(filepath);
@@ -128,13 +148,15 @@ export class CertReader {
      removeFile(tmpCrtPath);
      removeFile(tmpKeyPath);
      removeFile(tmpPfxPath);
      removeFile(tmpOcPath);
      removeFile(tmpDerPath);
      removeFile(tmpIcPath);
      removeFile(tmpJksPath);
      removeFile(tmpOnePath);
    }
  }
-  buildCertFileName(suffix: string, applyTime: number, prefix = "cert") {
+  buildCertFileName(suffix: string, applyTime: any, prefix = "cert") {
    const detail = this.getCrtDetail();
    let domain = detail.detail.domains.commonName;
    domain = domain.replace(".", "_").replace("*", "_");
--- a/Show More
+++ b/Show More
`@@ -5,3 +5,5 @@ export class CancelError extends Error {`
	`}`	`}`
	`}`	`}`
		`@@ -0,0 +1,2 @@`
							`import mitt from 'mitt';`
							`export const mitter = mitt();`