v1.35.2

Closes https://github.com/certd/certd/issues/419

.github/workflows/build-image-for-test.yml

@@ -10,6 +10,7 @@ on:
 #    - cron: '17 19 * * *'
 permissions:
   contents: read
+  packages: write
 
 jobs:
   build-certd-image:
@@ -43,7 +44,7 @@ jobs:
 #          cache: 'npm'
 #        working-directory: ./packages/ui/certd-client
       - run: |
-          npm install -g pnpm@8.15.7
+          npm install -g pnpm
           pnpm install
           npm run build
         working-directory: ./packages/ui/certd-client
@@ -61,19 +62,38 @@ jobs:
           username: ${{ secrets.aliyun_cs_username }}
           password: ${{ secrets.aliyun_cs_password }}
 
+      - name: Login to GitHub Packages
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.dockerhub_username }}
           password: ${{ secrets.dockerhub_password }}
 
-      - name: Build default platforms
+#      - name: Build default platforms
+#        uses: docker/build-push-action@v6
+#        with:
+#          platforms: linux/amd64,linux/arm64
+#          push: true
+#          context: ./packages/ui/
+#          tags: |
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-dev:latest
+#            greper/certd-dev:latest
+#            ghcr.io/${{ github.repository }}:dev-latest
+
+      - name: Build armv7
         uses: docker/build-push-action@v6
         with:
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/arm/v7
           push: true
           context: ./packages/ui/
           tags: |
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-dev:latest
-            greper/certd-dev:latest
-
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
+            greper/certd:armv7
+            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7

.github/workflows/build-image.yml

@@ -10,6 +10,7 @@ on:
 #    - cron: '17 19 * * *'
 permissions:
   contents: read
+  packages: write
 
 jobs:
   build-certd-image:
@@ -43,7 +44,7 @@ jobs:
 #          cache: 'npm'
 #        working-directory: ./packages/ui/certd-client
       - run: |
-          npm install -g pnpm@8.15.7
+          npm install -g pnpm
           pnpm install
           npm run build
         working-directory: ./packages/ui/certd-client
@@ -61,6 +62,13 @@ jobs:
           username: ${{ secrets.aliyun_cs_username }}
           password: ${{ secrets.aliyun_cs_password }}
 
+      - name: Login to GitHub Packages
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+  
       - name: Login to Docker Hub
         uses: docker/login-action@v3
         with:
@@ -78,18 +86,21 @@ jobs:
             registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}
             greper/certd:latest
             greper/certd:${{steps.get_certd_version.outputs.result}}
-
-#      - name: Build armv7
-#        uses: docker/build-push-action@v6
-#        with:
-#          platforms: linux/arm/v7
-#          push: true
-#          context: ./packages/ui/
-#          tags: |
-#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
-#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
-#            greper/certd:armv7
-#            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
+            ghcr.io/${{ github.repository }}:latest
+            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}
+      - name: Build armv7
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/arm/v7
+          push: true
+          context: ./packages/ui/
+          tags: |
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
+            greper/certd:armv7
+            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
+            ghcr.io/${{ github.repository }}:armv7
+            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}-armv7
 
 #      - name: Build agent
 #        uses: docker/build-push-action@v6

.gitignore

@@ -17,6 +17,7 @@ gen
 /test/*.private.*
 
 /*.log
+nohup.out
 
 /packages/ui/*/.idea
 /packages/ui/*/node_modules

CHANGELOG.md

@@ -3,6 +3,396 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+### Bug Fixes
+
+* 修复阿里云新加坡clb无法部署证书的bug ([c1fbc8c](https://github.com/certd/certd/commit/c1fbc8cd68ae020ef342e4e92f4d9b4869ca1ead))
+* 修复阿里云新加坡clb无法部署证书的bug ([3e84e11](https://github.com/certd/certd/commit/3e84e116e863b54c6b4d7db160af372dacc5857f))
+* 修复检查github release 插件无法保存最后版本的bug ([a92107c](https://github.com/certd/certd/commit/a92107cc47133883b099d5228b06373e84c8bb50))
+* 修复站点监控定时器多次添加的bug ([9361679](https://github.com/certd/certd/commit/936167972fe83e519bc01a0dd961d9c0635d24ab))
+
+### Performance Improvements
+
+* 阿里云dns操作增加重试机制 ([424fd96](https://github.com/certd/certd/commit/424fd96615c05e949af8c837c261c1400bdffba2))
+* 优化阿里云nlb支持部署扩展证书 ([9cbdfda](https://github.com/certd/certd/commit/9cbdfda829b231733d54c66c5024d46e6fc11af3))
+* 子域名托管帮助链接优化为打开新窗口 ([7c0cdd1](https://github.com/certd/certd/commit/7c0cdd169e2f943e703e433677f2f437d4aa02ee))
+* history增加触发类型显示 ([7f6070c](https://github.com/certd/certd/commit/7f6070c960ed7bf02add5ab36436de6573f2f1fa))
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Bug Fixes
+
+* 某些证书提供商的证书确实commonName导致无法转换证书的问题 ([ac87bc5](https://github.com/certd/certd/commit/ac87bc57e957ea4679707bfd38d6840e26319bed))
+* 修复站点监控通知渠道设置无效的bug ([a00453c](https://github.com/certd/certd/commit/a00453c83a58114ce2873dd6e6aaf313f1ce0f87))
+
+### Performance Improvements
+
+* 修改 HTTPS 服务器监听地址 ([e1cf64a](https://github.com/certd/certd/commit/e1cf64ae16d4abfe4299ff16d5088c30cf3c6365))
+* 优化流水线页面，增加下次执行时间、查看证书显示 ([c820315](https://github.com/certd/certd/commit/c8203154094fae3d17198747f49f5f41ddf29a4e))
+* 站点证书监控支持定时设置，重试次数设置 ([d3c2f8e](https://github.com/certd/certd/commit/d3c2f8eb436e670772d14a54acd6b541c5aa3978))
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/certd/certd/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+* aliyun alb支持部署扩展证书 ([2a19b61](https://github.com/certd/certd/commit/2a19b61b7a78620c06396c2cc37cc77d738b6d12))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复用户最大流水线数量校验的问题 ([919f70a](https://github.com/certd/certd/commit/919f70a5fd2842ca69f96f1659bb5a7ba3f73776))
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+* 修复cv4pve sdk (proxmox插件连接失败时无法正常结束任务的bug) ([49f26b4](https://github.com/certd/certd/commit/49f26b4049a0549b0270395157e96e8f04a68bc4))
+* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
+* 修复flexcdn证书commonNames错误的问题 ([ace363f](https://github.com/certd/certd/commit/ace363fa355436e769b27f71cc487d30d6441780))
+
+### Performance Improvements
+
+* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+* 增加下载日志按钮 ([6ff509d](https://github.com/certd/certd/commit/6ff509d263c0182645b4692c10b5fedb192db964))
+* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Bug Fixes
+
+* **flexcdn:** fix cert upload and skipSslVerify required ([c48da5d](https://github.com/certd/certd/commit/c48da5dea7f0f0cdeae643b106b4a678acc3b14b))
+
+### Performance Improvements
+
+* 阿里云CLB支持部署到扩展域名 ([0e8339c](https://github.com/certd/certd/commit/0e8339c70190890d449099e1d26e5ed06ff135fb))
+* 优化流水线名称过长时的显示 ([6a0cc1b](https://github.com/certd/certd/commit/6a0cc1b1f3ad508f9e4093b3b682b163f12389eb))
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+### Bug Fixes
+
+* 修复Farcdn证书有效期错误的问题 ([1fe4c36](https://github.com/certd/certd/commit/1fe4c367f7128de9ba5e3395ae06bc81e63a7d5a))
+
+### Performance Improvements
+
+* 不止证书自动化，插件解锁无限可能 ([a9b302e](https://github.com/certd/certd/commit/a9b302e38d3328d75df8b2da3d8b914851e55e9c))
+* 邮箱支持保存和选择 ([f7b0b44](https://github.com/certd/certd/commit/f7b0b44ef6044bec36510a6f0b06d8dca5bfce49))
+* 支持github 新版本检查并发布通知 ([356703c](https://github.com/certd/certd/commit/356703c83ea18c6efb8931402e181280d7b7e696))
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Bug Fixes
+
+* 更新 1panel API 版本支持v1/v2设置 ([e6195ad](https://github.com/certd/certd/commit/e6195ade3ec54b138825b8d6738f86eb8afdd720))
+* 同步更新namesilo接口，修复无法创建和删除dns记录的问题 ([36b02c2](https://github.com/certd/certd/commit/36b02c2cec145c13d4ef29d49aba5b6b4f697df2))
+* 修复阿里云 esa 证书获取站点列表错误的问题 ([0c2ea5d](https://github.com/certd/certd/commit/0c2ea5da4c836f8a0df132a3f22d399bd9ee1de9))
+* 修复部署到华为cdn，子账号ak查询不到域名的bug ([ebb292a](https://github.com/certd/certd/commit/ebb292a2f7a425c1bc810f59468beb3f1d5bc3f0))
+* 修复证书申请任务无法修改dns提供商类型的bug ([8802274](https://github.com/certd/certd/commit/88022747bebe2054223e0241d68d410771405e68))
+
+### Performance Improvements
+
+* 关闭腾讯云证书通知提醒 ([231a875](https://github.com/certd/certd/commit/231a875bb481420c39bf76ec9ff4e50954ab9fe4))
+* 优化站点选择组件，切换选择时不刷新列表 ([3a14714](https://github.com/certd/certd/commit/3a147141b1a5d67c92a5ce88a5313eaa62859e03))
+* 优化站点ip检查 ([a463711](https://github.com/certd/certd/commit/a463711b03a20120f2a298be15d71ca152d27f21))
+* 站点监控支持监控IP ([9cc4c01](https://github.com/certd/certd/commit/9cc4c017ae646a18284e732769b82636feda01d3))
+* 支持批量重新运行 ([8189982](https://github.com/certd/certd/commit/818998259ddc75e722196ac5c365038818539b9b))
+* farcdn优化 ([a06ef07](https://github.com/certd/certd/commit/a06ef07178ed73c537e21c7d57e5e5144d2c056d))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+### Performance Improvements
+
+* 优化阿里云DCDN插件，支持多选 ([b091657](https://github.com/certd/certd/commit/b091657b5c537acf2442a2bfc345d0a77f5e2c50))
+* 支持部署到farcdn ([e08cf57](https://github.com/certd/certd/commit/e08cf57b72128998f487ab6469868052fbce0dba))
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 修复又拍云 CDN 设置证书参数和强制 HTTPS 配置报错的bug ([7984b62](https://github.com/certd/certd/commit/7984b625ba6727132f205db8e25f790bce27b2f7))
+* 修复lego模式下每次都重新申请证书的bug ([f807b8c](https://github.com/certd/certd/commit/f807b8cb465cc329fa034ecbef94e18ef394f870))
+* 优化 RunnableError错误信息展示 ([36bc3ff](https://github.com/certd/certd/commit/36bc3ff22da93ba342c3c1103d7ee2bbcecf44f2))
+* **cert:** 修正证书过期时间计算逻辑 ([a3086e6](https://github.com/certd/certd/commit/a3086e6a5bec8b07f5e1d21a2ca8bd969c75bd5c))
+
+### Performance Improvements
+
+* 二次认证页面中，添加动态验证码输入框的焦点控制，提升用户体验 ([bb22f06](https://github.com/certd/certd/commit/bb22f062ed4ab4b5b71938270fe4cc666af6b8e7))
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+* 站点证书监控增加通知设置 ([3422a1a](https://github.com/certd/certd/commit/3422a1a59fd0d2c0f17fa9c7e8988ac527ecfdd9))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 1panel增加授权测试按钮 ([566b12f](https://github.com/certd/certd/commit/566b12f5d14ce10e8f5cf1807c58f7bf27f0d199))
+* 优化钉钉通知标题颜色 ([a560999](https://github.com/certd/certd/commit/a560999d13eed18d08dd32ee530166569e3f8746))
+* 优化飞书通知为卡片模式 ([a818a3d](https://github.com/certd/certd/commit/a818a3d293e22fb46979bc77055c05621a6fed81))
+* 支持部署到宝塔aaWAF ([094565c](https://github.com/certd/certd/commit/094565ccd619ef671c6c11ce5fb7fd54a7a21d1c))
+* aaWaf、cdnfly站点选择支持查询 ([8af3463](https://github.com/certd/certd/commit/8af3463668a40b9b99febb02e3b4e0d9d8d719b4))
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+### Bug Fixes
+
+* 修复部署flexcdn问题 ([76b19a4](https://github.com/certd/certd/commit/76b19a4980f8edba5238543b82a7811e1003746c))
+* 修复插件导入的bug ([677fec0](https://github.com/certd/certd/commit/677fec0a0b6fceb4966705e471bbfeeda91610c7))
+* 修复导入在线插件不生效的bug ([fcf8309](https://github.com/certd/certd/commit/fcf8309c238208281ecb4575b2c3cfe50c11d783))
+* 修复自建插件保存丢失部署策略的bug ([863e74d](https://github.com/certd/certd/commit/863e74dd2e3912f950ff5025b5ed0070aeb37035))
+
+### Performance Improvements
+
+* 调整小助手，仅在登录之后显示 ([aebb07c](https://github.com/certd/certd/commit/aebb07c5cc8b1f233b9d203ff017ac60e6971a85))
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+### Performance Improvements
+
+* 宝塔插件、1panel 改成完全免费版 ([a53b6cd](https://github.com/certd/certd/commit/a53b6cd28ff2ce5662ada82379ea44a06b179b81))
+* 添加 FlexCDN 更新证书插件 ([bf040d4](https://github.com/certd/certd/commit/bf040d4c428d29c06fbaca5e29100e0c583b2b0b))
+* 小助手可以关闭 ([3e2101a](https://github.com/certd/certd/commit/3e2101aa5b56548614102e900d59819ce8c7e97c))
+* 支持部署到maoyun cdn ([68f333f](https://github.com/certd/certd/commit/68f333fb87ce85eed27436ecb0f76351c0ccb0d1))
+* 支持AI分析报错 ([aa96859](https://github.com/certd/certd/commit/aa96859798166426e485947a6590464de189de05))
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+### Bug Fixes
+
+* 修复部署到又拍云强制https无效的bug ([2397097](https://github.com/certd/certd/commit/2397097e4ddcb6f593210598e8779ffd44ac3f8f))
+* 修复刷新流水线页面后，日志不自动更新的bug ([0b2e28b](https://github.com/certd/certd/commit/0b2e28b62dd5eb6804c602083e65c87a9d1d72d2))
+
+### Performance Improvements
+
+* 集成智能问答机器人 ([9dd4905](https://github.com/certd/certd/commit/9dd49054d18ec436a5029444ca55a38adc682933))
+* 支持设置网安备案号 ([d18e431](https://github.com/certd/certd/commit/d18e431e2f08e6b37704032c4ea6fbdd8e971442))
+* http方式支持校验443端口 ([d75fcb7](https://github.com/certd/certd/commit/d75fcb7fec421a9a638eaa27fe9378c84b5e0f19))
+
+## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
+
+### Bug Fixes
+
+* 根据SOA记录判断子域名托管有缺陷，改回手动配置子域名托管记录的方式 ([1b280a2](https://github.com/certd/certd/commit/1b280a2940f9e2d919b0bf23b89cc185be1fa498))
+* 修复宝塔授权测试按钮显示错误的bug ([048696e](https://github.com/certd/certd/commit/048696ee9386491bb68592fb3a47d1c900bb68bf))
+
+### Performance Improvements
+
+* 支持部署证书到火山dcdn ([5f85219](https://github.com/certd/certd/commit/5f852194953dc1b4e6336770f417507b8f5a33ad))
+* 支持部署证书到unicloud ([a63d687](https://github.com/certd/certd/commit/a63d687f1c573159f0857693f37602b0e1e44072))
+
+# [1.34.0](https://github.com/certd/certd/compare/v1.33.8...v1.34.0) (2025-04-28)
+
+### Bug Fixes
+
+* 修复二次认证登录进入错误账号的bug ([e3930e0](https://github.com/certd/certd/commit/e3930e07172dd7903cb0f6ff26e0e3e828ba3e77))
+
+### Features
+
+* 从yaml文件注册插件 ([deb3893](https://github.com/certd/certd/commit/deb38938204b29543f36d3266249958faaaa6b66))
+
+### Performance Improvements
+
+* 优化cdnfly插件，支持自动匹配域名部署 ([afd59e9](https://github.com/certd/certd/commit/afd59e9933b2650f41c5d47684c171b93b962065))
+
+## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
+
+### Bug Fixes
+
+* 服务器时间获取不准确的bug ([5d10cbf](https://github.com/certd/certd/commit/5d10cbf18daf94a90a7551641a3b13e3c5fec611))
+* 修复复制流水线无效的bug ([3df20a9](https://github.com/certd/certd/commit/3df20a924f32970b052e2588ea20de095f0ea693))
+* 修复http上传方式无法清除记录文件的bug ([72a7b51](https://github.com/certd/certd/commit/72a7b51d479602b2c54c6c3ac8d8a0dcb9664e73))
+* 修复token过期后，疯狂打印token过期信息的bug ([50a5fa1](https://github.com/certd/certd/commit/50a5fa15bb240a125bbc91d2ce1ff3c835888a77))
+
+### Performance Improvements
+
+* 从域名的soa获取主域名，子域名托管无需额外配置 ([a586a92](https://github.com/certd/certd/commit/a586a92d5e32ea846ac37be52a7ad8c328d89966))
+* 七牛oss支持删除过期备份 ([b7113bd](https://github.com/certd/certd/commit/b7113bda2378116d6c116dc583f563cce7cf9f00))
+* 数据库备份支持oss ([308d460](https://github.com/certd/certd/commit/308d4600efe2002f199c33b4594d3071784e58ea))
+* 支持阿里云中文域名申请 ([b3468cf](https://github.com/certd/certd/commit/b3468cf7f28228d7c9cf68de6b5a9bbeb67f2c6d))
+* 支持反向代理增加contextPath路径 ([0088929](https://github.com/certd/certd/commit/0088929622160cc922995de9a563e8061686ff34))
+* 支持中文域名 ([162ebfd](https://github.com/certd/certd/commit/162ebfd4e0c25727efb33952d3bbf7420a02e2c3))
+
+## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
+
+### Performance Improvements
+
+* 添加部署证书至火山 Live ([abea80e](https://github.com/certd/certd/commit/abea80e3ab9b1672aebe1c5d5e856693b29931a8))
+* 优化首页插件列表展示 ([9b8f60b](https://github.com/certd/certd/commit/9b8f60b64b5f9a3db7dfa9b3dcbd9201984358d0))
+* 证书申请支持51dns ([8638fc9](https://github.com/certd/certd/commit/8638fc91ff34fccaf12ff9874fd3fa9d2a8c18b7))
+* 支持51dns ([96a0900](https://github.com/certd/certd/commit/96a0900edc95dcfd9acccf9d13592f12f5a09b3d))
+* ssh PTY模式登录设置 ([8385bcc](https://github.com/certd/certd/commit/8385bcc2d7f2411a07748bb5c53f9eaf4d38d7cc))
+* ssh伪终端模式优化，windows下不开启 ([42dfe93](https://github.com/certd/certd/commit/42dfe936b773b7bdd82ca3378363252ffffd7b71))
+
+## [1.33.6](https://github.com/certd/certd/compare/v1.33.5...v1.33.6) (2025-04-20)
+
+### Bug Fixes
+
+* 上传商用证书，直接粘贴文本报错的问题；修复无法上传ec加密证书的bug ([5750bb7](https://github.com/certd/certd/commit/5750bb706779da274d8e7a87e71416cb64d2df79))
+* 修复下载证书时提示token已过期的问题 ([0e07ae6](https://github.com/certd/certd/commit/0e07ae6ce84dcb9279d3c44060d621566afa593c))
+
+### Performance Improvements
+
+* 更新license时同时绑定url ([78367af](https://github.com/certd/certd/commit/78367af8307f801e778c76d49f0918c21ffe032f))
+* 切换到不同的分组后再打开创建对话框，会自动选择分组 ([893dcd4](https://github.com/certd/certd/commit/893dcd4f2487891199ed3e5a3d47a79a75efc942))
+* 新增部署到火山引擎ALB/CLB、上传到证书中心 ([c9a3e3d](https://github.com/certd/certd/commit/c9a3e3d9d26f964c7af7b56667936f1414fbf42a))
+* 优化/api缓存为0 ([dc05cd4](https://github.com/certd/certd/commit/dc05cd481f186b13375192be965000e6b4b429a5))
+* 优化华为cdn插件引用ccm证书 ([b565b4b](https://github.com/certd/certd/commit/b565b4b3b919b71b98ea2517670bc1ef00e00dc9))
+* 优化证书流水线创建，支持选择分组 ([d613aa8](https://github.com/certd/certd/commit/d613aa8f3e85d8dc475ef1b62d49394ce7fd7d24))
+
+## [1.33.5](https://github.com/certd/certd/compare/v1.33.4...v1.33.5) (2025-04-17)
+
+### Performance Improvements
+
+* 登录支持双重认证 ([48aef25](https://github.com/certd/certd/commit/48aef25b3f6499d674ca4e4ef16f4c62399fb735))
+* 多重认证登录 ([0f82cf4](https://github.com/certd/certd/commit/0f82cf409bc60706ab07e4ca4f272b9a1ca7eecb))
+* 优化部署到华为云CDN，支持先上传到ccm，再使用证书id部署，修复offline状态下导致部署报错的bug ([79df39a](https://github.com/certd/certd/commit/79df39acabab10ae7e1864dadcdc186bb007a3c5))
+
+## [1.33.4](https://github.com/certd/certd/compare/v1.33.3...v1.33.4) (2025-04-15)
+
+### Bug Fixes
+
+* 补充类型断言 ([2143dff](https://github.com/certd/certd/commit/2143dff2ae96e6a78bef9f0498e36f8cd9e6941f))
+* 修复腾讯云部署到任意资源插件，无法使用之前已上传的腾讯云证书问题 ([32c714d](https://github.com/certd/certd/commit/32c714d1b6e68c71a74a7452115040c87ac4bfdc))
+
+### Performance Improvements
+
+* 插件支持导入导出 ([cf8abb4](https://github.com/certd/certd/commit/cf8abb45282070c8ba91469f93fd379fabf1f74a))
+* 支持上传证书到华为云CCM ([cfd3b66](https://github.com/certd/certd/commit/cfd3b66be9ebf53a26693057e70ed60c3f116be9))
+
+## [1.33.3](https://github.com/certd/certd/compare/v1.33.2...v1.33.3) (2025-04-14)
+
+### Bug Fixes
+
+* 修复登录错误次数过多阻止再次登录逻辑 ([bf4d191](https://github.com/certd/certd/commit/bf4d191c8bd2f9209eb6768f662b9c77de99e998))
+
+## [1.33.2](https://github.com/certd/certd/compare/v1.33.1...v1.33.2) (2025-04-12)
+
+### Bug Fixes
+
+* 修复某些情况下无法输出日志的bug ([70101bf](https://github.com/certd/certd/commit/70101bfa7ade65678d9202c804bbae2cb808b594))
+
+### Performance Improvements
+
+* 修复内置插件分页查询逻辑 ([a2710dd](https://github.com/certd/certd/commit/a2710ddc2525e4e637fd157f0180e6d3b801c8be))
+
+## [1.33.1](https://github.com/certd/certd/compare/v1.33.0...v1.33.1) (2025-04-12)
+
+### Bug Fixes
+
+* 修复阿里云cdn证书部署失败问题，增加certname参数传入 ([965dc2c](https://github.com/certd/certd/commit/965dc2cb476f690af716f291c6b20ba98be0c8f0))
+* 修复ssh插件报length空指针的bug ([9c4cbe1](https://github.com/certd/certd/commit/9c4cbe17a22b548611cf1fbefecc83a421788e42))
+
+### Performance Improvements
+
+* 镜像支持armv7 ([f78cbed](https://github.com/certd/certd/commit/f78cbed4d817859721fdafe7d348864848d0dfbf))
+
+# [1.33.0](https://github.com/certd/certd/compare/v1.32.0...v1.33.0) (2025-04-11)
+
+### Bug Fixes
+
+* 升级mysql驱动，支持mysql8最新版本的认证 ([2f5ed3a](https://github.com/certd/certd/commit/2f5ed3aead97641f2c80d692a50226839016df0b))
+* 修复eab授权，没有email绑定的bug ([2f1683b](https://github.com/certd/certd/commit/2f1683b26acebbfb7d6e2d751435be04a4e7cab4))
+
+### Features
+
+* 支持在线自定义插件，无需源码开发 ([d0d9d68](https://github.com/certd/certd/commit/d0d9d68fe6740f6ff49fe40b7c9917c5a2e4b442))
+* **lego:** support set key type ([f3bf4fa](https://github.com/certd/certd/commit/f3bf4faee0be5bdbfdbcf70a502849ed4c8ed4c4))
+* release image to ghcr ([9b536af](https://github.com/certd/certd/commit/9b536af9e656dc89e2a87078c129cad6f591e467))
+
+### Performance Improvements
+
+* 修复tab页缓存问题 ([64e5449](https://github.com/certd/certd/commit/64e5449ab3c6b219b0e89eddad14bfb6b71a0650))
+* 隐藏运行策略选项 ([2951df0](https://github.com/certd/certd/commit/2951df0cd94c23e2efee84ff1b843055aac56cae))
+* 增加手动上传证书功能说明 ([5d083a1](https://github.com/certd/certd/commit/5d083a153637caddbc6f44e915d9fb2d1ae87b33))
+
+# [1.32.0](https://github.com/certd/certd/compare/v1.31.11...v1.32.0) (2025-04-04)
+
+### Bug Fixes
+
+* 创建cname记录移除域名两端的空格 ([903a413](https://github.com/certd/certd/commit/903a4131ab5f42c8286cd2150ed1032d486fda2f))
+* 修复从本地dns获取记录报错的bug ([c39b1bf](https://github.com/certd/certd/commit/c39b1bf823ddc6216bed2049e4c87e6107def08a))
+
+### Features
+
+* 优化证书申请速度，修复某些情况下letsencrypt 校验失败的问题 ([857589b](https://github.com/certd/certd/commit/857589b365c6f709e0ae67914d2f50ce182e6dd6))
+
+### Performance Improvements
+
+* 优化华为dns解析记录创建和删除问题 ([0948c5b](https://github.com/certd/certd/commit/0948c5bc691d2ee6eb47c72a85da1b7453361878))
+* 又拍云支持云存储 ([9339b78](https://github.com/certd/certd/commit/9339b78f801d193472c0af25749e8e7a27ffb7af))
+* 又拍云支持云存储 ([8449f85](https://github.com/certd/certd/commit/8449f8580da90c1f6b5d02d07c3236ebaf6cf161))
+
+## [1.31.11](https://github.com/certd/certd/compare/v1.31.10...v1.31.11) (2025-04-02)
+
+### Bug Fixes
+
+* 修复ssh支持键盘事件登录 ([8145808](https://github.com/certd/certd/commit/8145808c4370364377b4ffe3ae88ff465b49f20b))
+
+### Performance Improvements
+
+* 支持部署到京东云cdn ([6f17c70](https://github.com/certd/certd/commit/6f17c700b84965baa01b40fe2abaa0a91bcbaffd))
+* 支持京东云dns申请证书 ([04d79f9](https://github.com/certd/certd/commit/04d79f9117670be504960b018fd49ae3bf7c1c11))
+
+## [1.31.10](https://github.com/certd/certd/compare/v1.31.9...v1.31.10) (2025-03-29)
+
+### Performance Improvements
+
+*  tab增加图标显示 ([a03ae5a](https://github.com/certd/certd/commit/a03ae5a216a1df2c1d3da12ae18dcd0f089a92d3))
+* 升级lego版本到4.22.2 ([4e15556](https://github.com/certd/certd/commit/4e15556e5e8100719497edb1729570d5a29668e1))
+* 优化华为dns接口报错信息输出 ([bf30b7a](https://github.com/certd/certd/commit/bf30b7afaef623dd8126570344f1fcc2c06f1215))
+
+## [1.31.9](https://github.com/certd/certd/compare/v1.31.8...v1.31.9) (2025-03-28)
+
+### Bug Fixes
+
+* 修复华为云dns接口请求出错的bug ([caa15b4](https://github.com/certd/certd/commit/caa15b47355363cbb8847f415ff12363cd53eeda))
+* 修复某些情况下站点证书监控报undefined.includes的错误 ([0b6618f](https://github.com/certd/certd/commit/0b6618ff709322a0eeba78953c8c6e9d073d083a))
+* 修复网站证书监控https port设置无效的bug ([cc8da0c](https://github.com/certd/certd/commit/cc8da0cf130f0c469371b59ac5bd04567f4a4414))
+
+### Performance Improvements
+
+* 站点监控保存时异步检查 ([993bc74](https://github.com/certd/certd/commit/993bc7432fce2d954e9897ed85b54f22150bfc7e))
+* dns支持火山引擎 ([99ff879](https://github.com/certd/certd/commit/99ff879d93658c29ea493a4bde7e9e3f85996d64))
+
+## [1.31.8](https://github.com/certd/certd/compare/v1.31.7...v1.31.8) (2025-03-26)
+
+### Bug Fixes
+
+* 修复编辑通知勾选默认，导致出现多个默认通知的bug ([6cd7bdd](https://github.com/certd/certd/commit/6cd7bddc37da8b0d7b9860fd9a26ddfe84c869a7))
+* 修复网站监控无法设置端口的bug ([27a8a57](https://github.com/certd/certd/commit/27a8a57cf52b4bf83d628aa3049be1efaa74f29c))
+* 修复lego模式无法创建流水线的bug ([687bb8a](https://github.com/certd/certd/commit/687bb8a2376d0de7b72739a174e4a9560581f866))
+
+### Performance Improvements
+
+* 优化通知格式 ([c3c5006](https://github.com/certd/certd/commit/c3c5006daa39c20624cb58864f2b92b230a38a7a))
+* 优化scp上传 ([e51123a](https://github.com/certd/certd/commit/e51123a95131cc76d655937488caf08956a67020))
+* 优化txt本地校验效率 ([fd507f2](https://github.com/certd/certd/commit/fd507f269253607e68c5c099c99e0de11636f229))
+* 支持又拍云cdn ([fd0536b](https://github.com/certd/certd/commit/fd0536bd4b41f15b6b5d42e0b447f0dcbf73b8a8))
+* 支持又拍云cdn ([57389a7](https://github.com/certd/certd/commit/57389a79a1a61c45d081712562f8b33c9633158e))
+
+## [1.31.7](https://github.com/certd/certd/compare/v1.31.6...v1.31.7) (2025-03-24)
+
+### Performance Improvements
+
+* 增加服务器时间警告 ([d66ade4](https://github.com/certd/certd/commit/d66ade4e4783850b6c7625c6f164a5a0fc0aa509))
+* 支持部署到lucky ([e18e399](https://github.com/certd/certd/commit/e18e399ce6529e8c7e36b56c5f674cfdbbd3d3d1))
+
+## [1.31.6](https://github.com/certd/certd/compare/v1.31.5...v1.31.6) (2025-03-24)
+
+### Bug Fixes
+
+* 修复dns.la无法申请证书的bug ([90b045a](https://github.com/certd/certd/commit/90b045af6d1a4f46986e4b118885c1f050df067c))
+
+### Performance Improvements
+
+* 上传到主机支持scp方式 ([05b6159](https://github.com/certd/certd/commit/05b6159802b9e85b6a410361b60b5c28875b48e7))
+* 优化图标 ([c56f48c](https://github.com/certd/certd/commit/c56f48c1e3c54c4e203fafb380d9091d75681b7e))
+
 ## [1.31.5](https://github.com/certd/certd/compare/v1.31.4...v1.31.5) (2025-03-22)
 
 ### Bug Fixes

README.md

@@ -5,24 +5,34 @@ Certd 是一个免费全自动申请和自动部署更新SSL证书的管理系
 
 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具
 
+> 关于证书续期：
+>* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
+>* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
+>* 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
+
+
+> 流水线数量现已调整为无限制，欢迎大家使用
+
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
 
-* 全自动申请证书（支持所有注册商注册的域名）
-* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等，目前已支持60+部署插件）
-* 支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式
+* 全自动申请证书（支持所有注册商注册的域名，支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式）
+* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等70+部署插件）
 * 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
-* 邮件通知、webhook通知
-* 私有化部署，数据保存本地，授权信息加密存储，镜像由Github Actions构建，过程公开透明
-* 支持SQLite，PostgreSQL、MySQL数据库
+* 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
+* 私有化部署，数据保存本地，安装升级非常简单快捷
+* 镜像由Github Actions构建，过程公开透明
+* 授权加密，站点隐藏，2FA，密码防爆破等多重安全保障
+* 支持SQLite，PostgreSQL、MySQL多种数据库
+* 开放接口支持
+* 站点证书监控
+* 多用户管理
+
+
+  ![](./docs/images/intro/intro.svg)
+
 
->
-> 流水线数量现已调整为无限制，欢迎大家使用
->
 
-> 关于证书续期：
- >* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
- >* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
 
  
 ## 二、在线体验
@@ -62,7 +72,7 @@ https://certd.handfree.work/
 -------> [点我查看详细使用步骤演示](./step.md)   <--------      
 ↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑     
 
-更多教程请访问文档网站 [certd.docmirror.cn](https://certd.docmirror.cn/)
+更多教程请访问官方文档 [certd.docmirror.cn](https://certd.docmirror.cn/guide/)
 
 
 
@@ -72,10 +82,10 @@ https://certd.handfree.work/
 
 您可以根据实际情况从如下方式中选择一种方式进行私有化部署：
 
-1. [宝塔面板方式部署](https://certd.docmirror.cn/guide/install/docker/)
-2. [1Panel面板方式部署](https://certd.docmirror.cn/guide/install/1panel/)
-3. [Docker方式部署](https://certd.docmirror.cn/guide/install/docker/)
-4. [源码方式部署](https://certd.docmirror.cn/guide/install/source/)
+1. [宝塔面板方式部署 推荐](https://certd.docmirror.cn/guide/install/docker/)
+2. [1Panel面板方式部署 推荐](https://certd.docmirror.cn/guide/install/1panel/)
+3. [Docker方式部署 推荐](https://certd.docmirror.cn/guide/install/docker/)
+4. [源码方式部署 不建议](https://certd.docmirror.cn/guide/install/source/)
 
 #### Docker镜像说明：
 * 国内镜像地址:
@@ -85,93 +95,35 @@ https://certd.handfree.work/
   * `https://hub.docker.com/r/greper/certd`
   * `greper/certd:latest`
   * `greper/certd:armv7`、`greper/certd:[version]-armv7`
+* GitHub Packages地址:
+  * `ghcr.io/certd/certd:latest`
+  * `ghcr.io/certd/certd:armv7`、`ghcr.io/certd/certd:[version]-armv7`
 
 * 镜像构建通过`Actions`自动执行，过程公开透明，请放心使用
   * [点我查看镜像构建日志](https://github.com/certd/certd/actions/workflows/build-image.yml) 
 
 ![](./docs/images/action/action-build.jpg)
 
-
-## 五、 升级
-
-### docker-compose方式部署
-#### 1. 如果使用固定版本号
-1. 修改`docker-compose.yaml`中的镜像版本号
-2. 运行`docker compose up -d` 即可
-
-#### 2. 如果需要使用最新版本
-```shell
-#重新拉取镜像
-docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
-# 重新启动容器
-docker compose down
-docker compose up -d
-```
-> 数据默认存在`/data/certd`目录下，不用担心数据丢失
-
-### 自动升级(仅限尝鲜建议非生产使用)
-```yaml
-version: '3.3'
-services:
-  certd:
-    image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
-    container_name: certd
-    restart: unless-stopped
-    volumes:
-      - /data/certd:/app/data
-    ports:
-      - "7001:7001"
-      - "7002:7002"
-    environment:
-      - certd_system_resetAdminPasswd=false
-    labels:
-      com.centurylinklabs.watchtower.enable: "true"
-
-  certd-updater:  # 添加 Watchtower 服务
-    image: containrrr/watchtower:latest
-    container_name: certd-updater
-    restart: unless-stopped
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-    # 配置 自动更新
-    environment:
-      - WATCHTOWER_CLEANUP=true            # 自动清理旧版本容器
-      - WATCHTOWER_INCLUDE_STOPPED=false   # 不更新已停止的容器
-      - WATCHTOWER_LABEL_ENABLE=true       # 根据容器标签进行更新
-      - WATCHTOWER_POLL_INTERVAL=300       # 每 5 分钟检查一次更新
-
-```
-
-### 其他部署方式升级方法
-请参考 https://certd.docmirror.cn/guide/install/upgrade.html
+> 注意：
+> * 本应用存储的证书、授权信息等属于高度敏感数据，请做好安全防护
+> * 请务必使用HTTPS协议访问本应用，避免被中间人攻击
+> * 请务必使用web应用防火墙防护本应用，防止XSS、SQL注入等攻击
+> * 请务必做好服务器本身的安全防护，防止数据库泄露
+> * 请务必做好数据备份，避免数据丢失
+> * [更多安全生产建议点我](https://certd.docmirror.cn/guide/feature/safe/)
 
 
+## 五、更多帮助
+请访问官方文档：[https://certd.docmirror.cn/](https://certd.docmirror.cn/guide/)
 
-###  更新日志：
-
-[CHANGELOG](./CHANGELOG.md)
+* 升级方法：[升级方法](https://certd.docmirror.cn/guide/install/upgrade/)
+* 常见问题：[忘记密码](https://certd.docmirror.cn/guide/use/forgotpasswd/)
+* 多数据库：[多数据库配置](https://certd.docmirror.cn/guide/install/database/)
+* 站点安全：[站点安全特性](https://certd.docmirror.cn/guide/feature/safe/)
+* 更新日志：[CHANGELOG](./CHANGELOG.md)
 
 
-## 六、一些说明
-* 本项目ssl证书提供商为letencrypt/Google/ZeroSSL
-* 申请过程遵循acme协议
-* 证书续期：
-  * 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
-  * 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
-* 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
-* 设置每天自动运行，当证书过期前35天，会自动重新申请证书并部署
-
-
-## 七、不同平台的设置说明
-
-* 已迁移到新的文档网站，请到常见问题章节查看
-* [最新文档站链接 https://certd.docmirror.cn](https://certd.docmirror.cn/)
-
-## 八、问题处理
-### 7.1 忘记管理员密码   
-[重置管理员密码方法](https://certd.docmirror.cn/guide/use/forgotpasswd/)
-
-## 九、联系作者
+## 六、联系作者
 如有疑问，欢迎加入群聊（请备注certd）
 
 | 加群 | 微信群 | QQ群 |
@@ -185,7 +137,7 @@ services:
 | 二维码 | <img height="230" src="./docs/guide/contact/images/me.png"> |
 
 
-## 十、捐赠
+## 七、捐赠
 ************************
 支持开源，为爱发电，我已入驻爱发电   
 https://afdian.com/a/greper
@@ -194,49 +146,45 @@ https://afdian.com/a/greper
 1. 可加入发电专属群，可以获得作者一对一技术支持
 2. 您的需求我们将优先实现，并且将作为专业版功能提供
 3. 一年期专业版激活码
-4. 赠送国外免费服务器部署方案（0成本使用Certd，可能需要翻墙，不过现在性能越来越差了）
-
 
 专业版特权对比
 
-| 功能   | 基础版             | 专业版               |
-|------|-----------------|-------------------|
-| 免费证书申请 | 免费无限制           | 无限制               |
-| 域名数量 | 免费无限制           | 无限制               |
-| 证书流水线条数 | 免费无限制           | 无限制               |
-| 站点证书监控 | 1条              | 无限制               |
-| 自动部署插件 | 阿里云、腾讯云、七牛云、SSH | 支持群晖、宝塔、1Panel等，持续开发中 |
-| 通知   | 邮件、webhook      | server酱、企微、anpush等 |
+| 功能      | 免费版                                   | 专业版                            |
+|---------|---------------------------------------|--------------------------------|
+| 免费证书申请  | 免费无限制                                 | 免费无限制                          |
+| 域名数量 | 无限制                                   | 无限制                            |
+| 证书流水线条数 | 无限制                                   | 无限制                            |
+| 站点证书监控  | 限制1条                                  | 无限制                            |
+| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件 | 群晖                             |
+| 通知      | 邮件通知、自定义webhook                       | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
+
 
 ************************
 
-## 十一、贡献代码
+## 八、贡献代码
 
-1. 本地开发 [贡献插件](https://certd.docmirror.cn/guide/development/)
+1. 本地开发请参考 [贡献插件向导](https://certd.docmirror.cn/guide/development/)
 2. 作为贡献者，代表您同意您贡献的代码如下许可：
    1. 可以调整开源协议以使其更严格或更宽松。
    2. 可以用于商业用途。
 
+感谢以下贡献者做出的贡献。
 
+<a href="https://github.com/certd/certd/graphs/contributors">
+  <img src="https://contrib.rocks/image?repo=certd/certd" />
+</a>
 
-## 十二、 开源许可
+## 九、 开源许可
 * 本项目遵循 GNU Affero General Public License（AGPL）开源协议。   
 * 允许个人和公司内部自由使用、复制、修改和分发本项目，未获得商业授权情况下禁止任何形式的商业用途 
 * 未获得商业授权情况下，禁止任何对logo、版权信息及授权许可相关代码的修改。
 * 如需商业授权，请联系作者。
 
-## 十三、我的其他项目（求Star）
+
+## 十、我的其他项目（求Star）
 
 | 项目名称                                                    | stars                                                                                                 | 项目描述                              | 
 |---------------------------------------------------------|-------------------------------------------------------------------------------------------------------|-----------------------------------|
 | [袖手AI](https://ai.handsfree.work/)                    |                                                                                                       | 袖手GPT，国内可用，无需FQ，每日免费额度            | 
 | [fast-crud](https://gitee.com/fast-crud/fast-crud/)     | <img alt="GitHub stars" src="https://img.shields.io/github/stars/fast-crud/fast-crud?logo=github"/>   | 基于vue3的crud快速开发框架                 |  
 | [dev-sidecar](https://github.com/docmirror/dev-sidecar/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/docmirror/dev-sidecar?logo=github"/> | 直连访问github工具，无需FQ，解决github无法访问的问题 |                       
-
-
-
-## 十四、更新日志
-
-更新日志：[CHANGELOG](./CHANGELOG.md)
-
-

build-dev.trigger

@@ -1 +1 @@
-1
+2

build.trigger

@@ -1 +1 @@
-02:10
+09:12

docker/run/docker-compose.yaml

@@ -3,6 +3,8 @@ services:
   certd:
     # 镜像                                                  #  ↓↓↓↓↓ ---- 镜像版本号，建议改成固定版本号,例如：certd:1.29.0
     image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
+    # image: ghcr.io/certd/certd:latest                    #   --------- 如果 报镜像not found，可以尝试其他镜像源
+    # image: greper/certd:latest
     container_name: certd # 容器名
     restart: unless-stopped # 自动重启
     volumes:
@@ -14,7 +16,7 @@ services:
       - "7001:7001"
       #  ↓↓↓↓ ---------------------------------------------------------- https端口，可以根据实际情况，是否暴露该端口
       - "7002:7002"
-    #↓↓↓↓ -------------------------------------------------------------- 如果出现getaddrinfo ENOTFOUND错误，可以尝试设置dns
+    #↓↓↓↓ -------------------------------------------------------------- 如果出现getaddrinfo EAI_AGAIN 或 getaddrinfo ENOTFOUND 错误，可以尝试设置dns
 #    dns:
 #      - 223.5.5.5      # 阿里云公共dns
 #      - 223.6.6.6
@@ -35,6 +37,8 @@ services:
 #    networks:
 #      - ip6net
     environment:
+#             ↓↓↓↓ ----------------------------------------------------- 使用上海东八时区
+#      - TZ=Asia/Shanghai
 #     设置环境变量即可自定义certd配置
 #     配置项见： packages/ui/certd-server/src/config/config.default.ts
 #     配置规则： certd_ + 配置项, 点号用_代替

docs/.vitepress/config.ts

@@ -1,147 +1,155 @@
-import { defineConfig } from "vitepress";
+import {defineConfig} from "vitepress";
 // Import lightbox plugin
 import lightbox from "vitepress-plugin-lightbox";
 
 // https://vitepress.dev/reference/site-config
 export default defineConfig({
-  title: "Certd",
-  description: "Certd帮助文档,Certd是一款开源免费的全自动SSL证书管理工具；证书自动化申请部署流水线；自动证书申请、更新、续期；通配符证书，泛域名证书申请；证书自动化部署到阿里云、腾讯云、主机、群晖、宝塔。",
-  markdown: {
-    config: (md) => {
-      // Use lightbox plugin
-      md.use(lightbox, {});
-    }
-  },
-  sitemap: {
-    hostname: 'https://certd.docmirror.cn'
-  },
-  head: [
-    // [
-    //     'meta',
-    //     {
-    //         name: 'viewport',
-    //         content:
-    //           'width=device-width,initial-scale=1,minimfast-cum-scale=1.0,maximum-scale=1.0,user-scalable=no',
-    //     },
-    // ],
-    ["meta", {
-      name: "keywords",
-      content: "证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具、Certd、SSL证书自动部署、证书自动化，https证书，pfx证书，der证书，TLS证书，nginx证书自动续签自动部署,SSL平台，证书管理平台，证书流水线"
-    }],
-    // ["meta", { name: "google-site-verification",content: "V5XLTSnXoT15uQotwpxJoQolUo2d5UbSL-TacsyOsC0"}],
-      //<meta name="baidu-site-verification" content="codeva-MiWN8Y07Ua" />
-    // ["meta", {name: "baidu-site-verification",content: "codeva-MiWN8Y07Ua"}],
-    ["link", { rel: "icon", href: "/static/logo/logo.svg" }]
-  ],
-  themeConfig: {
-    logo: "/static/logo/logo.svg",
-    search: {
-      provider: "local",
-      options: {
-        detailedView: true,
-        translations: {
-          button: {
-            buttonText: "搜索文档",
-            buttonAriaLabel: "搜索文档"
-          },
-          modal: {
-            noResultsText: "无法找到相关结果",
-            resetButtonTitle: "清除查询条件",
-            footer: {
-              selectText: "选择",
-              closeText: "关闭",
-              navigateText: "切换"
+    title: "Certd",
+    titleTemplate: "开源SSL证书管理工具，证书自动化申请部署，让你的网站证书永不过期",
+    description: "Certd帮助文档,Certd是一款开源免费的全自动SSL证书管理工具；证书自动化申请部署流水线；自动证书申请、更新、续期；通配符证书，泛域名证书申请；证书自动化部署到阿里云、腾讯云、主机、群晖、宝塔。",
+    markdown: {
+        config: (md) => {
+            // Use lightbox plugin
+            md.use(lightbox, {});
+        }
+    },
+    sitemap: {
+        hostname: 'https://certd.docmirror.cn'
+    },
+    head: [
+        // [
+        //     'meta',
+        //     {
+        //         name: 'viewport',
+        //         content:
+        //           'width=device-width,initial-scale=1,minimfast-cum-scale=1.0,maximum-scale=1.0,user-scalable=no',
+        //     },
+        // ],
+        ["meta", {
+            name: "keywords",
+            content: "证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具、Certd、SSL证书自动部署、证书自动化，https证书，pfx证书，der证书，TLS证书，nginx证书自动续签自动部署,SSL平台，证书管理平台，证书流水线"
+        }],
+        // ["meta", { name: "google-site-verification",content: "V5XLTSnXoT15uQotwpxJoQolUo2d5UbSL-TacsyOsC0"}],
+        //<meta name="baidu-site-verification" content="codeva-MiWN8Y07Ua" />
+        // ["meta", {name: "baidu-site-verification",content: "codeva-MiWN8Y07Ua"}],
+        ["link", {rel: "icon", href: "/static/logo/logo.svg"}]
+    ],
+    themeConfig: {
+        logo: "/static/logo/logo.svg",
+        search: {
+            provider: "local",
+            options: {
+                detailedView: true,
+                translations: {
+                    button: {
+                        buttonText: "搜索文档",
+                        buttonAriaLabel: "搜索文档"
+                    },
+                    modal: {
+                        noResultsText: "无法找到相关结果",
+                        resetButtonTitle: "清除查询条件",
+                        footer: {
+                            selectText: "选择",
+                            closeText: "关闭",
+                            navigateText: "切换"
+                        }
+                    }
+                }
             }
-          }
-        }
-      }
-    },
-    // https://vitepress.dev/reference/default-theme-config
-    nav: [
-      { text: "首页", link: "/" },
-      { text: "指南", link: "/guide/" },
-      { text: "商业版", link: "/comm/" },
-      { text: "Demo体验", link: "https://certd.handfree.work" }
-    ],
-    sidebar: {
-      "/guide/": [
-        {
-          text: "入门",
-          items: [
-            { text: "简介", link: "/guide/" },
-            { text: "快速开始", link: "/guide/start.md" },
-            {
-              text: "私有化部署",
-              items: [
-                { text: "docker部署", link: "/guide/install/docker/" },
-                { text: "宝塔面板部署", link: "/guide/install/baota/" },
-                { text: "1Panel部署", link: "/guide/install/1panel/" },
-                { text: "群晖部署", link: "/guide/use/synology/" },
-                { text: "源码部署", link: "/guide/install/source/" }
-              ]
-            },
-            { text: "演示教程", link: "/guide/tutorial.md" },
-            { text: "版本升级", link: "/guide/install/upgrade.md" }
-          ]
         },
-        {
-          text: "特性",
-          items: [
-            { text: "CNAME代理校验", link: "/guide/feature/cname/index.md" },
-            { text: "插件列表", link: "/guide/plugins.md" },
-            { text: "多数据库支持", link: "/guide/install/database.md" },
-            { text: "开放接口", link: "/guide/open/index.md" }
-          ]
+        // https://vitepress.dev/reference/default-theme-config
+        nav: [
+            {text: "首页", link: "/"},
+            {text: "指南", link: "/guide/"},
+            {text: "Demo体验", link: "https://certd.handfree.work"}
+        ],
+        sidebar: {
+            "/guide/": [
+                {
+                    text: "入门",
+                    items: [
+                        {text: "简介", link: "/guide/"},
+                        {text: "快速开始", link: "/guide/start.md"},
+                        {
+                            text: "私有化部署",
+                            items: [
+                                {text: "docker部署", link: "/guide/install/docker/"},
+                                {text: "宝塔面板部署", link: "/guide/install/baota/"},
+                                {text: "1Panel部署", link: "/guide/install/1panel/"},
+                                {text: "群晖部署", link: "/guide/use/synology/"},
+                                {text: "源码部署", link: "/guide/install/source/"}
+                            ]
+                        },
+                        {text: "演示教程", link: "/guide/tutorial.md"},
+                        {text: "版本升级", link: "/guide/install/upgrade.md"}
+                    ]
+                },
+                {
+                    text: "特性",
+                    items: [
+                        {text: "CNAME代理校验", link: "/guide/feature/cname/index.md"},
+                        {text: "多数据库支持", link: "/guide/install/database.md"},
+                        {text: "开放接口", link: "/guide/open/index.md"},
+                        {
+                            text: "站点安全",  link: "/guide/feature/safe/"
+                        },
+                        {
+                            text: "插件列表", items: [
+                                {text: "授权提供商", link: "/guide/plugins/access.md"},
+                                {text: "DNS提供商", link: "/guide/plugins/dns-provider.md"},
+                                {text: "任务插件", link: "/guide/plugins/deploy.md"},
+                                {text: "通知插件", link: "/guide/plugins/notification.md"},
+                            ]
+                        },
+                    ]
+                },
+                {
+                    text: "常见问题",
+                    items: [
+                        {text: "QA", link: "/guide/qa/use.md"},
+                        {text: "常见报错处理", link: "/guide/qa/"},
+                        {text: "群晖证书部署", link: "/guide/use/synology/"},
+                        {text: "腾讯云密钥获取", link: "/guide/use/tencent/"},
+                        {text: "连接windows主机", link: "/guide/use/host/windows.md"},
+                        {text: "Google EAB获取", link: "/guide/use/google/"},
+                        {text: "阿里云相关", link: "/guide/use/aliyun/"},
+                        {text: "忘记密码", link: "/guide/use/forgotpasswd/"},
+                        {text: "数据备份", link: "/guide/use/backup/"},
+                        {text: "Certd本身的证书更新", link: "/guide/use/https/index.md"},
+                        {text: "js脚本插件使用", link: "/guide/use/custom-script/index.md"},
+                        {text: "邮箱配置", link: "/guide/use/email/index.md"},
+                        {text: "IPv6支持", link: "/guide/use/setting/ipv6.md"},
+                        {text: "ESXi", link: "/guide/use/ESXi/index.md"},
+                    ]
+                },
+                {
+                    text: "商业版配置", link: "/guide/use/comm/", items: [
+                        {text: "支付宝配置", link: "/guide/use/comm/payments/alipay.md"},
+                        {text: "微信支付配置", link: "/guide/use/comm/payments/wxpay.md"},
+                        {text: "彩虹易支付配置", link: "/guide/use/comm/payments/yizhifu.md"},
+                    ]
+                },
+                {
+                    text: "其他",
+                    items: [
+                        {text: "贡献代码", link: "/guide/development/index.md"},
+                        {text: "更新日志", link: "/guide/changelogs/CHANGELOG.md"},
+                        {text: "镜像说明", link: "/guide/image.md"},
+                        {text: "联系我们", link: "/guide/contact/"},
+                        {text: "捐赠", link: "/guide/donate/"},
+                        {text: "开源协议", link: "/guide/license/"},
+                        {text: "我的其他开源项目", link: "/guide/link/"},
+                    ]
+                }
+            ],
         },
-        {
-          text: "常见问题",
-          items: [
-            { text: "群晖证书部署", link: "/guide/use/synology/" },
-            { text: "腾讯云密钥获取", link: "/guide/use/tencent/" },
-            { text: "连接windows主机", link: "/guide/use/host/windows.md" },
-            { text: "Google EAB获取", link: "/guide/use/google/" },
-            { text: "阿里云相关", link: "/guide/use/aliyun/" },
-            { text: "忘记密码", link: "/guide/use/forgotpasswd/" },
-            { text: "数据备份", link: "/guide/use/backup/" },
-            { text: "Certd本身的证书更新", link: "/guide/use/https/index.md" },
-            { text: "js脚本插件使用", link: "/guide/use/custom-script/index.md" },
-            { text: "邮箱配置", link: "/guide/use/email/index.md" },
-            { text: "IPv6支持", link: "/guide/use/setting/ipv6.md" },
-          ]
-        },
-        {
-          text: "其他",
-          items: [
-            { text: "贡献代码", link: "/guide/development/index.md" },
-            { text: "更新日志", link: "/guide/changelogs/CHANGELOG.md" },
-            { text: "镜像说明", link: "/guide/image.md" },
-            { text: "联系我们", link: "/guide/contact/" },
-            { text: "捐赠", link: "/guide/donate/" },
-            { text: "开源协议", link: "/guide/license/" },
-            { text: "我的其他开源项目", link: "/guide/link/" },
 
-          ]
+        socialLinks: [
+            {icon: "github", link: "https://github.com/certd/certd"}
+        ],
+        footer: {
+            message: "Certd帮助文档 |  <a href='https://beian.miit.gov.cn/' target='_blank'>粤ICP备14088435号</a> ",
+            copyright: "Copyright © 2021-present <a href='https://handfree.work/' target='_blank'>handfree.work</a> "
         }
-      ],
-      "/comm/": [
-        {
-          text: "商业版",
-          items: [
-            { text: "支付宝配置", link: "/comm/payments/alipay.md" },
-            { text: "微信支付配置", link: "/comm/payments/wxpay.md" },
-            { text: "彩虹易支付配置", link: "/comm/payments/yizhifu.md" },
-          ]
-        }
-      ]
-      ,
-    },
-
-    socialLinks: [
-      { icon: "github", link: "https://github.com/certd/certd" }
-    ],
-    footer: {
-      message: "Certd帮助文档 |  <a href='https://beian.miit.gov.cn/' target='_blank'>粤ICP备14088435号</a> ",
-      copyright: "Copyright © 2021-present <a href='https://handfree.work/' target='_blank'>handfree.work</a> "
     }
-  }
 });

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,387 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Bug Fixes
+
+* 某些证书提供商的证书确实commonName导致无法转换证书的问题 ([ac87bc5](https://github.com/certd/certd/commit/ac87bc57e957ea4679707bfd38d6840e26319bed))
+* 修复站点监控通知渠道设置无效的bug ([a00453c](https://github.com/certd/certd/commit/a00453c83a58114ce2873dd6e6aaf313f1ce0f87))
+
+### Performance Improvements
+
+* 修改 HTTPS 服务器监听地址 ([e1cf64a](https://github.com/certd/certd/commit/e1cf64ae16d4abfe4299ff16d5088c30cf3c6365))
+* 优化流水线页面，增加下次执行时间、查看证书显示 ([c820315](https://github.com/certd/certd/commit/c8203154094fae3d17198747f49f5f41ddf29a4e))
+* 站点证书监控支持定时设置，重试次数设置 ([d3c2f8e](https://github.com/certd/certd/commit/d3c2f8eb436e670772d14a54acd6b541c5aa3978))
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/certd/certd/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+* aliyun alb支持部署扩展证书 ([2a19b61](https://github.com/certd/certd/commit/2a19b61b7a78620c06396c2cc37cc77d738b6d12))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复用户最大流水线数量校验的问题 ([919f70a](https://github.com/certd/certd/commit/919f70a5fd2842ca69f96f1659bb5a7ba3f73776))
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+* 修复cv4pve sdk (proxmox插件连接失败时无法正常结束任务的bug) ([49f26b4](https://github.com/certd/certd/commit/49f26b4049a0549b0270395157e96e8f04a68bc4))
+* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
+* 修复flexcdn证书commonNames错误的问题 ([ace363f](https://github.com/certd/certd/commit/ace363fa355436e769b27f71cc487d30d6441780))
+
+### Performance Improvements
+
+* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+* 增加下载日志按钮 ([6ff509d](https://github.com/certd/certd/commit/6ff509d263c0182645b4692c10b5fedb192db964))
+* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Bug Fixes
+
+* **flexcdn:** fix cert upload and skipSslVerify required ([c48da5d](https://github.com/certd/certd/commit/c48da5dea7f0f0cdeae643b106b4a678acc3b14b))
+
+### Performance Improvements
+
+* 阿里云CLB支持部署到扩展域名 ([0e8339c](https://github.com/certd/certd/commit/0e8339c70190890d449099e1d26e5ed06ff135fb))
+* 优化流水线名称过长时的显示 ([6a0cc1b](https://github.com/certd/certd/commit/6a0cc1b1f3ad508f9e4093b3b682b163f12389eb))
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+### Bug Fixes
+
+* 修复Farcdn证书有效期错误的问题 ([1fe4c36](https://github.com/certd/certd/commit/1fe4c367f7128de9ba5e3395ae06bc81e63a7d5a))
+
+### Performance Improvements
+
+* 不止证书自动化，插件解锁无限可能 ([a9b302e](https://github.com/certd/certd/commit/a9b302e38d3328d75df8b2da3d8b914851e55e9c))
+* 邮箱支持保存和选择 ([f7b0b44](https://github.com/certd/certd/commit/f7b0b44ef6044bec36510a6f0b06d8dca5bfce49))
+* 支持github 新版本检查并发布通知 ([356703c](https://github.com/certd/certd/commit/356703c83ea18c6efb8931402e181280d7b7e696))
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Bug Fixes
+
+* 更新 1panel API 版本支持v1/v2设置 ([e6195ad](https://github.com/certd/certd/commit/e6195ade3ec54b138825b8d6738f86eb8afdd720))
+* 同步更新namesilo接口，修复无法创建和删除dns记录的问题 ([36b02c2](https://github.com/certd/certd/commit/36b02c2cec145c13d4ef29d49aba5b6b4f697df2))
+* 修复阿里云 esa 证书获取站点列表错误的问题 ([0c2ea5d](https://github.com/certd/certd/commit/0c2ea5da4c836f8a0df132a3f22d399bd9ee1de9))
+* 修复部署到华为cdn，子账号ak查询不到域名的bug ([ebb292a](https://github.com/certd/certd/commit/ebb292a2f7a425c1bc810f59468beb3f1d5bc3f0))
+* 修复证书申请任务无法修改dns提供商类型的bug ([8802274](https://github.com/certd/certd/commit/88022747bebe2054223e0241d68d410771405e68))
+
+### Performance Improvements
+
+* 关闭腾讯云证书通知提醒 ([231a875](https://github.com/certd/certd/commit/231a875bb481420c39bf76ec9ff4e50954ab9fe4))
+* 优化站点选择组件，切换选择时不刷新列表 ([3a14714](https://github.com/certd/certd/commit/3a147141b1a5d67c92a5ce88a5313eaa62859e03))
+* 优化站点ip检查 ([a463711](https://github.com/certd/certd/commit/a463711b03a20120f2a298be15d71ca152d27f21))
+* 站点监控支持监控IP ([9cc4c01](https://github.com/certd/certd/commit/9cc4c017ae646a18284e732769b82636feda01d3))
+* 支持批量重新运行 ([8189982](https://github.com/certd/certd/commit/818998259ddc75e722196ac5c365038818539b9b))
+* farcdn优化 ([a06ef07](https://github.com/certd/certd/commit/a06ef07178ed73c537e21c7d57e5e5144d2c056d))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+### Performance Improvements
+
+* 优化阿里云DCDN插件，支持多选 ([b091657](https://github.com/certd/certd/commit/b091657b5c537acf2442a2bfc345d0a77f5e2c50))
+* 支持部署到farcdn ([e08cf57](https://github.com/certd/certd/commit/e08cf57b72128998f487ab6469868052fbce0dba))
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 修复又拍云 CDN 设置证书参数和强制 HTTPS 配置报错的bug ([7984b62](https://github.com/certd/certd/commit/7984b625ba6727132f205db8e25f790bce27b2f7))
+* 修复lego模式下每次都重新申请证书的bug ([f807b8c](https://github.com/certd/certd/commit/f807b8cb465cc329fa034ecbef94e18ef394f870))
+* 优化 RunnableError错误信息展示 ([36bc3ff](https://github.com/certd/certd/commit/36bc3ff22da93ba342c3c1103d7ee2bbcecf44f2))
+* **cert:** 修正证书过期时间计算逻辑 ([a3086e6](https://github.com/certd/certd/commit/a3086e6a5bec8b07f5e1d21a2ca8bd969c75bd5c))
+
+### Performance Improvements
+
+* 二次认证页面中，添加动态验证码输入框的焦点控制，提升用户体验 ([bb22f06](https://github.com/certd/certd/commit/bb22f062ed4ab4b5b71938270fe4cc666af6b8e7))
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+* 站点证书监控增加通知设置 ([3422a1a](https://github.com/certd/certd/commit/3422a1a59fd0d2c0f17fa9c7e8988ac527ecfdd9))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 1panel增加授权测试按钮 ([566b12f](https://github.com/certd/certd/commit/566b12f5d14ce10e8f5cf1807c58f7bf27f0d199))
+* 优化钉钉通知标题颜色 ([a560999](https://github.com/certd/certd/commit/a560999d13eed18d08dd32ee530166569e3f8746))
+* 优化飞书通知为卡片模式 ([a818a3d](https://github.com/certd/certd/commit/a818a3d293e22fb46979bc77055c05621a6fed81))
+* 支持部署到宝塔aaWAF ([094565c](https://github.com/certd/certd/commit/094565ccd619ef671c6c11ce5fb7fd54a7a21d1c))
+* aaWaf、cdnfly站点选择支持查询 ([8af3463](https://github.com/certd/certd/commit/8af3463668a40b9b99febb02e3b4e0d9d8d719b4))
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+### Bug Fixes
+
+* 修复部署flexcdn问题 ([76b19a4](https://github.com/certd/certd/commit/76b19a4980f8edba5238543b82a7811e1003746c))
+* 修复插件导入的bug ([677fec0](https://github.com/certd/certd/commit/677fec0a0b6fceb4966705e471bbfeeda91610c7))
+* 修复导入在线插件不生效的bug ([fcf8309](https://github.com/certd/certd/commit/fcf8309c238208281ecb4575b2c3cfe50c11d783))
+* 修复自建插件保存丢失部署策略的bug ([863e74d](https://github.com/certd/certd/commit/863e74dd2e3912f950ff5025b5ed0070aeb37035))
+
+### Performance Improvements
+
+* 调整小助手，仅在登录之后显示 ([aebb07c](https://github.com/certd/certd/commit/aebb07c5cc8b1f233b9d203ff017ac60e6971a85))
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+### Performance Improvements
+
+* 宝塔插件、1panel 改成完全免费版 ([a53b6cd](https://github.com/certd/certd/commit/a53b6cd28ff2ce5662ada82379ea44a06b179b81))
+* 添加 FlexCDN 更新证书插件 ([bf040d4](https://github.com/certd/certd/commit/bf040d4c428d29c06fbaca5e29100e0c583b2b0b))
+* 小助手可以关闭 ([3e2101a](https://github.com/certd/certd/commit/3e2101aa5b56548614102e900d59819ce8c7e97c))
+* 支持部署到maoyun cdn ([68f333f](https://github.com/certd/certd/commit/68f333fb87ce85eed27436ecb0f76351c0ccb0d1))
+* 支持AI分析报错 ([aa96859](https://github.com/certd/certd/commit/aa96859798166426e485947a6590464de189de05))
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+### Bug Fixes
+
+* 修复部署到又拍云强制https无效的bug ([2397097](https://github.com/certd/certd/commit/2397097e4ddcb6f593210598e8779ffd44ac3f8f))
+* 修复刷新流水线页面后，日志不自动更新的bug ([0b2e28b](https://github.com/certd/certd/commit/0b2e28b62dd5eb6804c602083e65c87a9d1d72d2))
+
+### Performance Improvements
+
+* 集成智能问答机器人 ([9dd4905](https://github.com/certd/certd/commit/9dd49054d18ec436a5029444ca55a38adc682933))
+* 支持设置网安备案号 ([d18e431](https://github.com/certd/certd/commit/d18e431e2f08e6b37704032c4ea6fbdd8e971442))
+* http方式支持校验443端口 ([d75fcb7](https://github.com/certd/certd/commit/d75fcb7fec421a9a638eaa27fe9378c84b5e0f19))
+
+## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
+
+### Bug Fixes
+
+* 根据SOA记录判断子域名托管有缺陷，改回手动配置子域名托管记录的方式 ([1b280a2](https://github.com/certd/certd/commit/1b280a2940f9e2d919b0bf23b89cc185be1fa498))
+* 修复宝塔授权测试按钮显示错误的bug ([048696e](https://github.com/certd/certd/commit/048696ee9386491bb68592fb3a47d1c900bb68bf))
+
+### Performance Improvements
+
+* 支持部署证书到火山dcdn ([5f85219](https://github.com/certd/certd/commit/5f852194953dc1b4e6336770f417507b8f5a33ad))
+* 支持部署证书到unicloud ([a63d687](https://github.com/certd/certd/commit/a63d687f1c573159f0857693f37602b0e1e44072))
+
+# [1.34.0](https://github.com/certd/certd/compare/v1.33.8...v1.34.0) (2025-04-28)
+
+### Bug Fixes
+
+* 修复二次认证登录进入错误账号的bug ([e3930e0](https://github.com/certd/certd/commit/e3930e07172dd7903cb0f6ff26e0e3e828ba3e77))
+
+### Features
+
+* 从yaml文件注册插件 ([deb3893](https://github.com/certd/certd/commit/deb38938204b29543f36d3266249958faaaa6b66))
+
+### Performance Improvements
+
+* 优化cdnfly插件，支持自动匹配域名部署 ([afd59e9](https://github.com/certd/certd/commit/afd59e9933b2650f41c5d47684c171b93b962065))
+
+## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
+
+### Bug Fixes
+
+* 服务器时间获取不准确的bug ([5d10cbf](https://github.com/certd/certd/commit/5d10cbf18daf94a90a7551641a3b13e3c5fec611))
+* 修复复制流水线无效的bug ([3df20a9](https://github.com/certd/certd/commit/3df20a924f32970b052e2588ea20de095f0ea693))
+* 修复http上传方式无法清除记录文件的bug ([72a7b51](https://github.com/certd/certd/commit/72a7b51d479602b2c54c6c3ac8d8a0dcb9664e73))
+* 修复token过期后，疯狂打印token过期信息的bug ([50a5fa1](https://github.com/certd/certd/commit/50a5fa15bb240a125bbc91d2ce1ff3c835888a77))
+
+### Performance Improvements
+
+* 从域名的soa获取主域名，子域名托管无需额外配置 ([a586a92](https://github.com/certd/certd/commit/a586a92d5e32ea846ac37be52a7ad8c328d89966))
+* 七牛oss支持删除过期备份 ([b7113bd](https://github.com/certd/certd/commit/b7113bda2378116d6c116dc583f563cce7cf9f00))
+* 数据库备份支持oss ([308d460](https://github.com/certd/certd/commit/308d4600efe2002f199c33b4594d3071784e58ea))
+* 支持阿里云中文域名申请 ([b3468cf](https://github.com/certd/certd/commit/b3468cf7f28228d7c9cf68de6b5a9bbeb67f2c6d))
+* 支持反向代理增加contextPath路径 ([0088929](https://github.com/certd/certd/commit/0088929622160cc922995de9a563e8061686ff34))
+* 支持中文域名 ([162ebfd](https://github.com/certd/certd/commit/162ebfd4e0c25727efb33952d3bbf7420a02e2c3))
+
+## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
+
+### Performance Improvements
+
+* 添加部署证书至火山 Live ([abea80e](https://github.com/certd/certd/commit/abea80e3ab9b1672aebe1c5d5e856693b29931a8))
+* 优化首页插件列表展示 ([9b8f60b](https://github.com/certd/certd/commit/9b8f60b64b5f9a3db7dfa9b3dcbd9201984358d0))
+* 证书申请支持51dns ([8638fc9](https://github.com/certd/certd/commit/8638fc91ff34fccaf12ff9874fd3fa9d2a8c18b7))
+* 支持51dns ([96a0900](https://github.com/certd/certd/commit/96a0900edc95dcfd9acccf9d13592f12f5a09b3d))
+* ssh PTY模式登录设置 ([8385bcc](https://github.com/certd/certd/commit/8385bcc2d7f2411a07748bb5c53f9eaf4d38d7cc))
+* ssh伪终端模式优化，windows下不开启 ([42dfe93](https://github.com/certd/certd/commit/42dfe936b773b7bdd82ca3378363252ffffd7b71))
+
+## [1.33.6](https://github.com/certd/certd/compare/v1.33.5...v1.33.6) (2025-04-20)
+
+### Bug Fixes
+
+* 上传商用证书，直接粘贴文本报错的问题；修复无法上传ec加密证书的bug ([5750bb7](https://github.com/certd/certd/commit/5750bb706779da274d8e7a87e71416cb64d2df79))
+* 修复下载证书时提示token已过期的问题 ([0e07ae6](https://github.com/certd/certd/commit/0e07ae6ce84dcb9279d3c44060d621566afa593c))
+
+### Performance Improvements
+
+* 更新license时同时绑定url ([78367af](https://github.com/certd/certd/commit/78367af8307f801e778c76d49f0918c21ffe032f))
+* 切换到不同的分组后再打开创建对话框，会自动选择分组 ([893dcd4](https://github.com/certd/certd/commit/893dcd4f2487891199ed3e5a3d47a79a75efc942))
+* 新增部署到火山引擎ALB/CLB、上传到证书中心 ([c9a3e3d](https://github.com/certd/certd/commit/c9a3e3d9d26f964c7af7b56667936f1414fbf42a))
+* 优化/api缓存为0 ([dc05cd4](https://github.com/certd/certd/commit/dc05cd481f186b13375192be965000e6b4b429a5))
+* 优化华为cdn插件引用ccm证书 ([b565b4b](https://github.com/certd/certd/commit/b565b4b3b919b71b98ea2517670bc1ef00e00dc9))
+* 优化证书流水线创建，支持选择分组 ([d613aa8](https://github.com/certd/certd/commit/d613aa8f3e85d8dc475ef1b62d49394ce7fd7d24))
+
+## [1.33.5](https://github.com/certd/certd/compare/v1.33.4...v1.33.5) (2025-04-17)
+
+### Performance Improvements
+
+* 登录支持双重认证 ([48aef25](https://github.com/certd/certd/commit/48aef25b3f6499d674ca4e4ef16f4c62399fb735))
+* 多重认证登录 ([0f82cf4](https://github.com/certd/certd/commit/0f82cf409bc60706ab07e4ca4f272b9a1ca7eecb))
+* 优化部署到华为云CDN，支持先上传到ccm，再使用证书id部署，修复offline状态下导致部署报错的bug ([79df39a](https://github.com/certd/certd/commit/79df39acabab10ae7e1864dadcdc186bb007a3c5))
+
+## [1.33.4](https://github.com/certd/certd/compare/v1.33.3...v1.33.4) (2025-04-15)
+
+### Bug Fixes
+
+* 补充类型断言 ([2143dff](https://github.com/certd/certd/commit/2143dff2ae96e6a78bef9f0498e36f8cd9e6941f))
+* 修复腾讯云部署到任意资源插件，无法使用之前已上传的腾讯云证书问题 ([32c714d](https://github.com/certd/certd/commit/32c714d1b6e68c71a74a7452115040c87ac4bfdc))
+
+### Performance Improvements
+
+* 插件支持导入导出 ([cf8abb4](https://github.com/certd/certd/commit/cf8abb45282070c8ba91469f93fd379fabf1f74a))
+* 支持上传证书到华为云CCM ([cfd3b66](https://github.com/certd/certd/commit/cfd3b66be9ebf53a26693057e70ed60c3f116be9))
+
+## [1.33.3](https://github.com/certd/certd/compare/v1.33.2...v1.33.3) (2025-04-14)
+
+### Bug Fixes
+
+* 修复登录错误次数过多阻止再次登录逻辑 ([bf4d191](https://github.com/certd/certd/commit/bf4d191c8bd2f9209eb6768f662b9c77de99e998))
+
+## [1.33.2](https://github.com/certd/certd/compare/v1.33.1...v1.33.2) (2025-04-12)
+
+### Bug Fixes
+
+* 修复某些情况下无法输出日志的bug ([70101bf](https://github.com/certd/certd/commit/70101bfa7ade65678d9202c804bbae2cb808b594))
+
+### Performance Improvements
+
+* 修复内置插件分页查询逻辑 ([a2710dd](https://github.com/certd/certd/commit/a2710ddc2525e4e637fd157f0180e6d3b801c8be))
+
+## [1.33.1](https://github.com/certd/certd/compare/v1.33.0...v1.33.1) (2025-04-12)
+
+### Bug Fixes
+
+* 修复阿里云cdn证书部署失败问题，增加certname参数传入 ([965dc2c](https://github.com/certd/certd/commit/965dc2cb476f690af716f291c6b20ba98be0c8f0))
+* 修复ssh插件报length空指针的bug ([9c4cbe1](https://github.com/certd/certd/commit/9c4cbe17a22b548611cf1fbefecc83a421788e42))
+
+### Performance Improvements
+
+* 镜像支持armv7 ([f78cbed](https://github.com/certd/certd/commit/f78cbed4d817859721fdafe7d348864848d0dfbf))
+
+# [1.33.0](https://github.com/certd/certd/compare/v1.32.0...v1.33.0) (2025-04-11)
+
+### Bug Fixes
+
+* 升级mysql驱动，支持mysql8最新版本的认证 ([2f5ed3a](https://github.com/certd/certd/commit/2f5ed3aead97641f2c80d692a50226839016df0b))
+* 修复eab授权，没有email绑定的bug ([2f1683b](https://github.com/certd/certd/commit/2f1683b26acebbfb7d6e2d751435be04a4e7cab4))
+
+### Features
+
+* 支持在线自定义插件，无需源码开发 ([d0d9d68](https://github.com/certd/certd/commit/d0d9d68fe6740f6ff49fe40b7c9917c5a2e4b442))
+* **lego:** support set key type ([f3bf4fa](https://github.com/certd/certd/commit/f3bf4faee0be5bdbfdbcf70a502849ed4c8ed4c4))
+* release image to ghcr ([9b536af](https://github.com/certd/certd/commit/9b536af9e656dc89e2a87078c129cad6f591e467))
+
+### Performance Improvements
+
+* 修复tab页缓存问题 ([64e5449](https://github.com/certd/certd/commit/64e5449ab3c6b219b0e89eddad14bfb6b71a0650))
+* 隐藏运行策略选项 ([2951df0](https://github.com/certd/certd/commit/2951df0cd94c23e2efee84ff1b843055aac56cae))
+* 增加手动上传证书功能说明 ([5d083a1](https://github.com/certd/certd/commit/5d083a153637caddbc6f44e915d9fb2d1ae87b33))
+
+# [1.32.0](https://github.com/certd/certd/compare/v1.31.11...v1.32.0) (2025-04-04)
+
+### Bug Fixes
+
+* 创建cname记录移除域名两端的空格 ([903a413](https://github.com/certd/certd/commit/903a4131ab5f42c8286cd2150ed1032d486fda2f))
+* 修复从本地dns获取记录报错的bug ([c39b1bf](https://github.com/certd/certd/commit/c39b1bf823ddc6216bed2049e4c87e6107def08a))
+
+### Features
+
+* 优化证书申请速度，修复某些情况下letsencrypt 校验失败的问题 ([857589b](https://github.com/certd/certd/commit/857589b365c6f709e0ae67914d2f50ce182e6dd6))
+
+### Performance Improvements
+
+* 优化华为dns解析记录创建和删除问题 ([0948c5b](https://github.com/certd/certd/commit/0948c5bc691d2ee6eb47c72a85da1b7453361878))
+* 又拍云支持云存储 ([9339b78](https://github.com/certd/certd/commit/9339b78f801d193472c0af25749e8e7a27ffb7af))
+* 又拍云支持云存储 ([8449f85](https://github.com/certd/certd/commit/8449f8580da90c1f6b5d02d07c3236ebaf6cf161))
+
+## [1.31.11](https://github.com/certd/certd/compare/v1.31.10...v1.31.11) (2025-04-02)
+
+### Bug Fixes
+
+* 修复ssh支持键盘事件登录 ([8145808](https://github.com/certd/certd/commit/8145808c4370364377b4ffe3ae88ff465b49f20b))
+
+### Performance Improvements
+
+* 支持部署到京东云cdn ([6f17c70](https://github.com/certd/certd/commit/6f17c700b84965baa01b40fe2abaa0a91bcbaffd))
+* 支持京东云dns申请证书 ([04d79f9](https://github.com/certd/certd/commit/04d79f9117670be504960b018fd49ae3bf7c1c11))
+
+## [1.31.10](https://github.com/certd/certd/compare/v1.31.9...v1.31.10) (2025-03-29)
+
+### Performance Improvements
+
+*  tab增加图标显示 ([a03ae5a](https://github.com/certd/certd/commit/a03ae5a216a1df2c1d3da12ae18dcd0f089a92d3))
+* 升级lego版本到4.22.2 ([4e15556](https://github.com/certd/certd/commit/4e15556e5e8100719497edb1729570d5a29668e1))
+* 优化华为dns接口报错信息输出 ([bf30b7a](https://github.com/certd/certd/commit/bf30b7afaef623dd8126570344f1fcc2c06f1215))
+
+## [1.31.9](https://github.com/certd/certd/compare/v1.31.8...v1.31.9) (2025-03-28)
+
+### Bug Fixes
+
+* 修复华为云dns接口请求出错的bug ([caa15b4](https://github.com/certd/certd/commit/caa15b47355363cbb8847f415ff12363cd53eeda))
+* 修复某些情况下站点证书监控报undefined.includes的错误 ([0b6618f](https://github.com/certd/certd/commit/0b6618ff709322a0eeba78953c8c6e9d073d083a))
+* 修复网站证书监控https port设置无效的bug ([cc8da0c](https://github.com/certd/certd/commit/cc8da0cf130f0c469371b59ac5bd04567f4a4414))
+
+### Performance Improvements
+
+* 站点监控保存时异步检查 ([993bc74](https://github.com/certd/certd/commit/993bc7432fce2d954e9897ed85b54f22150bfc7e))
+* dns支持火山引擎 ([99ff879](https://github.com/certd/certd/commit/99ff879d93658c29ea493a4bde7e9e3f85996d64))
+
+## [1.31.8](https://github.com/certd/certd/compare/v1.31.7...v1.31.8) (2025-03-26)
+
+### Bug Fixes
+
+* 修复编辑通知勾选默认，导致出现多个默认通知的bug ([6cd7bdd](https://github.com/certd/certd/commit/6cd7bddc37da8b0d7b9860fd9a26ddfe84c869a7))
+* 修复网站监控无法设置端口的bug ([27a8a57](https://github.com/certd/certd/commit/27a8a57cf52b4bf83d628aa3049be1efaa74f29c))
+* 修复lego模式无法创建流水线的bug ([687bb8a](https://github.com/certd/certd/commit/687bb8a2376d0de7b72739a174e4a9560581f866))
+
+### Performance Improvements
+
+* 优化通知格式 ([c3c5006](https://github.com/certd/certd/commit/c3c5006daa39c20624cb58864f2b92b230a38a7a))
+* 优化scp上传 ([e51123a](https://github.com/certd/certd/commit/e51123a95131cc76d655937488caf08956a67020))
+* 优化txt本地校验效率 ([fd507f2](https://github.com/certd/certd/commit/fd507f269253607e68c5c099c99e0de11636f229))
+* 支持又拍云cdn ([fd0536b](https://github.com/certd/certd/commit/fd0536bd4b41f15b6b5d42e0b447f0dcbf73b8a8))
+* 支持又拍云cdn ([57389a7](https://github.com/certd/certd/commit/57389a79a1a61c45d081712562f8b33c9633158e))
+
+## [1.31.7](https://github.com/certd/certd/compare/v1.31.6...v1.31.7) (2025-03-24)
+
+### Performance Improvements
+
+* 增加服务器时间警告 ([d66ade4](https://github.com/certd/certd/commit/d66ade4e4783850b6c7625c6f164a5a0fc0aa509))
+* 支持部署到lucky ([e18e399](https://github.com/certd/certd/commit/e18e399ce6529e8c7e36b56c5f674cfdbbd3d3d1))
+
+## [1.31.6](https://github.com/certd/certd/compare/v1.31.5...v1.31.6) (2025-03-24)
+
+### Bug Fixes
+
+* 修复dns.la无法申请证书的bug ([90b045a](https://github.com/certd/certd/commit/90b045af6d1a4f46986e4b118885c1f050df067c))
+
+### Performance Improvements
+
+* 上传到主机支持scp方式 ([05b6159](https://github.com/certd/certd/commit/05b6159802b9e85b6a410361b60b5c28875b48e7))
+* 优化图标 ([c56f48c](https://github.com/certd/certd/commit/c56f48c1e3c54c4e203fafb380d9091d75681b7e))
+
+## [1.31.5](https://github.com/certd/certd/compare/v1.31.4...v1.31.5) (2025-03-22)
+
+### Bug Fixes
+
+* 修复通知选择器无法选择的bug ([f7b88f9](https://github.com/certd/certd/commit/f7b88f9e3b7d9d9122e4fd2003a20c555bd50c7d))
+* 修复证书流水线创建失败的bug ([736fe03](https://github.com/certd/certd/commit/736fe038ebda56648bcc4c12884a700341d2c049))
+
 ## [1.31.4](https://github.com/certd/certd/compare/v1.31.3...v1.31.4) (2025-03-21)
 
 ### Bug Fixes

docs/guide/development/demo/access.md

@@ -0,0 +1,88 @@
+
+# 授权插件Demo
+
+```ts
+import { AccessInput, BaseAccess, IsAccess } from '@certd/pipeline';
+import { isDev } from '../../utils/env.js';
+
+/**
+ * 这个注解将注册一个授权配置
+ * 在certd的后台管理系统中，用户可以选择添加此类型的授权
+ */
+@IsAccess({
+  name: 'demo',
+  title: '授权插件示例',
+  icon: 'clarity:plugin-line',
+  desc: '',
+})
+export class DemoAccess extends BaseAccess {
+  /**
+   * 授权属性配置
+   */
+  @AccessInput({
+    title: '密钥Id',
+    component: {
+      placeholder: 'demoKeyId',
+    },
+    required: true,
+  })
+  demoKeyId = '';
+
+  /**
+   * 授权属性配置
+   */
+  @AccessInput({
+    //标题
+    title: '密钥串',
+    component: {
+      //input组件的placeholder
+      placeholder: 'demoKeySecret',
+    },
+    //是否必填
+    required: true,
+    //改属性是否需要加密
+    encrypt: true,
+  })
+  //属性名称
+  demoKeySecret = '';
+}
+new DemoAccess();
+```
+
+
+# 阿里云授权
+```ts
+
+import { IsAccess, AccessInput, BaseAccess } from "@certd/pipeline";
+
+@IsAccess({
+  name: "aliyun",
+  title: "阿里云授权",
+  desc: "",
+  icon: "ant-design:aliyun-outlined",
+  order: 0,
+})
+export class AliyunAccess extends BaseAccess {
+  @AccessInput({
+    title: "accessKeyId",
+    component: {
+      placeholder: "accessKeyId",
+    },
+    helper: "登录阿里云控制台->AccessKey管理页面获取。",
+    required: true,
+  })
+  accessKeyId = "";
+  @AccessInput({
+    title: "accessKeySecret",
+    component: {
+      placeholder: "accessKeySecret",
+    },
+    required: true,
+    encrypt: true,
+    helper: "注意：证书申请需要dns解析权限；其他阿里云插件，需要对应的权限，比如证书上传需要证书管理权限；嫌麻烦就用主账号的全量权限的accessKey",
+  })
+  accessKeySecret = "";
+}
+
+new AliyunAccess();
+```

docs/guide/donate/index.md

@@ -7,16 +7,22 @@ https://afdian.com/a/greper
 1. 可加入发电专属群，可以获得作者一对一技术支持
 2. 您的需求我们将优先实现，并且将作为专业版功能提供
 3. 一年期专业版激活码
-4. 赠送国外免费服务器部署方案（0成本使用Certd，可能需要翻墙，不过现在性能越来越差了）
 
 
 ## 专业版特权对比
 
-| 功能      | 免费版                    | 专业版                   |
-|---------|------------------------|-----------------------|
-| 免费证书申请  | 免费无限制                  | 免费无限制                 |
-| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中 |
-| 发邮件功能   | 需要配置                   | 免配置                   |
-| 证书流水线条数 | 10条                    | 无限制                   |
+| 功能      | 免费版                    | 专业版                         |
+|---------|------------------------|-----------------------------|
+| 免费证书申请  | 免费无限制                  | 免费无限制                       |
+| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中       |
+| 证书流水线条数 | 无限制                    | 无限制                         |
+| 站点证书监控  | 限制1条                   | 无限制                         |
+| 通知      | 邮件通知、自定义webhook        | 邮件免配置、企微、飞书、anpush、server酱等 |
 
+
+## 专业版激活方式
+
+![](./images/plus.png)
+
+发电后，在私信中获取激活码
 ************************

docs/guide/feature/safe/hidden/index.md

@@ -0,0 +1,27 @@
+# 站点隐藏
+
+* 一般来说Certd设置好之后，很少需要访问。
+* 所以我们`平时`可以把`站点访问关闭`，需要的时候再打开，减少站点被攻击的风险    
+
+## 1、开启站点隐藏
+`系统管理->系统设置->安全设置->站点隐藏 `  
+
+
+![](./images/hidden1.png)
+
+:::warning  
+
+注意保存好`解除地址`和`解除密码`   
+
+::: 
+
+## 2、临时关闭站点隐藏
+
+访问上面的`解除地址`，输入`解除密码`，`临时解除`站点隐藏
+
+![](./images/hidden2.png)
+
+## 3、忘记解除地址和解除密码怎么办
+登录服务器，在数据库平级的目录下创建`.unhidden`命名的空白文件，即可临时解除站点隐藏       
+临时解除后会自动删除`.unhidden`文件，请尽快设置好新的`解除地址`和`解除密码`，并记住    
+

docs/guide/feature/safe/index.md

@@ -0,0 +1,49 @@
+# 安全特性
+
+Certd 存储了证书以及授权等敏感数据，所以需要严格保障安全。      
+我们提供了以下安全特性，以及安全生产建议（请遵照建议进行生产部署以保障数据安全）
+
+## 一、站点安全特性
+
+### 1、 授权数据加密存储【默认开启】
+* 所有的授权敏感字段会加密后存储
+* 每个用户独立维护授权数据，连管理员都无权查看
+
+![星号部分为加密数据](./images/access.png)
+星号部分为加密数据
+
+### 2、 密码防爆破【默认开启】
+* 登录失败次数过多，账号将被锁定，最高24小时(重启服务可解除锁定)
+* 用户登录密码加密hash后存储，无法计算出密码明文
+  ![](./images/login.png)
+
+### 3、站点隐藏【建议开启】
+* 一般来说Certd设置好之后，后续很少需要访问修改。
+* 所以我们平时可以把站点访问关闭，需要的时候再打开，减少站点被攻击的风险    
+* 请前往 `系统管理->系统设置->安全设置->开启站点隐藏`
+  ![](./images/hidden.png)
+
+点击查看 [站点隐藏功能详细使用说明](./hidden/)
+
+
+### 4、登录双重验证
+
+支持2FA双重认证
+
+![](./images/2fa.png)
+
+### 5、数据库自动备份【建议开启】
+* [自动备份设置说明](../../use/backup/)
+
+
+## 二、安全生产建议
+
+尽管`Cert`本身实现了很多安全特性，但`外部环境的安全`仍需要您来确保。    
+请`务必`遵循如下建议做好安全防护
+
+* 请`务必`使用`HTTPS协议`访问本应用，避免被中间人攻击
+* 请`务必`使用`web应用防火墙`防护本应用，防止XSS、SQL注入等攻击
+* 请`务必`做好`服务器本身`的安全防护，防止数据库泄露
+* 请`务必`做好[`数据备份`](../../use/backup/)，避免数据丢失
+* 请`务必`修改管理员账号用户名，且建议将admin注册为普通用户，且设置为禁用。
+* 建议开启[`站点隐藏`](./hidden/)功能

docs/guide/image.md

@@ -9,6 +9,10 @@
 * `greper/certd:latest`
 * `greper/certd:armv7`、`greper/certd:[version]-armv7`
 
+## GitHub Packages地址:
+* `ghcr.io/certd/certd:latest`
+* `ghcr.io/certd/certd:armv7`、`ghcr.io/certd/certd:[version]-armv7`
+* 
 ## 镜像构建公开
 镜像构建通过`Actions`自动执行，过程公开透明，请放心使用   
 * [点我查看镜像构建日志](https://github.com/certd/certd/actions/workflows/build-image.yml)

docs/guide/index.md

@@ -5,30 +5,28 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 
 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具
 
+## 1、关于证书续期
+>* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
+>* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
+>* 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
 
-## 一、特性
+
+## 2、项目特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。
 
-* 全自动申请证书（支持所有注册商注册的域名）
-* 全自动部署更新证书（目前支持部署到主机、部署到阿里云、腾讯云等，目前已支持60+部署插件）
-* 支持通配符域名/泛域名，支持多个域名打到一个证书上
-* 邮件通知
-* 私有化部署，保障数据安全
-* 支持SQLite、Postgresql、MySQL数据库
+* 全自动申请证书（支持所有注册商注册的域名，支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式）
+* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等70+部署插件）
+* 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
+* 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
+* 私有化部署，数据保存本地，安装升级非常简单快捷
+* 镜像由Github Actions构建，过程公开透明
+* 授权加密，站点隐藏，2FA，密码防爆破等多重安全保障
+* 支持SQLite，PostgreSQL、MySQL多种数据库
+* 开放接口支持
+* 站点证书监控
+* 多用户管理
 
 
-## 二、一些说明
-* 本项目申请证书过程遵循acme协议
-* 需要验证域名所有权，一般有两种方式
-    * http-01： 在网站根目录下放置一份txt文件
-    * dns-01： 需要给域名添加txt解析记录，通配符域名只能用这种方式（本项目仅支持dns-01）
-* 证书续期：
-    * 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
-    * 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
-* 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
-* 设置每天自动运行，当证书过期前35天，会自动重新申请证书并部署
+  ![](../images/intro/intro.svg)
+
 
-## 三、证书颁发机构对比
-* Let's Encrypt：申请最简单。
-* Google: 大厂光环，兼容性好，首次需要翻墙获取EAB。
-* ZeroSSL： 需要EAB，获取EAB无需翻墙。

docs/guide/install/baota/index.md

@@ -13,7 +13,7 @@
 
 #### 2.1 应用商店一键部署【推荐】
 
-* 在应用商店中找到`certd`（要先点右上角更新应用）
+* 在宝塔Docker应用商店中找到`certd`（要先点右上角更新应用）
 * 点击安装，配置域名等基本信息即可完成安装
 
 > 需要宝塔9.2.0及以上版本才支持
@@ -70,3 +70,12 @@ admin/123456
 ## 五、备份恢复
 
 将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可
+
+
+## 六、宝塔部署相关问题排查
+
+### 1. 无法访问Certd
+1. 确认服务器的安全规则，是否放开了对应端口
+2. 确认宝塔防火墙是否放开对应端口
+3. 尝试将Certd容器加入宝塔的`bridge`网络 
+![](./images/network.png)

docs/guide/install/docker/index.md

@@ -55,6 +55,11 @@ https://your_server_ip:7002
 
 ## 二、升级
 
+::: warning   
+如果您是第一次升级certd版本，切记切记先备份一下数据    
+:::
+
+
 ### 如果使用固定版本号
 1. 修改`docker-compose.yaml`中的镜像版本号
 2. 运行`docker compose up -d` 即可

docs/guide/install/source/index.md

@@ -1,5 +1,6 @@
 # 源码部署
-如果没有`git`和`nodejs`基础，则不推荐
+如果没有开发基础、没有运维基础、没有`git`和`nodejs`基础，强烈不推荐此方式
+
 ## 一、源码安装
 
 ### 环境要求
@@ -42,7 +43,12 @@ git pull
 kill -9 $(lsof -t -i:7001)
 # 重新编译启动
 ./start.sh
+
 ```
+::: warning   
+升级certd版本前，切记切记先备份一下数据    
+:::
+
 
 ## 三、数据备份
 > 数据默认保存在 `./packages/ui/certd-server/data` 目录下    

docs/guide/install/upgrade.md

@@ -8,5 +8,9 @@
 3. [1Panel面板方式部署升级](./1panel/#三、升级)
 4. [源码方式部署](./source/#二、升级)
 
+::: warning   
+如果您是第一次升级certd版本，切记切记先备份一下数据    
+:::
+
 ## 升级日志
 [CHANGELOG](../changelogs/CHANGELOG.md)

docs/guide/plugins.md

@@ -1,5 +0,0 @@
-# 插件列表
-
-![img_1.png](../images/plugins/list.png)
-
-

docs/guide/plugins/access.md

@@ -0,0 +1,58 @@
+# 授权列表
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **阿里云授权** |  | 
+| 2.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
+| 3.| **google cloud** | 谷歌云授权 | 
+| 4.| **主机登录授权** |  | 
+| 5.| **SFTP授权** |  | 
+| 6.| **阿里云OSS授权** | 包含地域和Bucket | 
+| 7.| **FTP授权** |  | 
+| 8.| **腾讯云** |  | 
+| 9.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
+| 10.| **七牛云授权** |  | 
+| 11.| **七牛OSS授权** |  | 
+| 12.| **天翼云授权** |  | 
+| 13.| **s3/minio授权** | S3/minio oss授权 | 
+| 14.| **baota授权** |  | 
+| 15.| **易盾DCDN授权** | https://user.yiduncdn.com | 
+| 16.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 17.| **易发云短信** | sms.yfyidc.cn/ | 
+| 18.| **cdnfly授权** |  | 
+| 19.| **群晖登录授权** |  | 
+| 20.| **k8s授权** |  | 
+| 21.| **1panel授权** | 账号和密码 | 
+| 22.| **百度云授权** |  | 
+| 23.| **LeCDN授权** |  | 
+| 24.| **白山云授权** |  | 
+| 25.| **plesk授权** |  | 
+| 26.| **易支付** |  | 
+| 27.| **支付宝** |  | 
+| 28.| **微信支付** |  | 
+| 29.| **长亭雷池授权** |  | 
+| 30.| **lucky** |  | 
+| 31.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 32.| **uniCloud** | unicloud授权 | 
+| 33.| **华为云授权** |  | 
+| 34.| **西部数码授权** |  | 
+| 35.| **多吉云** |  | 
+| 36.| **我爱云授权** | 我爱云CDN | 
+| 37.| **CacheFly** | CacheFly | 
+| 38.| **Gcore** | Gcore | 
+| 39.| **亚马逊云aws授权** |  | 
+| 40.| **dns.la授权** |  | 
+| 41.| **又拍云** |  | 
+| 42.| **火山引擎** |  | 
+| 43.| **京东云** |  | 
+| 44.| **51dns授权** |  | 
+
+<style module>
+table th:first-of-type {
+        width: 65px;
+    }
+table th:nth-of-type(2) {
+        width: 240px;
+    }
+</style>
+    

docs/guide/plugins/deploy.md

@@ -0,0 +1,130 @@
+# 任务插件
+共 `70` 款任务插件    
+## 1. 证书申请
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **证书申请（JS版）** | 免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
+| 2.| **证书申请（Lego）** | 支持海量DNS解析提供商，推荐使用，一样的免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
+| 3.| **商用证书托管** | 手动上传自定义证书后，自动部署（每次证书有更新，都需要手动上传一次） | 
+## 2. 主机
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **FTP-上传证书到FTP** | 将证书上传到FTP服务器 | 
+| 2.| **IIS-部署到IIS站点** |  | 
+| 3.| **主机-执行远程主机脚本命令** | 可以执行重启nginx等操作让证书生效 | 
+| 4.| **主机-部署证书到SSH主机** | SFTP上传证书到主机，然后SSH执行部署脚本命令 | 
+## 3. CDN
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **易盾-部署到易盾DCDN** | 主要是防御，http://user.yiduncdn.com/ | 
+| 2.| **易盾-部署到易盾RCDN** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 3.| **cdnfly-部署证书到cdnfly** | cdnfly | 
+| 4.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
+| 5.| **LeCDN-更新证书** |  | 
+| 6.| **LeCDN-更新证书V2** | 支持新版本LeCDN | 
+| 7.| **白山云-更新证书** |  | 
+| 8.| **天翼云-部署证书到CDN** | 部署证书到天翼云CDN和全站加速 | 
+| 9.| **括彩云-部署到括彩云CDN** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 10.| **多吉云-部署到多吉云CDN** |  | 
+| 11.| **我爱云-部署证书到我爱云CDN** | 部署证书到我爱云CDN | 
+| 12.| **CacheFly-部署证书到CacheFly** | 部署证书到 CacheFly | 
+| 13.| **Gcore-部署证书到Gcore** | 仅上传 并不会部署到cdn | 
+| 14.| **Gcore-刷新Gcore证书** | 刷新现有的证书 | 
+| 15.| **又拍云-部署证书到CDN/USS** | 支持又拍云CDN，又拍云云存储USS | 
+## 4. 面板
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
+| 2.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持网站站点、docker站点等 | 
+| 3.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
+| 4.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
+| 5.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
+| 6.| **1Panel-部署证书到1Panel** | 更新1Panel的证书 | 
+| 7.| **Plesk-部署Plesk网站证书** |  | 
+| 8.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
+| 9.| **lucky-更新Lucky证书** |  | 
+| 10.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
+| 11.| **威联通-部署证书到威联通** | 部署证书到qnap | 
+## 5. 阿里云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **阿里云-部署到Ack** | 部署到阿里云Ack集群Ingress等通过Secret管理证书的应用 | 
+| 2.| **阿里云-部署至任意云资源** | 【不建议使用】需要消耗阿里云自动部署次数，支持SLB、LIVE、webHosting、VOD、CR、DCDN、DDoS、CDN、ALB、APIGateway、FC、GA、MSE、NLB、OSS、SAE、WAF等云产品 | 
+| 3.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
+| 4.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
+| 5.| **阿里云-部署证书至OSS** | 自动部署域名证书至阿里云OSS | 
+| 6.| **阿里云-上传证书到阿里云** | 如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
+| 7.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
+| 8.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
+| 9.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
+| 10.| **阿里云-部署至SLB(传统负载均衡)** | 部署证书到阿里云SLB(传统负载均衡) | 
+| 11.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0）,【注意】证书的加密算法必须选择【pkcs1旧版】 | 
+## 6. 华为云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **华为云-部署证书至CDN** |  | 
+## 7. 腾讯云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **腾讯云-部署证书到任意云资源** | 支持负载均衡、CDN、DDoS、直播、点播、Web应用防火墙、API网关、TEO、容器服务、对象存储、轻应用服务器、云原生微服务、云开发 | 
+| 2.| **腾讯云-部署到CLB** | 暂时只支持单向认证证书，暂时只支持通用负载均衡 | 
+| 3.| **腾讯云-部署到CDN（废弃）** | 已废弃，请使用v2版 | 
+| 4.| **腾讯云-部署到CDN-v2** | 推荐使用 | 
+| 5.| **腾讯云-上传证书到腾讯云** | 上传成功后输出：tencentCertId | 
+| 6.| **腾讯云-部署证书到COS** | 部署到腾讯云COS源站域名证书【注意：很不稳定，需要重试很多次偶尔才能成功一次】 | 
+| 7.| **腾讯云-部署到腾讯云EO** | 腾讯云边缘安全加速平台EO，必须配置上传证书到腾讯云任务 | 
+| 8.| **腾讯云-删除即将过期证书** | 仅删除未使用的证书 | 
+| 9.| **腾讯云-部署到TKE-ingress** | serverless集群请使用K8S部署插件；Qcloud类型需要【上传到腾讯云】作为前置任务；ApiServer未开启外网访问则需要做域名的内网IP映射 | 
+## 8. 火山引擎
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **火山引擎-部署证书至CDN** | 支持网页，文件下载，音视频点播 | 
+| 2.| **火山引擎-部署证书至CLB** | 部署至火山引擎负载均衡 | 
+| 3.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 | 
+| 4.| **火山引擎-部署证书至ALB** | 部署至火山引擎应用负载均衡 | 
+| 5.| **火山引擎-部署证书至Live** | 部署至火山引擎视频直播 | 
+## 9. 京东云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **京东云-部署证书至CDN** | 京东云内容分发网络 | 
+| 2.| **京东云-更新已有证书** | 更新SSL数字证书中的证书 | 
+| 3.| **京东云-上传新证书** | 上传证书到SSL数字证书中心 | 
+## 10. 七牛云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **七牛云-部署证书至OSS** | 自动部署域名证书至七牛云KODO，注意是自定义源站域名，不是CDN域名 | 
+| 2.| **七牛云-部署证书至CDN** | 自动部署域名证书至七牛云CDN | 
+## 11. 亚马逊云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **AWS-部署证书到CloudFront** | 部署证书到 AWS CloudFront | 
+## 12. 其他
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **Demo-测试插件** |  | 
+| 2.| **重启 Certd** | 【仅管理员可用】 重启 certd的https服务，用于更新 Certd 的 ssl 证书 | 
+| 3.| **自定义js脚本** | 【仅管理员】运行自定义js脚本执行 | 
+| 4.| **等待** | 等待一段时间 | 
+| 5.| **数据库备份** | 仅支持备份SQLite数据库 | 
+
+<style module>
+table th:first-of-type {
+        width: 65px;
+    }
+table th:nth-of-type(2) {
+        width: 240px;
+    }
+</style>
+    

docs/guide/plugins/dns-provider.md

@@ -0,0 +1,22 @@
+# DNS提供商
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **阿里云** | 阿里云DNS解析提供商 | 
+| 2.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
+| 3.| **华为云** | 华为云DNS解析提供商 | 
+| 4.| **西部数码** | west dns provider | 
+| 5.| **dns.la** | dns.la | 
+| 6.| **火山引擎** | 火山引擎DNS解析提供商 | 
+| 7.| **京东云** | 京东云DNS解析提供商 | 
+| 8.| **51dns** | 51DNS | 
+
+<style module>
+table th:first-of-type {
+        width: 65px;
+    }
+table th:nth-of-type(2) {
+        width: 240px;
+    }
+</style>
+    

docs/guide/plugins/notification.md

@@ -0,0 +1,26 @@
+# 通知插件
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **企业微信通知** | 企业微信群聊机器人通知 | 
+| 2.| **电子邮件** | 电子邮件通知 | 
+| 3.| **爱语飞飞微信通知(iyuu)** | https://iyuu.cn/ | 
+| 4.| **自定义webhook** | 根据模版自定义http请求 | 
+| 5.| **Server酱ᵀ** | https://sct.ftqq.com/ | 
+| 6.| **Server酱³** | https://doc.sc3.ft07.com/serverchan3 | 
+| 7.| **AnPush** | https://anpush.com | 
+| 8.| **Telegram通知** | Telegram Bot推送通知 | 
+| 9.| **Discord 通知** | Discord 机器人通知 | 
+| 10.| **Slack通知** | Slack消息推送通知 | 
+| 11.| **Bark 通知** | Bark 推送通知插件 | 
+| 12.| **飞书通知** | 飞书群聊webhook通知 | 
+
+<style module>
+table th:first-of-type {
+        width: 65px;
+    }
+table th:nth-of-type(2) {
+        width: 240px;
+    }
+</style>
+    

docs/guide/qa/index.md

@@ -0,0 +1,73 @@
+# 常见报错解决
+
+## 1. getaddrinfo ENOTFOUND错误
+如果出现`getaddrinfo ENOTFOUND`/`getaddrinfo EAI_AGAIN`错误，可以尝试在`docker-compose.yaml`中设置dns
+```yaml
+version: '3.3' # 兼容旧版docker-compose
+services:
+  certd:
+    #↓↓↓↓ ------------ # 如果出现getaddrinfo ENOTFOUND 或 EAI_AGAIN错误，可以尝试设置dns
+    dns:
+      - 223.5.5.5      # 阿里云公共dns
+      - 223.6.6.6
+#       # ↓↓↓↓ ------- # 如果你服务器在腾讯云，可以用这个替换上面阿里云的公共dns
+#      - 119.29.29.29  # 腾讯云公共dns
+#      - 182.254.116.116
+#       # ↓↓↓↓ ------- # 如果你服务器部署在国外，可以用这个替换上面阿里云的公共dns
+#      - 8.8.8.8       # 谷歌公共dns
+#      - 8.8.4.4
+```
+
+如果仍然有问题,按如下步骤检查是否能够ping通域名
+```shell
+docker exec -it certd /bin/sh
+ping www.baidu.com
+ping gg.px.certd.handfree.work
+ping app.handfree.work
+```
+
+如果您是宝塔部署的
+可以试试将容器网络加入brige网络，看是否解决问题
+![img.png](images/baota-net.png)
+
+如果还是不行，请联系我们
+
+
+## 2. 连接IPv6超时
+docker-compose 需要放开IPv6网络的配置
+```yaml
+services:
+  certd:
+    networks:
+      - ip6net
+#    ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络，还需要把上面networks的注释放开
+networks:
+  ip6net:
+    enable_ipv6: true
+    ipam:
+      config:
+        - subnet: 2001:db8::/64
+
+```
+
+## 3. SSL_CERT_NOT_MATCH_DOMAIN_ERROR
+部署证书任务报类似 `SSL_CERT_NOT_MATCH_DOMAIN_ERROR`错误
+这是由于当前流水线的证书域名与要部署的目标站点的域名不匹配导致的，在申请证书任务中，增加目标站点域名，重新运行流水线即可
+
+
+## 4. 没有服务器配置文件，请检查是否开启了外网映射！
+宝塔网站证书部署报错：`Error: 没有服务器配置文件，请检查是否开启了外网映射！`    
+解决方案：先手动在宝塔网站中设置一次证书    
+
+
+## 5. 如何查看容器日志
+```shell
+docker logs -f --tail 200 certd
+```
+
+
+
+
+
+
+

docs/guide/qa/use.md

@@ -0,0 +1,14 @@
+# 使用问题
+
+
+## 1. 是否支持IP证书
+
+因为ACME协议不支持IP证书，所以certd目前也不支持IP证书
+
+
+## 2. 建议设置多长时间运行一次流水线
+建议每天运行一次，检查证书过期时间    
+当证书没过期时，自动跳过部署
+当证书到期前35天（创建流水线时可以修改），将会自动重新申请证书，自动部署
+
+

docs/guide/use/ESXi/index.md

@@ -0,0 +1,17 @@
+# 部署证书到ESXi
+
+使用`部署证书到主机插件`即可
+
+
+## 开启ssh
+登陆ESXi Web后台，点击 主机 -> 操作 -> 服务 -> 启用 Secure Shell（SSH）打开SSH
+
+## 添加部署到主机任务
+
+![img.png](./images/ssh.png)
+
+## 配置重启脚本
+```bash
+/etc/init.d/hostd restart
+/etc/init.d/vpxa restart
+```

docs/guide/use/backup/index.md

@@ -1,5 +1,6 @@
-# 数据库自动备份
-
+# 数据库备份
+* 两种备份方法：  1、手动备份  2、自动备份
+* 本文仅限sqlite数据库。
 ## 一、手动备份
 数据库文件根据不同的部署方式保存的位置不一样，您可以手动复制出来进行备份
 

docs/guide/use/https/index.md

@@ -17,7 +17,9 @@ CERTD_HTTPS_port=7002
 参考Certd顶部的创建证书流水线教程
 
 ### 2、配置复制到本机任务
-将证书复制到certd的证书安装位置
+将证书复制到certd的证书安装位置   
+证书路径：`ssl/cert.crt`   
+私钥路径：`ssl/cert.key` 
 
 ![](./images/1.png)
 ![](./images/2.png)

docs/guide/use/pretask/index.md

@@ -0,0 +1,13 @@
+# 带输出的前置任务
+
+前置任务输出可以在后续任务中使用
+
+比如上传证书到阿里云，会返回阿里云的CertId，之后其他阿里云的部署任务可以选择复用这个证书
+
+## 复用证书
+
+![img.png](images/pretask1.png)
+
+在后续任务中可以选择前置任务的输出
+
+![img.png](images/pretask2.png)

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.31.5"
+  "version": "1.35.2"
 }

package.json

@@ -30,7 +30,8 @@
     "init": "lerna run build",
     "docs:dev": "vitepress dev docs",
     "docs:build": "vitepress build docs",
-    "docs:preview": "vitepress preview docs"
+    "docs:preview": "vitepress preview docs",
+    "pub": "echo 1"
   },
   "license": "AGPL-3.0",
   "dependencies": {

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,163 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.35.2](https://github.com/publishlab/node-acme-client/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.35.1](https://github.com/publishlab/node-acme-client/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Performance Improvements
+
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/publishlab/node-acme-client/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+
+# [1.35.0](https://github.com/publishlab/node-acme-client/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.11](https://github.com/publishlab/node-acme-client/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/publishlab/node-acme-client/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+
+### Performance Improvements
+
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/publishlab/node-acme-client/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+
+## [1.34.10](https://github.com/publishlab/node-acme-client/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.9](https://github.com/publishlab/node-acme-client/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.8](https://github.com/publishlab/node-acme-client/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.7](https://github.com/publishlab/node-acme-client/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.6](https://github.com/publishlab/node-acme-client/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.5](https://github.com/publishlab/node-acme-client/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.4](https://github.com/publishlab/node-acme-client/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.3](https://github.com/publishlab/node-acme-client/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.2](https://github.com/publishlab/node-acme-client/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+### Performance Improvements
+
+* http方式支持校验443端口 ([d75fcb7](https://github.com/publishlab/node-acme-client/commit/d75fcb7fec421a9a638eaa27fe9378c84b5e0f19))
+
+## [1.34.1](https://github.com/publishlab/node-acme-client/compare/v1.34.0...v1.34.1) (2025-05-05)
+
+### Bug Fixes
+
+* 根据SOA记录判断子域名托管有缺陷，改回手动配置子域名托管记录的方式 ([1b280a2](https://github.com/publishlab/node-acme-client/commit/1b280a2940f9e2d919b0bf23b89cc185be1fa498))
+
+# [1.34.0](https://github.com/publishlab/node-acme-client/compare/v1.33.8...v1.34.0) (2025-04-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.8](https://github.com/publishlab/node-acme-client/compare/v1.33.7...v1.33.8) (2025-04-26)
+
+### Bug Fixes
+
+* 修复http上传方式无法清除记录文件的bug ([72a7b51](https://github.com/publishlab/node-acme-client/commit/72a7b51d479602b2c54c6c3ac8d8a0dcb9664e73))
+
+### Performance Improvements
+
+* 从域名的soa获取主域名，子域名托管无需额外配置 ([a586a92](https://github.com/publishlab/node-acme-client/commit/a586a92d5e32ea846ac37be52a7ad8c328d89966))
+* 七牛oss支持删除过期备份 ([b7113bd](https://github.com/publishlab/node-acme-client/commit/b7113bda2378116d6c116dc583f563cce7cf9f00))
+
+## [1.33.7](https://github.com/publishlab/node-acme-client/compare/v1.33.6...v1.33.7) (2025-04-22)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.6](https://github.com/publishlab/node-acme-client/compare/v1.33.5...v1.33.6) (2025-04-20)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.5](https://github.com/publishlab/node-acme-client/compare/v1.33.4...v1.33.5) (2025-04-17)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.4](https://github.com/publishlab/node-acme-client/compare/v1.33.3...v1.33.4) (2025-04-15)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.3](https://github.com/publishlab/node-acme-client/compare/v1.33.2...v1.33.3) (2025-04-14)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.2](https://github.com/publishlab/node-acme-client/compare/v1.33.1...v1.33.2) (2025-04-12)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.1](https://github.com/publishlab/node-acme-client/compare/v1.33.0...v1.33.1) (2025-04-12)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.33.0](https://github.com/publishlab/node-acme-client/compare/v1.32.0...v1.33.0) (2025-04-11)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.32.0](https://github.com/publishlab/node-acme-client/compare/v1.31.11...v1.32.0) (2025-04-04)
+
+### Bug Fixes
+
+* 修复从本地dns获取记录报错的bug ([c39b1bf](https://github.com/publishlab/node-acme-client/commit/c39b1bf823ddc6216bed2049e4c87e6107def08a))
+
+### Features
+
+* 优化证书申请速度，修复某些情况下letsencrypt 校验失败的问题 ([857589b](https://github.com/publishlab/node-acme-client/commit/857589b365c6f709e0ae67914d2f50ce182e6dd6))
+
+### Performance Improvements
+
+* 优化华为dns解析记录创建和删除问题 ([0948c5b](https://github.com/publishlab/node-acme-client/commit/0948c5bc691d2ee6eb47c72a85da1b7453361878))
+
+## [1.31.11](https://github.com/publishlab/node-acme-client/compare/v1.31.10...v1.31.11) (2025-04-02)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.31.10](https://github.com/publishlab/node-acme-client/compare/v1.31.9...v1.31.10) (2025-03-29)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.31.9](https://github.com/publishlab/node-acme-client/compare/v1.31.8...v1.31.9) (2025-03-28)
+
+### Performance Improvements
+
+* dns支持火山引擎 ([99ff879](https://github.com/publishlab/node-acme-client/commit/99ff879d93658c29ea493a4bde7e9e3f85996d64))
+
+## [1.31.8](https://github.com/publishlab/node-acme-client/compare/v1.31.7...v1.31.8) (2025-03-26)
+
+### Performance Improvements
+
+* 优化txt本地校验效率 ([fd507f2](https://github.com/publishlab/node-acme-client/commit/fd507f269253607e68c5c099c99e0de11636f229))
+
+## [1.31.7](https://github.com/publishlab/node-acme-client/compare/v1.31.6...v1.31.7) (2025-03-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.31.6](https://github.com/publishlab/node-acme-client/compare/v1.31.5...v1.31.6) (2025-03-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.31.5](https://github.com/publishlab/node-acme-client/compare/v1.31.4...v1.31.5) (2025-03-22)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.31.5",
+    "version": "1.35.2",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.31.5",
+        "@certd/basic": "^1.35.2",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
@@ -26,7 +26,8 @@
         "http-proxy-agent": "^7.0.2",
         "https-proxy-agent": "^7.0.5",
         "lodash-es": "^4.17.21",
-        "node-forge": "^1.3.1"
+        "node-forge": "^1.3.1",
+        "punycode.js": "^2.3.1"
     },
     "devDependencies": {
         "@types/node": "^20.14.10",
@@ -50,7 +51,8 @@
         "lint": "eslint .",
         "lint-types": "tsd",
         "prepublishOnly": "npm run build-docs",
-        "test": "mocha -t 60000 \"test/setup.js\" \"test/**/*.spec.js\""
+        "test": "mocha -t 60000 \"test/setup.js\" \"test/**/*.spec.js\"",
+        "pub": "npm publish"
     },
     "repository": {
         "type": "git",
@@ -67,5 +69,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "b649617e0457b4e177bacb173dc1aa67eb84d7cf"
+    "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }

packages/core/acme-client/src/auto.js

@@ -1,10 +1,10 @@
 /**
  * ACME auto helper
  */
-import { readCsrDomains } from './crypto/index.js';
-import { log } from './logger.js';
-import { wait } from './wait.js';
-import { CancelError } from './error.js';
+import { readCsrDomains } from "./crypto/index.js";
+import { log } from "./logger.js";
+import { wait } from "./wait.js";
+import { CancelError } from "./error.js";
 
 
 const defaultOpts = {
@@ -13,13 +13,13 @@ const defaultOpts = {
     preferredChain: null,
     termsOfServiceAgreed: false,
     skipChallengeVerification: false,
-    challengePriority: ['http-01', 'dns-01'],
+    challengePriority: ["http-01", "dns-01"],
     challengeCreateFn: async () => {
-        throw new Error('Missing challengeCreateFn()');
+        throw new Error("Missing challengeCreateFn()");
     },
     challengeRemoveFn: async () => {
-        throw new Error('Missing challengeRemoveFn()');
-    },
+        throw new Error("Missing challengeRemoveFn()");
+    }
 };
 
 /**
@@ -30,7 +30,7 @@ const defaultOpts = {
  * @returns {Promise<buffer>} Certificate
  */
 
-export default  async (client, userOpts) => {
+export default async (client, userOpts) => {
     const opts = { ...defaultOpts, ...userOpts };
     const accountPayload = { termsOfServiceAgreed: opts.termsOfServiceAgreed };
 
@@ -49,14 +49,13 @@ export default  async (client, userOpts) => {
      * Register account
      */
 
-    log('[auto] Checking account');
+    log("[auto] Checking account");
 
     try {
         client.getAccountUrl();
-        log('[auto] Account URL already exists, skipping account registration');
-    }
-    catch (e) {
-        log('[auto] Registering account');
+        log("[auto] Account URL already exists, skipping account registration（ 证书申请账户已存在，跳过注册 ）");
+    } catch (e) {
+        log("[auto] Registering account （注册证书申请账户）");
         await client.createAccount(accountPayload);
     }
 
@@ -64,7 +63,7 @@ export default  async (client, userOpts) => {
      * Parse domains from CSR
      */
 
-    log('[auto] Parsing domains from Certificate Signing Request');
+    log("[auto] Parsing domains from Certificate Signing Request ");
     const { commonName, altNames } = readCsrDomains(opts.csr);
     const uniqueDomains = Array.from(new Set([commonName].concat(altNames).filter((d) => d)));
 
@@ -74,8 +73,11 @@ export default  async (client, userOpts) => {
      * Place order
      */
 
-    log('[auto] Placing new certificate order with ACME provider');
-    const orderPayload = { identifiers: uniqueDomains.map((d) => ({ type: 'dns', value: d })) };
+    log("[auto] Placing new certificate order with ACME provider");
+    const orderPayload = { identifiers: uniqueDomains.map((d) => ({ type: "dns", value: d })) };
+    if (opts.profile && client.sslProvider === 'letsencrypt' ){
+        orderPayload.profile = opts.profile;
+    }
     const order = await client.createOrder(orderPayload);
     const authorizations = await client.getAuthorizations(order);
 
@@ -85,82 +87,81 @@ export default  async (client, userOpts) => {
      * Resolve and satisfy challenges
      */
 
-    log('[auto] Resolving and satisfying authorization challenges');
+    log("[auto] Resolving and satisfying authorization challenges");
 
     const clearTasks = [];
+    const localVerifyTasks = [];
+    const completeChallengeTasks = [];
 
     const challengeFunc = async (authz) => {
         const d = authz.identifier.value;
         let challengeCompleted = false;
 
         /* Skip authz that already has valid status */
-        if (authz.status === 'valid') {
+        if (authz.status === "valid") {
             log(`[auto] [${d}] Authorization already has valid status, no need to complete challenges`);
             return;
         }
 
         const keyAuthorizationGetter = async (challenge) => {
             return await client.getChallengeKeyAuthorization(challenge);
-        }
+        };
 
-        try {
-            log(`[auto] [${d}] Trigger challengeCreateFn()`);
+        async function deactivateAuth(e) {
+            log(`[auto] [${d}] Unable to complete challenge: ${e.message}`);
             try {
-                const { recordReq, recordRes, dnsProvider,challenge ,keyAuthorization} = await opts.challengeCreateFn(authz, keyAuthorizationGetter);
-                clearTasks.push(async () => {
-                    /* Trigger challengeRemoveFn(), suppress errors */
-                    log(`[auto] [${d}] Trigger challengeRemoveFn()`);
-                    try {
-                        await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider);
-                    }
-                    catch (e) {
-                        log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
-                    }
-                });
-                // throw new Error('测试异常');
-                /* Challenge verification */
-                if (opts.skipChallengeVerification === true) {
-                    log(`[auto] [${d}] Skipping challenge verification since skipChallengeVerification=true，wait 60s`);
-                    await wait(60 * 1000);
-                }
-                else {
-                    log(`[auto] [${d}] Running challenge verification, type = ${challenge.type}`);
-                    try {
-                        await client.verifyChallenge(authz, challenge);
-                    }
-                    catch (e) {
-                        log(`[auto] [${d}] challenge verification threw error: ${e.message}`);
-                    }
-                }
-                /* Complete challenge and wait for valid status */
-                log(`[auto] [${d}] Completing challenge with ACME provider and waiting for valid status`);
-                await client.completeChallenge(challenge);
-                challengeCompleted = true;
-
-                await client.waitForValidStatus(challenge);
-            }
-            catch (e) {
-                log(`[auto] [${d}] challengeCreateFn threw error: ${e.message}`);
-                throw e;
+                log(`[auto] [${d}] Deactivating failed authorization`);
+                await client.deactivateAuthorization(authz);
+            } catch (f) {
+                /* Suppress deactivateAuthorization() errors */
+                log(`[auto] [${d}] Authorization deactivation threw error: ${f.message}`);
             }
         }
-        catch (e) {
-            /* Deactivate pending authz when unable to complete challenge */
-            if (!challengeCompleted) {
-                log(`[auto] [${d}] Unable to complete challenge: ${e.message}`);
 
+        log(`[auto] [${d}] Trigger challengeCreateFn()`);
+        try {
+            const { recordReq, recordRes, dnsProvider, challenge, keyAuthorization ,httpUploader} = await opts.challengeCreateFn(authz, keyAuthorizationGetter);
+            clearTasks.push(async () => {
+                /* Trigger challengeRemoveFn(), suppress errors */
+                log(`[auto] [${d}] Trigger challengeRemoveFn()`);
                 try {
-                    log(`[auto] [${d}] Deactivating failed authorization`);
-                    await client.deactivateAuthorization(authz);
+                    await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider,httpUploader);
+                } catch (e) {
+                    log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
                 }
-                catch (f) {
-                    /* Suppress deactivateAuthorization() errors */
-                    log(`[auto] [${d}] Authorization deactivation threw error: ${f.message}`);
-                }
-            }
+            });
 
+            localVerifyTasks.push(async () => {
+                /* Challenge verification */
+                log(`[auto] [${d}] 开始本地验证, type = ${challenge.type}`);
+                try {
+                    await client.verifyChallenge(authz, challenge);
+                } catch (e) {
+                    log(`[auto] [${d}] 本地验证失败，尝试请求ACME提供商获取状态: ${e.message}`);
+                }
+            });
+
+            completeChallengeTasks.push(async () => {
+                /* Complete challenge and wait for valid status */
+                log(`[auto] [${d}] 请求ACME提供商完成验证`);
+                try{
+                    await client.completeChallenge(challenge);
+                }catch (e) {
+                    await deactivateAuth(e);
+                    throw e;
+                }
+                challengeCompleted = true;
+                log(`[auto] [${d}] 等待返回valid状态`);
+                await client.waitForValidStatus(challenge,d);
+            });
+
+
+        } catch (e) {
+            log(`[auto] [${d}] challengeCreateFn threw error: ${e.message}`);
+            await deactivateAuth(e);
             throw e;
         }
+
     };
     const domainSets = [];
 
@@ -168,7 +169,7 @@ export default  async (client, userOpts) => {
         const d = authz.identifier.value;
         log(`authorization:domain = ${d}, value = ${JSON.stringify(authz)}`);
 
-        if (authz.status === 'valid') {
+        if (authz.status === "valid") {
             log(`[auto] [${d}] Authorization already has valid status, no need to complete challenges`);
             return;
         }
@@ -192,8 +193,9 @@ export default  async (client, userOpts) => {
 
     const allChallengePromises = [];
     // eslint-disable-next-line no-restricted-syntax
+    const challengePromises = [];
+    allChallengePromises.push(challengePromises);
     for (const domainSet of domainSets) {
-        const challengePromises = [];
         // eslint-disable-next-line guard-for-in,no-restricted-syntax
         for (const domain in domainSet) {
             const authz = domainSet[domain];
@@ -202,12 +204,11 @@ export default  async (client, userOpts) => {
                 await challengeFunc(authz);
             });
         }
-        allChallengePromises.push(challengePromises);
     }
 
     log(`[auto] challengeGroups:${allChallengePromises.length}`);
 
-    function runAllPromise(tasks) {
+    async function runAllPromise(tasks) {
         let promise = Promise.resolve();
         tasks.forEach((task) => {
             promise = promise.then(task);
@@ -215,73 +216,66 @@ export default  async (client, userOpts) => {
         return promise;
     }
 
-    async function runPromisePa(tasks) {
+    async function runPromisePa(tasks, waitTime = 8000) {
         const results = [];
+        let j = 0
         // eslint-disable-next-line no-await-in-loop,no-restricted-syntax
         for (const task of tasks) {
+            j++
+            log(`开始第${j}个任务`);
             results.push(task());
             // eslint-disable-next-line no-await-in-loop
-            await wait(10000);
+            log(`wait ${waitTime}s`)
+            await wait(waitTime);
         }
         return Promise.all(results);
     }
 
-    try {
-        log(`开始challenge，共${allChallengePromises.length}组`);
-        let i = 0;
-        // eslint-disable-next-line no-restricted-syntax
-        for (const challengePromises of allChallengePromises) {
-            i += 1;
-            log(`开始第${i}组`);
-            if (opts.signal && opts.signal.aborted) {
-                throw new CancelError('用户取消');
+    log(`开始challenge，共${allChallengePromises.length}组`);
+    let i = 0;
+    // eslint-disable-next-line no-restricted-syntax
+    for (const challengePromises of allChallengePromises) {
+        i += 1;
+        log(`开始第${i}组`);
+        if (opts.signal && opts.signal.aborted) {
+            throw new CancelError("用户取消");
+        }
+
+        const waitDnsDiffuseTime = opts.waitDnsDiffuseTime || 30;
+        try {
+            // eslint-disable-next-line no-await-in-loop
+            await runPromisePa(challengePromises);
+            if (opts.skipChallengeVerification === true) {
+                log(`跳过本地验证（skipChallengeVerification=true），等待 60s`);
+                await wait(60 * 1000);
+            } else {
+                log("开始本地校验")
+                await runPromisePa(localVerifyTasks, 1000);
+                log(`本地校验完成，等待${waitDnsDiffuseTime}s`)
+                await wait(waitDnsDiffuseTime * 1000)
             }
 
-            try {
-                // eslint-disable-next-line no-await-in-loop
-                await runPromisePa(challengePromises);
-            }
-            catch (e) {
-                log(`证书申请失败${e.message}`);
-                throw e;
-            }
-            finally {
-                if (client.opts.sslProvider !== 'google') {
-                    // letsencrypt 如果同时检出两个TXT记录，会以第一个为准，就会校验失败，所以需要提前删除
-                    // zerossl 此方式测试无问题
-                    log(`清理challenge痕迹，length:${clearTasks.length}`);
-                    try {
-                        // eslint-disable-next-line no-await-in-loop
-                        await runAllPromise(clearTasks);
-                    }
-                    catch (e) {
-                        log('清理challenge失败');
-                        log(e);
-                    }
-                }
-            }
-        }
-    }
-    finally {
-        if (client.opts.sslProvider === 'google') {
-            // google 相同的域名txt记录是一样的，不能提前删除，否则校验失败，报错如下
-            //  Error: The TXT record retrieved from _acme-challenge.bbc.handsfree.work.
-            //  at the time the challenge was validated did not contain JshHVu7dt_DT6uYILWhokHefFVad2Q6Mw1L-fNZFcq8
-            //  (the base64url-encoded SHA-256 digest of RlJZNBR0LWnxNK_xd2zqtYVvCiNJOKJ3J1NmCjU_9BjaUJgL3k-qSpIhQ-uF4FBS.NRyqT8fRiq6THzzrvkgzgR5Xai2LsA2SyGLAq_wT3qc).
-            //  See https://tools.ietf.org/html/rfc8555#section-8.4 for more information.
+            log("开始向提供商请求挑战验证");
+            await runPromisePa(completeChallengeTasks, 1000);
+        } catch (e) {
+            log(`证书申请失败${e.message}`);
+            throw e;
+        } finally {
+            // letsencrypt 如果同时检出两个TXT记录，会以第一个为准，就会校验失败，所以需要提前删除
+            // zerossl 此方式测试无问题
             log(`清理challenge痕迹，length:${clearTasks.length}`);
             try {
-            // eslint-disable-next-line no-await-in-loop
+                // eslint-disable-next-line no-await-in-loop
                 await runAllPromise(clearTasks);
-            }
-            catch (e) {
-                log('清理challenge失败');
+            } catch (e) {
+                log("清理challenge失败");
                 log(e);
             }
         }
     }
 
-    log('challenge结束');
+
+    log("challenge结束");
 
     // log('[auto] Waiting for challenge valid status');
     // await Promise.all(challengePromises);
@@ -289,7 +283,7 @@ export default  async (client, userOpts) => {
      * Finalize order and download certificate
      */
 
-    log('[auto] Finalizing order and downloading certificate');
+    log("[auto] Finalizing order and downloading certificate");
     const finalized = await client.finalizeOrder(order, opts.csr);
     const res = await client.getCertificate(finalized, opts.preferredChain);
     return res;

packages/core/acme-client/src/client.js

@@ -90,10 +90,12 @@ const defaultOpts = {
  */
 
 class AcmeClient {
+    sslProvider
     constructor(opts) {
         if (!Buffer.isBuffer(opts.accountKey)) {
             opts.accountKey = Buffer.from(opts.accountKey);
         }
+        this.sslProvider = opts.sslProvider;
 
         this.opts = { ...defaultOpts, ...opts };
         this.backoffOpts = {
@@ -500,7 +502,7 @@ class AcmeClient {
             await verify[challenge.type](authz, challenge, keyAuthorization);
         };
 
-        log('Waiting for ACME challenge verification', this.backoffOpts);
+        log('Waiting for ACME challenge verification（等待ACME挑战验证）', this.backoffOpts);
         return util.retry(verifyFn, this.backoffOpts);
     }
 
@@ -554,9 +556,9 @@ class AcmeClient {
      * ```
      */
 
-    async waitForValidStatus(item) {
+    async waitForValidStatus(item,d) {
         if (!item.url) {
-            throw new Error('Unable to verify status of item, URL not found');
+            throw new Error(`[${d}] Unable to verify status of item, URL not found`);
         }
 
         const verifyFn = async (abort) => {
@@ -568,23 +570,23 @@ class AcmeClient {
             const resp = await this.api.apiRequest(item.url, null, [200]);
 
             /* Verify status */
-            log(`Item has status: ${resp.data.status}`);
+            log(`[${d}] Item has status（挑战状态）: ${resp.data.status}`);
 
             if (invalidStates.includes(resp.data.status)) {
                 abort();
                 throw new Error(util.formatResponseError(resp));
             }
             else if (pendingStates.includes(resp.data.status)) {
-                throw new Error('Operation is pending or processing');
+                throw new Error(`[${d}] Operation is pending or processing（当前仍然在等待状态）`);
             }
             else if (validStates.includes(resp.data.status)) {
                 return resp.data;
             }
 
-            throw new Error(`Unexpected item status: ${resp.data.status}`);
+            throw new Error(`[${d}] Unexpected item status: ${resp.data.status}`);
         };
 
-        log(`Waiting for valid status from: ${item.url}`, this.backoffOpts);
+        log(`[${d}] Waiting for valid status （等待valid状态）: ${item.url}`, this.backoffOpts);
         return util.retry(verifyFn, this.backoffOpts);
     }
 

packages/core/acme-client/src/index.js

@@ -46,3 +46,5 @@ export *  from './axios.js'
 export * from './logger.js'
 export * from './verify.js'
 export * from './error.js'
+
+export * from './util.js'

packages/core/acme-client/src/util.js

@@ -60,8 +60,9 @@ async function retryPromise(fn, attempts, backoff) {
             throw e;
         }
 
+        log(`Promise rejected: ${e.message}`);
         const duration = backoff.duration();
-        log(`Promise rejected attempt #${backoff.attempts}, retrying in ${duration}ms: ${e.message}`);
+        log(`Promise rejected attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
 
         await new Promise((resolve) => { setTimeout(resolve, duration); });
         return retryPromise(fn, attempts, backoff);
@@ -218,15 +219,15 @@ function formatResponseError(resp) {
 async function resolveDomainBySoaRecord(recordName) {
     try {
         await dns.resolveSoa(recordName);
-        log(`Found SOA record, considering domain to be: ${recordName}`);
+        log(`找到${recordName}的SOA记录`);
         return recordName;
     }
     catch (e) {
-        log(`Unable to locate SOA record for name: ${recordName}`);
+        log(`找不到${recordName}的SOA记录,继续往主域名查找`);
         const parentRecordName = recordName.split('.').slice(1).join('.');
 
         if (!parentRecordName.includes('.')) {
-            throw new Error('Unable to resolve domain by SOA record');
+            throw new Error('SOA record查找失败');
         }
 
         return resolveDomainBySoaRecord(parentRecordName);
@@ -241,7 +242,7 @@ async function resolveDomainBySoaRecord(recordName) {
  */
 
 async function getAuthoritativeDnsResolver(recordName) {
-    log(`Locating authoritative NS records for name: ${recordName}`);
+    log(`获取域名${recordName}的权威NS服务器: `);
     const resolver = new dns.Resolver();
 
     try {
@@ -249,13 +250,14 @@ async function getAuthoritativeDnsResolver(recordName) {
         const domain = await resolveDomainBySoaRecord(recordName);
 
         /* Resolve authoritative NS addresses */
-        log(`Looking up authoritative NS records for domain: ${domain}`);
+        log(`获取到权威NS服务器name: ${domain}`);
         const nsRecords = await dns.resolveNs(domain);
+        log(`域名权威NS服务器：${nsRecords}`);
         const nsAddrArray = await Promise.all(nsRecords.map(async (r) => dns.resolve4(r)));
         const nsAddresses = [].concat(...nsAddrArray).filter((a) => a);
 
         if (!nsAddresses.length) {
-            throw new Error(`Unable to locate any valid authoritative NS addresses for domain: ${domain}`);
+            throw new Error(`Unable to locate any valid authoritative NS addresses for domain（获取权威服务器IP失败）: ${domain}`);
         }
 
         /* Authoritative NS success */
@@ -263,12 +265,12 @@ async function getAuthoritativeDnsResolver(recordName) {
         resolver.setServers(nsAddresses);
     }
     catch (e) {
-        log(`Authoritative NS lookup error: ${e.message}`);
+        log(`Authoritative NS lookup error（获取权威NS服务器地址失败）: ${e.message}`);
     }
 
     /* Return resolver */
     const addresses = resolver.getServers();
-    log(`DNS resolver addresses: ${addresses.join(', ')}`);
+    log(`DNS resolver addresses（域名的权威NS服务器地址）: ${addresses.join(', ')}`);
 
     return resolver;
 }
@@ -338,5 +340,6 @@ export {
     formatResponseError,
     getAuthoritativeDnsResolver,
     retrieveTlsAlpnCertificate,
+    resolveDomainBySoaRecord
 };
 

packages/core/acme-client/src/verify.js

@@ -24,22 +24,46 @@ const dns = dnsSdk.promises
  */
 
 async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix = `/.well-known/acme-challenge/${challenge.token}`) {
+
+    async function doQuery(challengeUrl){
+        log(`正在测试请求 ${challengeUrl} `)
+        // const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
+        // const challengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
+
+        /* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */
+        const httpsAgent = new https.Agent({ rejectUnauthorized: false });
+
+        log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`);
+        let data = ""
+        try{
+            const resp = await axios.get(challengeUrl, { httpsAgent });
+            data = (resp.data || '').replace(/\s+$/, '');
+        }catch (e) {
+            log(`[error] HTTP request error from ${authz.identifier.value}`,e.message);
+            return false
+        }
+
+        if (!data || (data !== keyAuthorization)) {
+            log(`[error] Authorization not found in HTTP response from ${authz.identifier.value}`);
+            return false
+        }
+        return true
+
+    }
+
     const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
     const challengeUrl = `http://${authz.identifier.value}:${httpPort}${suffix}`;
 
-    /* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */
-    const httpsAgent = new https.Agent({ rejectUnauthorized: false });
-
-    log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`);
-    const resp = await axios.get(challengeUrl, { httpsAgent });
-    const data = (resp.data || '').replace(/\s+$/, '');
-
-    log(`Query successful, HTTP status code: ${resp.status}`);
-
-    if (!data || (data !== keyAuthorization)) {
-        throw new Error(`Authorization not found in HTTP response from ${authz.identifier.value}`);
+    if (!await doQuery(challengeUrl)) {
+        const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
+        const httpsChallengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
+        const res = await doQuery(httpsChallengeUrl)
+        if (!res) {
+            throw new Error(`[error] 验证失败，请检查以上测试url是否可以正常访问`);
+        }
     }
 
+
     log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`);
     return true;
 }
@@ -48,55 +72,85 @@ async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix =
  * Walk DNS until TXT records are found
  */
 
-async function walkDnsChallengeRecord(recordName, resolver = dns) {
-    /* Resolve CNAME record first */
-    // try {
-    //     log(`Checking name for CNAME records: ${recordName}`);
-    //     const cnameRecords = await resolver.resolveCname(recordName);
-    //
-    //     if (cnameRecords.length) {
-    //         log(`CNAME record found at ${recordName}, new challenge record name: ${cnameRecords[0]}`);
-    //         return walkDnsChallengeRecord(cnameRecords[0]);
-    //     }
-    // }
-    // catch (e) {
-    //     log(`No CNAME records found for name: ${recordName}`);
-    // }
+async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
+
+    let records = [];
 
     /* Resolve TXT records */
     try {
-        log(`Checking name for TXT records: ${recordName}`);
+        log(`检查域名 ${recordName} 的TXT记录`);
         const txtRecords = await resolver.resolveTxt(recordName);
 
         if (txtRecords && txtRecords.length) {
-            log(`Found ${txtRecords.length} TXT records at ${recordName}`);
+            log(`找到 ${txtRecords.length} 条 TXT记录（ ${recordName}）`);
             log(`TXT records: ${JSON.stringify(txtRecords)}`);
-            return [].concat(...txtRecords);
+            records = records.concat(...txtRecords);
         }
-        return [];
+    } catch (e) {
+        log(`解析 TXT 记录出错, ${recordName} :${e.message}`);
     }
-    catch (e) {
-        log(`Resolve TXT records error, ${recordName} :${e.message}`);
-        throw e;
+
+    /* Resolve CNAME record first */
+    try {
+        log(`检查是否存在CNAME映射: ${recordName}`);
+        const cnameRecords = await resolver.resolveCname(recordName);
+
+        if (cnameRecords.length) {
+            const cnameRecord = cnameRecords[0];
+            log(`已找到${recordName}的CNAME记录，将检查: ${cnameRecord}`);
+            let res= await  walkTxtRecord(cnameRecord,deep+1);
+            if (res && res.length) {
+                log(`从CNAME中找到TXT记录: ${JSON.stringify(res)}`);
+                records = records.concat(...res);
+            }
+        }else{
+            log(`没有CNAME映射（${recordName}）`);
+        }
+    } catch (e) {
+        log(`检查CNAME出错（${recordName}） :${e.message}`);
     }
+    return records
 }
 
-export async function walkTxtRecord(recordName) {
+export async function walkTxtRecord(recordName,deep = 0) {
+    if(deep >5){
+        log(`walkTxtRecord too deep (#${deep}) , skip walk`)
+        return []
+    }
+
+    const txtRecords = []
     try {
         /* Default DNS resolver first */
-        log('Attempting to resolve TXT with default DNS resolver first');
-        const res = await walkDnsChallengeRecord(recordName);
+        log('从本地DNS服务器获取TXT解析记录');
+        const res = await walkDnsChallengeRecord(recordName,dns,deep);
         if (res && res.length > 0) {
-            return res;
+            for (const item of res) {
+                txtRecords.push(item)
+            }
         }
-        throw new Error('No TXT records found');
+
+    } catch (e) {
+        log(`本地获取TXT解析记录失败:${e.message}`)
     }
-    catch (e) {
+
+    try{
         /* Authoritative DNS resolver */
-        log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`);
+        log(`从域名权威服务器获取TXT解析记录`);
         const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
-        return await walkDnsChallengeRecord(recordName, authoritativeResolver);
+        const res = await walkDnsChallengeRecord(recordName, authoritativeResolver,deep);
+        if (res && res.length > 0) {
+            for (const item of res) {
+                txtRecords.push(item)
+            }
+        }
+    }catch (e) {
+        log(`权威服务器获取TXT解析记录失败:${e.message}`)
     }
+
+    if (txtRecords.length === 0) {
+        throw new Error(`没有找到TXT解析记录（${recordName}）`);
+    }
+    return txtRecords;
 }
 
 /**
@@ -113,14 +167,16 @@ export async function walkTxtRecord(recordName) {
 
 async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
     const recordName = `${prefix}${authz.identifier.value}`;
-    log(`Resolving DNS TXT from record: ${recordName}`);
-    const recordValues = await walkTxtRecord(recordName);
-    log(`DNS query finished successfully, found ${recordValues.length} TXT records`);
+    log(`本地校验TXT记录）: ${recordName}`);
+    let recordValues = await walkTxtRecord(recordName);
+    //去重
+    recordValues = [...new Set(recordValues)];
+    log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录：${recordValues}`);
     if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
-        throw new Error(`Authorization not found in DNS TXT record: ${recordName}，need:${keyAuthorization},found:${recordValues}`);
+        throw new Error(`没有找到需要的DNS TXT记录: ${recordName}，期望:${keyAuthorization},结果:${recordValues}`);
     }
 
-    log(`Key authorization match for ${challenge.type}/${recordName}, ACME challenge verified`);
+    log(`关键授权匹配成功（${challenge.type}/${recordName}）:${keyAuthorization}，校验成功， ACME challenge verified`);
     return true;
 }
 

packages/core/acme-client/test/soa.spec.mjs

@@ -0,0 +1,11 @@
+import {assert} from 'chai'
+import {resolveDomainBySoaRecord} from "../src/util.js"
+describe('dns', () => {
+    it('resolveDomainBySoaRecord', async () => {
+        const resp = await resolveDomainBySoaRecord("a.corp.smartdeer.com")
+
+        assert.equal(resp, "smartdeer.com")
+
+    });
+
+})

packages/core/acme-client/types/index.d.ts

@@ -59,13 +59,14 @@ export interface ClientExternalAccountBindingOptions {
 export interface ClientAutoOptions {
     csr: CsrBuffer | CsrString;
     challengeCreateFn: (authz: Authorization, keyAuthorization: (challenge:rfc8555.Challenge)=>Promise<string>) => Promise<{recordReq?:any,recordRes?:any,dnsProvider?:any,challenge: rfc8555.Challenge,keyAuthorization:string}>;
-    challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string,recordReq:any, recordRes:any,dnsProvider:any) => Promise<any>;
+    challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string,recordReq:any, recordRes:any,dnsProvider:any,httpUploader:any) => Promise<any>;
     email?: string;
     termsOfServiceAgreed?: boolean;
     skipChallengeVerification?: boolean;
     challengePriority?: string[];
     preferredChain?: string;
     signal?: AbortSignal;
+    profile?:string;
 }
 
 export class Client {
@@ -203,5 +204,8 @@ export const agents: any;
 export function setLogger(fn: (message: any, ...args: any[]) => void): void;
 
 export function walkTxtRecord(record: any): Promise<string[]>;
+export function getAuthoritativeDnsResolver(record:string): Promise<any>;
 
-export const CancelError: typeof CancelError;
+export const CancelError: typeof CancelError;
+
+export function resolveDomainBySoaRecord(domain: string): Promise<string>;

packages/core/acme-client/types/index.test-d.js

@@ -1,137 +0,0 @@
-"use strict";
-/**
- * acme-client type definition tests
- */
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __generator = (this && this.__generator) || function (thisArg, body) {
-    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
-    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
-    function verb(n) { return function (v) { return step([n, v]); }; }
-    function step(op) {
-        if (f) throw new TypeError("Generator is already executing.");
-        while (g && (g = 0, op[0] && (_ = 0)), _) try {
-            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
-            if (y = 0, t) op = [op[0] & 2, t.value];
-            switch (op[0]) {
-                case 0: case 1: t = op; break;
-                case 4: _.label++; return { value: op[1], done: false };
-                case 5: _.label++; y = op[1]; op = [0]; continue;
-                case 7: op = _.ops.pop(); _.trys.pop(); continue;
-                default:
-                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
-                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
-                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
-                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
-                    if (t[2]) _.ops.pop();
-                    _.trys.pop(); continue;
-            }
-            op = body.call(thisArg, _);
-        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
-        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
-    }
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-var acme = require("acme-client");
-(function () { return __awaiter(void 0, void 0, void 0, function () {
-    var accountKey, client, order, authorizations, authorization, challenge, _a, certKey, certCsr;
-    return __generator(this, function (_b) {
-        switch (_b.label) {
-            case 0: return [4 /*yield*/, acme.crypto.createPrivateKey()];
-            case 1:
-                accountKey = _b.sent();
-                client = new acme.Client({
-                    accountKey: accountKey,
-                    directoryUrl: acme.directory.letsencrypt.staging
-                });
-                /* Account */
-                return [4 /*yield*/, client.createAccount({
-                        termsOfServiceAgreed: true,
-                        contact: ['mailto:test@example.com']
-                    })];
-            case 2:
-                /* Account */
-                _b.sent();
-                return [4 /*yield*/, client.createOrder({
-                        identifiers: [
-                            { type: 'dns', value: 'example.com' },
-                            { type: 'dns', value: '*.example.com' },
-                        ]
-                    })];
-            case 3:
-                order = _b.sent();
-                return [4 /*yield*/, client.getOrder(order)];
-            case 4:
-                _b.sent();
-                return [4 /*yield*/, client.getAuthorizations(order)];
-            case 5:
-                authorizations = _b.sent();
-                authorization = authorizations[0];
-                challenge = authorization.challenges[0];
-                return [4 /*yield*/, client.getChallengeKeyAuthorization(challenge)];
-            case 6:
-                _b.sent();
-                return [4 /*yield*/, client.verifyChallenge(authorization, challenge)];
-            case 7:
-                _b.sent();
-                return [4 /*yield*/, client.completeChallenge(challenge)];
-            case 8:
-                _b.sent();
-                return [4 /*yield*/, client.waitForValidStatus(challenge)];
-            case 9:
-                _b.sent();
-                return [4 /*yield*/, acme.crypto.createCsr({
-                        commonName: 'example.com',
-                        altNames: ['example.com', '*.example.com']
-                    })];
-            case 10:
-                _a = _b.sent(), certKey = _a[0], certCsr = _a[1];
-                return [4 /*yield*/, client.finalizeOrder(order, certCsr)];
-            case 11:
-                _b.sent();
-                return [4 /*yield*/, client.getCertificate(order)];
-            case 12:
-                _b.sent();
-                return [4 /*yield*/, client.getCertificate(order, 'DST Root CA X3')];
-            case 13:
-                _b.sent();
-                /* Auto */
-                return [4 /*yield*/, client.auto({
-                        csr: certCsr,
-                        challengeCreateFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
-                            return [2 /*return*/];
-                        }); }); },
-                        challengeRemoveFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
-                            return [2 /*return*/];
-                        }); }); }
-                    })];
-            case 14:
-                /* Auto */
-                _b.sent();
-                return [4 /*yield*/, client.auto({
-                        csr: certCsr,
-                        email: 'test@example.com',
-                        termsOfServiceAgreed: false,
-                        skipChallengeVerification: false,
-                        challengePriority: ['http-01', 'dns-01'],
-                        preferredChain: 'DST Root CA X3',
-                        challengeCreateFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
-                            return [2 /*return*/];
-                        }); }); },
-                        challengeRemoveFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
-                            return [2 /*return*/];
-                        }); }); }
-                    })];
-            case 15:
-                _b.sent();
-                return [2 /*return*/];
-        }
-    });
-}); })();

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,148 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/basic
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Performance Improvements
+
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 支持部署到宝塔aaWAF ([094565c](https://github.com/certd/certd/commit/094565ccd619ef671c6c11ce5fb7fd54a7a21d1c))
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+### Bug Fixes
+
+* 修复导入在线插件不生效的bug ([fcf8309](https://github.com/certd/certd/commit/fcf8309c238208281ecb4575b2c3cfe50c11d783))
+* 修复自建插件保存丢失部署策略的bug ([863e74d](https://github.com/certd/certd/commit/863e74dd2e3912f950ff5025b5ed0070aeb37035))
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
+
+### Performance Improvements
+
+* 支持部署证书到火山dcdn ([5f85219](https://github.com/certd/certd/commit/5f852194953dc1b4e6336770f417507b8f5a33ad))
+
+# [1.34.0](https://github.com/certd/certd/compare/v1.33.8...v1.34.0) (2025-04-28)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
+
+### Performance Improvements
+
+* 支持51dns ([96a0900](https://github.com/certd/certd/commit/96a0900edc95dcfd9acccf9d13592f12f5a09b3d))
+
+## [1.33.6](https://github.com/certd/certd/compare/v1.33.5...v1.33.6) (2025-04-20)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.33.5](https://github.com/certd/certd/compare/v1.33.4...v1.33.5) (2025-04-17)
+
+### Performance Improvements
+
+* 多重认证登录 ([0f82cf4](https://github.com/certd/certd/commit/0f82cf409bc60706ab07e4ca4f272b9a1ca7eecb))
+
+## [1.33.4](https://github.com/certd/certd/compare/v1.33.3...v1.33.4) (2025-04-15)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.33.3](https://github.com/certd/certd/compare/v1.33.2...v1.33.3) (2025-04-14)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.33.2](https://github.com/certd/certd/compare/v1.33.1...v1.33.2) (2025-04-12)
+
+### Bug Fixes
+
+* 修复某些情况下无法输出日志的bug ([70101bf](https://github.com/certd/certd/commit/70101bfa7ade65678d9202c804bbae2cb808b594))
+
+## [1.33.1](https://github.com/certd/certd/compare/v1.33.0...v1.33.1) (2025-04-12)
+
+**Note:** Version bump only for package @certd/basic
+
+# [1.33.0](https://github.com/certd/certd/compare/v1.32.0...v1.33.0) (2025-04-11)
+
+**Note:** Version bump only for package @certd/basic
+
+# [1.32.0](https://github.com/certd/certd/compare/v1.31.11...v1.32.0) (2025-04-04)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.31.11](https://github.com/certd/certd/compare/v1.31.10...v1.31.11) (2025-04-02)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.31.10](https://github.com/certd/certd/compare/v1.31.9...v1.31.10) (2025-03-29)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.31.9](https://github.com/certd/certd/compare/v1.31.8...v1.31.9) (2025-03-28)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.31.8](https://github.com/certd/certd/compare/v1.31.7...v1.31.8) (2025-03-26)
+
+### Performance Improvements
+
+* 支持又拍云cdn ([fd0536b](https://github.com/certd/certd/commit/fd0536bd4b41f15b6b5d42e0b447f0dcbf73b8a8))
+
+## [1.31.7](https://github.com/certd/certd/compare/v1.31.6...v1.31.7) (2025-03-24)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.31.6](https://github.com/certd/certd/compare/v1.31.5...v1.31.6) (2025-03-24)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.31.5](https://github.com/certd/certd/compare/v1.31.4...v1.31.5) (2025-03-22)
 
 **Note:** Version bump only for package @certd/basic

packages/core/basic/build.md

@@ -1 +1 @@
-15:01
+23:54

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.31.5",
+  "version": "1.35.2",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -12,7 +12,8 @@
     "build": "npm run before-build && tsc --skipLibCheck",
     "dev-build": "npm run build",
     "preview": "vite preview",
-    "test": "mocha   --loader=ts-node/esm"
+    "test": "mocha   --loader=ts-node/esm",
+    "pub": "npm publish"
   },
   "dependencies": {
     "axios": "^1.7.2",
@@ -44,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "b649617e0457b4e177bacb173dc1aa67eb84d7cf"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }

packages/core/basic/src/utils/index.ts

@@ -1,39 +1,39 @@
-export * from './util.request.js';
-export * from './util.env.js';
-export * from './util.log.js';
-export * from './util.file.js';
-export * from './util.sp.js';
-export * from './util.promise.js';
-export * from './util.hash.js';
-export * from './util.merge.js';
-export * from './util.cache.js';
-export * from './util.string.js';
-export * from './util.lock.js';
-export * from './util.mitter.js';
-export * from './util.id.js';
-export * from './util.domain.js';
-export * from './util.amount.js';
-import { stringUtils } from './util.string.js';
-import sleep from './util.sleep.js';
-import { http, download } from './util.request.js';
+export * from "./util.request.js";
+export * from "./util.env.js";
+export * from "./util.log.js";
+export * from "./util.file.js";
+export * from "./util.sp.js";
+export * from "./util.promise.js";
+export * from "./util.hash.js";
+export * from "./util.merge.js";
+export * from "./util.cache.js";
+export * from "./util.string.js";
+export * from "./util.lock.js";
+export * from "./util.mitter.js";
+export * from "./util.id.js";
+export * from "./util.domain.js";
+export * from "./util.amount.js";
+import { stringUtils } from "./util.string.js";
+import sleep from "./util.sleep.js";
+import { http, download } from "./util.request.js";
 
-import { mergeUtils } from './util.merge.js';
-import { sp } from './util.sp.js';
-import { hashUtils } from './util.hash.js';
-import { promises } from './util.promise.js';
-import { fileUtils } from './util.file.js';
-import * as _ from 'lodash-es';
-import { cache } from './util.cache.js';
-import dayjs from 'dayjs';
-import { domainUtils } from './util.domain.js';
-import { optionsUtils } from './util.options.js';
-import { amountUtils } from './util.amount.js';
-import { nanoid } from 'nanoid';
-import * as id from './util.id.js';
-import { locker } from './util.lock.js';
-import { mitter } from './util.mitter.js';
+import { mergeUtils } from "./util.merge.js";
+import { sp } from "./util.sp.js";
+import { hashUtils } from "./util.hash.js";
+import { promises } from "./util.promise.js";
+import { fileUtils } from "./util.file.js";
+import * as _ from "lodash-es";
+import { cache } from "./util.cache.js";
+import dayjs from "dayjs";
+import { domainUtils } from "./util.domain.js";
+import { optionsUtils } from "./util.options.js";
+import { amountUtils } from "./util.amount.js";
+import { nanoid } from "nanoid";
+import * as id from "./util.id.js";
+import { locker } from "./util.lock.js";
+import { mitter } from "./util.mitter.js";
 
-import * as request from './util.request.js';
+import * as request from "./util.request.js";
 export const utils = {
   sleep,
   http,

packages/core/basic/src/utils/util.hash.ts

@@ -1,22 +1,26 @@
-import crypto, { BinaryToTextEncoding } from 'crypto';
+import crypto, { BinaryToTextEncoding } from "crypto";
 
-function md5(data: string, digest: BinaryToTextEncoding = 'hex') {
-  return crypto.createHash('md5').update(data).digest(digest);
+function md5(data: string, digest: BinaryToTextEncoding = "hex") {
+  return crypto.createHash("md5").update(data).digest(digest);
 }
-function sha256(data: string, digest: BinaryToTextEncoding = 'hex') {
-  return crypto.createHash('sha256').update(data).digest(digest);
+function sha256(data: string, digest: BinaryToTextEncoding = "hex") {
+  return crypto.createHash("sha256").update(data).digest(digest);
 }
 
-function hmacSha256(data: string, digest: BinaryToTextEncoding = 'base64') {
-  return crypto.createHmac('sha256', data).update(Buffer.alloc(0)).digest(digest);
+function hmacSha256(data: string, digest: BinaryToTextEncoding = "base64") {
+  return crypto.createHmac("sha256", data).update(Buffer.alloc(0)).digest(digest);
 }
 
 function base64(data: string) {
-  return Buffer.from(data).toString('base64');
+  return Buffer.from(data).toString("base64");
+}
+function base64Decode(data: string) {
+  return Buffer.from(data, "base64").toString("utf8");
 }
 export const hashUtils = {
   md5,
   sha256,
   base64,
+  base64Decode,
   hmacSha256,
 };

packages/core/basic/src/utils/util.id.ts

@@ -1,4 +1,4 @@
-import { customAlphabet } from 'nanoid';
+import { customAlphabet } from "nanoid";
 
-export const randomNumber = customAlphabet('1234567890', 4);
-export const simpleNanoId = customAlphabet('1234567890abcdefghijklmopqrstuvwxyz', 12);
+export const randomNumber = customAlphabet("1234567890", 4);
+export const simpleNanoId = customAlphabet("1234567890abcdefghijklmopqrstuvwxyzABCDEFGHIJKLMOPQRSTUVWXYZ", 12);

packages/core/basic/src/utils/util.log.ts

@@ -1,4 +1,4 @@
-import log4js, { LoggingEvent, Logger } from 'log4js';
+import log4js, { LoggingEvent, Logger } from "log4js";
 
 const OutputAppender = {
   configure: (config: any, layouts: any, findAppender: any, levels: any) => {
@@ -18,20 +18,56 @@ const OutputAppender = {
   },
 };
 
+let logFilePath = "./logs/app.log";
 export function resetLogConfigure() {
   // @ts-ignore
   log4js.configure({
-    appenders: { std: { type: 'stdout' }, output: { type: OutputAppender } },
-    categories: { default: { appenders: ['std'], level: 'info' }, pipeline: { appenders: ['std', 'output'], level: 'info' } },
+    appenders: {
+      std: { type: "stdout" },
+      output: { type: OutputAppender },
+      file: {
+        type: "dateFile",
+        filename: logFilePath,
+        keepFileExt: true,
+        compress: true,
+        numBackups: 3,
+      },
+    },
+    categories: { default: { appenders: ["std", "file"], level: "info" }, pipeline: { appenders: ["std", "file", "output"], level: "info" } },
   });
 }
 resetLogConfigure();
-export const logger = log4js.getLogger('default');
+export const logger = log4js.getLogger("default");
 
+export function resetLogFilePath(filePath: string) {
+  logFilePath = filePath;
+  resetLogConfigure();
+}
 export function buildLogger(write: (text: string) => void) {
-  const logger = log4js.getLogger('pipeline');
-  logger.addContext('outputHandler', {
-    write,
+  const logger = log4js.getLogger("pipeline");
+  const _secrets: string[] = [];
+  //@ts-ignore
+  logger.addSecret = (secret: string) => {
+    _secrets.push(secret);
+  };
+  logger.addContext("outputHandler", {
+    write: (text: string) => {
+      for (const item of _secrets) {
+        if (item == null) {
+          continue;
+        }
+        if (item.includes(text)) {
+          //整个包含
+          text = "*".repeat(text.length);
+          continue;
+        }
+        if (text.includes(item)) {
+          //换成同长度的*号， item可能有多行
+          text = text.replaceAll(item, "*".repeat(item.length));
+        }
+      }
+      write(text);
+    },
   });
   return logger;
 }

packages/core/basic/src/utils/util.options.ts

@@ -1,4 +1,4 @@
-import { domainUtils } from './util.domain.js';
+import { domainUtils } from "./util.domain.js";
 
 function groupByDomain(options: any[], inDomains: string[]) {
   const matched = [];
@@ -19,16 +19,16 @@ function groupByDomain(options: any[], inDomains: string[]) {
 function buildGroupOptions(options: any[], inDomains: string[]) {
   const grouped = groupByDomain(options, inDomains);
   const groupOptions = [];
-  groupOptions.push({ value: 'matched', disabled: true, label: '----已匹配----' });
+  groupOptions.push({ value: "matched", disabled: true, label: "----已匹配----" });
   if (grouped.matched.length === 0) {
-    options.push({ value: '', disabled: true, label: '没有可以匹配的域名' });
+    options.push({ value: "", disabled: true, label: "没有可以匹配的域名" });
   } else {
     for (const matched of grouped.matched) {
       groupOptions.push(matched);
     }
   }
   if (grouped.notMatched.length > 0) {
-    groupOptions.push({ value: 'unmatched', disabled: true, label: '----未匹配----' });
+    groupOptions.push({ value: "unmatched", disabled: true, label: "----未匹配----" });
     for (const notMatched of grouped.notMatched) {
       groupOptions.push(notMatched);
     }

packages/core/basic/src/utils/util.request.ts

@@ -1,13 +1,13 @@
-import axios, { AxiosHeaders, AxiosRequestConfig } from 'axios';
-import { ILogger, logger } from './util.log.js';
-import { Logger } from 'log4js';
-import { HttpProxyAgent } from 'http-proxy-agent';
-import { HttpsProxyAgent } from 'https-proxy-agent';
-import nodeHttp from 'http';
-import * as https from 'node:https';
-import { merge } from 'lodash-es';
-import { safePromise } from './util.promise.js';
-import fs from 'fs';
+import axios, { AxiosHeaders, AxiosRequestConfig } from "axios";
+import { ILogger, logger } from "./util.log.js";
+import { Logger } from "log4js";
+import { HttpProxyAgent } from "http-proxy-agent";
+import { HttpsProxyAgent } from "https-proxy-agent";
+import nodeHttp from "http";
+import * as https from "node:https";
+import { merge } from "lodash-es";
+import { safePromise } from "./util.promise.js";
+import fs from "fs";
 export class HttpError extends Error {
   status?: number;
   statusText?: string;
@@ -22,10 +22,10 @@ export class HttpError extends Error {
     super(error.message || error.response?.statusText);
 
     const message = error?.message;
-    if (message && typeof message === 'string') {
-      if (message.indexOf && message.indexOf('ssl3_get_record:wrong version number') >= 0) {
+    if (message && typeof message === "string") {
+      if (message.indexOf && message.indexOf("ssl3_get_record:wrong version number") >= 0) {
         this.message = `${message}(http协议错误，服务端要求http协议，请检查是否使用了https请求)`;
-      } else if (message.indexOf('getaddrinfo EAI_AGAIN') >= 0) {
+      } else if (message.indexOf("getaddrinfo EAI_AGAIN") >= 0) {
         this.message = `${message}(无法解析域名，请检查网络连接或dns配置，更换docker-compose.yaml中dns配置)`;
       }
     }
@@ -47,7 +47,7 @@ export class HttpError extends Error {
     };
     let url = error.config?.url;
     if (error.config?.baseURL) {
-      url = (error.config?.baseURL || '') + url;
+      url = (error.config?.baseURL || "") + url;
     }
     if (url) {
       this.message = `${this.message} 【${url}】`;
@@ -73,7 +73,7 @@ export const HttpCommonError = HttpError;
 let defaultAgents = createAgent();
 
 export function setGlobalProxy(opts: { httpProxy?: string; httpsProxy?: string }) {
-  logger.info('setGlobalProxy:', opts);
+  logger.info("setGlobalProxy:", opts);
   defaultAgents = createAgent(opts);
 }
 
@@ -91,10 +91,23 @@ export function createAxiosService({ logger }: { logger: Logger }) {
   // 请求拦截
   service.interceptors.request.use(
     (config: any) => {
+      if (config.logParams == null) {
+        config.logParams = false;
+      }
+      if (config.logRes == null) {
+        config.logRes = false;
+      }
+      if (config.logData == null) {
+        config.logData = false;
+      }
+
       logger.info(`http request:${config.url}，method:${config.method}`);
       if (config.logParams !== false && config.params) {
         logger.info(`params:${JSON.stringify(config.params)}`);
       }
+      if (config.logData !== false && config.data) {
+        logger.info(`data:${JSON.stringify(config.data)}`);
+      }
       if (config.timeout == null) {
         config.timeout = 15000;
       }
@@ -102,12 +115,12 @@ export function createAxiosService({ logger }: { logger: Logger }) {
       if (config.skipSslVerify || config.httpProxy) {
         let rejectUnauthorized = true;
         if (config.skipSslVerify) {
-          logger.info('跳过SSL验证');
+          logger.info("跳过SSL验证");
           rejectUnauthorized = false;
         }
         const proxy: any = {};
         if (config.httpProxy) {
-          logger.info('使用自定义http代理:', config.httpProxy);
+          logger.info("使用自定义http代理:", config.httpProxy);
           proxy.httpProxy = config.httpProxy;
           proxy.httpsProxy = config.httpProxy;
         }
@@ -128,7 +141,7 @@ export function createAxiosService({ logger }: { logger: Logger }) {
     },
     (error: Error) => {
       // 发送失败
-      logger.error('接口请求失败：', error);
+      logger.error("接口请求失败：", error);
       return Promise.reject(error);
     }
   );
@@ -143,9 +156,10 @@ export function createAxiosService({ logger }: { logger: Logger }) {
 
         logger.info(`http response : status=${response?.status},data=${resData}`);
       } else {
-        logger.info('http response status:', response?.status);
+        logger.info("http response status:", response?.status);
       }
-      if (response?.config?.returnResponse) {
+
+      if (response?.config?.returnOriginRes) {
         return response;
       }
       return response.data;
@@ -154,55 +168,57 @@ export function createAxiosService({ logger }: { logger: Logger }) {
       const status = error.response?.status;
       switch (status) {
         case 400:
-          error.message = '请求错误';
+          error.message = "请求错误";
           break;
         case 401:
-          error.message = '认证/登录失败';
+          error.message = "认证/登录失败";
           break;
         case 403:
-          error.message = '拒绝访问';
+          error.message = "拒绝访问";
           break;
         case 404:
           error.message = `请求地址出错`;
           break;
         case 408:
-          error.message = '请求超时';
+          error.message = "请求超时";
           break;
         case 500:
-          error.message = '服务器内部错误';
+          error.message = "服务器内部错误";
           break;
         case 501:
-          error.message = '服务未实现';
+          error.message = "服务未实现";
           break;
         case 502:
-          error.message = '网关错误';
+          error.message = "网关错误";
           break;
         case 503:
-          error.message = '服务不可用';
+          error.message = "服务不可用";
           break;
         case 504:
-          error.message = '网关超时';
+          error.message = "网关超时";
           break;
         case 505:
-          error.message = 'HTTP版本不受支持';
+          error.message = "HTTP版本不受支持";
           break;
         default:
           break;
       }
-      logger.error(
-        `请求出错：status:${error.response?.status},statusText:${error.response?.statusText},url:${error.config?.url},method:${error.config?.method}。`
-      );
-      logger.error('返回数据:', JSON.stringify(error.response?.data));
+      logger.error(`请求出错：status:${error.response?.status},statusText:${error.response?.statusText},url:${error.config?.url},method:${error.config?.method}。`);
+      logger.error("返回数据:", JSON.stringify(error.response?.data));
       if (error.response?.data) {
         const message = error.response.data.message || error.response.data.msg || error.response.data.error;
-        if (typeof message === 'string') {
+        if (typeof message === "string") {
           error.message = message;
         }
       }
       if (error instanceof AggregateError) {
-        logger.error('AggregateError', error);
+        logger.error("AggregateError", error);
       }
       const err = new HttpError(error);
+      if (error.response?.config?.logParams === false) {
+        delete err.request?.params;
+        delete err.request?.data;
+      }
       return Promise.reject(err);
     }
   );
@@ -216,8 +232,9 @@ export type HttpRequestConfig<D = any> = {
   skipCheckRes?: boolean;
   logParams?: boolean;
   logRes?: boolean;
+  logData?: boolean;
   httpProxy?: string;
-  returnResponse?: boolean;
+  returnOriginRes?: boolean;
 } & AxiosRequestConfig<D>;
 export type HttpClient = {
   request<D = any, R = any>(config: HttpRequestConfig<D>): Promise<HttpClientResponse<R>>;
@@ -244,24 +261,24 @@ export function createAgent(opts: CreateAgentOptions = {}) {
   if (httpProxy) {
     process.env.HTTP_PROXY = httpProxy;
     process.env.http_proxy = httpProxy;
-    logger.info('use httpProxy:', httpProxy);
+    logger.info("use httpProxy:", httpProxy);
     httpAgent = new HttpProxyAgent(httpProxy, opts as any);
     merge(httpAgent.options, opts);
   } else {
-    process.env.HTTP_PROXY = '';
-    process.env.http_proxy = '';
+    process.env.HTTP_PROXY = "";
+    process.env.http_proxy = "";
     httpAgent = new nodeHttp.Agent(opts);
   }
   const httpsProxy = opts.httpsProxy;
   if (httpsProxy) {
     process.env.HTTPS_PROXY = httpsProxy;
     process.env.https_proxy = httpsProxy;
-    logger.info('use httpsProxy:', httpsProxy);
+    logger.info("use httpsProxy:", httpsProxy);
     httpsAgent = new HttpsProxyAgent(httpsProxy, opts as any);
     merge(httpsAgent.options, opts);
   } else {
-    process.env.HTTPS_PROXY = '';
-    process.env.https_proxy = '';
+    process.env.HTTPS_PROXY = "";
+    process.env.https_proxy = "";
     httpsAgent = new https.Agent(opts);
   }
   return {
@@ -276,27 +293,27 @@ export async function download(req: { http: HttpClient; config: HttpRequestConfi
     http
       .request({
         logRes: false,
-        responseType: 'stream',
+        responseType: "stream",
         ...config,
       })
       .then(res => {
         const writer = fs.createWriteStream(savePath);
         res.pipe(writer);
-        writer.on('close', () => {
-          logger.info('文件下载成功');
+        writer.on("close", () => {
+          logger.info("文件下载成功");
           resolve(true);
         });
         //error
-        writer.on('error', err => {
-          logger.error('下载失败', err);
+        writer.on("error", err => {
+          logger.error("下载失败", err);
           reject(err);
         });
         //进度条打印
-        const totalLength = res.headers['content-length'];
+        const totalLength = res.headers["content-length"];
         let currentLength = 0;
         // 每5%打印一次
         const step = (totalLength / 100) * 5;
-        res.on('data', (chunk: any) => {
+        res.on("data", (chunk: any) => {
           currentLength += chunk.length;
           if (currentLength % step < chunk.length) {
             const percent = ((currentLength / totalLength) * 100).toFixed(2);
@@ -305,19 +322,19 @@ export async function download(req: { http: HttpClient; config: HttpRequestConfi
         });
       })
       .catch(err => {
-        logger.info('下载失败', err);
+        logger.info("下载失败", err);
         reject(err);
       });
   });
 }
 
 export function getCookie(response: any, name: string) {
-  const cookies = response.headers['set-cookie'];
+  const cookies = response.headers["set-cookie"];
   //根据name 返回对应的cookie
   const found = cookies.find((cookie: any) => cookie.includes(name));
   if (!found) {
     return null;
   }
-  const cookie = found.split(';')[0];
-  return cookie.substring(cookie.indexOf('=') + 1);
+  const cookie = found.split(";")[0];
+  return cookie.substring(cookie.indexOf("=") + 1);
 }

packages/core/pipeline/.gitignore

@@ -26,3 +26,4 @@ dist-ssr
 test/user.secret.*
 test/**/*.js
 src/**/*.spec.ts
+.test.mjs

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,158 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/pipeline
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Performance Improvements
+
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Performance Improvements
+
+* 优化站点选择组件，切换选择时不刷新列表 ([3a14714](https://github.com/certd/certd/commit/3a147141b1a5d67c92a5ce88a5313eaa62859e03))
+* 站点监控支持监控IP ([9cc4c01](https://github.com/certd/certd/commit/9cc4c017ae646a18284e732769b82636feda01d3))
+* 支持批量重新运行 ([8189982](https://github.com/certd/certd/commit/818998259ddc75e722196ac5c365038818539b9b))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 优化 RunnableError错误信息展示 ([36bc3ff](https://github.com/certd/certd/commit/36bc3ff22da93ba342c3c1103d7ee2bbcecf44f2))
+
+### Performance Improvements
+
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 优化钉钉通知标题颜色 ([a560999](https://github.com/certd/certd/commit/a560999d13eed18d08dd32ee530166569e3f8746))
+* 优化飞书通知为卡片模式 ([a818a3d](https://github.com/certd/certd/commit/a818a3d293e22fb46979bc77055c05621a6fed81))
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+### Bug Fixes
+
+* 修复导入在线插件不生效的bug ([fcf8309](https://github.com/certd/certd/commit/fcf8309c238208281ecb4575b2c3cfe50c11d783))
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
+
+**Note:** Version bump only for package @certd/pipeline
+
+# [1.34.0](https://github.com/certd/certd/compare/v1.33.8...v1.34.0) (2025-04-28)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.33.6](https://github.com/certd/certd/compare/v1.33.5...v1.33.6) (2025-04-20)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.33.5](https://github.com/certd/certd/compare/v1.33.4...v1.33.5) (2025-04-17)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.33.4](https://github.com/certd/certd/compare/v1.33.3...v1.33.4) (2025-04-15)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.33.3](https://github.com/certd/certd/compare/v1.33.2...v1.33.3) (2025-04-14)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.33.2](https://github.com/certd/certd/compare/v1.33.1...v1.33.2) (2025-04-12)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.33.1](https://github.com/certd/certd/compare/v1.33.0...v1.33.1) (2025-04-12)
+
+### Bug Fixes
+
+* 修复ssh插件报length空指针的bug ([9c4cbe1](https://github.com/certd/certd/commit/9c4cbe17a22b548611cf1fbefecc83a421788e42))
+
+# [1.33.0](https://github.com/certd/certd/compare/v1.32.0...v1.33.0) (2025-04-11)
+
+### Performance Improvements
+
+* 隐藏运行策略选项 ([2951df0](https://github.com/certd/certd/commit/2951df0cd94c23e2efee84ff1b843055aac56cae))
+
+# [1.32.0](https://github.com/certd/certd/compare/v1.31.11...v1.32.0) (2025-04-04)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.31.11](https://github.com/certd/certd/compare/v1.31.10...v1.31.11) (2025-04-02)
+
+### Performance Improvements
+
+* 支持部署到京东云cdn ([6f17c70](https://github.com/certd/certd/commit/6f17c700b84965baa01b40fe2abaa0a91bcbaffd))
+
+## [1.31.10](https://github.com/certd/certd/compare/v1.31.9...v1.31.10) (2025-03-29)
+
+### Performance Improvements
+
+*  tab增加图标显示 ([a03ae5a](https://github.com/certd/certd/commit/a03ae5a216a1df2c1d3da12ae18dcd0f089a92d3))
+
+## [1.31.9](https://github.com/certd/certd/compare/v1.31.8...v1.31.9) (2025-03-28)
+
+### Performance Improvements
+
+* dns支持火山引擎 ([99ff879](https://github.com/certd/certd/commit/99ff879d93658c29ea493a4bde7e9e3f85996d64))
+
+## [1.31.8](https://github.com/certd/certd/compare/v1.31.7...v1.31.8) (2025-03-26)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.31.7](https://github.com/certd/certd/compare/v1.31.6...v1.31.7) (2025-03-24)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.31.6](https://github.com/certd/certd/compare/v1.31.5...v1.31.6) (2025-03-24)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.31.5](https://github.com/certd/certd/compare/v1.31.4...v1.31.5) (2025-03-22)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.31.5",
+  "version": "1.35.2",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -13,11 +13,12 @@
     "dev-build": "npm run build",
     "build3": "rollup -c",
     "preview": "vite preview",
-    "test": "mocha   --loader=ts-node/esm"
+    "test": "mocha   --loader=ts-node/esm",
+    "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.31.5",
-    "@certd/plus-core": "^1.31.5",
+    "@certd/basic": "^1.35.2",
+    "@certd/plus-core": "^1.35.2",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -43,5 +44,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "b649617e0457b4e177bacb173dc1aa67eb84d7cf"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }

packages/core/pipeline/src/access/decorator.ts

@@ -26,7 +26,9 @@ export function IsAccess(define: AccessDefine): ClassDecorator {
     target.define = define;
     accessRegistry.register(define.name, {
       define,
-      target,
+      target: async () => {
+        return target;
+      },
     });
   };
 }
@@ -39,13 +41,15 @@ export function AccessInput(input?: AccessInputDefine): PropertyDecorator {
   };
 }
 
-export function newAccess(type: string, input: any, ctx?: AccessContext) {
+export async function newAccess(type: string, input: any, ctx?: AccessContext) {
   const register = accessRegistry.get(type);
   if (register == null) {
     throw new Error(`access ${type} not found`);
   }
   // @ts-ignore
-  const access = new register.target();
+  const accessCls = await register.target();
+  // @ts-ignore
+  const access = new accessCls();
   for (const key in input) {
     access[key] = input[key];
   }
@@ -57,5 +61,6 @@ export function newAccess(type: string, input: any, ctx?: AccessContext) {
     };
   }
   access.setCtx(ctx);
+  access._type = type;
   return access;
 }

packages/core/pipeline/src/context/index.ts

@@ -2,3 +2,18 @@ import { IContext } from "../core/index.js";
 
 export type UserContext = IContext;
 export type PipelineContext = IContext;
+
+export type PageReq = {
+  offset?: number;
+  limit?: number;
+  searchKey?: string;
+  // sortBy?: string;
+  // sortOrder?: "asc" | "desc";
+};
+
+export type PageRes = {
+  offset?: number;
+  limit?: number;
+  total?: string;
+  list: any[];
+};

packages/core/pipeline/src/core/executor.ts

@@ -1,6 +1,6 @@
 import { ConcurrencyStrategy, NotificationWhen, Pipeline, ResultType, Runnable, RunStrategy, Stage, Step, Task, ResultError } from "../dt/index.js";
 import { RunHistory, RunnableCollection } from "./run-history.js";
-import { AbstractTaskPlugin, PluginDefine, pluginRegistry, TaskInstanceContext, UserInfo } from "../plugin/index.js";
+import { AbstractTaskPlugin, ITaskPlugin, PluginDefine, pluginRegistry, TaskInstanceContext, UserInfo } from "../plugin/index.js";
 import { ContextFactory, IContext } from "./context.js";
 import { IStorage } from "./storage.js";
 import { createAxiosService, hashUtils, HttpRequestConfig, ILogger, logger, utils } from "@certd/basic";
@@ -218,7 +218,7 @@ export class Executor {
             returnType: ResultType.error,
             runnable: t,
           });
-          errorMessage += `任务${t.title}执行失败，错误详情:${e.message}；`;
+          errorMessage += `任务${t.title}执行失败，错误详情：${e.message}；`;
         }
       }
       if (errorList.length > 0) {
@@ -261,6 +261,7 @@ export class Executor {
     const resList: ResultType[] = [];
     for (const step of task.steps) {
       step.runnableType = "step";
+      // @ts-ignore
       const res: ResultType = await this.runWithHistory(step, "step", async () => {
         return await this.runStep(step);
       });
@@ -276,14 +277,30 @@ export class Executor {
     //执行任务
     const plugin: RegistryItem<AbstractTaskPlugin> = pluginRegistry.get(step.type);
 
-    // @ts-ignore
-    const instance: ITaskPlugin = new plugin.target();
+    //@ts-ignore
+    let instance: ITaskPlugin = null;
+    try {
+      //@ts-ignore
+      const pluginCls = await plugin.target();
+      //@ts-ignore
+      instance = new pluginCls();
+    } catch (e: any) {
+      currentLogger.error(`实例化插件失败:${e.message}`);
+      throw new Error(`实例化插件失败`, e);
+    }
+
     // @ts-ignore
     const define: PluginDefine = plugin.define;
     const pluginName = define.name;
     const pluginConfig = await this.options.pluginConfigService.getPluginConfig(pluginName);
     //从outputContext读取输入参数
     const input = cloneDeep(step.input);
+    const sysInput = pluginConfig.sysSetting?.input || {};
+    //注入系统设置参数
+    for (const sysInputKey in sysInput) {
+      input[sysInputKey] = sysInput[sysInputKey];
+    }
+
     Decorator.inject(define.input, instance, input, (item, key) => {
       if (item.component?.name === "output-selector") {
         const contextKey = input[key];
@@ -303,12 +320,6 @@ export class Executor {
       }
     });
 
-    const sysInput = pluginConfig.sysSetting?.input || {};
-    //注入系统设置参数
-    for (const sysInputKey in sysInput) {
-      input[sysInputKey] = sysInput[sysInputKey];
-    }
-
     const newInputHash = hashUtils.md5(JSON.stringify(input));
     step.status!.inputHash = newInputHash;
     //判断是否需要跳过
@@ -427,7 +438,7 @@ export class Executor {
         const runnableError = error as RunnableError;
         content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n`;
         for (const re of runnableError.errors) {
-          content += ` - ${re.runnable.title} 执行失败\n  错误详情:${re.e.message}\n\n`;
+          content += ` - ${re.runnable.title} 执行失败，错误详情：${re.e?.message || re.e?.error?.message}\n\n`;
         }
       } else {
         content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n${this.currentStatusMap?.currentStep?.title} 执行失败\n\n错误详情:${error.message}`;
@@ -478,7 +489,15 @@ export class Executor {
     }
   }
 
+  /**
+   *
+   * @param stepId 如果==ALL 清除所有
+   */
   clearLastStatus(stepId: string) {
+    if (stepId === "ALL") {
+      this.lastStatusMap.clear();
+      return;
+    }
     this.lastStatusMap.clearById(stepId);
   }
 }

packages/core/pipeline/src/core/run-history.ts

@@ -150,11 +150,11 @@ export class RunnableCollection {
       pipeline.stages = [];
       return;
     }
-    pipeline.stages.forEach((stage) => {
+    pipeline.stages.forEach(stage => {
       stage.runnableType = "stage";
-      stage.tasks.forEach((task) => {
+      stage.tasks.forEach(task => {
         task.runnableType = "task";
-        task.steps.forEach((step) => {
+        task.steps.forEach(step => {
           step.runnableType = "step";
         });
       });
@@ -162,7 +162,7 @@ export class RunnableCollection {
   }
 
   static each<T extends Runnable>(list: T[], exec: (item: Runnable) => void) {
-    list.forEach((item) => {
+    list.forEach(item => {
       exec(item);
       if (item.runnableType === "pipeline") {
         // @ts-ignore
@@ -179,7 +179,7 @@ export class RunnableCollection {
   public toMap(pipeline: Pipeline) {
     const map: RunnableMap = {};
 
-    RunnableCollection.each(pipeline.stages, (item) => {
+    RunnableCollection.each(pipeline.stages, item => {
       map[item.id] = item;
     });
     return map;
@@ -193,7 +193,7 @@ export class RunnableCollection {
     if (!this.pipeline) {
       return;
     }
-    RunnableCollection.each(this.pipeline.stages, (item) => {
+    RunnableCollection.each(this.pipeline.stages, item => {
       item.status = undefined;
     });
   }
@@ -203,6 +203,7 @@ export class RunnableCollection {
     if (runnable?.status) {
       runnable.status.status = ResultType.none;
       runnable.status.result = ResultType.none;
+      runnable.status.output = {};
       runnable.status.inputHash = "";
       // @ts-ignore
       runnable.input = {};

packages/core/pipeline/src/decorator/common.ts

@@ -1,17 +0,0 @@
-import { Decorator } from "./index.js";
-
-export type AutowireProp = {
-  name?: string;
-  type?: any;
-};
-export const AUTOWIRE_KEY = "pipeline:autowire";
-
-export function Autowire(props?: AutowireProp): PropertyDecorator {
-  return (target, propertyKey) => {
-    const _type = Reflect.getMetadata("design:type", target, propertyKey);
-    target = Decorator.target(target, propertyKey);
-    props = props || {};
-    props.type = _type;
-    Reflect.defineMetadata(AUTOWIRE_KEY, props || {}, target, propertyKey);
-  };
-}

packages/core/pipeline/src/decorator/index.ts

@@ -1,2 +1 @@
 export * from "./utils.js";
-export * from "./common.js";

packages/core/pipeline/src/notification/decorator.ts

@@ -26,7 +26,9 @@ export function IsNotification(define: NotificationDefine): ClassDecorator {
     target.define = define;
     notificationRegistry.register(define.name, {
       define,
-      target,
+      target: async () => {
+        return target;
+      },
     });
   };
 }
@@ -44,9 +46,10 @@ export async function newNotification(type: string, input: any, ctx: Notificatio
   if (register == null) {
     throw new Error(`notification ${type} not found`);
   }
-
   // @ts-ignore
-  const plugin = new register.target();
+  const pluginCls = await register.target();
+  // @ts-ignore
+  const plugin = new pluginCls();
   merge(plugin, input);
   if (!ctx) {
     throw new Error("ctx is required");

packages/core/pipeline/src/plugin/api.ts

@@ -1,7 +1,7 @@
 import { Registrable } from "../registry/index.js";
 import { FileItem, FormItemProps, Pipeline, Runnable, Step } from "../dt/index.js";
 import { FileStore } from "../core/file-store.js";
-import { IAccessService } from "../access/index.js";
+import { accessRegistry, IAccessService } from "../access/index.js";
 import { ICnameProxyService, IEmailService, IServiceGetter, IUrlService } from "../service/index.js";
 import { CancelError, IContext, RunHistory, RunnableCollection } from "../core/index.js";
 import { HttpRequestConfig, ILogger, logger, utils } from "@certd/basic";
@@ -51,10 +51,6 @@ export type PluginDefine = Registrable & {
     [key: string]: TaskOutputDefine;
   };
 
-  autowire?: {
-    [key: string]: any;
-  };
-
   shortcut?: {
     [key: string]: {
       title: string;
@@ -64,6 +60,9 @@ export type PluginDefine = Registrable & {
     };
   };
   needPlus?: boolean;
+  showRunStrategy?: boolean;
+  pluginType?: string; //类型
+  type?: string; //来源
 };
 
 export type ITaskPlugin = {
@@ -153,19 +152,58 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     this.logger = ctx.logger;
     this.accessService = ctx.accessService;
     this.http = ctx.http;
+    // 将证书加入secret
+    // @ts-ignore
+    if (this.cert && this.cert.crt && this.cert.key) {
+      //有证书
+      // @ts-ignore
+      const cert: any = this.cert;
+      this.registerSecret(cert.crt);
+      this.registerSecret(cert.key);
+      this.registerSecret(cert.one);
+    }
   }
 
-  async getAccess<T = any>(accessId: string) {
+  async getAccess<T = any>(accessId: string | number, isCommon = false) {
     if (accessId == null) {
       throw new Error("您还没有配置授权");
     }
-    const res = await this.ctx.accessService.getById(accessId);
+    let res: any = null;
+    if (isCommon) {
+      res = await this.ctx.accessService.getCommonById(accessId);
+    } else {
+      res = await this.ctx.accessService.getById(accessId);
+    }
     if (res == null) {
       throw new Error("授权不存在，可能已被删除，请前往任务配置里面重新选择授权");
     }
+    // @ts-ignore
+    if (this.logger?.addSecret) {
+      // 隐藏加密信息，不在日志中输出
+      const type = res._type;
+      const plugin = accessRegistry.get(type);
+      const define = plugin.define;
+      // @ts-ignore
+      const input = define.input;
+      for (const key in input) {
+        if (input[key].encrypt && res[key] != null) {
+          // @ts-ignore
+          this.logger.addSecret(res[key]);
+        }
+      }
+    }
+
     return res as T;
   }
 
+  registerSecret(value: string) {
+    // @ts-ignore
+    if (this.logger?.addSecret) {
+      // @ts-ignore
+      this.logger.addSecret(value);
+    }
+  }
+
   randomFileId() {
     return Math.random().toString(36).substring(2, 9);
   }
@@ -207,6 +245,11 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     return name + "_" + dayjs().format("YYYYMMDDHHmmssSSS");
   }
 
+  buildCertName(domain: string) {
+    domain = domain.replaceAll("*", "_").replaceAll(".", "_");
+    return `${domain}_${dayjs().format("YYYYMMDDHHmmssSSS")}`;
+  }
+
   async onRequest(req: PluginRequestHandleReq<any>) {
     if (!req.action) {
       throw new Error("action is required");

packages/core/pipeline/src/plugin/decorator.ts

@@ -1,7 +1,6 @@
 import { pluginRegistry } from "./registry.js";
 import { PluginDefine, TaskInputDefine, TaskOutputDefine } from "./api.js";
 import { Decorator } from "../decorator/index.js";
-import { AUTOWIRE_KEY } from "../decorator/index.js";
 import "reflect-metadata";
 import { merge, sortBy } from "lodash-es";
 // 提供一个唯一 key
@@ -12,7 +11,6 @@ export function IsTaskPlugin(define: PluginDefine): ClassDecorator {
     target = Decorator.target(target);
 
     const inputs: any = {};
-    const autowires: any = {};
     const outputs: any = {};
     const properties = Decorator.getClassProperties(target);
     for (const property in properties) {
@@ -21,11 +19,6 @@ export function IsTaskPlugin(define: PluginDefine): ClassDecorator {
         inputs[property] = input;
       }
 
-      const autowire = Reflect.getMetadata(AUTOWIRE_KEY, target, property);
-      if (autowire) {
-        autowires[property] = autowire;
-      }
-
       const output = Reflect.getMetadata(PLUGIN_OUTPUT_KEY, target, property);
       if (output) {
         outputs[property] = output;
@@ -48,14 +41,26 @@ export function IsTaskPlugin(define: PluginDefine): ClassDecorator {
       inputMap[item[0]] = item[1];
     });
 
-    merge(define, { input: inputMap, autowire: autowires, output: outputs });
+    const defaultConfig = {
+      showRunStrategy: false,
+      default: {
+        strategy: {
+          runStrategy: 1, // 0:正常执行，1:成功后跳过
+        },
+      },
+    };
+
+    define = merge(defaultConfig, define, { input: inputMap, output: outputs });
 
     Reflect.defineMetadata(PLUGIN_CLASS_KEY, define, target);
 
     target.define = define;
+
     pluginRegistry.register(define.name, {
       define,
-      target,
+      target: async () => {
+        return target;
+      },
     });
   };
 }

packages/core/pipeline/src/plugin/group.ts

@@ -6,24 +6,28 @@ export class PluginGroup {
   desc?: string;
   order: number;
   plugins: PluginDefine[];
-  constructor(key: string, title: string, order = 0, desc = "") {
+  icon?: string;
+
+  constructor(key: string, title: string, order = 0, icon = "") {
     this.key = key;
     this.title = title;
     this.order = order;
-    this.desc = desc;
+    this.icon = icon;
     this.plugins = [];
   }
 }
 
 export const pluginGroups = {
-  cert: new PluginGroup("cert", "证书申请", 1),
-  aliyun: new PluginGroup("aliyun", "阿里云", 2),
-  huawei: new PluginGroup("huawei", "华为云", 3),
-  tencent: new PluginGroup("tencent", "腾讯云", 4),
-  qiniu: new PluginGroup("qiniu", "七牛云", 5),
-  aws: new PluginGroup("aws", "亚马逊云", 6),
-  host: new PluginGroup("host", "主机", 7),
-  cdn: new PluginGroup("cdn", "CDN", 8),
-  panel: new PluginGroup("panel", "面板", 9),
-  other: new PluginGroup("other", "其他", 10),
+  cert: new PluginGroup("cert", "证书申请", 1, "ph:certificate"),
+  host: new PluginGroup("host", "主机", 2, "clarity:host-line"),
+  cdn: new PluginGroup("cdn", "CDN", 2, "svg:icon-cdn"),
+  panel: new PluginGroup("panel", "面板", 2, "fluent:panel-left-header-32-filled"),
+  aliyun: new PluginGroup("aliyun", "阿里云", 2, "svg:icon-aliyun"),
+  huawei: new PluginGroup("huawei", "华为云", 3, "svg:icon-huawei"),
+  tencent: new PluginGroup("tencent", "腾讯云", 4, "svg:icon-tencentcloud"),
+  volcengine: new PluginGroup("volcengine", "火山引擎", 4, "svg:icon-volcengine"),
+  jdcloud: new PluginGroup("jdcloud", "京东云", 4, "svg:icon-jdcloud"),
+  qiniu: new PluginGroup("qiniu", "七牛云", 5, "svg:icon-qiniuyun"),
+  aws: new PluginGroup("aws", "亚马逊云", 6, "svg:icon-aws"),
+  other: new PluginGroup("other", "其他", 10, "clarity:plugin-line"),
 };

packages/core/pipeline/src/plugin/registry.ts

@@ -3,14 +3,23 @@ import { AbstractTaskPlugin } from "./api.js";
 import { pluginGroups } from "./group.js";
 
 const onRegister = ({ key, value }: OnRegisterContext<AbstractTaskPlugin>) => {
+  //如果有相同名字的先移除
+
+  for (const group of Object.values(pluginGroups)) {
+    const index = group.plugins.findIndex(plugin => plugin.name === key);
+    if (index > -1) {
+      group.plugins.splice(index, 1);
+    }
+  }
+
   const group = value?.define?.group as string;
   if (group) {
     if (pluginGroups.hasOwnProperty(group)) {
       // @ts-ignore
       pluginGroups[group].plugins.push(value.define);
-    } else {
-      pluginGroups.other.plugins.push(value.define);
+      return;
     }
   }
+  pluginGroups.other.plugins.push(value.define);
 };
 export const pluginRegistry = createRegistry<AbstractTaskPlugin>("plugin", onRegister);

packages/core/pipeline/src/registry/registry.ts

@@ -6,11 +6,12 @@ export type Registrable = {
   desc?: string;
   group?: string;
   deprecated?: string;
+  order?: number;
 };
-
+export type TargetGetter<T> = () => Promise<T>;
 export type RegistryItem<T> = {
   define: Registrable;
-  target: T;
+  target: TargetGetter<T>;
 };
 
 export type OnRegisterContext<T> = {
@@ -47,6 +48,11 @@ export class Registry<T = any> {
     logger.info(`注册插件:${this.type}:${key}`);
   }
 
+  unRegister(key: string) {
+    delete this.storage[key];
+    logger.info(`反注册插件:${this.type}:${key}`);
+  }
+
   get(name: string): RegistryItem<T> {
     if (!name) {
       throw new Error("插件名称不能为空");
@@ -64,7 +70,7 @@ export class Registry<T = any> {
   }
 
   getDefineList() {
-    const list = [];
+    let list = [];
     for (const key in this.storage) {
       const define = this.getDefine(key);
       if (define) {
@@ -77,6 +83,10 @@ export class Registry<T = any> {
         list.push({ ...define, key });
       }
     }
+
+    list = list.sort((a, b) => {
+      return (a.order ?? 10) - (b?.order ?? 10);
+    });
     return list;
   }
 

packages/core/pipeline/src/service/index.ts

@@ -4,5 +4,5 @@ export * from "./config.js";
 export * from "./url.js";
 export * from "./emit.js";
 export type IServiceGetter = {
-  get: (name: string) => Promise<any>;
+  get: <T>(name: string) => Promise<T>;
 };

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,136 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.34.0](https://github.com/certd/certd/compare/v1.33.8...v1.34.0) (2025-04-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.33.6](https://github.com/certd/certd/compare/v1.33.5...v1.33.6) (2025-04-20)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.33.5](https://github.com/certd/certd/compare/v1.33.4...v1.33.5) (2025-04-17)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.33.4](https://github.com/certd/certd/compare/v1.33.3...v1.33.4) (2025-04-15)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.33.3](https://github.com/certd/certd/compare/v1.33.2...v1.33.3) (2025-04-14)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.33.2](https://github.com/certd/certd/compare/v1.33.1...v1.33.2) (2025-04-12)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.33.1](https://github.com/certd/certd/compare/v1.33.0...v1.33.1) (2025-04-12)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.33.0](https://github.com/certd/certd/compare/v1.32.0...v1.33.0) (2025-04-11)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.32.0](https://github.com/certd/certd/compare/v1.31.11...v1.32.0) (2025-04-04)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.31.11](https://github.com/certd/certd/compare/v1.31.10...v1.31.11) (2025-04-02)
+
+### Performance Improvements
+
+* 支持京东云dns申请证书 ([04d79f9](https://github.com/certd/certd/commit/04d79f9117670be504960b018fd49ae3bf7c1c11))
+
+## [1.31.10](https://github.com/certd/certd/compare/v1.31.9...v1.31.10) (2025-03-29)
+
+### Performance Improvements
+
+* 优化华为dns接口报错信息输出 ([bf30b7a](https://github.com/certd/certd/commit/bf30b7afaef623dd8126570344f1fcc2c06f1215))
+
+## [1.31.9](https://github.com/certd/certd/compare/v1.31.8...v1.31.9) (2025-03-28)
+
+### Bug Fixes
+
+* 修复华为云dns接口请求出错的bug ([caa15b4](https://github.com/certd/certd/commit/caa15b47355363cbb8847f415ff12363cd53eeda))
+
+## [1.31.8](https://github.com/certd/certd/compare/v1.31.7...v1.31.8) (2025-03-26)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.31.7](https://github.com/certd/certd/compare/v1.31.6...v1.31.7) (2025-03-24)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.31.6](https://github.com/certd/certd/compare/v1.31.5...v1.31.6) (2025-03-24)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.31.5](https://github.com/certd/certd/compare/v1.31.4...v1.31.5) (2025-03-22)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.31.5",
+  "version": "1.35.2",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -10,7 +10,8 @@
     "before-build": "rimraf dist && rimraf tsconfig.tsbuildinfo && rimraf .rollup.cache",
     "build": "npm run before-build && rollup -c ",
     "dev-build": "npm run build",
-    "preview": "vite preview"
+    "preview": "vite preview",
+    "pub": "npm publish"
   },
   "dependencies": {
     "axios": "^1.7.2",
@@ -23,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "b649617e0457b4e177bacb173dc1aa67eb84d7cf"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }

packages/libs/lib-huawei/rollup.config.js

@@ -30,7 +30,7 @@ module.exports = {
       allowSyntheticDefaultImports: true,
     }),
     json(),
-    terser(),
+    // terser(),
   ],
   external: ["vue", "lodash-es", "dayjs", "log4js", "@midwayjs/core", "@certd/pipeline", "axios"],
 };

packages/libs/lib-huawei/src/lib/client.js

@@ -2,8 +2,10 @@ import { Signer, SigHttpRequest } from "./signer.js";
 import axios from "axios";
 export class HuaweiYunClient {
   access;
+  logger;
   constructor(access, logger) {
     this.access = access;
+    this.logger = logger
   }
   async request(options) {
     const sig = new Signer(this.access.accessKeyId, this.access.accessKeySecret);
@@ -32,7 +34,7 @@ export class HuaweiYunClient {
       return res.data;
     } catch (e) {
       this.logger.error("华为云接口请求出错：", e?.response?.data);
-      const error = new Error(e?.response?.data.message);
+      const error = new Error(JSON.stringify(e?.response?.data));
       error.code = e?.response?.code;
       throw error;
     }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,132 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.34.0](https://github.com/certd/certd/compare/v1.33.8...v1.34.0) (2025-04-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.33.6](https://github.com/certd/certd/compare/v1.33.5...v1.33.6) (2025-04-20)
+
+### Performance Improvements
+
+* 更新license时同时绑定url ([78367af](https://github.com/certd/certd/commit/78367af8307f801e778c76d49f0918c21ffe032f))
+
+## [1.33.5](https://github.com/certd/certd/compare/v1.33.4...v1.33.5) (2025-04-17)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.33.4](https://github.com/certd/certd/compare/v1.33.3...v1.33.4) (2025-04-15)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.33.3](https://github.com/certd/certd/compare/v1.33.2...v1.33.3) (2025-04-14)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.33.2](https://github.com/certd/certd/compare/v1.33.1...v1.33.2) (2025-04-12)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.33.1](https://github.com/certd/certd/compare/v1.33.0...v1.33.1) (2025-04-12)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.33.0](https://github.com/certd/certd/compare/v1.32.0...v1.33.0) (2025-04-11)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.32.0](https://github.com/certd/certd/compare/v1.31.11...v1.32.0) (2025-04-04)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.31.11](https://github.com/certd/certd/compare/v1.31.10...v1.31.11) (2025-04-02)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.31.10](https://github.com/certd/certd/compare/v1.31.9...v1.31.10) (2025-03-29)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.31.9](https://github.com/certd/certd/compare/v1.31.8...v1.31.9) (2025-03-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.31.8](https://github.com/certd/certd/compare/v1.31.7...v1.31.8) (2025-03-26)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.31.7](https://github.com/certd/certd/compare/v1.31.6...v1.31.7) (2025-03-24)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.31.6](https://github.com/certd/certd/compare/v1.31.5...v1.31.6) (2025-03-24)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.31.5](https://github.com/certd/certd/compare/v1.31.4...v1.31.5) (2025-03-22)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.31.5",
+  "version": "1.35.2",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -13,7 +13,8 @@
     "dev-build": "npm run build",
     "build3": "rollup -c",
     "build2": "vue-tsc --noEmit && vite build",
-    "preview": "vite preview"
+    "preview": "vite preview",
+    "pub": "npm publish"
   },
   "dependencies": {
     "nanoid": "^4.0.0"
@@ -30,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "b649617e0457b4e177bacb173dc1aa67eb84d7cf"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }

packages/libs/lib-iframe/src/lib/iframe.client.ts

@@ -65,7 +65,7 @@ export class IframeClient {
     return window.self !== window.top;
   }
 
-  register<T = any>(action: string, handler: (data: IframeMessageData<T>) => Promise<void>) {
+  register<T = any>(action: string, handler: (data: IframeMessageData<T>) => Promise<any>) {
     this.handlers[action] = handler;
   }
 

packages/libs/lib-jdcloud/.eslintrc

@@ -0,0 +1,22 @@
+{
+  "parser": "@typescript-eslint/parser",
+  "plugins": [
+    "@typescript-eslint"
+  ],
+  "extends": [
+    "plugin:@typescript-eslint/recommended",
+    "plugin:prettier/recommended",
+    "prettier"
+  ],
+  "env": {
+    "mocha": true
+  },
+  "rules": {
+    "@typescript-eslint/no-var-requires": "off",
+    "@typescript-eslint/ban-ts-comment": "off",
+    "@typescript-eslint/ban-ts-ignore": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+    "@typescript-eslint/no-empty-function": "off",
+    "@typescript-eslint/no-unused-vars": "off"
+  }
+}

packages/libs/lib-jdcloud/.gitignore

@@ -0,0 +1,28 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+node_modules
+dist
+dist-ssr
+*.local
+
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?
+
+test/user.secret.ts
+
+.rollup.cache

packages/libs/lib-jdcloud/.npmignore

@@ -0,0 +1,3 @@
+node_modules
+src
+.rollup.cache

packages/libs/lib-jdcloud/.travis.yml

@@ -0,0 +1 @@
+language: node_js

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -0,0 +1,111 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+# [1.34.0](https://github.com/certd/certd/compare/v1.33.8...v1.34.0) (2025-04-28)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.33.6](https://github.com/certd/certd/compare/v1.33.5...v1.33.6) (2025-04-20)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.33.5](https://github.com/certd/certd/compare/v1.33.4...v1.33.5) (2025-04-17)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.33.4](https://github.com/certd/certd/compare/v1.33.3...v1.33.4) (2025-04-15)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.33.3](https://github.com/certd/certd/compare/v1.33.2...v1.33.3) (2025-04-14)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.33.2](https://github.com/certd/certd/compare/v1.33.1...v1.33.2) (2025-04-12)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.33.1](https://github.com/certd/certd/compare/v1.33.0...v1.33.1) (2025-04-12)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+# [1.33.0](https://github.com/certd/certd/compare/v1.32.0...v1.33.0) (2025-04-11)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+# [1.32.0](https://github.com/certd/certd/compare/v1.31.11...v1.32.0) (2025-04-04)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.31.11](https://github.com/certd/certd/compare/v1.31.10...v1.31.11) (2025-04-02)
+
+### Performance Improvements
+
+* 支持部署到京东云cdn ([6f17c70](https://github.com/certd/certd/commit/6f17c700b84965baa01b40fe2abaa0a91bcbaffd))
+* 支持京东云dns申请证书 ([04d79f9](https://github.com/certd/certd/commit/04d79f9117670be504960b018fd49ae3bf7c1c11))

packages/libs/lib-jdcloud/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

packages/libs/lib-jdcloud/README.md

@@ -0,0 +1,177 @@
+---
+[![JavaScript Style Guide](https://img.shields.io/badge/code_style-standard-brightgreen.svg)](https://standardjs.com)
+
+# 简介 #
+  欢迎使用京东云开发者Node.js工具套件（Node.js SDK）。使用京东云Node.js SDK，您无需复杂编程就可以访问京东云提供的各种服务。 
+
+  为了方便您理解SDK中的一些概念和参数的含义，使用SDK前建议您先查看[京东云OpenAPI使用入门](http://www.jdcloud.com/help/detail/355/isCatalog/0)。要了解每个API的具体参数和含义，请参考程序注释或参考OpenAPI&SDK下具体产品线的API文档。
+
+
+
+# 环境准备 #
+ 1.京东云Node.js SDK适用于Node.js 8.6.0及以上，npm 5.6.0及以上。
+
+ 2.在开始调用京东云open API之前，需提前在京东云用户中心账户管理下的[AccessKey管理页面](https://uc.jdcloud.com/accesskey/index)申请accesskey和secretKey密钥对（简称AK/SK）。AK/SK信息请妥善保管，如果遗失可能会造成非法用户使用此信息操作您在云上的资源，给你造成数据和财产损失。
+
+
+
+# SDK使用方法 #
+建议使用npm安装京东云Node.js SDK，如下所示： 
+
+npm install jdcloud-sdk-js
+
+ 
+
+您还可以下载sdk源代码自行使用，[源代码地址](https://github.com/jdcloud-api/jdcloud-sdk-nodejs)。
+
+ 
+
+SDK使用中的任何问题，欢迎您在[SDK使用问题反馈页面](https://github.com/jdcloud-api/jdcloud-sdk-nodejs/issues)交流。
+
+
+
+注意：京东云并没有提供其他下载方式，请务必使用上述官方下载方式！
+
+ 
+
+# 调用SDK #
+
+## 两种引用方式 ##
+	var JDCloud = require('jdcloud-sdk-js');
+
+这种引用方式会加载所有的可用的services
+
+
+
+	var NC = require('jdcloud-sdk-js/services/nativecontainer');
+
+这种引用方式只会加载用到的service，此时仍然可以使用var JDCloud = require('jdcloud-sdk-js/global')来引用JDCloud对象
+
+## 配置方法  ##
+
+对JDCloud的配置为通用配置，所有services共享配置:
+
+	JDCloud.config.update({//*配置项/*/});
+
+对某个service的配置会覆盖通用配置：
+
+	var NC = require('jdcloud-sdk-js/services/nativecontainer'); 
+	var nc = new NATIVECONTAINER({//*配置项/*/});
+
+
+## 配置项 ##
+
+	let config = { 
+		credentials: { 
+			accessKeyId: global.accessKeyId, secretAccessKey: global.secretAccessKey 
+		},
+		regionId: 'cn-north-1' //地域信息，某个api调用可以单独传参regionId，如果不传则会使用此配置中的regionId 
+	}
+
+
+## 调用示例 ##
+
+以下是查询单个云主机实例详情的调用示例
+
+
+###  引用和配置  ###
+
+    var VM = require('jdcloud-sdk-js/services/vm')
+    var vm = new VM({
+            credentials: {
+        accessKeyId: global.accessKeyId,
+                secretAccessKey: global.secretAccessKey
+    },
+    regionId: 'cn-north-1'
+    })
+
+
+
+### Promise方式调用 ####
+
+	vm.createInstances({
+        instanceSpec: {
+            instanceType: 'g.s1.micro',
+                    az: 'cn-north-1a',
+                    imageId: '98d44a0f-88c1-451a-8971-f1f769073b6c',
+                    name: 'node-sdk-test',
+                    elasticIp: {
+                bandwidthMbps: 2, provider: 'BGP'
+            },
+            primaryNetworkInterface: {
+                networkInterface: {
+                    subnetId: 'subnet-3dm13k30gh',
+                            az: 'cn-north-1a'
+                }
+            },
+            systemDisk: {
+                diskCategory: 'local'
+            },
+            description: 'sdk'
+        },
+        maxCount: 1
+    },'cn-north-1').then(function(data){ // 返回数据处理 data 
+    },
+    function(e){ // 调用API失败，错误处理 
+    })
+
+
+
+### callback方式调用 ###
+
+	vm.createInstances({
+        instanceSpec: {
+            instanceType: 'g.s1.micro',
+                    az: 'cn-north-1a',
+                    imageId: '98d44a0f-88c1-451a-8971-f1f769073b6c',
+                    name: 'node-sdk-test',
+                    elasticIp: {
+                bandwidthMbps: 2,
+                        provider: 'BGP'
+            },
+            primaryNetworkInterface: {
+                networkInterface: {
+                    subnetId: 'subnet-3dm13k30gh',
+                            az: 'cn-north-1a'
+                }
+            },
+            systemDisk: {
+                diskCategory: 'local'
+            },
+            description: 'sdk'
+        },
+        maxCount: 1
+    },'cn-north-1',
+    function(err, data){
+        if(err){ // 调用API失败，错误处理 
+        } 
+		else { // 返回数据处理 data 
+        } 
+    })
+
+如果需要设置访问点，配置超时,额外请求头等，请参考如下更复杂的例子：
+
+```
+    var nc = new NATIVECONTAINER({
+        credentials: {
+            accessKeyId: global.accessKeyId,
+            secretAccessKey: global.secretAccessKey
+        },
+        endpoint: {
+            host: 'nativecontainer.internal.cn-north-1.jdcloud-api.com', //指定非默认Endpoint
+            protocol: 'http' //设置使用HTTP而不是HTTPS，vpc专用域名不支持HTTPS
+        },
+        'x-extra-header': { //指定额外header
+            "x-jdcloud-security-token" : "xxx", //要调用开启了MFA操作保护的接口需要传递
+            "x-jdcloud-content-sha256" : "xxx", //body过大，希望用此value替代对body进行哈希的过程
+            "MyOwn" : "xxx"
+        },
+        version: {
+            nativecontainer: 'v1'
+        }
+    })
+```
+    
+
+更多调用示例参考  [SDK使用Demo](https://github.com/jdcloud-api/jdcloud-sdk-nodejs/tree/master/test)
+