v1.35.0

feat: AWS 中国区 CloudFront 证书部署（IAM 证书） @wifi9984

CHANGELOG.md

@@ -3,6 +3,45 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复用户最大流水线数量校验的问题 ([919f70a](https://github.com/certd/certd/commit/919f70a5fd2842ca69f96f1659bb5a7ba3f73776))
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+* 修复cv4pve sdk (proxmox插件连接失败时无法正常结束任务的bug) ([49f26b4](https://github.com/certd/certd/commit/49f26b4049a0549b0270395157e96e8f04a68bc4))
+* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
+* 修复flexcdn证书commonNames错误的问题 ([ace363f](https://github.com/certd/certd/commit/ace363fa355436e769b27f71cc487d30d6441780))
+
+### Performance Improvements
+
+* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+* 增加下载日志按钮 ([6ff509d](https://github.com/certd/certd/commit/6ff509d263c0182645b4692c10b5fedb192db964))
+* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Bug Fixes
+
+* **flexcdn:** fix cert upload and skipSslVerify required ([c48da5d](https://github.com/certd/certd/commit/c48da5dea7f0f0cdeae643b106b4a678acc3b14b))
+
+### Performance Improvements
+
+* 阿里云CLB支持部署到扩展域名 ([0e8339c](https://github.com/certd/certd/commit/0e8339c70190890d449099e1d26e5ed06ff135fb))
+* 优化流水线名称过长时的显示 ([6a0cc1b](https://github.com/certd/certd/commit/6a0cc1b1f3ad508f9e4093b3b682b163f12389eb))
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 ### Bug Fixes

README.md

@@ -168,7 +168,11 @@ https://afdian.com/a/greper
    1. 可以调整开源协议以使其更严格或更宽松。
    2. 可以用于商业用途。
 
+感谢以下贡献者做出的贡献。
 
+<a href="https://github.com/certd/certd/graphs/contributors">
+  <img src="https://contrib.rocks/image?repo=certd/certd" />
+</a>
 
 ## 九、 开源许可
 * 本项目遵循 GNU Affero General Public License（AGPL）开源协议。   

build.trigger

@@ -1 +1 @@
-23:14
+23:51

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,49 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复用户最大流水线数量校验的问题 ([919f70a](https://github.com/certd/certd/commit/919f70a5fd2842ca69f96f1659bb5a7ba3f73776))
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+* 修复cv4pve sdk (proxmox插件连接失败时无法正常结束任务的bug) ([49f26b4](https://github.com/certd/certd/commit/49f26b4049a0549b0270395157e96e8f04a68bc4))
+* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
+* 修复flexcdn证书commonNames错误的问题 ([ace363f](https://github.com/certd/certd/commit/ace363fa355436e769b27f71cc487d30d6441780))
+
+### Performance Improvements
+
+* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+* 增加下载日志按钮 ([6ff509d](https://github.com/certd/certd/commit/6ff509d263c0182645b4692c10b5fedb192db964))
+* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Bug Fixes
+
+* **flexcdn:** fix cert upload and skipSslVerify required ([c48da5d](https://github.com/certd/certd/commit/c48da5dea7f0f0cdeae643b106b4a678acc3b14b))
+
+### Performance Improvements
+
+* 阿里云CLB支持部署到扩展域名 ([0e8339c](https://github.com/certd/certd/commit/0e8339c70190890d449099e1d26e5ed06ff135fb))
+* 优化流水线名称过长时的显示 ([6a0cc1b](https://github.com/certd/certd/commit/6a0cc1b1f3ad508f9e4093b3b682b163f12389eb))
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+### Bug Fixes
+
+* 修复Farcdn证书有效期错误的问题 ([1fe4c36](https://github.com/certd/certd/commit/1fe4c367f7128de9ba5e3395ae06bc81e63a7d5a))
+
+### Performance Improvements
+
+* 不止证书自动化，插件解锁无限可能 ([a9b302e](https://github.com/certd/certd/commit/a9b302e38d3328d75df8b2da3d8b914851e55e9c))
+* 邮箱支持保存和选择 ([f7b0b44](https://github.com/certd/certd/commit/f7b0b44ef6044bec36510a6f0b06d8dca5bfce49))
+* 支持github 新版本检查并发布通知 ([356703c](https://github.com/certd/certd/commit/356703c83ea18c6efb8931402e181280d7b7e696))
+
 ## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
 
 ### Bug Fixes

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.34.9"
+  "version": "1.35.0"
 }

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/publishlab/node-acme-client/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.11](https://github.com/publishlab/node-acme-client/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/publishlab/node-acme-client/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+
+### Performance Improvements
+
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/publishlab/node-acme-client/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+
+## [1.34.10](https://github.com/publishlab/node-acme-client/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.34.9](https://github.com/publishlab/node-acme-client/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.34.9",
+    "version": "1.35.0",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.34.9",
+        "@certd/basic": "^1.35.0",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
@@ -27,7 +27,7 @@
         "https-proxy-agent": "^7.0.5",
         "lodash-es": "^4.17.21",
         "node-forge": "^1.3.1",
-        "punycode": "^2.3.1"
+        "punycode.js": "^2.3.1"
     },
     "devDependencies": {
         "@types/node": "^20.14.10",
@@ -69,5 +69,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "d876ea671137e7a4d99a23bb8a5baed06f119dfb"
+    "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/core/acme-client/types/index.d.ts

@@ -203,6 +203,7 @@ export const agents: any;
 export function setLogger(fn: (message: any, ...args: any[]) => void): void;
 
 export function walkTxtRecord(record: any): Promise<string[]>;
+export function getAuthoritativeDnsResolver(record:string): Promise<any>;
 
 export const CancelError: typeof CancelError;
 

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,21 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Performance Improvements
+
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 **Note:** Version bump only for package @certd/basic

packages/core/basic/build.md

@@ -1 +1 @@
-00:54
+00:09

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.34.9",
+  "version": "1.35.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -45,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "d876ea671137e7a4d99a23bb8a5baed06f119dfb"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/core/basic/src/utils/util.log.ts

@@ -18,16 +18,31 @@ const OutputAppender = {
   },
 };
 
+let logFilePath = "./logs/app.log";
 export function resetLogConfigure() {
   // @ts-ignore
   log4js.configure({
-    appenders: { std: { type: "stdout" }, output: { type: OutputAppender } },
-    categories: { default: { appenders: ["std"], level: "info" }, pipeline: { appenders: ["std", "output"], level: "info" } },
+    appenders: {
+      std: { type: "stdout" },
+      output: { type: OutputAppender },
+      file: {
+        type: "dateFile",
+        filename: logFilePath,
+        keepFileExt: true,
+        compress: true,
+        numBackups: 3,
+      },
+    },
+    categories: { default: { appenders: ["std", "file"], level: "info" }, pipeline: { appenders: ["std", "file", "output"], level: "info" } },
   });
 }
 resetLogConfigure();
 export const logger = log4js.getLogger("default");
 
+export function resetLogFilePath(filePath: string) {
+  logFilePath = filePath;
+  resetLogConfigure();
+}
 export function buildLogger(write: (text: string) => void) {
   const logger = log4js.getLogger("pipeline");
   const _secrets: string[] = [];
@@ -41,8 +56,15 @@ export function buildLogger(write: (text: string) => void) {
         if (item == null) {
           continue;
         }
-        //换成同长度的*号， item可能有多行
-        text = text.replaceAll(item, "*".repeat(item.length));
+        if (item.includes(text)) {
+          //整个包含
+          text = "*".repeat(text.length);
+          continue;
+        }
+        if (text.includes(item)) {
+          //换成同长度的*号， item可能有多行
+          text = text.replaceAll(item, "*".repeat(item.length));
+        }
       }
       write(text);
     },

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,20 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Performance Improvements
+
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.34.9",
+  "version": "1.35.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,8 +17,8 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.34.9",
-    "@certd/plus-core": "^1.34.9",
+    "@certd/basic": "^1.35.0",
+    "@certd/plus-core": "^1.35.0",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -44,5 +44,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "d876ea671137e7a4d99a23bb8a5baed06f119dfb"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/core/pipeline/src/plugin/api.ts

@@ -152,6 +152,16 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     this.logger = ctx.logger;
     this.accessService = ctx.accessService;
     this.http = ctx.http;
+    // 将证书加入secret
+    // @ts-ignore
+    if (this.cert && this.cert.crt && this.cert.key) {
+      //有证书
+      // @ts-ignore
+      const cert: any = this.cert;
+      this.registerSecret(cert.crt);
+      this.registerSecret(cert.key);
+      this.registerSecret(cert.one);
+    }
   }
 
   async getAccess<T = any>(accessId: string | number, isCommon = false) {
@@ -186,6 +196,14 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     return res as T;
   }
 
+  registerSecret(value: string) {
+    // @ts-ignore
+    if (this.logger?.addSecret) {
+      // @ts-ignore
+      this.logger.addSecret(value);
+    }
+  }
+
   randomFileId() {
     return Math.random().toString(36).substring(2, 9);
   }

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.34.9",
+  "version": "1.35.0",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "d876ea671137e7a4d99a23bb8a5baed06f119dfb"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.34.9",
+  "version": "1.35.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "d876ea671137e7a4d99a23bb8a5baed06f119dfb"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.34.9",
+  "version": "1.35.0",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
@@ -61,5 +61,5 @@
       "fetch"
     ]
   },
-  "gitHead": "d876ea671137e7a4d99a23bb8a5baed06f119dfb"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.34.9",
+  "version": "1.35.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,7 +17,7 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.34.9",
+    "@certd/basic": "^1.35.0",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -32,5 +32,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "d876ea671137e7a4d99a23bb8a5baed06f119dfb"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,20 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Performance Improvements
+
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 ### Performance Improvements

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.34.9",
+  "version": "1.35.0",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -27,10 +27,10 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.34.9",
-    "@certd/basic": "^1.34.9",
-    "@certd/pipeline": "^1.34.9",
-    "@certd/plus-core": "^1.34.9",
+    "@certd/acme-client": "^1.35.0",
+    "@certd/basic": "^1.35.0",
+    "@certd/pipeline": "^1.35.0",
+    "@certd/plus-core": "^1.35.0",
     "@midwayjs/cache": "~3.14.0",
     "@midwayjs/core": "~3.20.3",
     "@midwayjs/i18n": "~3.20.3",
@@ -61,5 +61,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "d876ea671137e7a4d99a23bb8a5baed06f119dfb"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/libs/lib-server/src/system/settings/service/models.ts

@@ -16,6 +16,7 @@ export class SysPublicSettings extends BaseSettings {
   static __access__ = 'public';
 
   registerEnabled = false;
+  userValidTimeEnabled?:boolean = false;
   passwordLoginEnabled = true;
   usernameRegisterEnabled = true;
   mobileRegisterEnabled = false;

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.34.9",
+  "version": "1.35.0",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "d876ea671137e7a4d99a23bb8a5baed06f119dfb"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 ### Performance Improvements

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.34.9",
+  "version": "1.35.0",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -16,16 +16,16 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.34.9",
-    "@certd/basic": "^1.34.9",
-    "@certd/pipeline": "^1.34.9",
-    "@certd/plugin-lib": "^1.34.9",
+    "@certd/acme-client": "^1.35.0",
+    "@certd/basic": "^1.35.0",
+    "@certd/pipeline": "^1.35.0",
+    "@certd/plugin-lib": "^1.35.0",
     "@google-cloud/publicca": "^1.3.0",
     "dayjs": "^1.11.7",
     "jszip": "^3.10.1",
     "lodash-es": "^4.17.21",
     "psl": "^1.9.0",
-    "punycode": "^2.3.1",
+    "punycode.js": "^2.3.1",
     "rimraf": "^5.0.5"
   },
   "devDependencies": {
@@ -43,5 +43,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "d876ea671137e7a4d99a23bb8a5baed06f119dfb"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/plugins/plugin-cert/src/dns-provider/api.ts

@@ -29,9 +29,25 @@ export type DnsProviderContext = {
 
 export interface IDnsProvider<T = any> {
   onInstance(): Promise<void>;
+
+  /**
+   * 中文转英文
+   * @param domain
+   */
+  punyCodeEncode(domain: string): string;
+
+  /**
+   * 转中文域名
+   * @param domain
+   */
+  punyCodeDecode(domain: string): string;
+
   createRecord(options: CreateRecordOptions): Promise<T>;
+
   removeRecord(options: RemoveRecordOptions<T>): Promise<void>;
+
   setCtx(ctx: DnsProviderContext): void;
+
   //中文域名是否需要punycode转码，如果返回True，则使用punycode来添加解析记录，否则使用中文域名添加解析记录
   usePunyCode(): boolean;
 }

packages/plugins/plugin-cert/src/dns-provider/base.ts

@@ -1,7 +1,7 @@
 import { CreateRecordOptions, DnsProviderContext, DnsProviderDefine, IDnsProvider, RemoveRecordOptions } from "./api.js";
 import { dnsProviderRegistry } from "./registry.js";
 import { HttpClient, ILogger } from "@certd/basic";
-
+import punycode from "punycode.js";
 export abstract class AbstractDnsProvider<T = any> implements IDnsProvider<T> {
   ctx!: DnsProviderContext;
   http!: HttpClient;
@@ -13,6 +13,22 @@ export abstract class AbstractDnsProvider<T = any> implements IDnsProvider<T> {
     return false;
   }
 
+  /**
+   * 中文转英文
+   * @param domain
+   */
+  punyCodeEncode(domain: string) {
+    return punycode.toASCII(domain);
+  }
+
+  /**
+   * 转中文域名
+   * @param domain
+   */
+  punyCodeDecode(domain: string) {
+    return punycode.toUnicode(domain);
+  }
+
   setCtx(ctx: DnsProviderContext) {
     this.ctx = ctx;
     this.logger = ctx.logger;

packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts

@@ -6,7 +6,7 @@ import { Challenge } from "@certd/acme-client/types/rfc8555";
 import { IContext } from "@certd/pipeline";
 import { ILogger, utils } from "@certd/basic";
 import { IDnsProvider, IDomainParser } from "../../dns-provider/index.js";
-import punycode from "node:punycode";
+import punycode from "punycode.js";
 import { IOssClient } from "@certd/plugin-lib";
 export type CnameVerifyPlan = {
   type?: string;
@@ -233,16 +233,18 @@ export class AcmeService {
     let dnsProvider = providers.dnsProvider;
     let fullRecord = `_acme-challenge.${fullDomain}`;
 
+    const origDomain = punycode.toUnicode(domain);
+    const origFullDomain = punycode.toUnicode(fullDomain);
     if (providers.domainsVerifyPlan) {
       //按照计划执行
-      const domainVerifyPlan = providers.domainsVerifyPlan[domain];
+      const domainVerifyPlan = providers.domainsVerifyPlan[origDomain];
       if (domainVerifyPlan) {
         if (domainVerifyPlan.type === "dns") {
           dnsProvider = domainVerifyPlan.dnsProvider;
         } else if (domainVerifyPlan.type === "cname") {
           const cnameVerifyPlan = domainVerifyPlan.cnameVerifyPlan;
           if (cnameVerifyPlan) {
-            const cname = cnameVerifyPlan[fullDomain];
+            const cname = cnameVerifyPlan[origFullDomain];
             if (cname) {
               dnsProvider = cname.dnsProvider;
               domain = await this.options.domainParser.parse(cname.domain);

packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts

@@ -5,6 +5,7 @@ import path from "path";
 import { CertificateInfo, crypto } from "@certd/acme-client";
 import { ILogger } from "@certd/basic";
 import dayjs from "dayjs";
+import { uniq } from "lodash-es";
 
 export type CertReaderHandleContext = {
   reader: CertReader;
@@ -90,7 +91,8 @@ export class CertReader {
     const { detail } = this.getCrtDetail();
     const domains = [detail.domains.commonName];
     domains.push(...detail.domains.altNames);
-    return domains;
+    //去重
+    return uniq(domains);
   }
 
   getAltNames() {

packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts

@@ -80,17 +80,29 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
   legoEabAccessId!: number;
 
   @TaskInput({
-    title: "自定义LEGO参数",
+    title: "自定义LEGO全局参数",
     component: {
       name: "a-input",
       vModel: "value",
       placeholder: "--dns-timeout 30",
     },
-    helper: "额外的lego命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
+    helper: "额外的lego全局命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
     maybeNeed: true,
   })
   customArgs = "";
 
+  @TaskInput({
+    title: "自定义LEGO签名参数",
+    component: {
+      name: "a-input",
+      vModel: "value",
+      placeholder: "--no-bundle",
+    },
+    helper: "额外的lego签名命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
+    maybeNeed: true,
+  })
+  customCommandOptions = "";
+
   @TaskInput({
     title: "加密算法",
     value: "ec256",
@@ -205,7 +217,7 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
     if (this.acmeServer) {
       serverArgs = ` --server ${this.acmeServer}`;
     }
-    const cmds = [`${legoPath} -a --email "${this.email}" --dns ${this.dnsType} ${keyType} ${domainArgs} ${serverArgs} ${eabArgs} ${savePathArgs}  ${this.customArgs || ""} run`];
+    const cmds = [`${legoPath} -a --email "${this.email}" --dns ${this.dnsType} ${keyType} ${domainArgs} ${serverArgs} ${eabArgs} ${savePathArgs} ${this.customArgs || ""} run ${this.customCommandOptions || ""}`];
 
     await this.ctx.utils.sp.spawn({
       cmd: cmds,

packages/plugins/plugin-lib/CHANGELOG.md

@@ -3,6 +3,20 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Performance Improvements
+
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 **Note:** Version bump only for package @certd/plugin-lib

packages/plugins/plugin-lib/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-lib",
   "private": false,
-  "version": "1.34.9",
+  "version": "1.35.0",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -20,8 +20,8 @@
     "@alicloud/pop-core": "^1.7.10",
     "@alicloud/tea-util": "^1.4.10",
     "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.34.9",
-    "@certd/pipeline": "^1.34.9",
+    "@certd/basic": "^1.35.0",
+    "@certd/pipeline": "^1.35.0",
     "@kubernetes/client-node": "0.21.0",
     "ali-oss": "^6.22.0",
     "basic-ftp": "^5.0.5",
@@ -52,5 +52,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "d876ea671137e7a4d99a23bb8a5baed06f119dfb"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/plugins/plugin-lib/src/ssh/ssh.ts

@@ -165,10 +165,16 @@ export class AsyncSsh2Client {
     });
   }
 
+  /**
+   *
+   * @param script
+   * @param opts {withStdErr 返回{stdOut,stdErr}}
+   */
   async exec(
     script: string,
     opts: {
       throwOnStdErr?: boolean;
+      withStdErr?: boolean;
       env?: any;
     } = {}
   ): Promise<string> {
@@ -193,6 +199,7 @@ export class AsyncSsh2Client {
           return;
         }
         let data = "";
+        let stdErr = "";
         let hasErrorLog = false;
         stream
           .on("close", (code: any, signal: any) => {
@@ -205,7 +212,15 @@ export class AsyncSsh2Client {
             }
 
             if (code === 0) {
-              resolve(data);
+              if (opts.withStdErr === true) {
+                //@ts-ignore
+                resolve({
+                  stdErr,
+                  stdOut: data,
+                });
+              } else {
+                resolve(data);
+              }
             } else {
               reject(new Error(data));
             }
@@ -221,7 +236,7 @@ export class AsyncSsh2Client {
           })
           .stderr.on("data", (ret: Buffer) => {
             const err = this.convert(iconv, ret);
-            data += err;
+            stdErr += err;
             hasErrorLog = true;
             this.logger.error(`[${this.connConf.host}][error]: ` + err.trimEnd());
           });
@@ -323,9 +338,6 @@ export class AsyncSsh2Client {
 
 export class SshClient {
   logger: ILogger;
-  constructor(logger: ILogger) {
-    this.logger = logger;
-  }
   /**
    *
    * @param connectConf
@@ -382,6 +394,9 @@ export class SshClient {
       },
     });
   }
+  constructor(logger: ILogger) {
+    this.logger = logger;
+  }
 
   async scpUpload(options: { conn: any; localPath: string; remotePath: string; opts?: { mode?: string } }) {
     const { conn, localPath, remotePath } = options;

packages/ui/certd-client/CHANGELOG.md

@@ -3,6 +3,31 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/ui-client
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
+
+### Performance Improvements
+
+* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+* 增加下载日志按钮 ([6ff509d](https://github.com/certd/certd/commit/6ff509d263c0182645b4692c10b5fedb192db964))
+* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Performance Improvements
+
+* 优化流水线名称过长时的显示 ([6a0cc1b](https://github.com/certd/certd/commit/6a0cc1b1f3ad508f9e4093b3b682b163f12389eb))
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 ### Performance Improvements

packages/ui/certd-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-client",
-  "version": "1.34.9",
+  "version": "1.35.0",
   "private": true,
   "scripts": {
     "dev": "vite --open",
@@ -9,7 +9,7 @@
     "debug": "vite --mode debug --open",
     "debug:pm": "vite --mode debugpm",
     "debug:force": "vite --force --mode debug",
-    "build": "cross-env NODE_OPTIONS=--max-old-space-size=32768 vite build ",
+    "build": "cross-env NODE_OPTIONS=--max-old-space-size=40960 vite build ",
     "dev-build": "echo 1",
     "test:unit": "vitest",
     "serve": "vite preview",
@@ -102,8 +102,8 @@
     "zod-defaults": "^0.1.3"
   },
   "devDependencies": {
-    "@certd/lib-iframe": "^1.34.9",
-    "@certd/pipeline": "^1.34.9",
+    "@certd/lib-iframe": "^1.35.0",
+    "@certd/pipeline": "^1.35.0",
     "@rollup/plugin-commonjs": "^25.0.7",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/chai": "^4.3.12",

packages/ui/certd-client/src/components/index.ts

@@ -15,6 +15,7 @@ import PemInput from "./pem-input.vue";
 import { defineAsyncComponent } from "vue";
 import NotificationSelector from "../views/certd/notification/notification-selector/index.vue";
 import EmailSelector from "./email-selector/index.vue";
+import ValidTimeFormat from "./valid-time-format.vue";
 export default {
   install(app: any) {
     app.component(
@@ -27,6 +28,7 @@ export default {
     app.component("TextEditable", TextEditable);
     app.component("FileInput", FileInput);
     app.component("PemInput", PemInput);
+    app.component("ValidTimeFormat", ValidTimeFormat);
     // app.component("CodeEditor", CodeEditor);
 
     app.component("CronLight", CronLight);

packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/api.ts

@@ -8,6 +8,7 @@ export type CnameRecord = {
   status?: string;
   hostRecord?: string;
   recordValue?: string;
+  error?: string;
 };
 
 export type DomainGroupItem = {

packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue

@@ -13,6 +13,9 @@
       </td>
       <td class="status center flex-center">
         <fs-values-format v-model="cnameRecord.status" :dict="statusDict" />
+        <a-tooltip v-if="cnameRecord.error" :title="cnameRecord.error">
+          <fs-icon class="ml-5 color-red" icon="ion:warning-outline"></fs-icon>
+        </a-tooltip>
       </td>
       <td class="center">
         <template v-if="cnameRecord.status !== 'valid'">

packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-verify-plan.vue

@@ -21,7 +21,7 @@ import CnameRecordInfo from "/@/components/plugins/cert/domains-verify-plan-edit
 import { computed } from "vue";
 
 defineOptions({
-  name: "CnameVerifyPlan"
+  name: "CnameVerifyPlan",
 });
 
 const emit = defineEmits(["update:modelValue", "change"]);

packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/index.vue

@@ -55,6 +55,7 @@
                   </div>
                   <div v-if="item.type === 'http'" class="plan-http">
                     <http-verify-plan v-model="item.httpVerifyPlan" @change="onPlanChanged" />
+                    <div class="helper">证书颁发机构将请求 https://yourdomain/.well-known/acme-challenge/xxxxxx 来验证域名所有权。</div>
                   </div>
                 </div>
               </td>

packages/ui/certd-client/src/components/valid-time-format.vue

@@ -0,0 +1,32 @@
+<template>
+  <div class="valid-time-format">
+    <a-tag v-if="isExpired" color="red">{{ prefix || "" }}已过期</a-tag>
+    <a-tag v-if="isValid" color="green" :title="date">
+      <fs-time-humanize v-if="humanize" :model-value="modelValue" :options="{ largest: 1, units: ['y', 'd', 'h'] }" :use-format-greater="30000000000" />
+      <template v-else> {{ prefix || "" }}{{ date }} </template>
+    </a-tag>
+  </div>
+</template>
+
+<script setup lang="ts">
+import { computed } from "vue";
+import dayjs from "dayjs";
+
+const props = defineProps<{
+  modelValue: number;
+  humanize?: boolean;
+  prefix?: string;
+}>();
+
+const date = computed(() => {
+  return dayjs(props.modelValue || 0).format("YYYY-MM-DD");
+});
+
+const isValid = computed(() => {
+  return props.modelValue > 0 && props.modelValue > new Date().getTime();
+});
+
+const isExpired = computed(() => {
+  return props.modelValue > 0 && props.modelValue < new Date().getTime();
+});
+</script>

packages/ui/certd-client/src/components/vip-button/index.vue

@@ -233,13 +233,13 @@ function openUpgrade() {
       desc: "社区免费版",
       type: "free",
       icon: "lucide:package-open",
-      privilege: ["证书申请无限制", "域名数量无限制", "证书流水线数量无限制", "常用的主机、云平台、cdn等部署插件", "邮件、webhook通知方式"],
+      privilege: ["证书申请无限制", "域名数量无限制", "证书流水线数量无限制", "常用的主机、云平台、cdn、宝塔、1Panel等部署插件", "邮件、webhook通知方式"],
     },
     plus: {
       title: "专业版",
       desc: "开源需要您的赞助支持",
       type: "plus",
-      privilege: ["可加VIP群，您的需求将优先实现", "站点证书监控无限制", "更多通知方式", "插件全开放，更多强大的部署插件，宝塔、群晖、1Panel等"],
+      privilege: ["可加VIP群，您的需求将优先实现", "站点证书监控无限制", "更多通知方式", "插件全开放，群辉等更多插件"],
       trial: {
         title: "点击获取7天试用",
         click: () => {

packages/ui/certd-client/src/plugin/fast-crud/index.tsx

@@ -111,14 +111,19 @@ function install(app: App, options: any = {}) {
               columnSizeSaver.clear();
             },
           },
+          buttons: {
+            export: {
+              show: false,
+            },
+          },
         },
         rowHandle: {
           fixed: "right",
           buttons: {
-            view: { type: "link", text: null, icon: "ion:eye-outline" },
-            copy: { show: true, type: "link", text: null, icon: "ion:copy-outline" },
-            edit: { type: "link", text: null, icon: "ion:create-outline" },
-            remove: { type: "link", style: { color: "red" }, text: null, icon: "ion:trash-outline" },
+            view: { type: "link", text: null, icon: "ion:eye-outline", tooltip: { title: "查看" } },
+            copy: { show: true, type: "link", text: null, icon: "ion:copy-outline", tooltip: { title: "复制" } },
+            edit: { type: "link", text: null, icon: "ion:create-outline", tooltip: { title: "编辑" } },
+            remove: { type: "link", style: { color: "red" }, text: null, icon: "ion:trash-outline", tooltip: { title: "删除" } },
           },
           dropdown: {
             more: {

packages/ui/certd-client/src/router/source/modules/certd.ts

@@ -122,7 +122,7 @@ export const certdResources = [
           },
 
           {
-            title: "OpenKey",
+            title: "开放接口密钥",
             name: "OpenKey",
             path: "/certd/open/openkey",
             component: "/certd/open/openkey/index.vue",

packages/ui/certd-client/src/store/settings/api.basic.ts

@@ -30,6 +30,7 @@ export type PlusInfo = {
 };
 export type SysPublicSetting = {
   registerEnabled?: boolean;
+  userValidTimeEnabled?: boolean;
   usernameRegisterEnabled?: boolean;
   mobileRegisterEnabled?: boolean;
   emailRegisterEnabled?: boolean;

packages/ui/certd-client/src/store/user/api.user.ts

@@ -27,6 +27,8 @@ export interface UserInfoRes {
   avatar?: string;
   roleIds: number[];
   isWeak?: boolean;
+  validTime?: number;
+  status?: number;
 }
 
 export interface LoginRes {

packages/ui/certd-client/src/views/certd/cname/record/crud.tsx

@@ -2,7 +2,7 @@ import * as api from "./api";
 import { useI18n } from "vue-i18n";
 import { Ref, ref } from "vue";
 import { useRouter } from "vue-router";
-import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
+import { AddReq, compute, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
 import { useUserStore } from "/@/store/user";
 import { useSettingStore } from "/@/store/settings";
 import { message } from "ant-design-vue";
@@ -31,7 +31,15 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
   const settingStore = useSettingStore();
   const selectedRowKeys: Ref<any[]> = ref([]);
   context.selectedRowKeys = selectedRowKeys;
-
+  const dictRef = dict({
+    data: [
+      { label: "待设置CNAME", value: "cname", color: "warning" },
+      { label: "验证中", value: "validating", color: "blue" },
+      { label: "验证成功", value: "valid", color: "green" },
+      { label: "验证失败", value: "failed", color: "red" },
+      { label: "验证超时", value: "timeout", color: "red" },
+    ],
+  });
   return {
     crudOptions: {
       settings: {
@@ -174,21 +182,25 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
         status: {
           title: "状态",
           type: "dict-select",
-          dict: dict({
-            data: [
-              { label: "待设置CNAME", value: "cname", color: "warning" },
-              { label: "验证中", value: "validating", color: "blue" },
-              { label: "验证成功", value: "valid", color: "green" },
-              { label: "验证失败", value: "failed", color: "red" },
-              { label: "验证超时", value: "timeout", color: "red" },
-            ],
-          }),
+          dict: dictRef,
           addForm: {
             show: false,
           },
           column: {
             width: 120,
             align: "center",
+            cellRender({ value, row }) {
+              return (
+                <div class={"flex flex-center"}>
+                  <fs-values-format modelValue={value} dict={dictRef}></fs-values-format>
+                  {row.error && (
+                    <a-tooltip title={row.error}>
+                      <fs-icon class={"ml-5 color-red"} icon="ion:warning-outline"></fs-icon>
+                    </a-tooltip>
+                  )}
+                </div>
+              );
+            },
           },
         },
         triggerValidate: {

packages/ui/certd-client/src/views/certd/history/api.ts

@@ -6,7 +6,7 @@ export async function GetList(query: any) {
   return await request({
     url: apiPrefix + "/page",
     method: "post",
-    data: query
+    data: query,
   });
 }
 
@@ -14,7 +14,7 @@ export async function AddObj(obj: any) {
   return await request({
     url: apiPrefix + "/add",
     method: "post",
-    data: obj
+    data: obj,
   });
 }
 
@@ -22,7 +22,7 @@ export async function UpdateObj(obj: any) {
   return await request({
     url: apiPrefix + "/update",
     method: "post",
-    data: obj
+    data: obj,
   });
 }
 
@@ -30,7 +30,7 @@ export async function DelObj(id: any) {
   return await request({
     url: apiPrefix + "/delete",
     method: "post",
-    params: { id }
+    params: { id },
   });
 }
 
@@ -38,7 +38,7 @@ export async function GetObj(id: any) {
   return await request({
     url: apiPrefix + "/info",
     method: "post",
-    params: { id }
+    params: { id },
   });
 }
 
@@ -46,7 +46,7 @@ export async function GetDetail(id: any) {
   return await request({
     url: apiPrefix + "/detail",
     method: "post",
-    params: { id }
+    params: { id },
   });
 }
 
@@ -54,6 +54,6 @@ export async function DeleteBatch(ids: any[]) {
   return await request({
     url: apiPrefix + "/deleteByIds",
     method: "post",
-    data: { ids }
+    data: { ids },
   });
 }

packages/ui/certd-client/src/views/certd/history/crud.tsx

@@ -44,46 +44,46 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             props: {
               multiple: true,
               crossPage: true,
-              selectedRowKeys
-            }
-          }
-        }
+              selectedRowKeys,
+            },
+          },
+        },
       },
       request: {
         pageRequest,
         addRequest,
         editRequest,
-        delRequest
+        delRequest,
       },
       actionbar: {
         buttons: {
           add: {
-            show: false
-          }
-        }
+            show: false,
+          },
+        },
       },
       search: {
         formItem: {
           labelCol: {
             style: {
               // width: "100px"
-            }
+            },
           },
           wrapperCol: {
             style: {
-              width: "50%"
-            }
-          }
-        }
+              width: "50%",
+            },
+          },
+        },
       },
       rowHandle: {
         minWidth: 200,
         fixed: "right",
         buttons: {
           edit: {
-            show: false
-          }
-        }
+            show: false,
+          },
+        },
       },
       columns: {
         id: {
@@ -91,11 +91,11 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           key: "id",
           type: "number",
           column: {
-            width: 100
+            width: 100,
           },
           form: {
-            show: false
-          }
+            show: false,
+          },
         },
         userId: {
           title: "用户Id",
@@ -103,69 +103,69 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           search: {
             show: computed(() => {
               return userStore.isAdmin && settingStore.sysPublic.managerOtherUserPipeline;
-            })
+            }),
           },
           form: {
-            show: false
+            show: false,
           },
           column: {
             show: computed(() => {
               return userStore.isAdmin && settingStore.sysPublic.managerOtherUserPipeline;
             }),
-            width: 100
-          }
+            width: 100,
+          },
         },
         pipelineId: {
           title: "流水线Id",
           type: "number",
           search: {
-            show: true
+            show: true,
           },
           form: {
-            show: false
+            show: false,
           },
           column: {
-            width: 100
-          }
+            width: 100,
+          },
         },
         pipelineTitle: {
           title: "流水线名称",
           type: "text",
           search: {
-            show: true
+            show: true,
           },
           column: {
             width: 300,
+            tooltip: true,
+            ellipsis: true,
             cellRender: ({ row, value }) => {
-              return (
-                <router-link to={{ path: "/certd/pipeline/detail", query: { id: row.pipelineId, editMode: false, historyId: row.id } }}>{value}</router-link>
-              );
-            }
-          }
+              return <router-link to={{ path: "/certd/pipeline/detail", query: { id: row.pipelineId, editMode: false, historyId: row.id } }}>{value}</router-link>;
+            },
+          },
         },
         createTime: {
           title: "创建时间",
           type: "datetime",
           form: {
-            show: false
+            show: false,
           },
           column: {
             sorter: true,
             width: 160,
-            align: "center"
-          }
+            align: "center",
+          },
         },
         updateTime: {
           title: "更新时间",
           type: "datetime",
           form: {
-            show: false
+            show: false,
           },
           column: {
-            show: true
-          }
-        }
-      }
-    }
+            show: true,
+          },
+        },
+      },
+    },
   };
 }

packages/ui/certd-client/src/views/certd/monitor/site/api.ts

@@ -56,6 +56,14 @@ export const siteInfoApi = {
     });
   },
 
+  async Import(form: any) {
+    return await request({
+      url: apiPrefix + "/import",
+      method: "post",
+      data: form,
+    });
+  },
+
   async DisabledChange(id: number, disabled: boolean) {
     return await request({
       url: apiPrefix + "/disabledChange",

packages/ui/certd-client/src/views/certd/monitor/site/crud.tsx

@@ -8,6 +8,7 @@ import { useSettingStore } from "/@/store/settings";
 import { mySuiteApi } from "/@/views/certd/suite/mine/api";
 import { mitter } from "/@/utils/util.mitt";
 import { useSiteIpMonitor } from "./ip/use";
+import { useSiteImport } from "/@/views/certd/monitor/site/use";
 
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const { t } = useI18n();
@@ -44,6 +45,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
   });
 
   const { openSiteIpMonitorDialog } = useSiteIpMonitor();
+  const { openSiteImportDialog } = useSiteImport();
   return {
     crudOptions: {
       request: {
@@ -97,6 +99,19 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
               await crudExpose.openAdd({});
             },
           },
+          //导入按钮
+          import: {
+            show: true,
+            text: "批量导入",
+            type: "primary",
+            async click() {
+              openSiteImportDialog({
+                afterSubmit() {
+                  crudExpose.doRefresh();
+                },
+              });
+            },
+          },
         },
       },
       rowHandle: {
@@ -235,7 +250,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
                 },
               };
               return (
-                <a-popover placement="left" v-slots={slots} overlayStyle={{ maxWidth: "30%" }}>
+                <a-popover placement={"left"} v-slots={slots} overlayStyle={{ maxWidth: "30%" }}>
                   {row.certDomains}
                 </a-popover>
               );

packages/ui/certd-client/src/views/certd/monitor/site/ip/api.ts

@@ -68,4 +68,11 @@ export const siteIpApi = {
       },
     });
   },
+  async Import(form: any) {
+    return await request({
+      url: apiPrefix + "/import",
+      method: "post",
+      data: form,
+    });
+  },
 };

packages/ui/certd-client/src/views/certd/monitor/site/ip/crud.tsx

@@ -4,13 +4,11 @@ import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, Edi
 import { siteIpApi } from "./api";
 import dayjs from "dayjs";
 import { Modal, notification } from "ant-design-vue";
-import { useSettingStore } from "/@/store/settings";
+import { useSiteIpMonitor } from "/@/views/certd/monitor/site/ip/use";
 
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
-  const { t } = useI18n();
   const api = siteIpApi;
 
-  const { crudBinding } = crudExpose;
   const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
     if (!query.query) {
       query.query = {};
@@ -36,8 +34,6 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
     return res;
   };
 
-  const settingsStore = useSettingStore();
-
   const checkStatusDict = dict({
     data: [
       { label: "成功", value: "ok", color: "green" },
@@ -45,6 +41,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
       { label: "异常", value: "error", color: "red" },
     ],
   });
+  const { openSiteIpImportDialog } = useSiteIpMonitor();
   return {
     crudOptions: {
       request: {
@@ -75,6 +72,19 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
               await crudExpose.openAdd({});
             },
           },
+          import: {
+            show: true,
+            text: "批量导入",
+            type: "primary",
+            async click() {
+              openSiteIpImportDialog({
+                siteId: context.props.siteId,
+                afterSubmit() {
+                  crudExpose.doRefresh();
+                },
+              });
+            },
+          },
           load: {
             text: "同步IP",
             type: "primary",
@@ -155,6 +165,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             show: true,
           },
           type: "text",
+          helper: "也支持填写CNAME域名",
           form: {
             rules: [{ required: true, message: "请输入IP" }],
           },
@@ -294,6 +305,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             data: [
               { label: "同步", value: "sync", color: "green" },
               { label: "手动", value: "manual", color: "blue" },
+              { label: "导入", value: "import", color: "blue" },
             ],
           }),
           form: {

packages/ui/certd-client/src/views/certd/monitor/site/ip/use.tsx

@@ -1,11 +1,10 @@
 import { useFormWrapper } from "@fast-crud/fast-crud";
-import { useRouter } from "vue-router";
 
 import SiteIpCertMonitor from "./index.vue";
+import { siteIpApi } from "/@/views/certd/monitor/site/ip/api";
 
 export function useSiteIpMonitor() {
-  const { openDialog } = useFormWrapper();
-  const router = useRouter();
+  const { openDialog, openCrudFormDialog } = useFormWrapper();
 
   async function openSiteIpMonitorDialog(opts: { siteId: number }) {
     await openDialog({
@@ -34,7 +33,42 @@ export function useSiteIpMonitor() {
     });
   }
 
+  async function openSiteIpImportDialog(opts: { afterSubmit: any; siteId: any }) {
+    const { afterSubmit } = opts;
+    await openCrudFormDialog<any>({
+      crudOptions: {
+        columns: {
+          text: {
+            type: "textarea",
+            title: "IP列表",
+            form: {
+              helper: "IP或者CNAME域名，一行一个",
+              rules: [{ required: true, message: "请输入要导入的IP或域名" }],
+              component: {
+                placeholder: "192.168.1.2\ncname.foo.com",
+                rows: 8,
+              },
+              col: {
+                span: 24,
+              },
+            },
+          },
+        },
+        form: {
+          async doSubmit({ form }) {
+            return siteIpApi.Import({
+              ...form,
+              siteId: opts.siteId,
+            });
+          },
+          afterSubmit,
+        },
+      },
+    });
+  }
+
   return {
     openSiteIpMonitorDialog,
+    openSiteIpImportDialog,
   };
 }

packages/ui/certd-client/src/views/certd/monitor/site/use.tsx

@@ -0,0 +1,41 @@
+import { useFormWrapper } from "@fast-crud/fast-crud";
+import { siteInfoApi } from "./api";
+
+export function useSiteImport() {
+  const { openCrudFormDialog } = useFormWrapper();
+
+  async function openSiteImportDialog(opts: { afterSubmit: any }) {
+    const { afterSubmit } = opts;
+    await openCrudFormDialog<any>({
+      crudOptions: {
+        columns: {
+          text: {
+            type: "textarea",
+            title: "域名列表",
+            form: {
+              helper: "格式【域名:端口:名称】，一行一个，其中端口、名称可以省略\n比如：\nwww.baidu.com:443:百度\nwww.taobao.com::淘宝\nwww.google.com",
+              rules: [{ required: true, message: "请输入要导入的域名" }],
+              component: {
+                placeholder: "www.baidu.com:443:百度\nwww.taobao.com::淘宝\nwww.google.com\n",
+                rows: 8,
+              },
+              col: {
+                span: 24,
+              },
+            },
+          },
+        },
+        form: {
+          async doSubmit({ form }) {
+            return siteInfoApi.Import(form);
+          },
+          afterSubmit,
+        },
+      },
+    });
+  }
+
+  return {
+    openSiteImportDialog,
+  };
+}

packages/ui/certd-client/src/views/certd/pipeline/crud.tsx

@@ -223,6 +223,7 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
           play: {
             order: -999,
             title: "运行流水线",
+            tooltip: { title: "运行流水线" },
             type: "link",
             icon: "ant-design:play-circle-outlined",
             click({ row }) {
@@ -276,6 +277,7 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
           viewCert: {
             order: 3,
             title: "查看证书",
+            tooltip: { title: "查看证书" },
             type: "link",
             icon: "ph:certificate",
             async click({ row }) {
@@ -286,6 +288,7 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
             order: 4,
             type: "link",
             title: "下载证书",
+            tooltip: { title: "下载证书" },
             icon: "ant-design:download-outlined",
             async click({ row }) {
               await downloadCert(row);
@@ -345,14 +348,12 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
           },
           column: {
             width: 350,
+            // tooltip: true,
+            ellipsis: true,
             sorter: true,
-            component: {
-              on: {
-                // 注意：必须要on前缀
-                onClick({ row }) {
-                  router.push({ path: "/certd/pipeline/detail", query: { id: row.id, editMode: "false" } });
-                },
-              },
+            showTitle: true,
+            cellRender: ({ row, value }) => {
+              return <router-link to={{ path: "/certd/pipeline/detail", query: { id: row.id, editMode: false } }}>{value}</router-link>;
             },
           },
         },

packages/ui/certd-client/src/views/certd/pipeline/group/group-selector.vue

@@ -1,7 +1,7 @@
 <template>
   <div class="pi-group-selector flex full-w">
     <div class="flex-1">
-      <fs-dict-select :value="modelValue" :dict="groupDictRef" @update:value="doUpdate"></fs-dict-select>
+      <fs-dict-select :value="modelValue" :dict="groupDictRef" :allow-clear="true" @update:value="doUpdate"></fs-dict-select>
     </div>
 
     <fs-table-select

packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/task-view/index.vue

@@ -23,14 +23,11 @@
       </a-tab-pane>
     </a-tabs>
     <template #footer>
-      <a-tooltip title="AI分析异常">
-        <fs-button v-if="settingsStore.sysPublic.aiChatEnabled !== false" key="aiChat" type="primary" icon="ion:color-wand-outline" @click="taskModal.onAiChat">AI分析</fs-button>
-      </a-tooltip>
-      <a-tooltip title="强制重新执行此步骤">
-        <fs-button key="rerun" type="primary" text="重新运行" icon="icon-park-outline:replay-music" @click="triggerRun(activeKey)"></fs-button>
-      </a-tooltip>
-      <fs-button key="cancel" icon="ion:close-circle-outline" @click="taskModal.onOk">关闭</fs-button>
-      <fs-button key="submit" icon="ion:checkmark-circle-outline" type="primary" @click="taskModal.onOk">确定</fs-button>
+      <fs-button v-if="settingsStore.sysPublic.aiChatEnabled !== false" key="aiChat" :tooltip="{ title: 'AI分析异常' }" type="primary" icon="ion:color-wand-outline" @click="taskModal.onAiChat">AI分析</fs-button>
+      <fs-button key="rerun" type="primary" :tooltip="{ title: '强制重新执行此步骤' }" text="重新运行" icon="icon-park-outline:replay-music" @click="triggerRun(activeKey)"></fs-button>
+      <fs-button key="downloadLogs" type="primary" :tooltip="{ title: '当前任务日志下载' }" icon="ion:arrow-down-circle-outline" @click="taskModal.onDownloadLogs">下载日志</fs-button>
+      <fs-button key="cancel" :tooltip="{ title: '关闭窗口' }" icon="ion:close-circle-outline" @click="taskModal.onOk">关闭</fs-button>
+      <!--      <fs-button key="submit" :tooltip="{ title: '关闭窗口' }" icon="ion:checkmark-circle-outline" type="primary" @click="taskModal.onOk">确定</fs-button>-->
     </template>
   </a-modal>
 </template>
@@ -41,6 +38,7 @@ import { RunHistory } from "../../type";
 import PiStatusShow from "/@/views/certd/pipeline/pipeline/component/status-show.vue";
 import { usePreferences } from "/@/vben/preferences";
 import { useSettingStore } from "/@/store/settings/index";
+import { notification } from "ant-design-vue";
 export default {
   name: "PiTaskView",
   components: { PiStatusShow },
@@ -56,6 +54,22 @@ export default {
       onAiChat() {
         onAiChat();
       },
+      onDownloadLogs() {
+        const logs = currentHistory.value?.logs[activeKey.value];
+        if (!logs || logs.length === 0) {
+          notification.warning({
+            message: "没有日志",
+          });
+          return;
+        }
+        const logText = logs.join("");
+        const blob = new Blob([logText], { type: "text/plain;charset=utf-8" });
+        const a = document.createElement("a");
+        a.href = URL.createObjectURL(blob);
+        a.download = "certd-task-log.txt";
+        a.click();
+        URL.revokeObjectURL(a.href);
+      },
       cancelText: "关闭",
     });
     const { isMobile } = usePreferences();

packages/ui/certd-client/src/views/framework/home/dashboard/index.vue

@@ -35,6 +35,10 @@
                 <a-divider type="vertical" />
                 <suite-card class="m-0"></suite-card>
               </template>
+              <template v-if="settingsStore.isPlus && settingsStore.sysPublic.userValidTimeEnabled === true && userInfo.validTime">
+                <a-divider type="vertical" />
+                <valid-time-format class="flex-o" prefix="账户有效期：" :model-value="userInfo.validTime" />
+              </template>
             </div>
           </div>
         </div>

packages/ui/certd-client/src/views/sys/authority/user/crud.tsx

@@ -1,7 +1,9 @@
 import * as api from "./api";
-import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
+import { AddReq, compute, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
 import { useUserStore } from "/@/store/user";
 import { Modal, notification } from "ant-design-vue";
+import dayjs from "dayjs";
+import { useSettingStore } from "/@/store/settings";
 
 export default function ({ crudExpose }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
@@ -21,6 +23,10 @@ export default function ({ crudExpose }: CreateCrudOptionsProps): CreateCrudOpti
 
   const userStore = useUserStore();
 
+  const settingStore = useSettingStore();
+  const userValidTimeEnabled = compute(() => {
+    return settingStore.sysPublic.userValidTimeEnabled === true;
+  });
   return {
     crudOptions: {
       request: {
@@ -210,6 +216,43 @@ export default function ({ crudExpose }: CreateCrudOptionsProps): CreateCrudOpti
             width: 100,
           },
         },
+        validTime: {
+          title: "有效期",
+          type: "date",
+          form: {
+            show: userValidTimeEnabled,
+          },
+          column: {
+            align: "center",
+            sorter: true,
+            width: 100,
+            show: userValidTimeEnabled,
+            cellRender({ value }) {
+              if (value == null || value === 0) {
+                return "";
+              }
+              if (value < dayjs().valueOf()) {
+                return <a-tag color={"red"}>已过期</a-tag>;
+              }
+              const date = dayjs(value).format("YYYY-MM-DD");
+              return (
+                <a-tag color={"green"} title={date}>
+                  <fs-time-humanize modelValue={value} options={{ largest: 1, units: ["y", "d", "h"] }} useFormatGreater={30000000000} />
+                </a-tag>
+              );
+            },
+          },
+          valueBuilder({ value, row, key }) {
+            if (value != null) {
+              row[key] = dayjs(value);
+            }
+          },
+          valueResolve({ value, row, key }) {
+            if (value != null) {
+              row[key] = value.valueOf();
+            }
+          },
+        },
         remark: {
           title: "备注",
           type: "text",

packages/ui/certd-client/src/views/sys/settings/tabs/register.vue

@@ -11,6 +11,13 @@
       <a-form-item label="开启自助注册" :name="['public', 'registerEnabled']">
         <a-switch v-model:checked="formState.public.registerEnabled" />
       </a-form-item>
+      <a-form-item label="开启用户有效期" :name="['public', 'userValidTimeEnabled']">
+        <div class="flex-o">
+          <a-switch v-model:checked="formState.public.userValidTimeEnabled" :disabled="!settingsStore.isPlus" />
+          <vip-button class="ml-5" mode="button"></vip-button>
+        </div>
+        <div class="helper">有效期内用户可正常使用，失效后流水线将被停用</div>
+      </a-form-item>
       <template v-if="formState.public.registerEnabled">
         <a-form-item label="开启用户名注册" :name="['public', 'usernameRegisterEnabled']">
           <a-switch v-model:checked="formState.public.usernameRegisterEnabled" />
@@ -154,6 +161,14 @@ async function loadSysSettings() {
   if (data?.private.sms?.type) {
     await loadTypeDefine(data.private.sms.type);
   }
+  if (!settingsStore.isPlus) {
+    formState.public.userValidTimeEnabled = false;
+    formState.public.emailRegisterEnabled = false;
+  }
+
+  if (!settingsStore.isComm) {
+    formState.public.smsLoginEnabled = false;
+  }
 }
 
 const saveLoading = ref(false);

packages/ui/certd-server/.env.dev-mysql.yaml

@@ -9,6 +9,6 @@ typeorm:
       port: 3309
       username: root
       password: root
-      database: certd2
+      database: certd
 
 

packages/ui/certd-server/CHANGELOG.md

@@ -3,6 +3,42 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复用户最大流水线数量校验的问题 ([919f70a](https://github.com/certd/certd/commit/919f70a5fd2842ca69f96f1659bb5a7ba3f73776))
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+* 修复cv4pve sdk (proxmox插件连接失败时无法正常结束任务的bug) ([49f26b4](https://github.com/certd/certd/commit/49f26b4049a0549b0270395157e96e8f04a68bc4))
+* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
+* 修复flexcdn证书commonNames错误的问题 ([ace363f](https://github.com/certd/certd/commit/ace363fa355436e769b27f71cc487d30d6441780))
+
+### Performance Improvements
+
+* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Bug Fixes
+
+* **flexcdn:** fix cert upload and skipSslVerify required ([c48da5d](https://github.com/certd/certd/commit/c48da5dea7f0f0cdeae643b106b4a678acc3b14b))
+
+### Performance Improvements
+
+* 阿里云CLB支持部署到扩展域名 ([0e8339c](https://github.com/certd/certd/commit/0e8339c70190890d449099e1d26e5ed06ff135fb))
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
 ## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
 
 ### Bug Fixes

packages/ui/certd-server/db/migration-mysql/v10024__cname_error.sql

@@ -0,0 +1,3 @@
+
+ALTER TABLE cd_cname_record ADD COLUMN `error` varchar(4096);
+ALTER TABLE sys_user ADD COLUMN `valid_time` bigint;

packages/ui/certd-server/db/migration-pg/v10024__cname_error.sql

@@ -0,0 +1,3 @@
+
+ALTER TABLE cd_cname_record ADD COLUMN "error" varchar(4096);
+ALTER TABLE sys_user ADD COLUMN "valid_time" bigint;

packages/ui/certd-server/db/migration/v10024__cname_error.sql

@@ -0,0 +1,3 @@
+
+ALTER TABLE cd_cname_record ADD COLUMN "error" varchar(4096);
+ALTER TABLE sys_user ADD COLUMN "valid_time" integer;

packages/ui/certd-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-server",
-  "version": "1.34.9",
+  "version": "1.35.0",
   "description": "fast-server base midway",
   "private": true,
   "type": "module",
@@ -40,21 +40,22 @@
     "@alicloud/tea-util": "^1.4.10",
     "@aws-sdk/client-acm": "^3.699.0",
     "@aws-sdk/client-cloudfront": "^3.699.0",
+    "@aws-sdk/client-iam": "^3.699.0",
     "@aws-sdk/client-s3": "^3.705.0",
-    "@certd/acme-client": "^1.34.9",
-    "@certd/basic": "^1.34.9",
-    "@certd/commercial-core": "^1.34.9",
-    "@certd/jdcloud": "^1.34.9",
-    "@certd/lib-huawei": "^1.34.9",
-    "@certd/lib-k8s": "^1.34.9",
-    "@certd/lib-server": "^1.34.9",
-    "@certd/midway-flyway-js": "^1.34.9",
-    "@certd/pipeline": "^1.34.9",
-    "@certd/plugin-cert": "^1.34.9",
-    "@certd/plugin-lib": "^1.34.9",
-    "@certd/plugin-plus": "^1.34.9",
-    "@certd/plus-core": "^1.34.9",
-    "@corsinvest/cv4pve-api-javascript": "^8.3.0",
+    "@certd/acme-client": "^1.35.0",
+    "@certd/basic": "^1.35.0",
+    "@certd/commercial-core": "^1.35.0",
+    "@certd/cv4pve-api-javascript": "^8.4.1",
+    "@certd/jdcloud": "^1.35.0",
+    "@certd/lib-huawei": "^1.35.0",
+    "@certd/lib-k8s": "^1.35.0",
+    "@certd/lib-server": "^1.35.0",
+    "@certd/midway-flyway-js": "^1.35.0",
+    "@certd/pipeline": "^1.35.0",
+    "@certd/plugin-cert": "^1.35.0",
+    "@certd/plugin-lib": "^1.35.0",
+    "@certd/plugin-plus": "^1.35.0",
+    "@certd/plus-core": "^1.35.0",
     "@huaweicloud/huaweicloud-sdk-cdn": "^3.1.120",
     "@huaweicloud/huaweicloud-sdk-core": "^3.1.120",
     "@koa/cors": "^5.0.0",
@@ -104,6 +105,7 @@
     "otplib": "^12.0.1",
     "pg": "^8.12.0",
     "psl": "^1.9.0",
+    "punycode.js": "^2.3.1",
     "qiniu": "^7.12.0",
     "qrcode": "^1.5.4",
     "qs": "^6.13.1",

packages/ui/certd-server/src/config/config.default.ts

@@ -19,6 +19,12 @@ import path from 'path';
 const env = process.env.NODE_ENV || 'development';
 
 const development = {
+  midwayLogger: {
+    default: {
+      dir: './logs',
+    },
+    // ...
+  },
   keys: 'certd',
   koa: {
     port: 7001,

packages/ui/certd-server/src/controller/user/monitor/site-info-controller.ts

@@ -105,6 +105,17 @@ export class SiteInfoController extends CrudController<SiteInfoService> {
     await this.service.checkAllByUsers(userId);
     return this.ok();
   }
+
+  @Post('/import', { summary: Constants.per.authOnly })
+  async doImport(@Body(ALL) body: any) {
+    const userId = this.getUserId();
+    await this.service.doImport({
+      text:body.text,
+      userId
+    })
+    return this.ok();
+  }
+
   @Post('/ipCheckChange', { summary: Constants.per.authOnly })
   async ipCheckChange(@Body(ALL) bean: any) {
     const userId = this.getUserId();

packages/ui/certd-server/src/controller/user/monitor/site-ip-controller.ts

@@ -111,5 +111,16 @@ export class SiteInfoController extends CrudController<SiteIpService> {
     return this.ok();
   }
 
+  @Post('/import', { summary: Constants.per.authOnly })
+  async doImport(@Body(ALL) body: any) {
+    const userId = this.getUserId();
+    await this.service.doImport({
+      text:body.text,
+      userId,
+      siteId:body.siteId
+    })
+    return this.ok();
+  }
+
 
 }

packages/ui/certd-server/src/modules/cname/entity/cname-record.ts

@@ -26,6 +26,9 @@ export class CnameRecordEntity {
   @Column({ comment: '验证状态', length: 20 })
   status: string;
 
+  @Column({ comment: '错误信息' })
+  error: string
+
   @Column({
     comment: '创建时间',
     name: 'create_time',

packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts

@@ -6,13 +6,13 @@ import {CnameRecordEntity, CnameRecordStatusType} from '../entity/cname-record.j
 import {createDnsProvider, IDnsProvider} from '@certd/plugin-cert';
 import {CnameProvider, CnameRecord} from '@certd/pipeline';
 import {cache, http, isDev, logger, utils} from '@certd/basic';
-import {walkTxtRecord} from '@certd/acme-client';
+import {getAuthoritativeDnsResolver, walkTxtRecord} from '@certd/acme-client';
 import {CnameProviderService} from './cname-provider-service.js';
 import {CnameProviderEntity} from '../entity/cname-provider.js';
 import {CommonDnsProvider} from './common-provider.js';
 import {SubDomainService, SubDomainsGetter} from "../../pipeline/service/sub-domain-service.js";
 import {DomainParser} from "@certd/plugin-cert/dist/dns-provider/domain-parser.js";
-
+import punycode from 'punycode.js'
 type CnameCheckCacheValue = {
   validating: boolean;
   pass: boolean;
@@ -22,11 +22,12 @@ type CnameCheckCacheValue = {
   intervalId?: NodeJS.Timeout;
   dnsProvider?: IDnsProvider;
 };
+
 /**
  * 授权
  */
 @Provide()
-@Scope(ScopeEnum.Request, { allowDowngrade: true })
+@Scope(ScopeEnum.Request, {allowDowngrade: true})
 export class CnameRecordService extends BaseService<CnameRecordEntity> {
   @InjectEntityModel(CnameRecordEntity)
   repository: Repository<CnameRecordEntity>;
@@ -47,6 +48,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
   getRepository() {
     return this.repository;
   }
+
   /**
    * 新增
    * @param param 数据
@@ -62,7 +64,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
       param.domain = param.domain.substring(2);
     }
     param.domain = param.domain.trim()
-    const info = await this.getRepository().findOne({ where: { domain: param.domain,userId: param.userId } });
+    const info = await this.getRepository().findOne({where: {domain: param.domain, userId: param.userId}});
     if (info) {
       return info;
     }
@@ -77,17 +79,17 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
     } else {
       cnameProvider = await this.cnameProviderService.info(param.cnameProviderId);
     }
-    await this.cnameProviderChanged(param.userId,param, cnameProvider);
+    await this.cnameProviderChanged(param.userId, param, cnameProvider);
 
     param.status = 'cname';
-    const { id } = await super.add(param);
+    const {id} = await super.add(param);
     return await this.info(id);
   }
 
-  private async cnameProviderChanged(userId:number,param: any, cnameProvider: CnameProviderEntity) {
+  private async cnameProviderChanged(userId: number, param: any, cnameProvider: CnameProviderEntity) {
     param.cnameProviderId = cnameProvider.id;
 
-    const subDomainGetter =  new SubDomainsGetter(userId, this.subDomainService)
+    const subDomainGetter = new SubDomainsGetter(userId, this.subDomainService)
     const domainParser = new DomainParser(subDomainGetter);
 
     const realDomain = await domainParser.parse(param.domain);
@@ -117,7 +119,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
     }
     if (old.cnameProviderId !== param.cnameProviderId) {
       const cnameProvider = await this.cnameProviderService.info(param.cnameProviderId);
-      await this.cnameProviderChanged(old.userId,param, cnameProvider);
+      await this.cnameProviderChanged(old.userId, param, cnameProvider);
       param.status = 'cname';
     }
     return await super.update(param);
@@ -157,10 +159,10 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
     if (userId == null) {
       throw new ValidateException('userId不能为空');
     }
-    let record = await this.getRepository().findOne({ where: { domain, userId } });
+    let record = await this.getRepository().findOne({where: {domain, userId}});
     if (record == null) {
       if (createOnNotFound) {
-        record = await this.add({ domain, userId });
+        record = await this.add({domain, userId});
       } else {
         throw new ValidateException(`找不到${domain}的CNAME记录`);
       }
@@ -191,7 +193,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
       return true;
     }
 
-    const subDomainGetter =  new SubDomainsGetter(bean.userId, this.subDomainService)
+    const subDomainGetter = new SubDomainsGetter(bean.userId, this.subDomainService)
     const domainParser = new DomainParser(subDomainGetter);
 
     const cacheKey = `cname.record.verify.${bean.id}`;
@@ -208,7 +210,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
     if (isDev()) {
       ttl = 30 * 1000;
     }
-    const testRecordValue = 'certd-cname-verify';
+    const testRecordValue = `certd-cname-verify-${bean.id}`;
 
     const buildDnsProvider = async () => {
       const cnameProvider = await this.cnameProviderService.info(bean.cnameProviderId);
@@ -228,7 +230,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
       }
 
       const access = await this.accessService.getById(cnameProvider.accessId, cnameProvider.userId);
-      const context = { access, logger, http, utils,domainParser };
+      const context = {access, logger, http, utils, domainParser};
       const dnsProvider: IDnsProvider = await createDnsProvider({
         dnsProviderType: cnameProvider.dnsProviderType,
         context,
@@ -239,7 +241,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
     const clearVerifyRecord = async () => {
       cache.delete(cacheKey);
       try {
-        let dnsProvider =value.dnsProvider
+        let dnsProvider = value.dnsProvider
         if (!dnsProvider) {
           dnsProvider = await buildDnsProvider();
         }
@@ -271,6 +273,9 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
 
       logger.info(`检查CNAME配置 ${fullDomain} ${testRecordValue}`);
 
+      //检查是否有重复的acme配置
+      await this.checkRepeatAcmeChallengeRecords(fullDomain,bean.recordValue)
+
       // const txtRecords = await dns.promises.resolveTxt(fullDomain);
       // if (txtRecords.length) {
       //   records = [].concat(...txtRecords);
@@ -286,7 +291,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
       if (success) {
         clearInterval(value.intervalId);
         logger.info(`检测到CNAME配置,修改状态 ${fullDomain} ${testRecordValue}`);
-        await this.updateStatus(bean.id, 'valid');
+        await this.updateStatus(bean.id, 'valid', "");
         value.pass = true;
         await clearVerifyRecord()
         return success;
@@ -312,24 +317,102 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
       type: 'TXT',
       value: testRecordValue,
     };
+
     const dnsProvider = await buildDnsProvider();
+    if(dnsProvider.usePunyCode()){
+      //是否需要中文转英文
+      req.domain = dnsProvider.punyCodeEncode(req.domain)
+      req.fullRecord = dnsProvider.punyCodeEncode(req.fullRecord)
+      req.hostRecord = dnsProvider.punyCodeEncode(req.hostRecord)
+      req.value = dnsProvider.punyCodeEncode(req.value)
+    }
     const recordRes = await dnsProvider.createRecord(req);
     value.dnsProvider = dnsProvider;
     value.validating = true;
     value.recordReq = req;
     value.recordRes = recordRes;
-    await this.updateStatus(bean.id, 'validating');
+    await this.updateStatus(bean.id, 'validating', "");
 
     value.intervalId = setInterval(async () => {
       try {
         await checkRecordValue();
       } catch (e) {
         logger.error('检查cname出错：', e);
+        await this.updateError(bean.id, e.message);
       }
     }, 10000);
   }
 
-  async updateStatus(id: number, status: CnameRecordStatusType) {
-    await this.getRepository().update(id, { status });
+  async updateStatus(id: number, status: CnameRecordStatusType, error?: string) {
+    const updated: any = {status}
+    if (error != null) {
+      updated.error = error
+    }
+    await this.getRepository().update(id, updated);
+  }
+
+  async updateError(id: number, error: string) {
+    await this.getRepository().update(id, {error});
+  }
+
+  async checkRepeatAcmeChallengeRecords(acmeRecordDomain: string,targetCnameDomain:string) {
+
+    let dnsResolver = null
+    try{
+      dnsResolver = await getAuthoritativeDnsResolver(acmeRecordDomain)
+    }catch (e) {
+      logger.error(`获取${acmeRecordDomain}的权威DNS服务器失败，${e.message}`)
+      return
+    }
+    let cnameRecords = []
+    try{
+      cnameRecords = await dnsResolver.resolveCname(acmeRecordDomain);
+    }catch (e) {
+      logger.error(`查询CNAME记录失败：${e.message}`)
+      return
+    }
+    targetCnameDomain = targetCnameDomain.toLowerCase()
+    targetCnameDomain = punycode.toASCII(targetCnameDomain)
+    if (cnameRecords.length > 0) {
+      for (const cnameRecord of cnameRecords) {
+        if(cnameRecord.toLowerCase() !== targetCnameDomain){
+          //确保只有一个cname记录
+          throw new Error(`${acmeRecordDomain}存在多个CNAME记录，请删除多余的CNAME记录：${cnameRecord}`)
+        }
+      }
+
+    }
+
+    // 确保权威服务器里面没有纯粹的TXT记录
+    let txtRecords = []
+    try{
+      const txtRecordRes = await dnsResolver.resolveTxt(acmeRecordDomain);
+
+      if (txtRecordRes && txtRecordRes.length > 0) {
+        logger.info(`找到 ${txtRecordRes.length} 条 TXT记录（ ${acmeRecordDomain}）`);
+        logger.info(`TXT records: ${JSON.stringify(txtRecords)}`);
+        txtRecords = txtRecords.concat(...txtRecordRes);
+      }
+    }catch (e) {
+      logger.error(`查询Txt记录失败：${e.message}`)
+    }
+
+    if (txtRecords.length === 0) {
+      //如果权威服务器中查不到txt，无需继续检查
+      return
+    }
+    if (cnameRecords.length > 0) {
+      // 从cname记录中获取txt记录
+      // 对比是否存在，如果不存在于cname中获取的txt中，说明本体有创建多余的txt记录
+      const res = await walkTxtRecord(cnameRecords[0]);
+      if (res.length > 0) {
+        for (const txtRecord of txtRecords) {
+          if (!res.includes(txtRecord)) {
+            throw new Error(`${acmeRecordDomain}存在多个TXT记录，请删除多余的TXT记录:${txtRecord}`)
+          }
+        }
+      }
+    }
+
   }
 }

packages/ui/certd-server/src/modules/cname/service/common-provider.ts

@@ -1,6 +1,6 @@
 import {CreateRecordOptions, DnsProviderContext, IDnsProvider, RemoveRecordOptions} from '@certd/plugin-cert';
 import {PlusService} from '@certd/lib-server';
-
+import punycode from 'punycode.js'
 export type CommonCnameProvider = {
   id: number;
   domain: string;
@@ -24,6 +24,23 @@ export class CommonDnsProvider implements IDnsProvider {
     this.plusService = opts.plusService;
   }
 
+  /**
+   * 中文转英文
+   * @param domain
+   */
+  punyCodeEncode(domain: string) {
+    return punycode.encode(domain);
+  }
+
+  /**
+   * 转中文域名
+   * @param domain
+   */
+  punyCodeDecode(domain: string) {
+    return punycode.decode(domain);
+  }
+
+
   usePunyCode(): boolean {
     return false
   }

packages/ui/certd-server/src/modules/monitor/service/site-info-service.ts

@@ -1,19 +1,19 @@
-import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
-import { BaseService, NeedSuiteException, NeedVIPException, SysSettingsService } from '@certd/lib-server';
-import { InjectEntityModel } from '@midwayjs/typeorm';
-import { Repository } from 'typeorm';
-import { SiteInfoEntity } from '../entity/site-info.js';
-import { siteTester } from './site-tester.js';
-import dayjs from 'dayjs';
-import { logger, utils } from '@certd/basic';
-import { PeerCertificate } from 'tls';
-import { NotificationService } from '../../pipeline/service/notification-service.js';
-import { isComm, isPlus } from '@certd/plus-core';
-import { UserSuiteService } from '@certd/commercial-core';
+import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
+import { BaseService, NeedSuiteException, NeedVIPException, SysSettingsService } from "@certd/lib-server";
+import { InjectEntityModel } from "@midwayjs/typeorm";
+import { Repository } from "typeorm";
+import { SiteInfoEntity } from "../entity/site-info.js";
+import { siteTester } from "./site-tester.js";
+import dayjs from "dayjs";
+import { logger, utils } from "@certd/basic";
+import { PeerCertificate } from "tls";
+import { NotificationService } from "../../pipeline/service/notification-service.js";
+import { isComm, isPlus } from "@certd/plus-core";
+import { UserSuiteService } from "@certd/commercial-core";
 import { UserSettingsService } from "../../mine/service/user-settings-service.js";
-import {  UserSiteMonitorSetting } from "../../mine/service/models.js";
-import {SiteIpService} from "./site-ip-service.js";
-import {SiteIpEntity} from "../entity/site-ip.js";
+import { UserSiteMonitorSetting } from "../../mine/service/models.js";
+import { SiteIpService } from "./site-ip-service.js";
+import { SiteIpEntity } from "../entity/site-ip.js";
 
 @Provide()
 @Scope(ScopeEnum.Request, { allowDowngrade: true })
@@ -43,7 +43,7 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
 
   async add(data: SiteInfoEntity) {
     if (!data.userId) {
-      throw new Error('userId is required');
+      throw new Error("userId is required");
     }
 
     if (isComm()) {
@@ -51,25 +51,34 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
       if (suiteSetting.enabled) {
         const userSuite = await this.userSuiteService.getMySuiteDetail(data.userId);
         if (userSuite.monitorCount.max != -1 && userSuite.monitorCount.max <= userSuite.monitorCount.used) {
-          throw new NeedSuiteException('站点监控数量已达上限，请购买或升级套餐');
+          throw new NeedSuiteException("站点监控数量已达上限，请购买或升级套餐");
         }
       }
-    }else if (!isPlus()) {
-        const count = await this.getUserMonitorCount(data.userId);
-        if (count >= 1) {
-          throw new NeedVIPException('站点监控数量已达上限，请升级专业版');
-        }
+    } else if (!isPlus()) {
+      const count = await this.getUserMonitorCount(data.userId);
+      if (count >= 1) {
+        throw new NeedVIPException("站点监控数量已达上限，请升级专业版");
+      }
+    }
+    data.disabled = false;
+
+    const found = await this.repository.findOne({
+      where: {
+        domain: data.domain,
+        userId: data.userId,
+        httpsPort: data.httpsPort || 443
+      }
+    });
+    if (found) {
+      return { id: found.id };
     }
 
-
-
-    data.disabled = false;
     return await super.add(data);
   }
 
   async update(data: any) {
     if (!data.id) {
-      throw new Error('id is required');
+      throw new Error("id is required");
     }
     delete data.userId;
     await super.update(data);
@@ -77,10 +86,10 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
 
   async getUserMonitorCount(userId: number) {
     if (!userId) {
-      throw new Error('userId is required');
+      throw new Error("userId is required");
     }
     return await this.repository.count({
-      where: { userId },
+      where: { userId }
     });
   }
 
@@ -92,26 +101,26 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
    */
   async doCheck(site: SiteInfoEntity, notify = true, retryTimes = 3) {
     if (!site?.domain) {
-      throw new Error('站点域名不能为空');
+      throw new Error("站点域名不能为空");
     }
     try {
       await this.update({
         id: site.id,
-        checkStatus: 'checking',
-        lastCheckTime: dayjs().valueOf(),
+        checkStatus: "checking",
+        lastCheckTime: dayjs().valueOf()
       });
       const res = await siteTester.test({
         host: site.domain,
         port: site.httpsPort,
-        retryTimes,
+        retryTimes
       });
 
       const certi: PeerCertificate = res.certificate;
       if (!certi) {
-        throw new Error('没有发现证书');
+        throw new Error("没有发现证书");
       }
       const expires = certi.valid_to;
-      const allDomains = certi.subjectaltname?.replaceAll('DNS:', '').split(',') ||[];
+      const allDomains = certi.subjectaltname?.replaceAll("DNS:", "").split(",") || [];
       const mainDomain = certi.subject?.CN;
       let domains = allDomains;
       if (!allDomains.includes(mainDomain)) {
@@ -119,23 +128,26 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
       }
       const issuer = `${certi.issuer.O}<${certi.issuer.CN}>`;
       const isExpired = dayjs().valueOf() > dayjs(expires).valueOf();
-      const status = isExpired ? 'expired' : 'ok';
+      const status = isExpired ? "expired" : "ok";
       const updateData = {
         id: site.id,
-        certDomains: domains.join(','),
+        certDomains: domains.join(","),
         certStatus: status,
         certProvider: issuer,
         certExpiresTime: dayjs(expires).valueOf(),
         lastCheckTime: dayjs().valueOf(),
         error: null,
-        checkStatus: 'ok',
+        checkStatus: "ok"
       };
 
+      if (site.ipCheck) {
+       delete updateData.checkStatus
+      }
       await this.update(updateData);
 
 
       //检查ip
-      await this.checkAllIp(site)
+      await this.checkAllIp(site);
 
       if (!notify) {
         return;
@@ -143,15 +155,15 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
       try {
         await this.sendExpiresNotify(site);
       } catch (e) {
-        logger.error('send notify error', e);
+        logger.error("send notify error", e);
       }
     } catch (e) {
-      logger.error('check site error', e);
+      logger.error("check site error", e);
       await this.update({
         id: site.id,
-        checkStatus: 'error',
+        checkStatus: "error",
         lastCheckTime: dayjs().valueOf(),
-        error: e.message,
+        error: e.message
       });
       if (!notify) {
         return;
@@ -159,49 +171,56 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
       try {
         await this.sendCheckErrorNotify(site);
       } catch (e) {
-        logger.error('send notify error', e);
+        logger.error("send notify error", e);
       }
     }
   }
 
-  async checkAllIp(site:SiteInfoEntity){
-    if( !site.ipCheck){
+  async checkAllIp(site: SiteInfoEntity) {
+    if (!site.ipCheck) {
       return;
     }
     const certExpiresTime = site.certExpiresTime;
-    const onFinished = async (list:SiteIpEntity[])=>{
-      let errorCount = 0
-      let errorMessage = ""
+    const onFinished = async (list: SiteIpEntity[]) => {
+      let errorCount = 0;
+      let errorMessage = "";
       for (const item of list) {
         if (!item) {
           continue;
         }
-        errorCount++
-        if(item.error){
-          errorMessage += `${item.ipAddress}：${item.error}； \n`
-        }else if(item.certExpiresTime!==certExpiresTime){
-          errorMessage += `${item.ipAddress}：与主站证书过期时间不一致； \n`
-        }else{
-          errorCount--
+        errorCount++;
+        if (item.error) {
+          errorMessage += `${item.ipAddress}：${item.error}； \n`;
+        } else if (item.certExpiresTime !== certExpiresTime) {
+          errorMessage += `${item.ipAddress}：与主站证书过期时间不一致； \n`;
+        } else {
+          errorCount--;
         }
       }
-      if (errorCount<=0){
-        return
+      if (errorCount <= 0) {
+        //检查正常
+        await this.update({
+          id: site.id,
+          checkStatus: "ok",
+          error: "",
+          ipErrorCount: 0
+        });
+        return;
       }
       await this.update({
         id: site.id,
-        checkStatus: 'error',
+        checkStatus: "error",
         error: errorMessage,
-        ipErrorCount: errorCount,
-      })
+        ipErrorCount: errorCount
+      });
       try {
-        site = await this.info(site.id)
-        await this.sendCheckErrorNotify(site,true);
+        site = await this.info(site.id);
+        await this.sendCheckErrorNotify(site, true);
       } catch (e) {
-        logger.error('send notify error', e);
+        logger.error("send notify error", e);
       }
-    }
-    await this.siteIpService.checkAll(site,onFinished)
+    };
+    await this.siteIpService.checkAll(site, onFinished);
   }
 
   /**
@@ -213,13 +232,13 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
   async check(id: number, notify = false, retryTimes = 3) {
     const site = await this.info(id);
     if (!site) {
-      throw new Error('站点不存在');
+      throw new Error("站点不存在");
     }
     return await this.doCheck(site, notify, retryTimes);
   }
 
-  async sendCheckErrorNotify(site: SiteInfoEntity,fromIpCheck=false) {
-    const url = await this.notificationService.getBindUrl('#/certd/monitor/site');
+  async sendCheckErrorNotify(site: SiteInfoEntity, fromIpCheck = false) {
+    const url = await this.notificationService.getBindUrl("#/certd/monitor/site");
     // 发邮件
     await this.notificationService.send(
       {
@@ -227,22 +246,23 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
         logger: logger,
         body: {
           url,
-          title: `站点证书${fromIpCheck?"(IP)":""}检查出错<${site.name}>`,
+          title: `站点证书${fromIpCheck ? "(IP)" : ""}检查出错<${site.name}>`,
           content: `站点名称： ${site.name} \n站点域名： ${site.domain} \n错误信息：${site.error}`,
-          errorMessage: site.error,
-        },
+          errorMessage: site.error
+        }
       },
       site.userId
     );
   }
+
   async sendExpiresNotify(site: SiteInfoEntity) {
 
-    const tipDays = 10
+    const tipDays = 10;
 
     const expires = site.certExpiresTime;
-    const validDays = dayjs(expires).diff(dayjs(), 'day');
-    const url = await this.notificationService.getBindUrl('#/certd/monitor/site');
-    const content = `站点名称： ${site.name} \n站点域名： ${site.domain} \n证书域名： ${site.certDomains} \n颁发机构： ${site.certProvider} \n过期时间： ${dayjs(site.certExpiresTime).format('YYYY-MM-DD')} \n`;
+    const validDays = dayjs(expires).diff(dayjs(), "day");
+    const url = await this.notificationService.getBindUrl("#/certd/monitor/site");
+    const content = `站点名称： ${site.name} \n站点域名： ${site.domain} \n证书域名： ${site.certDomains} \n颁发机构： ${site.certProvider} \n过期时间： ${dayjs(site.certExpiresTime).format("YYYY-MM-DD")} \n`;
     if (validDays >= 0 && validDays < tipDays) {
       // 发通知
       await this.notificationService.send(
@@ -252,8 +272,8 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
           body: {
             title: `站点证书即将过期，剩余${validDays}天，<${site.name}>`,
             content,
-            url,
-          },
+            url
+          }
         },
         site.userId
       );
@@ -268,7 +288,7 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
             content,
             url,
             errorMessage: "站点证书已过期"
-          },
+          }
         },
         site.userId
       );
@@ -277,10 +297,10 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
 
   async checkAllByUsers(userId: any) {
     if (!userId) {
-      throw new Error('userId is required');
+      throw new Error("userId is required");
     }
     const sites = await this.repository.find({
-      where: { userId },
+      where: { userId }
     });
     this.checkList(sites);
   }
@@ -294,7 +314,7 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
     }
   }
 
-  async getSetting(userId: number){
+  async getSetting(userId: number) {
     return await this.userSettingsService.getSetting<UserSiteMonitorSetting>(userId, UserSiteMonitorSetting);
   }
 
@@ -302,26 +322,78 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
     await this.userSettingsService.saveSetting(userId, bean);
   }
 
-  async ipCheckChange(req: {id: any; ipCheck: any}) {
+  async ipCheckChange(req: { id: any; ipCheck: any }) {
 
     await this.update({
       id: req.id,
-      ipCheck: req.ipCheck,
+      ipCheck: req.ipCheck
     });
-    if(req.ipCheck){
+    if (req.ipCheck) {
       const site = await this.info(req.id);
-      await this.siteIpService.sync(site)
+      await this.siteIpService.sync(site);
     }
   }
 
   async disabledChange(req: { disabled: any; id: any }) {
     await this.update({
       id: req.id,
-      disabled: req.disabled,
+      disabled: req.disabled
     });
-    if(!req.disabled){
+    if (!req.disabled) {
       const site = await this.info(req.id);
-      await this.doCheck(site)
+      await this.doCheck(site);
     }
   }
+
+  async doImport(req: { text: string; userId: number }) {
+    if (!req.text) {
+      throw new Error("text is required");
+    }
+    if (!req.userId) {
+      throw new Error("userId is required");
+    }
+
+    const rows = req.text.split("\n");
+
+    const list = [];
+    for (const item of rows) {
+      if (!item) {
+        continue;
+      }
+      const arr = item.trim().split(":");
+      if (arr.length === 0) {
+        continue;
+      }
+      const domain = arr[0];
+      let port = 443;
+      let name = domain;
+      if (arr.length > 1) {
+        try {
+          port = parseInt(arr[1] || "443");
+        } catch (e) {
+          throw new Error(`${item}格式错误`);
+        }
+
+      }
+      if (arr.length > 2) {
+        name = arr[2] || domain;
+      }
+
+      list.push({
+        domain,
+        name,
+        httpsPort: port,
+        userId: req.userId
+      });
+    }
+
+    const batchAdd = async (list: any[]) => {
+      for (const item of list) {
+        await this.add(item);
+      }
+
+      // await this.checkAllByUsers(req.userId);
+    };
+    await batchAdd(list);
+  }
 }

packages/ui/certd-server/src/modules/monitor/service/site-ip-service.ts

@@ -182,7 +182,7 @@ export class SiteIpService extends BaseService<SiteIpEntity> {
       const finished = res.filter(item=>{
         return item!=null
       })
-      if (finished.length > 0) {
+      if (onFinish) {
         onFinish && onFinish(finished)
       }
     })
@@ -232,4 +232,50 @@ export class SiteIpService extends BaseService<SiteIpEntity> {
       ipCount:count
     })
   }
+
+  async doImport(req: { text: string; userId:number, siteId:number }) {
+    if (!req.text) {
+      throw new Error("text is required");
+    }
+    if (!req.siteId) {
+      throw new Error("siteId is required");
+    }
+
+    const siteEntity = await this.siteInfoRepository.findOne({
+      where: {
+        id: req.siteId,
+        userId:req.userId
+      }
+    });
+    if (!siteEntity) {
+      throw new Error(`站点${req.siteId}不存在`);
+    }
+
+    const userId = siteEntity.userId;
+
+    const rows = req.text.split("\n");
+
+    const list = [];
+    for (const item of rows) {
+      if (!item) {
+        continue;
+      }
+      list.push({
+        ipAddress:item,
+        userId: userId,
+        siteId: req.siteId,
+        from: "import",
+        disabled:false,
+      });
+    }
+
+    const batchAdd = async (list: any[]) => {
+      for (const item of list) {
+        await this.add(item);
+      }
+
+      // await this.checkAllByUsers(req.userId);
+    };
+    await batchAdd(list);
+  }
 }

packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts

@@ -233,17 +233,18 @@ export class PipelineService extends BaseService<PipelineEntity> {
           throw new NeedSuiteException(`对不起，您最多只能添加${userSuite.domainCount.max}个域名，请购买或升级套餐`);
         }
       }
-    }
-
-    const userId = bean.userId;
-    const userIsAdmin = await this.userService.isAdmin(userId);
-    if (!userIsAdmin) {
-      //非管理员用户，限制pipeline数量
-      const count = await this.repository.count({ where: { userId } });
-      const sysPublic = await this.sysSettingsService.getSetting<SysPublicSettings>(SysPublicSettings);
-      const limitUserPipelineCount = sysPublic.limitUserPipelineCount;
-      if (limitUserPipelineCount && limitUserPipelineCount > 0 && count >= limitUserPipelineCount) {
-        throw new NeedVIPException(`普通用户最多只能创建${limitUserPipelineCount}条流水线`);
+    }else{
+      //非商业版校验用户最大流水线数量
+      const userId = bean.userId;
+      const userIsAdmin = await this.userService.isAdmin(userId);
+      if (!userIsAdmin) {
+        //非管理员用户，限制pipeline数量
+        const count = await this.repository.count({ where: { userId } });
+        const sysPublic = await this.sysSettingsService.getSetting<SysPublicSettings>(SysPublicSettings);
+        const limitUserPipelineCount = sysPublic.limitUserPipelineCount;
+        if (limitUserPipelineCount && limitUserPipelineCount > 0 && count >= limitUserPipelineCount) {
+          throw new NeedVIPException(`普通用户最多只能创建${limitUserPipelineCount}条流水线`);
+        }
       }
     }
   }
@@ -329,6 +330,7 @@ export class PipelineService extends BaseService<PipelineEntity> {
     if (isComm()) {
       await this.checkHasDeployCount(id, entity.userId);
     }
+    await this.checkUserStatus(entity.userId)
     this.cron.register({
       name: `pipeline.${id}.trigger.once`,
       cron: null,
@@ -446,6 +448,13 @@ export class PipelineService extends BaseService<PipelineEntity> {
     if (isComm()) {
       suite = await this.checkHasDeployCount(id, entity.userId);
     }
+    try{
+      await this.checkUserStatus(entity.userId)
+    }catch (e) {
+      logger.info(e.message)
+      return
+    }
+
 
     const pipeline = JSON.parse(entity.content);
     if (!pipeline.id) {
@@ -745,5 +754,25 @@ export class PipelineService extends BaseService<PipelineEntity> {
   }
 
 
-
+  private async checkUserStatus(userId: number) {
+    const userEntity = await this.userService.info(userId);
+    if(userEntity == null){
+      throw new Error('用户不存在');
+    }
+    if(userEntity.status === 0){
+      const message = `账户${userId}已被禁用，禁止运行流水线`
+      throw new Error(message)
+    }
+    const sysPublic = await this.sysSettingsService.getPublicSettings()
+    if(isPlus() && sysPublic.userValidTimeEnabled === true){
+      //校验用户有效期是否设置
+      if(userEntity.validTime!= null && userEntity.validTime > 0){
+        if(userEntity.validTime < new Date().getTime()){
+          //用户已过期
+          const message = `账户${userId}已过有效期，禁止运行流水线`
+          throw new Error(message)
+        }
+      }
+    }
+  }
 }

packages/ui/certd-server/src/modules/sys/authority/entity/user.ts

@@ -37,6 +37,10 @@ export class UserEntity {
 
   @Column({ comment: '状态 0:禁用 1：启用', default: 1 })
   status: number;
+
+  @Column({ name: 'valid_time', comment: '有效期', nullable: true })
+  validTime: number;
+
   @Column({
     name: 'create_time',
     comment: '创建时间',

packages/ui/certd-server/src/plugins/index.ts

@@ -14,6 +14,7 @@ export * from './plugin-cachefly/index.js';
 export * from './plugin-gcore/index.js';
 export * from './plugin-qnap/index.js';
 export * from './plugin-aws/index.js';
+export * from './plugin-aws-cn/index.js';
 export * from './plugin-dnsla/index.js';
 export * from './plugin-upyun/index.js';
 export * from './plugin-volcengine/index.js'
@@ -22,3 +23,4 @@ export * from './plugin-51dns/index.js'
 export * from './plugin-notification/index.js'
 export * from './plugin-flex/index.js'
 export * from './plugin-farcdn/index.js'
+export * from './plugin-fnos/index.js'

packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-oss/index.ts

@@ -7,7 +7,7 @@ import { CertApplyPluginNames} from '@certd/plugin-cert';
   title: '阿里云-部署证书至OSS',
   icon: 'svg:icon-aliyun',
   group: pluginGroups.aliyun.key,
-  desc: '自动部署域名证书至阿里云OSS',
+  desc: '部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss',
   default: {
     strategy: {
       runStrategy: RunStrategy.SkipWhenSucceed,

packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-slb/index.ts

@@ -1,13 +1,21 @@
-import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
-import { CertInfo } from '@certd/plugin-cert';
-import { AliyunAccess, AliyunClient, AliyunSslClient, CasCertInfo, createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from '@certd/plugin-lib';
-import { CertApplyPluginNames} from '@certd/plugin-cert';
+import {AbstractTaskPlugin, IsTaskPlugin, PageReq, pluginGroups, RunStrategy, TaskInput} from '@certd/pipeline';
+import {CertInfo} from '@certd/plugin-cert';
+import {
+  AliyunAccess,
+  AliyunClient,
+  AliyunSslClient,
+  CasCertInfo,
+  createCertDomainGetterInputDefine,
+  createRemoteSelectInputDefine
+} from '@certd/plugin-lib';
+import {CertApplyPluginNames} from '@certd/plugin-cert';
+
 @IsTaskPlugin({
   name: 'AliyunDeployCertToSLB',
-  title: '阿里云-部署至SLB(传统负载均衡)',
+  title: '阿里云-部署至CLB(传统负载均衡)',
   icon: 'svg:icon-aliyun',
   group: pluginGroups.aliyun.key,
-  desc: '部署证书到阿里云SLB(传统负载均衡)',
+  desc: '部署证书到阿里云CLB(传统负载均衡)',
   needPlus: false,
   default: {
     strategy: {
@@ -27,9 +35,27 @@ export class AliyunDeployCertToSLB extends AbstractTaskPlugin {
   })
   cert!: CertInfo | number;
 
-  @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
+  @TaskInput(createCertDomainGetterInputDefine({props: {required: false}}))
   certDomains!: string[];
 
+
+  @TaskInput({
+    title: '证书接入点',
+    helper: '不会选就保持默认即可',
+    value: 'cas.aliyuncs.com',
+    component: {
+      name: 'a-select',
+      options: [
+        {value: 'cas.aliyuncs.com', label: '中国大陆'},
+        {value: 'cas.ap-southeast-1.aliyuncs.com', label: '新加坡'},
+        {value: 'cas.eu-central-1.aliyuncs.com', label: '德国（法兰克福）'},
+      ],
+    },
+    required: true,
+  })
+  casEndpoint!: string;
+
+
   @TaskInput({
     title: 'Access授权',
     helper: '阿里云授权AccessKeyId、AccessKeySecret',
@@ -41,10 +67,11 @@ export class AliyunDeployCertToSLB extends AbstractTaskPlugin {
   })
   accessId!: string;
 
+
+
   @TaskInput(
     createRemoteSelectInputDefine({
       title: 'LB所在地区',
-      typeName: 'AliyunDeployCertToSLB',
       multi: false,
       action: AliyunDeployCertToSLB.prototype.onGetRegionList.name,
       watches: ['accessId'],
@@ -56,7 +83,6 @@ export class AliyunDeployCertToSLB extends AbstractTaskPlugin {
     createRemoteSelectInputDefine({
       title: '负载均衡列表',
       helper: '要部署证书的负载均衡ID',
-      typeName: 'AliyunDeployCertToSLB',
       action: AliyunDeployCertToSLB.prototype.onGetLoadBalanceList.name,
       watches: ['regionId'],
     })
@@ -67,33 +93,59 @@ export class AliyunDeployCertToSLB extends AbstractTaskPlugin {
     createRemoteSelectInputDefine({
       title: '监听器列表',
       helper: '要部署证书的监听器列表',
-      typeName: 'AliyunDeployCertToSLB',
       action: AliyunDeployCertToSLB.prototype.onGetListenerList.name,
       watches: ['loadBalancers'],
     })
   )
   listeners!: string[];
 
-  @TaskInput({
-    title: '证书接入点',
-    helper: '不会选就保持默认即可',
-    value: 'cas.aliyuncs.com',
-    component: {
-      name: 'a-select',
-      options: [
-        { value: 'cas.aliyuncs.com', label: '中国大陆' },
-        { value: 'cas.ap-southeast-1.aliyuncs.com', label: '新加坡' },
-        { value: 'cas.eu-central-1.aliyuncs.com', label: '德国（法兰克福）' },
-      ],
-    },
-    required: true,
-  })
-  casEndpoint!: string;
 
-  async onInstance() {}
+  @TaskInput({
+      title: "部署默认证书",
+      value: true,
+      component: {
+        name: "a-switch",
+        vModel: "checked"
+      }
+    }
+  )
+  deployDefault!: boolean;
+
+  @TaskInput({
+      title: "部署扩展证书",
+      value: false,
+      component: {
+        name: "a-switch",
+        vModel: "checked"
+      }
+    }
+  )
+  deployExtension!: boolean;
+
+
+  @TaskInput(
+    createRemoteSelectInputDefine({
+      title: '扩展域名列表',
+      helper: '要部署扩展域名列表',
+      action: AliyunDeployCertToSLB.prototype.onGetExtensionDomainList.name,
+      watches: ['listeners','deployExtension'],
+      mergeScript:`
+        return {
+        show: ctx.compute(({form})=>{
+          return form.deployExtension;
+        })
+      }
+      `
+    })
+  )
+  extensionDomains!: string[];
+
+
+  async onInstance() {
+  }
 
   async getLBClient(access: AliyunAccess, region: string) {
-    const client = new AliyunClient({ logger: this.logger });
+    const client = new AliyunClient({logger: this.logger});
     const version = '2014-05-15';
     await client.init({
       accessKeyId: access.accessKeyId,
@@ -106,30 +158,76 @@ export class AliyunDeployCertToSLB extends AbstractTaskPlugin {
   }
 
   async execute(): Promise<void> {
-    this.logger.info(`开始部署证书到阿里云(slb)`);
+    this.logger.info(`开始部署证书到阿里云(clb)`);
     const access = await this.getAccess<AliyunAccess>(this.accessId);
 
     const client = await this.getLBClient(access, this.regionId);
     const aliyunCert = await this.getAliyunCertId(access);
     const slbServerCertId = await this.uploadServerCert(client, aliyunCert);
-    for (const listener of this.listeners) {
-      const arr = listener.split('_');
-      const loadBalanceId = arr[0];
-      const port = arr[2];
-      const params = {
-        RegionId: this.regionId,
-        LoadBalancerId: loadBalanceId,
-        ListenerPort: parseInt(port),
-        ServerCertificateId: slbServerCertId,
-      };
 
-      const res = await client.request('SetLoadBalancerHTTPSListenerAttribute', params);
-      this.checkRet(res);
-      this.logger.info(`部署${listener}监听器证书成功`, JSON.stringify(res));
+    if (this.deployDefault!==false) {
+      this.logger.info("部署监听器默认证书")
+      for (const listener of this.listeners) {
+        const {port, loadBalanceId} = this.resolveListenerKey(listener)
+        const params = {
+          RegionId: this.regionId,
+          LoadBalancerId: loadBalanceId,
+          ListenerPort: port,
+          ServerCertificateId: slbServerCertId,
+        };
+
+        const res = await client.request('SetLoadBalancerHTTPSListenerAttribute', params);
+        this.checkRet(res);
+        this.logger.info(`部署${listener}监听器证书成功`, JSON.stringify(res));
+      }
+    }
+
+    if (this.deployExtension) {
+      this.logger.info("部署监听器扩展域名证书")
+
+      const clientV2 = this.getCLBClientV2(access);
+      for (const domainStr of this.extensionDomains) {
+        const {extensionDomainId} = this.resolveListenerKey(domainStr)
+        const res = await clientV2.doRequest({
+          action: "SetDomainExtensionAttribute",
+          // 接口版本
+          version: "2014-05-15",
+          data: {
+            query: {
+              RegionId: this.regionId,
+              DomainExtensionId: extensionDomainId,
+              ServerCertificateId: slbServerCertId
+            }
+          }
+        })
+        this.logger.info(`部署扩展域名${extensionDomainId}证书成功`, JSON.stringify(res))
+      }
     }
     this.logger.info('执行完成');
   }
 
+  getCLBClientV2(access: AliyunAccess) {
+    return access.getClient("slb.aliyuncs.com")
+  }
+
+  resolveListenerKey(listener: string) {
+    const arr = listener.split('_');
+    const loadBalanceId = arr[0];
+    const protocol = arr[1];
+    const port = arr[2];
+    let extensionDomainId = undefined;
+    if (arr.length > 3) {
+      extensionDomainId = arr[3];
+    }
+
+    return {
+      loadBalanceId,
+      port: parseInt(port),
+      extensionDomainId: extensionDomainId,
+      protocol: protocol
+    }
+  }
+
   async uploadServerCert(client: any, aliyunCert: CasCertInfo) {
     const params = {
       RegionId: this.regionId,
@@ -248,6 +346,78 @@ export class AliyunDeployCertToSLB extends AbstractTaskPlugin {
     });
   }
 
+  async onGetExtensionDomainList(data: PageReq) {
+    if (!this.accessId) {
+      throw new Error('请先选择Access授权');
+    }
+    if (!this.regionId) {
+      throw new Error('请先选择地区');
+    }
+    if (!this.listeners && this.listeners.length == 0) {
+      throw new Error('请先选择监听器');
+    }
+    const access = await this.getAccess<AliyunAccess>(this.accessId);
+
+    const allDomains: any[] = []
+    for (const ls of this.listeners) {
+      const {port, loadBalanceId, protocol} = this.resolveListenerKey(ls)
+      const domains = await this.doGetExtensionDomainList({
+        access,
+        loadBalancerId: loadBalanceId,
+        listenerPort: port,
+        listenerProtocol: protocol,
+      });
+      allDomains.push(...domains)
+    }
+
+    return this.ctx.utils.options.buildGroupOptions(allDomains, this.certDomains)
+
+  }
+
+
+  async doGetExtensionDomainList(data: {
+    loadBalancerId: string,
+    listenerPort: number,
+    listenerProtocol: string,
+    access: AliyunAccess
+  }) {
+    const {loadBalancerId, listenerPort, listenerProtocol, access} = data;
+    const client = access.getClient("slb.aliyuncs.com")
+
+    let queries = {
+      RegionId: this.regionId,
+      LoadBalancerId: loadBalancerId,
+      ListenerPort: listenerPort
+    };
+
+    const res = await client.doRequest({
+      // 接口名称
+      action: "DescribeDomainExtensions",
+      // 接口版本
+      version: "2014-05-15",
+      data: {
+        query: queries,
+      }
+    })
+
+    this.checkRet(res);
+    const list = res?.DomainExtensions.DomainExtension;
+    if (!list || list.length === 0) {
+      return []
+    }
+
+    return list.map((i: any) => {
+      const value = `${loadBalancerId}_${listenerProtocol ?? "HTTPS"}_${listenerPort}_${i.DomainExtensionId}`;
+      const label = `${i.DomainExtensionId}<${i.Domain}>`;
+      return {
+        value: value,
+        label: label,
+        domain:i.Domain
+      };
+    });
+  }
+
+
   checkRet(ret: any) {
     if (ret.Code != null) {
       throw new Error(ret.Message);

packages/ui/certd-server/src/plugins/plugin-aws-cn/access.ts

@@ -0,0 +1,38 @@
+import { AccessInput, BaseAccess, IsAccess } from '@certd/pipeline';
+
+export const AwsCNRegions = [
+  { label: 'cn-north-1', value: 'cn-north-1' },
+  { label: 'cn-northwest-1', value: 'cn-northwest-1' },
+];
+
+@IsAccess({
+  name: 'aws-cn',
+  title: '亚马逊云科技（国区）授权',
+  desc: '',
+  icon: 'svg:icon-aws',
+})
+export class AwsCNAccess extends BaseAccess {
+  @AccessInput({
+    title: 'accessKeyId',
+    component: {
+      placeholder: 'accessKeyId',
+    },
+    helper:
+      '右上角->安全凭证->访问密钥，[点击前往](https://cn-north-1.console.amazonaws.cn/iam/home?region=cn-north-1#/security_credentials/access-key-wizard#)',
+    required: true,
+  })
+  accessKeyId = '';
+
+  @AccessInput({
+    title: 'secretAccessKey',
+    component: {
+      placeholder: 'secretAccessKey',
+    },
+    required: true,
+    encrypt: true,
+    helper: '请妥善保管您的安全访问密钥。您可以在AWS管理控制台的IAM中创建新的访问密钥。',
+  })
+  secretAccessKey = '';
+}
+
+new AwsCNAccess();

packages/ui/certd-server/src/plugins/plugin-aws-cn/index.ts

@@ -0,0 +1,2 @@
+export * from './plugins/index.js';
+export * from './access.js';

packages/ui/certd-server/src/plugins/plugin-aws-cn/libs/aws-iam-client.ts

@@ -0,0 +1,42 @@
+// 导入所需的 SDK 模块
+import { AwsCNAccess } from '../access.js';
+import { CertInfo } from '@certd/plugin-cert';
+
+type AwsIAMClientOptions = { access: AwsCNAccess; region: string };
+
+export class AwsIAMClient {
+  options: AwsIAMClientOptions;
+  access: AwsCNAccess;
+  region: string;
+  constructor(options: AwsIAMClientOptions) {
+    this.options = options;
+    this.access = options.access;
+    this.region = options.region;
+  }
+  async importCertificate(certInfo: CertInfo, certName: string) {
+    // 创建 IAM 客户端
+    const { IAMClient, UploadServerCertificateCommand } = await import('@aws-sdk/client-iam');
+    const iamClient = new IAMClient({
+      region: this.region, // 替换为您的 AWS 区域
+      credentials: {
+        accessKeyId: this.access.accessKeyId, // 从环境变量中读取
+        secretAccessKey: this.access.secretAccessKey,
+      },
+    });
+
+    const cert = certInfo.crt.split('-----END CERTIFICATE-----')[0] + '-----END CERTIFICATE-----';
+    const chain = certInfo.crt.split('-----END CERTIFICATE-----\n')[1];
+    // 构建上传参数
+    const command = new UploadServerCertificateCommand({
+      Path: '/cloudfront/',
+      ServerCertificateName: certName,
+      CertificateBody: cert,
+      PrivateKey: certInfo.key,
+      CertificateChain: chain
+    })
+    const data = await iamClient.send(command);
+    console.log('Upload successful:', data);
+    // 返回证书 ID
+    return data.ServerCertificateMetadata.ServerCertificateId;
+  }
+}

packages/ui/certd-server/src/plugins/plugin-aws-cn/plugins/index.ts

@@ -0,0 +1 @@
+export * from './plugin-deploy-to-cloudfront.js';

packages/ui/certd-server/src/plugins/plugin-aws-cn/plugins/plugin-deploy-to-cloudfront.ts

@@ -0,0 +1,164 @@
+import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
+import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
+import { AwsCNAccess, AwsCNRegions } from "../access.js";
+import { AwsIAMClient } from "../libs/aws-iam-client.js";
+import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from "@certd/plugin-lib";
+
+@IsTaskPlugin({
+  name: 'AwsCNDeployToCloudFront',
+  title: 'AWS(国区)-部署证书到CloudFront',
+  desc: '部署证书到 AWS CloudFront',
+  icon: 'svg:icon-aws',
+  group: pluginGroups.aws.key,
+  needPlus: false,
+  default: {
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed,
+    },
+  },
+})
+export class AwsCNDeployToCloudFront extends AbstractTaskPlugin {
+  @TaskInput({
+    title: '域名证书',
+    helper: '请选择前置任务输出的域名证书',
+    component: {
+      name: 'output-selector',
+      from: [...CertApplyPluginNames, 'AwsUploadToACM'],
+    },
+    required: true,
+  })
+  cert!: CertInfo | string;
+
+  @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
+  certDomains!: string[];
+
+  @TaskInput({
+    title: '区域',
+    helper: '证书上传区域',
+    component: {
+      name: 'a-auto-complete',
+      vModel: 'value',
+      options: AwsCNRegions,
+    },
+    required: true,
+  })
+  region!: string;
+
+  @TaskInput({
+    title: 'Access授权',
+    helper: 'aws的授权',
+    component: {
+      name: 'access-selector',
+      type: 'aws-cn',
+    },
+    required: true,
+  })
+  accessId!: string;
+
+  @TaskInput({
+    title: '证书名称',
+    helper: '上传后将以此名称作为前缀备注',
+  })
+  certName!: string;
+
+  @TaskInput(
+    createRemoteSelectInputDefine({
+      title: '分配ID',
+      helper: '请选择distributions id',
+      action: AwsCNDeployToCloudFront.prototype.onGetDistributions.name,
+      required: true,
+    })
+  )
+  distributionIds!: string[];
+
+  async onInstance() {}
+
+  async execute(): Promise<void> {
+    const access = await this.getAccess<AwsCNAccess>(this.accessId);
+
+    let certId = this.cert as string;
+    if (typeof this.cert !== 'string') {
+      //先上传
+      certId = await this.uploadToIAM(access, this.cert);
+    }
+    //部署到CloudFront
+
+    const { CloudFrontClient, UpdateDistributionCommand, GetDistributionConfigCommand } = await import('@aws-sdk/client-cloudfront');
+    const cloudFrontClient = new CloudFrontClient({
+      region: this.region,
+      credentials: {
+        accessKeyId: access.accessKeyId,
+        secretAccessKey: access.secretAccessKey,
+      },
+    });
+
+    // update-distribution
+    for (const distributionId of this.distributionIds) {
+      // get-distribution-config
+      const getDistributionConfigCommand = new GetDistributionConfigCommand({
+        Id: distributionId,
+      });
+
+      const configData = await cloudFrontClient.send(getDistributionConfigCommand);
+      const updateDistributionCommand = new UpdateDistributionCommand({
+        DistributionConfig: {
+          ...configData.DistributionConfig,
+          ViewerCertificate: {
+            ...configData.DistributionConfig.ViewerCertificate,
+            IAMCertificateId: certId,
+          },
+        },
+        Id: distributionId,
+        IfMatch: configData.ETag,
+      });
+      await cloudFrontClient.send(updateDistributionCommand);
+      this.logger.info(`部署${distributionId}完成:`);
+    }
+    this.logger.info('部署完成');
+  }
+
+  private async uploadToIAM(access: AwsCNAccess, cert: CertInfo) {
+    const acmClient = new AwsIAMClient({
+      access,
+      region: this.region,
+    });
+    const awsCertID = await acmClient.importCertificate(cert, this.appendTimeSuffix(this.certName));
+    this.logger.info('证书上传成功,id=', awsCertID);
+    return awsCertID;
+  }
+
+  //查找分配ID列表选项
+  async onGetDistributions() {
+    if (!this.accessId) {
+      throw new Error('请选择Access授权');
+    }
+
+    const access = await this.getAccess<AwsCNAccess>(this.accessId);
+    const { CloudFrontClient, ListDistributionsCommand } = await import('@aws-sdk/client-cloudfront');
+    const cloudFrontClient = new CloudFrontClient({
+      region: this.region,
+      credentials: {
+        accessKeyId: access.accessKeyId,
+        secretAccessKey: access.secretAccessKey,
+      },
+    });
+    // list-distributions
+    const listDistributionsCommand = new ListDistributionsCommand({});
+    const data = await cloudFrontClient.send(listDistributionsCommand);
+    const distributions = data.DistributionList?.Items;
+    if (!distributions || distributions.length === 0) {
+      throw new Error('找不到CloudFront分配ID，您可以手动输入');
+    }
+
+    const options = distributions.map((item: any) => {
+      return {
+        value: item.Id,
+        label: `${item.DomainName}<${item.Id}>`,
+        domain: item.DomainName,
+      };
+    });
+    return this.ctx.utils.options.buildGroupOptions(options, this.certDomains);
+  }
+}
+
+new AwsCNDeployToCloudFront();

packages/ui/certd-server/src/plugins/plugin-cloudflare/dns-provider.ts

@@ -26,6 +26,11 @@ export type CloudflareRecord = {
 })
 export class CloudflareDnsProvider extends AbstractDnsProvider<CloudflareRecord> {
   access!: CloudflareAccess;
+  usePunyCode(): boolean {
+    //是否使用punycode来添加解析记录
+    //默认都使用原始中文域名来添加
+    return true;
+  }
   async onInstance() {
     //一些初始化的操作
     // 也可以通过ctx成员变量传递context

packages/ui/certd-server/src/plugins/plugin-flex/access.ts

@@ -78,7 +78,8 @@ export class FlexCDNAccess extends BaseAccess {
       vModel: "checked"
     },
     encrypt: false,
-    required: true
+    required: true,
+    value: false,
   })
   skipSslVerify!: boolean;
 

packages/ui/certd-server/src/plugins/plugin-flex/plugins/plugin-refresh-cert.ts

@@ -1,5 +1,5 @@
 import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
-import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
+import { CertApplyPluginNames, CertInfo,CertReader } from "@certd/plugin-cert";
 import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from "@certd/plugin-lib";
 import { FlexCDNAccess } from "../access.js";
 import { FlexCDNClient } from "../client.js";
@@ -83,7 +83,25 @@ export class FlexCDNRefreshCert extends AbstractTaskPlugin {
 
       const sslCert = JSON.parse(this.ctx.utils.hash.base64Decode(res.sslCertJSON))
       this.logger.info(`证书信息：${sslCert.name}，${sslCert.dnsNames}`);
+      const certReader = new CertReader(this.cert)
+      /**
+       *   commonNames: commonNames,
+       *       dnsNames: dnsNames,
+       *       timeBeginAt: Math.floor((new Date(currentInfo.validFrom)).getTime() / 1000),
+       *       timeEndAt: Math.floor((new Date(currentInfo.validTo)).getTime() / 1000),
+       *
+       */
+      const topCrt =  CertReader.readCertDetail(certReader.cert.ic)
+      const commonNames =[ topCrt.detail.issuer.commonName]
+      const dnsNames = certReader.getAllDomains()
+      const timeBeginAt = Math.floor(certReader.detail.notBefore.getTime()  / 1000);
+      const timeEndAt = Math.floor(certReader.detail.notAfter.getTime()  / 1000);
       const body = {
+        ...sslCert, // inherit old cert info like name and description
+        commonNames,
+        dnsNames,
+        timeBeginAt,
+        timeEndAt,
         name: sslCert.name,
         sslCertId: item,
         certData: this.ctx.utils.hash.base64(this.cert.crt),
@@ -122,7 +140,7 @@ export class FlexCDNRefreshCert extends AbstractTaskPlugin {
 
     const options = list.map((item: any) => {
       return {
-        label: `${item.name}<${item.id}-${item.dnsNames[0]}>`,
+        label: `${item.name}<${item.id}-${item.dnsNames?.[0]}>`,
         value: item.id,
         domain: item.dnsNames
       };

packages/ui/certd-server/src/plugins/plugin-fnos/index.ts

@@ -0,0 +1,170 @@
+import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
+import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
+import {
+  createCertDomainGetterInputDefine,
+  createRemoteSelectInputDefine,
+  SshAccess,
+  SshClient
+} from "@certd/plugin-lib";
+
+@IsTaskPlugin({
+  //命名规范，插件类型+功能（就是目录plugin-demo中的demo），大写字母开头，驼峰命名
+  name: "FnOSDeployToNAS",
+  title: "飞牛NAS-部署证书",
+  icon: "svg:icon-lucky",
+  //插件分组
+  group: pluginGroups.panel.key,
+  needPlus: false,
+  default: {
+    //默认值配置照抄即可
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed
+    }
+  }
+})
+//类名规范，跟上面插件名称（name）一致
+export class FnOSDeployToNAS extends AbstractTaskPlugin {
+  //证书选择，此项必须要有
+  @TaskInput({
+    title: "域名证书",
+    helper: "请选择前置任务输出的域名证书",
+    component: {
+      name: "output-selector",
+      from: [...CertApplyPluginNames]
+    }
+    // required: true, // 必填
+  })
+  cert!: CertInfo;
+
+  @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
+  certDomains!: string[];
+
+  //授权选择框
+  @TaskInput({
+    title: "飞牛SSH授权",
+    component: {
+      name: "access-selector",
+      type: "ssh" //固定授权类型
+    },
+    helper:"请先配置sudo免密：\nsudo visudo\n#在文件最后一行增加以下内容，需要将username替换成自己的用户名\nusername ALL=(ALL) NOPASSWD: NOPASSWD: ALL\nctrl+x 保存退出",
+    required: true //必填
+  })
+  accessId!: string;
+
+
+
+  @TaskInput(
+    createRemoteSelectInputDefine({
+      title: "证书Id",
+      helper: "要更新的证书id",
+      action: FnOSDeployToNAS.prototype.onGetCertList.name
+    })
+  )
+  certList!: number[];
+
+  //插件实例化时执行的方法
+  async onInstance() {
+  }
+
+  //插件执行方法
+  async execute(): Promise<void> {
+    const access: SshAccess = await this.getAccess<SshAccess>(this.accessId);
+
+    const client = new SshClient(this.logger);
+
+    //复制证书
+    const list = await this.doGetCertList()
+
+    for (const target of this.certList) {
+      this.logger.info(`----------- 准备部署：${target}`);
+      let found = false
+      for (const item of list) {
+        if (item.sum === target) {
+          this.logger.info(`----------- 找到证书,开始部署：${item.sum},${item.domain}`)
+          const certPath = item.certificate;
+          const keyPath = item.privateKey;
+          const cmd = `
+sudo tee ${certPath} > /dev/null <<'EOF'
+${this.cert.crt}
+EOF
+sudo tee ${keyPath} > /dev/null <<'EOF'
+${this.cert.key}
+EOF
+`
+          const res = await client.exec({
+          connectConf: access,
+          script: cmd
+        });
+          if (res.indexOf("Permission denied") > -1){
+              this.logger.error("权限不足，请先配置 sudo 免密")
+          }
+          found = true
+          break
+        }
+      }
+      if (!found) {
+        throw new Error(`没有找到证书：${target}，请修改任务重新选择证书id`);
+      }
+    }
+
+
+    this.logger.info("证书已上传，准备重启...");
+
+
+    const restartCmd= `
+echo "正在重启相关服务..."
+systemctl restart webdav.service
+systemctl restart smbftpd.service
+systemctl restart trim_nginx.service
+echo "服务重启完成！"
+`
+    await client.exec({
+      connectConf: access,
+      script: restartCmd
+    });
+
+    this.logger.info("部署完成");
+  }
+
+  async doGetCertList(){
+    const access: SshAccess = await this.getAccess<SshAccess>(this.accessId);
+    const client = new SshClient(this.logger);
+
+    /**
+     * :/usr/trim/etc$ cat network_cert_all.conf | jq .
+     */
+    const sslListCmd = "cat /usr/trim/etc/network_cert_all.conf | jq ."
+
+    const res:string = await client.exec({
+      connectConf: access,
+      script: sslListCmd
+    });
+    let list = []
+    try{
+      list = JSON.parse(res.trim())
+    }catch (e){
+      throw new Error(`证书列表解析失败：${res}`)
+    }
+
+    if (!list || list.length === 0) {
+      throw new Error("没有找到证书，请先在证书管理也没上传一次证书");
+    }
+    return list
+  }
+
+  async onGetCertList() {
+
+    const list = await this.doGetCertList()
+
+    const options = list.map((item: any) => {
+      return {
+        label: `${item.domain}<${item.used?'已使用':"未使用"}-${item.sum}>`,
+        value: item.sum,
+        domain: item.san
+      };
+    });
+    return this.ctx.utils.options.buildGroupOptions(options, this.certDomains);
+  }
+}
+
+new FnOSDeployToNAS();

packages/ui/certd-server/src/plugins/plugin-github/plugins/plugin-check-release.ts

@@ -77,7 +77,13 @@ export class GithubCheckRelease extends AbstractTaskPlugin {
     this.logger.info(`有更新,${lastVersion??"0"}->${res.tag_name}`)
     this.lastVersion = res.tag_name;
 
-    const body = res.body.replaceAll("* ","- ")
+    // const body = res.body.replaceAll("* ","- ")
+    //仅每行开头的* 替换成 -， *号前面可以有空格
+    const body = res.body.replace(/^(\s*)\* /gm, "$1- ")
+
+    if (this.notificationIds == null){
+      this.notificationIds = [0]
+    }
     //发送通知
     for (const notificationId of this.notificationIds) {
       await this.ctx.notificationService.send({

packages/ui/certd-server/src/plugins/plugin-namesilo/dns-provider.ts

@@ -23,6 +23,11 @@ export class NamesiloDnsProvider extends AbstractDnsProvider<NamesiloRecord> {
     // 也可以通过ctx成员变量传递context
     this.access = this.ctx.access as NamesiloAccess;
   }
+  usePunyCode(): boolean {
+    //是否使用punycode来添加解析记录
+    //默认都使用原始中文域名来添加
+    return true;
+  }
 
   private async doRequest(url: string, params: any = null) {
     params = merge(

packages/ui/certd-server/src/plugins/plugin-proxmox/access.ts

@@ -58,6 +58,16 @@ export class ProxmoxAccess extends BaseAccess {
     encrypt: true,
   })
   password = '';
+
+  @AccessInput({
+    title: '领域',
+    component: {
+      placeholder: 'realm',
+    },
+    required: true,
+    encrypt: false,
+  })
+  realm = '';
 }
 
 new ProxmoxAccess();

packages/ui/certd-server/src/plugins/plugin-proxmox/plugins/plugin-upload.ts

@@ -93,9 +93,9 @@ export class ProxmoxUploadCert extends AbstractPlusTaskPlugin {
 
   async getClient() {
     const access: ProxmoxAccess = await this.getAccess<ProxmoxAccess>(this.accessId);
-    const pve = await import('@corsinvest/cv4pve-api-javascript');
+    const pve = await import('@certd/cv4pve-api-javascript');
     const client = new pve.PveClient(access.host, access.port);
-    const login = await client.login(access.username, access.password, 'pam');
+    const login = await client.login(access.username, access.password, access.realm || 'pam');
     if (!login) {
       throw new Error(`Login failed:${JSON.stringify(login)}`);
     }