chore: singleton

https://github.com/certd/certd/issues/603

.github/workflows/deploy-demo.yml

@@ -44,7 +44,8 @@ jobs:
       - name: deploy-certd-demo
         uses: tyrrrz/action-http-request@master
         with:
-          url: http://flow-openapi.aliyun.com/pipeline/webhook/lzCzlGrLCOHQaTMMt0mG
+          # 通过webhook 触发 certd-demo来部署
+          url: ${{ secrets.WEBHOOK_CERTD_DEMO }}
           method: POST
           headers: |
             Content-Type: application/json

.github/workflows/release-image.yml

@@ -121,10 +121,12 @@ jobs:
       - name: deploy-certd-doc
         uses: tyrrrz/action-http-request@master
         with:
-          url: http://flow-openapi.aliyun.com/pipeline/webhook/IiSxLDp9aOhgDUxJPytv
+          url: ${{ secrets.WEBHOOK_CERTD_DOC }}
           method: POST
           body: |
-            {}
+            {
+              "CERTD_VERSION": "1.0.0"
+            }
           headers: |
             Content-Type: application/json
           retry-count: 3

.gitignore

@@ -29,4 +29,5 @@ test/**/*.js
 /packages/ui/certd-server/data/db.sqlite
 /packages/ui/certd-server/data/keys.yaml
 /packages/pro/
-test.js
+test.js
+.history

.npmrc

@@ -1,2 +1,6 @@
 link-workspace-packages=deep
 prefer-workspace-packages=true
+better_sqlite3_binary_host=https://registry.npmmirror.com/-/binary/better-sqlite3
+better_sqlite3_binary_host_mirror=https://registry.npmmirror.com/-/binary/better-sqlite3
+better-sqlite3_binary_host=https://registry.npmmirror.com/-/binary/better-sqlite3
+better-sqlite3_binary_host_mirror=https://registry.npmmirror.com/-/binary/better-sqlite3

.vscode/launch.json

@@ -10,8 +10,8 @@
             "type": "node",
             "request": "launch",
             "cwd": "${workspaceFolder}/packages/ui/certd-client",
-            "runtimeExecutable": "npm",
+            "runtimeExecutable": "pnpm",
-            "runtimeArgs": ["run", "dev"],
+            "runtimeArgs": ["dev"],
             "console": "integratedTerminal",
             "internalConsoleOptions": "neverOpen"
         },
@@ -20,8 +20,38 @@
             "type": "node",
             "request": "launch",
             "cwd": "${workspaceFolder}/packages/ui/certd-server",
-            "runtimeExecutable": "npm",
+            "runtimeExecutable": "pnpm",
-            "runtimeArgs": ["run", "dev"],
+            "runtimeArgs": ["dev"],
+            "console": "integratedTerminal",
+            "internalConsoleOptions": "neverOpen"
+        },
+         {
+            "name": "server-mysql",
+            "type": "node",
+            "request": "launch",
+            "cwd": "${workspaceFolder}/packages/ui/certd-server",
+            "runtimeExecutable": "pnpm",
+            "runtimeArgs": ["dev-mysql"],
+            "console": "integratedTerminal",
+            "internalConsoleOptions": "neverOpen"
+        },
+         {
+            "name": "server-pg",
+            "type": "node",
+            "request": "launch",
+            "cwd": "${workspaceFolder}/packages/ui/certd-server",
+            "runtimeExecutable": "pnpm",
+            "runtimeArgs": ["dev-pg"],
+            "console": "integratedTerminal",
+            "internalConsoleOptions": "neverOpen"
+        },
+        {
+            "name": "server-common",
+            "type": "node",
+            "request": "launch",
+            "cwd": "${workspaceFolder}/packages/ui/certd-server",
+            "runtimeExecutable": "pnpm",
+            "runtimeArgs": ["dev-commpro"],
             "console": "integratedTerminal",
             "internalConsoleOptions": "neverOpen"
         },

.vscode/settings.json

@@ -1,4 +1,14 @@
 {
     "eslint.debug": false,
-    "eslint.format.enable": true
+    "eslint.format.enable": true,
+    "typescript.tsc.autoDetect": "watch",
+    "git.scanRepositories": [
+        "./packages/pro"
+    ],
+    "editor.defaultFormatter": "dbaeumer.vscode-eslint",
+    "[typescript]": {
+        "editor.defaultFormatter": "vscode.typescript-language-features"
+    },
+    "editor.tabSize": 2,
+    "explorer.autoReveal": false
 }

CHANGELOG.md

@@ -3,6 +3,199 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Bug Fixes
+
+* 修复ipv6作为证书域名申请证书校验失败的bug ([e4e16bc](https://github.com/certd/certd/commit/e4e16bc6a65bb082c18ca0590226f0987a47d477))
+* 优化西部数据 500 already exists 的问题 ([2bfad9f](https://github.com/certd/certd/commit/2bfad9fc651da208b610abd921fbfb2fbc04203f))
+
+### Performance Improvements
+
+* 批量设置定时，支持清除定时 ([63d8bcf](https://github.com/certd/certd/commit/63d8bcf8823f713365042d3c7aee3cf31d44b044))
+* 新增数据库迁移doc说明文档，优化datetime字段平滑迁移 ([45fbce0](https://github.com/certd/certd/commit/45fbce0c2af5fb3ead6d3dd12a42f8cc1714262f))
+* 支持彩虹聚合登录 ([6f18693](https://github.com/certd/certd/commit/6f186932ccad4becfdc0087c0539f7b2d0069844))
+* 支持邮件模版设置 ([a6c0d2c](https://github.com/certd/certd/commit/a6c0d2c6f1fd6b60e6d7af290487c94564fd91ea))
+* oidc支持使用第三方昵称或账号作为certd用户的用户名 ([b6fea0c](https://github.com/certd/certd/commit/b6fea0c8562abf912daa7d72958ceb2e93575d31))
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+### Bug Fixes
+
+* oidc 支持nonce ([a5ca411](https://github.com/certd/certd/commit/a5ca41131b308b36b17ca359d9709ea8e9b7cee1))
+
+### Performance Improvements
+
+* 第三方登录支持gitee ([5cee7d4](https://github.com/certd/certd/commit/5cee7d44f17bd36972f477bc1f270999da558d05))
+* 邮件模版安全优化 ([adca151](https://github.com/certd/certd/commit/adca151e4f07a4c6a2a753bfa48ee0d4d6469fd2))
+* 支持部署到中国移动CDN ([4351304](https://github.com/certd/certd/commit/43513049beff407558d2a234415521464165cebc))
+* 支持k8s apply ([d55954a](https://github.com/certd/certd/commit/d55954a36391ebe6a9397ff7dcfb710193ac5e34))
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+### Bug Fixes
+
+* 修复注销登录时，第三方登录注销请求失败的报错 ([677e110](https://github.com/certd/certd/commit/677e1101e6cf4451abd8a876cc1d0ddd26a10b88))
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+### Bug Fixes
+
+* 修复西部数据返回信息乱码问题 ([78b1650](https://github.com/certd/certd/commit/78b1650bdb071c858b3f90d53a700d11ee6de328))
+* 修复西部数码使用域名级别的key申请证书失败的问题 ([5edc72d](https://github.com/certd/certd/commit/5edc72d47550b8e3364dabda70a41cce75d87956))
+
+### Performance Improvements
+
+* 第三方登录允许选择logo ([bb3085e](https://github.com/certd/certd/commit/bb3085ef84201ccd2dc632ba8c5097cb00258be4))
+* 支持OIDC单点登录 ([fbf12f1](https://github.com/certd/certd/commit/fbf12f16b5eaa7676fd41923587bf6bd2595adba))
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+### Bug Fixes
+
+* 修复waf tls版本号小写 ([0adcc6a](https://github.com/certd/certd/commit/0adcc6a8d194469be0c26940ed4837fb34929b68))
+
+### Performance Improvements
+
+* 支持微信扫码登录 ([73325aa](https://github.com/certd/certd/commit/73325aaefb0e750a22aaac40929e7bf3f5864996))
+* 支持证书颁发机构 LiteSSL ([6be7591](https://github.com/certd/certd/commit/6be75913324e2828d9016eb307ff2d0abbbb2191))
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Bug Fixes
+
+* 修复阿里云 waf tlsVersion参数缺失导致部署失败的问题 ([2fabee6](https://github.com/certd/certd/commit/2fabee647acf64afe689f5bea3603028cd0ba4a2))
+* 修复备注撑开表格行高的bug ([c7b298c](https://github.com/certd/certd/commit/c7b298c46f0d52b43bd2bb17b374e7970a446446))
+* 修复域名管理无法创建tencent-eo dns授权的bug ([3406bb5](https://github.com/certd/certd/commit/3406bb5a4a56bb310cddc1a1f410c70909fd129b))
+* openapi 成功后失败都返回msg ([6e735bb](https://github.com/certd/certd/commit/6e735bbd1e29712e939f775a4db974db70e3b4b0))
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+* 优化宝塔网站证书在并发部署时导致nginx配置文件错乱的问题 ([51cc084](https://github.com/certd/certd/commit/51cc08411fd2dbab66d769b495dc1b0bf2f2578c))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+* 站点证书监控备注输入框改成textarea ([70b603d](https://github.com/certd/certd/commit/70b603d601c34f39148c2ab70c655c51babf563d))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+### Bug Fixes
+
+* 商用证书上传保存失败的bug ([075b1dc](https://github.com/certd/certd/commit/075b1dc0eb8c39acc277277b1b334d66b6717ab2))
+
+### Performance Improvements
+
+* 优化阿里云clb 过期证书清理报错的问题 ([d465367](https://github.com/certd/certd/commit/d4653678b2e3643460f918992eeae4044d3a1cc7))
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+### Bug Fixes
+
+* **plugins/woai-cdn:** 修正默认接口域名与帮助链接中的路径 ([#576](https://github.com/certd/certd/issues/576)) @LjyLab ([d20046c](https://github.com/certd/certd/commit/d20046c86681ea177ece434423b7c81a76b437fb))
+
+### Performance Improvements
+
+* 修复西数解析记录添加失败的bug，支持部署证书到西数虚拟主机 ([1102952](https://github.com/certd/certd/commit/1102952b4703e8c0bbc17b0700c0ed3ef6f866d3))
+* 支持回车键触发登录 ([eb5c88f](https://github.com/certd/certd/commit/eb5c88fbb2901f1a9669429a7cd8dc76f6806d01))
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Bug Fixes
+
+* 修复点击立即触发运行报错的bug ([e1eef01](https://github.com/certd/certd/commit/e1eef013a856d26fe80a05d9ec6e505e2e31e5f9))
+* 账号绑定页面某些情况下打不开的bug ([44973eb](https://github.com/certd/certd/commit/44973ebd00e89c0fee8f3b91174157757ce0160f))
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/certd/certd/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/certd/certd/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+### Bug Fixes
+
+* 修复创建流水线报id不能为空的bug ([aac569a](https://github.com/certd/certd/commit/aac569a9259ede43399e0ed5d668e936b984d6dd))
+
+### Performance Improvements
+
+* 增加vip时间同步按钮 ([32e4e91](https://github.com/certd/certd/commit/32e4e91ab81008dda422fb53fd6f4d1711c5d80c))
+* 支持letencrypt测试环境，支持IP证书？ ([1462cdd](https://github.com/certd/certd/commit/1462cddd1eb347b7ff238286b5c977b29a0591ec))
+* server 增加 "@peculiar/x509" 依赖 ([acdf091](https://github.com/certd/certd/commit/acdf0912d452029f158279fb78155086e4fbac17))
+
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+### Bug Fixes
+
+* 修复某些情况下编辑流水线，没有立即展示变更效果的bug ([65e5309](https://github.com/certd/certd/commit/65e53092e8d677eb34b7d04d68c6f738165f5de2))
+* 修复批量修改定时没有立即显示生效的bug ([c166602](https://github.com/certd/certd/commit/c16660254b8d637bd3ca100695934b343875fcbf))
+* 修复新部署的无法保存公共eab配置的bug ([6b7631e](https://github.com/certd/certd/commit/6b7631ed5e920582d8e2162ec788b9429238ac29))
+* 修复在苹果手机下输入框被放大的问题 ([5ff7e6e](https://github.com/certd/certd/commit/5ff7e6ef0eaa6bc111d0dd3c5713e1658f9113ad))
+
+### Performance Improvements
+
+*  支持记忆字段排序 ([d46b9c5](https://github.com/certd/certd/commit/d46b9c54b14ec5c892f4eed141fb549485941edd))
+* 优化任务参数配置界面在手机版下的展示效果 ([0203aa2](https://github.com/certd/certd/commit/0203aa2b6e86e58e5e66a1b9d0278d186aa92554))
+* 支持列表展示时固定证书最大天数，有助于列表进度条整齐展示 ([4a94eab](https://github.com/certd/certd/commit/4a94eab3935c89a63892661d9cf0d0891e54aa81))
+* 子域名托管说明 ([b5d8161](https://github.com/certd/certd/commit/b5d8161bc2e686e6c8b552de0c29117a5d405313))
+* cname方式hostRecord增加user校验 ([bc174f7](https://github.com/certd/certd/commit/bc174f70545e487bd549eff250f8ef69c6d343f3))
+* doge云插件支持选择CDN域名，以及支持同时部署多个域名 ([041954c](https://github.com/certd/certd/commit/041954c0674fabed54ed2cf5e727fecfb6943d19))
+* doge云支持删除过期证书 ([335cf93](https://github.com/certd/certd/commit/335cf9397080a5e09074d5a89d03f59bd051cda5))
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+### Bug Fixes
+
+* 修复站点证书监控复制按钮无效的bug ([efa26a0](https://github.com/certd/certd/commit/efa26a067f06402f30befc016d9934cadcd5a563))
+* 修复lego模式下 私钥加密类型错误的bug ([f7cf7c1](https://github.com/certd/certd/commit/f7cf7c198d7f77b222099770f81accc637bc6619))
+
+### Performance Improvements
+
+* 优化数据备份效率，流式写入文件 ([c38dbbb](https://github.com/certd/certd/commit/c38dbbb1d72bd00a92fe275b76aea82a791e7199))
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+### Bug Fixes
+
+* 修复并发情况下证书申请日志混乱的bug ([bb2714f](https://github.com/certd/certd/commit/bb2714ff241f9db4a71d805b23a1b0f9f2f6413a))
+* 修复网络测试，telnet的bug ([c03a70f](https://github.com/certd/certd/commit/c03a70fde23c8e840bd0fdb4fcbca8990f6c65eb))
+* 修复站点证书监控，证书已经更新到最新日期了，仍然发出警告通知的bug ([1f42f93](https://github.com/certd/certd/commit/1f42f933f07860b27aa3d016e40916ff2b063eac))
+
+### Performance Improvements
+
+*  注册页面增加手机注册tab页签 ([6b2f1fc](https://github.com/certd/certd/commit/6b2f1fcd3e058061b814c3331cda8ce1b2d80d73))
+* 流水线创建时支持添加到证书监控 ([59ba408](https://github.com/certd/certd/commit/59ba4080706548828ef1c0a9cd893c1c9a7d591f))
+* 流水线支持有效期设置 ([911e69e](https://github.com/certd/certd/commit/911e69e3bc0cdd48b62953b5d0981d640fc1f8ac))
+* 群辉增加请求超时时长设置 ([b381492](https://github.com/certd/certd/commit/b3814920bdcabc911f860a8e19b5b9b3a04709ac))
+* 通知支持meow ([c77645e](https://github.com/certd/certd/commit/c77645e1733670214aaca5544cf8759d7e4adda4))
+* 站点证书监控增加导出和分组功能 ([2ed12c4](https://github.com/certd/certd/commit/2ed12c429eb58274a4f9dd0ed3b66e160d283ded))
+* 证书监控增加批量删除 ([e578c52](https://github.com/certd/certd/commit/e578c52fdf2f838038062aa4209b655fbae461fb))
+* esa 自动删除过期证书提示 ([8bf1f82](https://github.com/certd/certd/commit/8bf1f828b9eaa9208f32e8ee7460b86420fed0c7))
+* ssh 增加禁止-i参数提示 ([3a8931f](https://github.com/certd/certd/commit/3a8931feeffd7157163ff7d46b693e5e1a434b9c))
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+### Bug Fixes
+
+* 修复飞牛证书部署后无法生效的bug ([bf156a1](https://github.com/certd/certd/commit/bf156a13bd443cdadb73c9dff79bbef7231b4401))
+* aliyunoss 选择证书接入点选择新加坡无法上传的bug ([e00733a](https://github.com/certd/certd/commit/e00733a34644c23ffe926486b15dc96bf2fa4b57))
+
+### Performance Improvements
+
+* 优化start.sh脚本，去掉删除非ui目录的操作及提示 ([7993a7c](https://github.com/certd/certd/commit/7993a7cdb01885535950c63187e3f67d67ba2f75))
+* 增加飞牛证书id选择的提示 ([5a4d812](https://github.com/certd/certd/commit/5a4d8121462b1afe921d028465687be8c9679814))
+* 证书监控支持设置证书即将过期天数 ([cd35568](https://github.com/certd/certd/commit/cd35568e042e6ab928685efad51cdbed823d2d4f))
+* 支持网络测试 ([2bef608](https://github.com/certd/certd/commit/2bef608e07ceb56d52007f290667e0afef401b22))
+* 支持新网代理方式 ([f612509](https://github.com/certd/certd/commit/f612509cac87b859e81a7a52fe94b2eaccad22f9))
+* dns支持新网互联 ([f415190](https://github.com/certd/certd/commit/f41519048326d971acd9e0a30462231f77a299a6))
+* start.sh脚本支持根据当前系统判断是否使用sudo ([567cb7d](https://github.com/certd/certd/commit/567cb7d737023e26ec58403c6f28f109e212d379))
+
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 
 ### Bug Fixes

README.md

@@ -16,6 +16,14 @@ Certd® 是一个免费的全自动证书管理系统，让你的网站证书永
 
 > 流水线数量现已调整为无限制，欢迎大家使用
 
+
+|官方开源地址： | |
+| ---- | ---- |
+| [Github](https://github.com/certd/certd)| ![](https://img.shields.io/github/stars/certd/certd?logo=github)      |    
+| [Gitee](https://gitee.com/certd/certd)  | ![](https://gitee.com/certd/certd/badge/star.svg?theme=dark)        |
+| [AtomGit](https://atomgit.com/certd/certd) |![](https://atomgit.com/certd/certd/star/badge.svg)        |   
+
+
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
 
@@ -151,29 +159,30 @@ https://certd.handfree.work/
 
 
 ## 八、捐赠
-************************
+
-支持开源，为爱发电，我已入驻爱发电
+开源为什么要做专业版收费？
-https://afdian.com/a/greper
+1. 纯靠为爱发电不可持续（比如：我的dev-sidecar项目即便是拥有20K+star，也差点凉凉，幸亏有另外大佬接手用爱发电）    
+2. 没有赞助的项目，作者会比较任性，不会用心倾听用户的心声，不顾用户体验（比如：下意识拒绝需求、频繁破坏性变更升级、全盘推倒重来之类的） 
+3. 没有赞助的项目，交流群的戾气有时候比较重，容易起冲突     
 
 发电权益：
-1. 可加入发电专属群，可以获得作者一对一技术支持
+1. 可加入发电专属VIP群，可以获得作者一对一技术支持，必要时可以远程协助
-2. 您的需求我们将优先实现，并且将作为专业版功能提供
+2. 您的需求我们将优先实现，并且可能将作为专业版功能提供
-3. 一年期专业版激活码
+3. 获得专业版功能
 
 专业版特权对比
 
-| 功能      | 免费版                                   | 专业版                            |
+| 功能      | 免费版                                   | 专业版                     |
 |---------|---------------------------------------|--------------------------------|
-| 免费证书申请  | 免费无限制                                 | 免费无限制                          |
+| 免费证书申请  | 免费无限制                        | 免费无限制                      |
-| 域名数量 | 无限制                                   | 无限制                            |
+| 域名数量      | 无限制                           | 无限制                          |
-| 证书流水线条数 | 无限制                                   | 无限制                            |
+| 证书流水线条数 | 无限制                           | 无限制                          |
-| 站点证书监控  | 限制1条                                  | 无限制                            |
+| 站点证书监控  | 限制1条                           | 无限制                          |
-| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件 | 群晖                             |
+| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件     |     群晖、威联通、proxmox等  |
-| 通知      | 邮件通知、自定义webhook                       | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
+| 通知         | 邮件通知、自定义webhook            | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
+| 批量操作      | 无                               | 流水线模版，流水线复制，批量运行，批量设置通知、定时等 |
+| VIP群        | 无                               | 可加，一对一技术支持，必要时可申请远程协助  |
 
-************************
-
-************************
 
 ## 九、贡献代码
 

README_en.md

@@ -13,6 +13,15 @@ Certd® is a free, fully automated certificate management system that ensures yo
 
 > The number of pipelines is now unlimited. Welcome to use it.
 
+
+Official Open Source Address: 
+
+[Github](https://github.com/certd/certd)   ![](https://img.shields.io/github/stars/certd/certd?logo=github)        
+[Gitee](https://gitee.com/certd/certd)   ![](https://gitee.com/certd/certd/badge/star.svg?theme=dark)        
+[AtomGit](https://atomgit.com/certd/certd)       ![](https://atomgit.com/certd/certd/star/badge.svg)   
+
+
+
 ## 1. Features
 This project not only supports automated certificate application but also automated certificate deployment and updates, ensuring your certificates never expire.
 

docker/run/docker-compose.yaml

@@ -9,8 +9,8 @@ services:
     restart: unless-stopped # 自动重启
     volumes:
       #   ↓↓↓↓↓ -------------------------------------------------------- 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下，【您需要定时备份此目录，以保障数据容灾】
-      #                                                                  只要修改冒号前面的，冒号后面的/app/data不要动
+      - /data/certd:/app/data # 只要修改冒号前面的，冒号后面的/app/data切记切记不要动
-      - /data/certd:/app/data
+      #- /volume1/docker/certd:/app/data:delegated  #群晖使用这个配置
       #   ↓↓↓↓↓ -------------------------------------------------------- 如果走时不准，考虑挂载localtime文件
       #- /etc/localtime:/etc/localtime
       #- /etc/timezone:/etc/timezone
@@ -47,6 +47,8 @@ services:
 #     配置规则： certd_ + 配置项, 点号用_代替
 #                                    #↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，docker compose up -d 重建容器之后，管理员密码将改成123456，然后请及时修改回false
       - certd_system_resetAdminPasswd=false
+                        # ↓↓↓ 要使用ipv6，将此配置修改为::
+      - certd_koa_hostname=0.0.0.0
 
 #     默认使用sqlite文件数据库，如果需要使用其他数据库，请设置以下环境变量
 #     注意： 选定使用一种数据库之后，不支持更换数据库。

docs/.vitepress/config.ts

@@ -95,10 +95,10 @@ export default defineConfig({
                         },
                         {
                             text: "插件列表", items: [
-                                {text: "授权提供商", link: "/guide/plugins/access.md"},
                                 {text: "DNS提供商", link: "/guide/plugins/dns-provider.md"},
                                 {text: "任务插件", link: "/guide/plugins/deploy.md"},
                                 {text: "通知插件", link: "/guide/plugins/notification.md"},
+                                {text: "授权提供商", link: "/guide/plugins/access.md"},
                             ]
                         },
                     ]
@@ -121,6 +121,8 @@ export default defineConfig({
                         {text: "ESXi", link: "/guide/use/ESXi/index.md"},
                         {text: "宝塔动态IP白名单", link: "/guide/use/baota/white_list.md"},
                         {text: "子域名托管", link: "/guide/use/cert/subdomain.md"},
+                        {text: "流水线有效期", link: "/guide/use/pipeline/valid.md"},
+                        {text: "IP证书申请", link: "/guide/use/cert/ip.md"},
                     ]
                 },
                 {

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,211 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Bug Fixes
+
+* 修复ipv6作为证书域名申请证书校验失败的bug ([e4e16bc](https://github.com/certd/certd/commit/e4e16bc6a65bb082c18ca0590226f0987a47d477))
+* 优化西部数据 500 already exists 的问题 ([2bfad9f](https://github.com/certd/certd/commit/2bfad9fc651da208b610abd921fbfb2fbc04203f))
+
+### Performance Improvements
+
+* 批量设置定时，支持清除定时 ([63d8bcf](https://github.com/certd/certd/commit/63d8bcf8823f713365042d3c7aee3cf31d44b044))
+* 新增数据库迁移doc说明文档，优化datetime字段平滑迁移 ([45fbce0](https://github.com/certd/certd/commit/45fbce0c2af5fb3ead6d3dd12a42f8cc1714262f))
+* 支持彩虹聚合登录 ([6f18693](https://github.com/certd/certd/commit/6f186932ccad4becfdc0087c0539f7b2d0069844))
+* 支持邮件模版设置 ([a6c0d2c](https://github.com/certd/certd/commit/a6c0d2c6f1fd6b60e6d7af290487c94564fd91ea))
+* oidc支持使用第三方昵称或账号作为certd用户的用户名 ([b6fea0c](https://github.com/certd/certd/commit/b6fea0c8562abf912daa7d72958ceb2e93575d31))
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+### Bug Fixes
+
+* oidc 支持nonce ([a5ca411](https://github.com/certd/certd/commit/a5ca41131b308b36b17ca359d9709ea8e9b7cee1))
+
+### Performance Improvements
+
+* 第三方登录支持gitee ([5cee7d4](https://github.com/certd/certd/commit/5cee7d44f17bd36972f477bc1f270999da558d05))
+* 邮件模版安全优化 ([adca151](https://github.com/certd/certd/commit/adca151e4f07a4c6a2a753bfa48ee0d4d6469fd2))
+* 支持部署到中国移动CDN ([4351304](https://github.com/certd/certd/commit/43513049beff407558d2a234415521464165cebc))
+* 支持k8s apply ([d55954a](https://github.com/certd/certd/commit/d55954a36391ebe6a9397ff7dcfb710193ac5e34))
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+### Bug Fixes
+
+* 修复注销登录时，第三方登录注销请求失败的报错 ([677e110](https://github.com/certd/certd/commit/677e1101e6cf4451abd8a876cc1d0ddd26a10b88))
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+### Bug Fixes
+
+* 修复西部数据返回信息乱码问题 ([78b1650](https://github.com/certd/certd/commit/78b1650bdb071c858b3f90d53a700d11ee6de328))
+* 修复西部数码使用域名级别的key申请证书失败的问题 ([5edc72d](https://github.com/certd/certd/commit/5edc72d47550b8e3364dabda70a41cce75d87956))
+
+### Performance Improvements
+
+* 第三方登录允许选择logo ([bb3085e](https://github.com/certd/certd/commit/bb3085ef84201ccd2dc632ba8c5097cb00258be4))
+* 支持OIDC单点登录 ([fbf12f1](https://github.com/certd/certd/commit/fbf12f16b5eaa7676fd41923587bf6bd2595adba))
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+### Bug Fixes
+
+* 修复waf tls版本号小写 ([0adcc6a](https://github.com/certd/certd/commit/0adcc6a8d194469be0c26940ed4837fb34929b68))
+
+### Performance Improvements
+
+* 支持微信扫码登录 ([73325aa](https://github.com/certd/certd/commit/73325aaefb0e750a22aaac40929e7bf3f5864996))
+* 支持证书颁发机构 LiteSSL ([6be7591](https://github.com/certd/certd/commit/6be75913324e2828d9016eb307ff2d0abbbb2191))
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Bug Fixes
+
+* 修复阿里云 waf tlsVersion参数缺失导致部署失败的问题 ([2fabee6](https://github.com/certd/certd/commit/2fabee647acf64afe689f5bea3603028cd0ba4a2))
+* 修复备注撑开表格行高的bug ([c7b298c](https://github.com/certd/certd/commit/c7b298c46f0d52b43bd2bb17b374e7970a446446))
+* 修复域名管理无法创建tencent-eo dns授权的bug ([3406bb5](https://github.com/certd/certd/commit/3406bb5a4a56bb310cddc1a1f410c70909fd129b))
+* openapi 成功后失败都返回msg ([6e735bb](https://github.com/certd/certd/commit/6e735bbd1e29712e939f775a4db974db70e3b4b0))
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+* 优化宝塔网站证书在并发部署时导致nginx配置文件错乱的问题 ([51cc084](https://github.com/certd/certd/commit/51cc08411fd2dbab66d769b495dc1b0bf2f2578c))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+* 站点证书监控备注输入框改成textarea ([70b603d](https://github.com/certd/certd/commit/70b603d601c34f39148c2ab70c655c51babf563d))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+### Bug Fixes
+
+* 商用证书上传保存失败的bug ([075b1dc](https://github.com/certd/certd/commit/075b1dc0eb8c39acc277277b1b334d66b6717ab2))
+
+### Performance Improvements
+
+* 优化阿里云clb 过期证书清理报错的问题 ([d465367](https://github.com/certd/certd/commit/d4653678b2e3643460f918992eeae4044d3a1cc7))
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+### Bug Fixes
+
+* **plugins/woai-cdn:** 修正默认接口域名与帮助链接中的路径 ([#576](https://github.com/certd/certd/issues/576)) @LjyLab ([d20046c](https://github.com/certd/certd/commit/d20046c86681ea177ece434423b7c81a76b437fb))
+
+### Performance Improvements
+
+* 修复西数解析记录添加失败的bug，支持部署证书到西数虚拟主机 ([1102952](https://github.com/certd/certd/commit/1102952b4703e8c0bbc17b0700c0ed3ef6f866d3))
+* 支持回车键触发登录 ([eb5c88f](https://github.com/certd/certd/commit/eb5c88fbb2901f1a9669429a7cd8dc76f6806d01))
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Bug Fixes
+
+* 修复点击立即触发运行报错的bug ([e1eef01](https://github.com/certd/certd/commit/e1eef013a856d26fe80a05d9ec6e505e2e31e5f9))
+* 账号绑定页面某些情况下打不开的bug ([44973eb](https://github.com/certd/certd/commit/44973ebd00e89c0fee8f3b91174157757ce0160f))
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/certd/certd/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/certd/certd/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+### Bug Fixes
+
+* 修复创建流水线报id不能为空的bug ([aac569a](https://github.com/certd/certd/commit/aac569a9259ede43399e0ed5d668e936b984d6dd))
+
+### Performance Improvements
+
+* 增加vip时间同步按钮 ([32e4e91](https://github.com/certd/certd/commit/32e4e91ab81008dda422fb53fd6f4d1711c5d80c))
+* 支持letencrypt测试环境，支持IP证书？ ([1462cdd](https://github.com/certd/certd/commit/1462cddd1eb347b7ff238286b5c977b29a0591ec))
+* server 增加 "@peculiar/x509" 依赖 ([acdf091](https://github.com/certd/certd/commit/acdf0912d452029f158279fb78155086e4fbac17))
+
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+### Bug Fixes
+
+* 修复某些情况下编辑流水线，没有立即展示变更效果的bug ([65e5309](https://github.com/certd/certd/commit/65e53092e8d677eb34b7d04d68c6f738165f5de2))
+* 修复批量修改定时没有立即显示生效的bug ([c166602](https://github.com/certd/certd/commit/c16660254b8d637bd3ca100695934b343875fcbf))
+* 修复新部署的无法保存公共eab配置的bug ([6b7631e](https://github.com/certd/certd/commit/6b7631ed5e920582d8e2162ec788b9429238ac29))
+* 修复在苹果手机下输入框被放大的问题 ([5ff7e6e](https://github.com/certd/certd/commit/5ff7e6ef0eaa6bc111d0dd3c5713e1658f9113ad))
+
+### Performance Improvements
+
+*  支持记忆字段排序 ([d46b9c5](https://github.com/certd/certd/commit/d46b9c54b14ec5c892f4eed141fb549485941edd))
+* 优化任务参数配置界面在手机版下的展示效果 ([0203aa2](https://github.com/certd/certd/commit/0203aa2b6e86e58e5e66a1b9d0278d186aa92554))
+* 支持列表展示时固定证书最大天数，有助于列表进度条整齐展示 ([4a94eab](https://github.com/certd/certd/commit/4a94eab3935c89a63892661d9cf0d0891e54aa81))
+* 子域名托管说明 ([b5d8161](https://github.com/certd/certd/commit/b5d8161bc2e686e6c8b552de0c29117a5d405313))
+* cname方式hostRecord增加user校验 ([bc174f7](https://github.com/certd/certd/commit/bc174f70545e487bd549eff250f8ef69c6d343f3))
+* doge云插件支持选择CDN域名，以及支持同时部署多个域名 ([041954c](https://github.com/certd/certd/commit/041954c0674fabed54ed2cf5e727fecfb6943d19))
+* doge云支持删除过期证书 ([335cf93](https://github.com/certd/certd/commit/335cf9397080a5e09074d5a89d03f59bd051cda5))
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+### Bug Fixes
+
+* 修复站点证书监控复制按钮无效的bug ([efa26a0](https://github.com/certd/certd/commit/efa26a067f06402f30befc016d9934cadcd5a563))
+* 修复lego模式下 私钥加密类型错误的bug ([f7cf7c1](https://github.com/certd/certd/commit/f7cf7c198d7f77b222099770f81accc637bc6619))
+
+### Performance Improvements
+
+* 优化数据备份效率，流式写入文件 ([c38dbbb](https://github.com/certd/certd/commit/c38dbbb1d72bd00a92fe275b76aea82a791e7199))
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+### Bug Fixes
+
+* 修复并发情况下证书申请日志混乱的bug ([bb2714f](https://github.com/certd/certd/commit/bb2714ff241f9db4a71d805b23a1b0f9f2f6413a))
+* 修复网络测试，telnet的bug ([c03a70f](https://github.com/certd/certd/commit/c03a70fde23c8e840bd0fdb4fcbca8990f6c65eb))
+* 修复站点证书监控，证书已经更新到最新日期了，仍然发出警告通知的bug ([1f42f93](https://github.com/certd/certd/commit/1f42f933f07860b27aa3d016e40916ff2b063eac))
+
+### Performance Improvements
+
+*  注册页面增加手机注册tab页签 ([6b2f1fc](https://github.com/certd/certd/commit/6b2f1fcd3e058061b814c3331cda8ce1b2d80d73))
+* 流水线创建时支持添加到证书监控 ([59ba408](https://github.com/certd/certd/commit/59ba4080706548828ef1c0a9cd893c1c9a7d591f))
+* 流水线支持有效期设置 ([911e69e](https://github.com/certd/certd/commit/911e69e3bc0cdd48b62953b5d0981d640fc1f8ac))
+* 群辉增加请求超时时长设置 ([b381492](https://github.com/certd/certd/commit/b3814920bdcabc911f860a8e19b5b9b3a04709ac))
+* 通知支持meow ([c77645e](https://github.com/certd/certd/commit/c77645e1733670214aaca5544cf8759d7e4adda4))
+* 站点证书监控增加导出和分组功能 ([2ed12c4](https://github.com/certd/certd/commit/2ed12c429eb58274a4f9dd0ed3b66e160d283ded))
+* 证书监控增加批量删除 ([e578c52](https://github.com/certd/certd/commit/e578c52fdf2f838038062aa4209b655fbae461fb))
+* esa 自动删除过期证书提示 ([8bf1f82](https://github.com/certd/certd/commit/8bf1f828b9eaa9208f32e8ee7460b86420fed0c7))
+* ssh 增加禁止-i参数提示 ([3a8931f](https://github.com/certd/certd/commit/3a8931feeffd7157163ff7d46b693e5e1a434b9c))
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+### Bug Fixes
+
+* 修复飞牛证书部署后无法生效的bug ([bf156a1](https://github.com/certd/certd/commit/bf156a13bd443cdadb73c9dff79bbef7231b4401))
+* aliyunoss 选择证书接入点选择新加坡无法上传的bug ([e00733a](https://github.com/certd/certd/commit/e00733a34644c23ffe926486b15dc96bf2fa4b57))
+
+### Performance Improvements
+
+* 优化start.sh脚本，去掉删除非ui目录的操作及提示 ([7993a7c](https://github.com/certd/certd/commit/7993a7cdb01885535950c63187e3f67d67ba2f75))
+* 增加飞牛证书id选择的提示 ([5a4d812](https://github.com/certd/certd/commit/5a4d8121462b1afe921d028465687be8c9679814))
+* 证书监控支持设置证书即将过期天数 ([cd35568](https://github.com/certd/certd/commit/cd35568e042e6ab928685efad51cdbed823d2d4f))
+* 支持网络测试 ([2bef608](https://github.com/certd/certd/commit/2bef608e07ceb56d52007f290667e0afef401b22))
+* 支持新网代理方式 ([f612509](https://github.com/certd/certd/commit/f612509cac87b859e81a7a52fe94b2eaccad22f9))
+* dns支持新网互联 ([f415190](https://github.com/certd/certd/commit/f41519048326d971acd9e0a30462231f77a299a6))
+* start.sh脚本支持根据当前系统判断是否使用sudo ([567cb7d](https://github.com/certd/certd/commit/567cb7d737023e26ec58403c6f28f109e212d379))
+
+## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
+
+### Bug Fixes
+
+* 修复版本比较bug ([109696e](https://github.com/certd/certd/commit/109696e965d68c50c8627ffd40203edd1d2daea5))
+* 修复某些情况下cname申请证书报错主域名不一致的bug ([2671781](https://github.com/certd/certd/commit/2671781e1bb0838981728d85eacf0e1a25a0fa48))
+
+### Performance Improvements
+
+* cname主域名校验提示优化，显示不一致的两方便于排查问题 ([6ebb365](https://github.com/certd/certd/commit/6ebb3659f42155e4e8da600c493fb5227cd08137))
+* dns解析支持阿里esa ([9291fa6](https://github.com/certd/certd/commit/9291fa68aa7a88a05c2f888bf3048df36a8fbde3))
+
 # [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
 
 ### Features

docs/guide/index.md

@@ -5,6 +5,16 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 
 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具
 
+
+| 官方开源地址： | |
+| ---- | ---- |
+| [Github](https://github.com/certd/certd)| ![](https://img.shields.io/github/stars/certd/certd?logo=github)      |    
+| [Gitee](https://gitee.com/certd/certd)  | ![](https://gitee.com/certd/certd/badge/star.svg?theme=dark)        |
+| [AtomGit](https://atomgit.com/certd/certd) |![](https://atomgit.com/certd/certd/star/badge.svg)        |
+
+
+![首页](../images/start/home.png)
+
 ## 1、关于证书续期
 >* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
 >* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
@@ -15,7 +25,7 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。
 
 * 全自动申请证书（支持所有注册商注册的域名，支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式）
-* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等70+部署插件）
+* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等100+部署插件）
 * 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
 * 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
 * 私有化部署，数据保存本地，安装升级非常简单快捷

docs/guide/install/1panel/index.md

@@ -7,7 +7,36 @@ https://1panel.cn/docs/installation/online_installation/
 
 ## 二、部署certd
 
+有两种安装方式
 
+### 1. 应用商店方式安装【推荐】
+
+#### 1.1 安装
+打开`1Panel->应用商店`，更新远程应用，搜索`certd`，点击安装
+
+   ![](./images/store-1.png)
+
+
+   ![](./images/store-2.png)
+
+#### 1.2 访问测试：
+http://ip:7001   
+https://ip:7002   
+默认账号密码      
+admin/123456     
+登录后请及时修改密码 
+
+#### 1.3 备份
+   ![](./images/store-3.png)
+
+#### 1.4 恢复
+ 安装新Certd后，点击导入备份按钮，选择上面备份的文件即可
+
+
+
+### 2. docker-compose方式安装
+
+#### 2.1 安装
 1. 打开`docker-compose.yaml`，整个内容复制下来    
    https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
 
@@ -22,7 +51,7 @@ https://1panel.cn/docs/installation/online_installation/
 > 默认使用sqlite数据库，数据保存在`/data/certd`目录下，您可以手动备份该目录   
 > certd还支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
 
-3. 访问测试
+#### 2.2 访问测试
 
 http://ip:7001   
 https://ip:7002   
@@ -30,7 +59,7 @@ https://ip:7002
 admin/123456     
 登录后请及时修改密码  
 
-## 三、升级
+#### 2.3 升级
 
 1. 找到容器，点击更多->升级
    ![](./images/upgrade-1.png)
@@ -39,11 +68,11 @@ admin/123456
 ![img.png](./images/upgrade-2.png)
 
 
-## 四、数据备份
+#### 2.4 备份
 
 > 默认数据保存在`/data/certd`目录下，可以手动备份    
 > 建议配置一条 [数据库备份流水线](../../use/backup/)，自动备份
 
-## 五、备份恢复
+#### 2.5 恢复
 
 将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可

docs/guide/install/database.md

@@ -65,9 +65,54 @@ docker-compose up -d
 
 ## 二、从旧版的sqlite切换数据库
 
-1. 先将`旧certd`升级到最新版 （`建议：备份sqlite数据库` ）
+从旧版`sqlite`迁移到`mysql`或`postgresql`数据库
-2. 按照上面全新安装方式部署一套`新的certd` （`注意：新旧版本的certd要一致`）
-3. 使用数据库工具将数据从sqlite导入到mysql或postgresql （`注意：flyway_history数据表不要导入`）
-4. 重启新certd
-5. 确认没有问题之后，删除旧版certd
 
+下面以 `SQLite` 转 `MySQL` 为例进行演示
+
+![db-0.png](images/db-0.png)
+
+#### 0.前提条件： 
+1. SQLite版Certd站点已经`升级到最新版` （`建议：备份sqlite数据库` ）
+2. `全新安装`MySQL版本Certd（`确保是全新的，因为里面的数据会被清空覆盖`）
+3. 两套Certd站点版本一致
+
+#### 1. 安装DBeaver工具
+
+[https://dbeaver.io/download/](https://dbeaver.io/download/)
+
+![db-1.png](images/db-1.png)
+
+#### 2. 连接到sqlite数据库
+
+![db-2.png](images/db-sqlite-1.png)
+
+![db-3.png](images/db-sqlite-2.png)
+
+#### 3. 连接到mysql或postgresql数据库
+
+![db-4.png](images/db-mysql-1.png)
+
+![db-5.png](images/db-mysql-2.png)
+
+
+#### 4. 开始同步数据
+
+选择mysql数据库，选择所有的表（`flyway_history除外`），右键导入数据
+
+> 切记flyway_history数据表不要导入
+
+![db-6.png](images/db-sync-1.jpg)
+![db-7.png](images/db-sync-2.png)
+![db-8.png](images/db-sync-3.png)
+下一步、下一步，直到数据加载设置，勾选`在加载前截断目标表`（此选项很重要，并且会清空mysql certd数据库中的数据）
+![db-7.png](images/db-sync-4.png)
+
+#### 5. 导入完成
+
+![db-9.png](images/db-success.png)
+
+#### 6. 重启MySQL版本Certd
+
+访问MySQL版本测试，数据已成功迁移     
+
+确认没有问题之后，删除旧版certd

docs/guide/install/docker/index.md

@@ -57,6 +57,10 @@ https://your_server_ip:7002
 
 ::: warning   
 如果您是第一次升级certd版本，切记切记先备份一下数据    
+```
+# docker-compose.yaml配置
+- /data/certd:/app/data   # 请务必确保 /app/data 这个路径没有改动，固定写死
+```
 :::
 
 

docs/guide/install/source/index.md

@@ -11,9 +11,12 @@
 git clone https://github.com/certd/certd --depth=1
 # git checkout v1.x.x  # 当v2主干分支代码无法正常启动时，可以尝试此命令，1.x.x换成最新版本号
 cd certd
+
 # 启动服务
 ./start.sh
 
+
+
 ```
 >如果是windows，请先安装`git for windows` ，然后右键，选择`open git bash here`打开终端，再执行`./start.sh`命令
 

docs/guide/install/upgrade.md

@@ -10,6 +10,12 @@
 
 ::: warning   
 如果您是第一次升级certd版本，切记切记先备份一下数据    
+很多人docker不太会配置，数据目录没有映射出来，升级导致数据丢失
+```
+# docker-compose.yaml配置
+- /data/certd:/app/data   #  请务必确保 /app/data 这个路径没有改动，固定写死
+```
+具体备份方法可以参考上面每种部署方式升级方法后面的备份章节
 :::
 
 ## 升级日志

docs/guide/open/index.md

@@ -9,6 +9,7 @@
 
 https://apifox.com/apidoc/shared-2e76f8c4-7c58-413b-a32d-a1316529af44/254949529e0
 
+
 ## Token生成方法
 
 header中传入x-certd-token即可调用开放接口   
@@ -17,6 +18,18 @@ header中传入x-certd-token即可调用开放接口
 3、将content加上keySecret进行签名： sign = md5(content + keySecret)   
 4、然后将content和sign分别base64后用.号连接： x-certd-token = base64(content) +"."+base64(sign)   
 
+
+## 参数
+支持证书id和域名两种方式获取证书。
+
+## 创建新的证书申请
+参数autoApply=true，将在没有证书时自动触发申请证书，检查逻辑如下：
+1. 如果证书仓库里面有，且没有过期，就直接返回证书
+2. 如果没有或者已过期，就会去找流水线，有就触发流水线执行
+3. 如果没有流水线，就创建一个流水线，触发运行（`注意：需要提前在域名管理中配置好域名校验方式，否则会申请失败`）
+4. 再次采用相同参数请求接口，如果在申请过程中，就会提示`正在申请中`，可轮循获取状态，直到证书申请成功。
+
+
 ## SDK
 待开发
 

docs/guide/plugins/access.md

@@ -2,50 +2,71 @@
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **阿里云授权** |  | 
+| 1.| **主机登录授权** |  | 
-| 2.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
+| 2.| **阿里云授权** |  | 
-| 3.| **google cloud** | 谷歌云授权 | 
+| 3.| **阿里云ESA授权** |  | 
-| 4.| **主机登录授权** |  | 
+| 4.| **腾讯云** |  | 
-| 5.| **SFTP授权** |  | 
+| 5.| **华为云授权** |  | 
-| 6.| **阿里云OSS授权** | 包含地域和Bucket | 
+| 6.| **火山引擎** |  | 
-| 7.| **FTP授权** |  | 
+| 7.| **京东云** |  | 
-| 8.| **腾讯云** |  | 
+| 8.| **七牛云授权** |  | 
-| 9.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
+| 9.| **天翼云授权** |  | 
-| 10.| **七牛云授权** |  | 
+| 10.| **baota授权** |  | 
-| 11.| **七牛OSS授权** |  | 
+| 11.| **百度云授权** |  | 
-| 12.| **天翼云授权** |  | 
+| 12.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
-| 13.| **s3/minio授权** | S3/minio oss授权 | 
+| 13.| **google cloud** | 谷歌云授权 | 
-| 14.| **baota授权** |  | 
+| 14.| **SFTP授权** |  | 
-| 15.| **易盾DCDN授权** | https://user.yiduncdn.com | 
+| 15.| **阿里云OSS授权** | 包含地域和Bucket | 
-| 16.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 16.| **FTP授权** |  | 
-| 17.| **易发云短信** | sms.yfyidc.cn/ | 
+| 17.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
-| 18.| **cdnfly授权** |  | 
+| 18.| **七牛OSS授权** |  | 
-| 19.| **群晖登录授权** |  | 
+| 19.| **s3/minio授权** | S3/minio oss授权 | 
-| 20.| **k8s授权** |  | 
+| 20.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
-| 21.| **1panel授权** | 账号和密码 | 
+| 21.| **易盾DCDN授权** | https://user.yiduncdn.com | 
-| 22.| **百度云授权** |  | 
+| 22.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
-| 23.| **LeCDN授权** |  | 
+| 23.| **易发云短信** | sms.yfyidc.cn/ | 
-| 24.| **白山云授权** |  | 
+| 24.| **cdnfly授权** |  | 
-| 25.| **plesk授权** |  | 
+| 25.| **群晖登录授权** |  | 
-| 26.| **易支付** |  | 
+| 26.| **k8s授权** |  | 
-| 27.| **支付宝** |  | 
+| 27.| **1panel授权** | 账号和密码 | 
-| 28.| **微信支付** |  | 
+| 28.| **LeCDN授权** |  | 
-| 29.| **长亭雷池授权** |  | 
+| 29.| **白山云授权** |  | 
-| 30.| **lucky** |  | 
+| 30.| **plesk授权** |  | 
-| 31.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 31.| **易支付** |  | 
-| 32.| **uniCloud** | unicloud授权 | 
+| 32.| **支付宝** |  | 
-| 33.| **华为云授权** |  | 
+| 33.| **微信支付** |  | 
-| 34.| **西部数码授权** |  | 
+| 34.| **长亭雷池授权** |  | 
-| 35.| **多吉云** |  | 
+| 35.| **lucky** |  | 
-| 36.| **我爱云授权** | 我爱云CDN | 
+| 36.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 37.| **CacheFly** | CacheFly | 
+| 37.| **uniCloud** | unicloud授权 | 
-| 38.| **Gcore** | Gcore | 
+| 38.| **猫云授权** |  | 
-| 39.| **亚马逊云aws授权** |  | 
+| 39.| **授权插件示例** |  | 
-| 40.| **dns.la授权** |  | 
+| 40.| **西部数码授权** |  | 
-| 41.| **又拍云** |  | 
+| 41.| **多吉云** |  | 
-| 42.| **火山引擎** |  | 
+| 42.| **我爱云授权** | 我爱云CDN | 
-| 43.| **京东云** |  | 
+| 43.| **CacheFly** | CacheFly | 
-| 44.| **51dns授权** |  | 
+| 44.| **Gcore** | Gcore | 
+| 45.| **亚马逊云aws授权** |  | 
+| 46.| **亚马逊云科技（国区）授权** |  | 
+| 47.| **dns.la授权** |  | 
+| 48.| **又拍云** |  | 
+| 49.| **51dns授权** |  | 
+| 50.| **FlexCDN授权** |  | 
+| 51.| **farcdn授权** |  | 
+| 52.| **cloudflare授权** |  | 
+| 53.| **Github授权** |  | 
+| 54.| **namesilo授权** |  | 
+| 55.| **proxmox** |  | 
+| 56.| **网宿授权** |  | 
+| 57.| **金山云授权** |  | 
+| 58.| **APISIX授权** |  | 
+| 59.| **Dokploy授权** |  | 
+| 60.| **godaddy授权** |  | 
+| 61.| **新网授权** |  | 
+| 62.| **新网授权（代理方式）** |  | 
+| 63.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
+| 64.| **中国移动CND授权** |  | 
+| 65.| **雨云授权** | https://app.rainyun.com/ | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/deploy.md

@@ -1,5 +1,5 @@
 # 任务插件
-共 `70` 款任务插件    
+共 `105` 款任务插件    
 ## 1. 证书申请
 
 | 序号 | 名称 | 说明 |
@@ -15,6 +15,8 @@
 | 2.| **IIS-部署到IIS站点** |  | 
 | 3.| **主机-执行远程主机脚本命令** | 可以执行重启nginx等操作让证书生效 | 
 | 4.| **主机-部署证书到SSH主机** | SFTP上传证书到主机，然后SSH执行部署脚本命令 | 
+| 5.| **主机-复制到本机** | 【仅管理员使用】实际上是复制证书到docker容器内的某个路径，需要做目录映射到宿主机 | 
+| 6.| **上传证书到对象存储OSS** | 支持阿里云OSS、腾讯云COS、七牛云KODO、S3、MinIO、FTP、SFTP | 
 ## 3. CDN
 
 | 序号 | 名称 | 说明 |
@@ -22,33 +24,47 @@
 | 1.| **易盾-部署到易盾DCDN** | 主要是防御，http://user.yiduncdn.com/ | 
 | 2.| **易盾-部署到易盾RCDN** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
 | 3.| **cdnfly-部署证书到cdnfly** | cdnfly | 
-| 4.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
+| 4.| **LeCDN-更新证书** |  | 
-| 5.| **LeCDN-更新证书** |  | 
+| 5.| **LeCDN-更新证书V2** | 支持新版本LeCDN | 
-| 6.| **LeCDN-更新证书V2** | 支持新版本LeCDN | 
+| 6.| **白山云-更新证书** |  | 
-| 7.| **白山云-更新证书** |  | 
+| 7.| **天翼云-部署证书到CDN** | 部署证书到天翼云CDN和全站加速 | 
-| 8.| **天翼云-部署证书到CDN** | 部署证书到天翼云CDN和全站加速 | 
+| 8.| **括彩云-部署到括彩云CDN** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 9.| **括彩云-部署到括彩云CDN** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 9.| **西数-部署到虚拟主机** | 西部数码部署证书到虚拟主机 | 
 | 10.| **多吉云-部署到多吉云CDN** |  | 
 | 11.| **我爱云-部署证书到我爱云CDN** | 部署证书到我爱云CDN | 
 | 12.| **CacheFly-部署证书到CacheFly** | 部署证书到 CacheFly | 
 | 13.| **Gcore-部署证书到Gcore** | 仅上传 并不会部署到cdn | 
 | 14.| **Gcore-刷新Gcore证书** | 刷新现有的证书 | 
 | 15.| **又拍云-部署证书到CDN/USS** | 支持又拍云CDN，又拍云云存储USS | 
+| 16.| **FlexCDN-更新证书** |  | 
+| 17.| **farcdn-更新证书** | www.farcdn.net | 
+| 18.| **雨云-更新证书** | app.rainyun.com | 
+| 19.| **网宿-更新证书** | 网宿证书自动更新 | 
+| 20.| **金山云-更新CDN证书** | 金山云自动更新CDN证书 | 
+| 21.| **APISIX-更新证书** | 自动更新APISIX证书 | 
+| 22.| **中国移动-部署证书到CDN** | 中国移动自动部署证书到CDN | 
 ## 4. 面板
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
-| 2.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持网站站点、docker站点等 | 
+| 2.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持宝塔网站站点、docker站点等。本插件也支持aaPanel。 | 
-| 3.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
+| 3.| **宝塔-WAF证书部署** | 部署宝塔云WAF/aaWAF | 
-| 4.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
+| 4.| **宝塔win-网站证书部署** | 部署到Windows版宝塔管理的站点的ssl证书 | 
-| 5.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
+| 5.| **宝塔-删除过期证书** | 删除证书夹中过期证书 | 
-| 6.| **1Panel-部署证书到1Panel** | 更新1Panel的证书 | 
+| 6.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
-| 7.| **Plesk-部署Plesk网站证书** |  | 
+| 7.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
-| 8.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
+| 8.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
-| 9.| **lucky-更新Lucky证书** |  | 
+| 9.| **K8S-Apply自定义yaml** | apply自定义yaml到k8s | 
-| 10.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
+| 10.| **1Panel-部署证书到1Panel** | 更新1Panel的证书 | 
-| 11.| **威联通-部署证书到威联通** | 部署证书到qnap | 
+| 11.| **Plesk-部署Plesk网站证书** |  | 
+| 12.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
+| 13.| **lucky-更新Lucky证书** |  | 
+| 14.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
+| 15.| **威联通-部署证书到威联通** | 部署证书到qnap | 
+| 16.| **飞牛NAS-部署证书** |  | 
+| 17.| **Proxmox-上传证书到Proxmox** |  | 
+| 18.| **Dokploy-部署server证书** | 自动更新Dokploy server证书 | 
 ## 5. 阿里云
 
 | 序号 | 名称 | 说明 |
@@ -57,18 +73,24 @@
 | 2.| **阿里云-部署至任意云资源** | 【不建议使用】需要消耗阿里云自动部署次数，支持SLB、LIVE、webHosting、VOD、CR、DCDN、DDoS、CDN、ALB、APIGateway、FC、GA、MSE、NLB、OSS、SAE、WAF等云产品 | 
 | 3.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
 | 4.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
-| 5.| **阿里云-部署证书至OSS** | 自动部署域名证书至阿里云OSS | 
+| 5.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
-| 6.| **阿里云-上传证书到阿里云** | 如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
+| 6.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
 | 7.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
 | 8.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
 | 9.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
-| 10.| **阿里云-部署至SLB(传统负载均衡)** | 部署证书到阿里云SLB(传统负载均衡) | 
+| 10.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) | 
-| 11.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0）,【注意】证书的加密算法必须选择【pkcs1旧版】 | 
+| 11.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0） | 
+| 12.| **阿里云-部署至ESA** | 部署证书到阿里云ESA(边缘安全加速)，自动删除过期证书 | 
+| 13.| **阿里云-部署至VOD** | 部署证书到阿里云视频点播（vod） | 
+| 14.| **阿里云-部署证书至API网关** | 自动部署域名证书至阿里云API网关（APIGateway） | 
+| 15.| **阿里云-部署至云原生API网关/AI网关** | 自动部署域名证书至云原生API网关、AI网关 | 
 ## 6. 华为云
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **华为云-部署证书至CDN** |  | 
+| 2.| **华为云-上传证书至CCM** | 上传证书到华为云云证书管理（CCM） | 
+| 3.| **华为云-部署证书至OBS** |  | 
 ## 7. 腾讯云
 
 | 序号 | 名称 | 说明 |
@@ -79,9 +101,15 @@
 | 4.| **腾讯云-部署到CDN-v2** | 推荐使用 | 
 | 5.| **腾讯云-上传证书到腾讯云** | 上传成功后输出：tencentCertId | 
 | 6.| **腾讯云-部署证书到COS** | 部署到腾讯云COS源站域名证书【注意：很不稳定，需要重试很多次偶尔才能成功一次】 | 
-| 7.| **腾讯云-部署到腾讯云EO** | 腾讯云边缘安全加速平台EO，必须配置上传证书到腾讯云任务 | 
+| 7.| **腾讯云-部署到腾讯云EO** | 腾讯云边缘安全加速平台EdgeOne(EO)，必须配置上传证书到腾讯云任务 | 
 | 8.| **腾讯云-删除即将过期证书** | 仅删除未使用的证书 | 
-| 9.| **腾讯云-部署到TKE-ingress** | serverless集群请使用K8S部署插件；Qcloud类型需要【上传到腾讯云】作为前置任务；ApiServer未开启外网访问则需要做域名的内网IP映射 | 
+| 9.| **腾讯云-部署到TKE** | 修改TKE集群密钥配置，支持Opaque和TLS证书类型。注意：
+1. serverless集群请使用K8S部署插件；
+2. Opaque类型需要【上传到腾讯云】作为前置任务；
+3. ApiServer需要开通公网访问（或者certd可访问），实际上底层仍然是通过KubeClient进行部署 | 
+| 10.| **腾讯云-部署到腾讯云直播** | https://console.cloud.tencent.com/live/ | 
+| 11.| **腾讯云-实例开关机** | 腾讯云实例开关机 | 
+| 12.| **腾讯云-更新证书(Id不变)** | 根据证书id一键更新腾讯云证书并自动部署（Id不变），注意该接口为腾讯云白名单功能，非白名单用户无法使用该功能 | 
 ## 8. 火山引擎
 
 | 序号 | 名称 | 说明 |
@@ -91,6 +119,8 @@
 | 3.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 | 
 | 4.| **火山引擎-部署证书至ALB** | 部署至火山引擎应用负载均衡 | 
 | 5.| **火山引擎-部署证书至Live** | 部署至火山引擎视频直播 | 
+| 6.| **火山引擎-部署证书至DCDN** | 部署至火山引擎全站加速 | 
+| 7.| **火山引擎-部署证书至VOD** | 部署至火山引擎视频点播(暂不可用) | 
 ## 9. 京东云
 
 | 序号 | 名称 | 说明 |
@@ -98,26 +128,43 @@
 | 1.| **京东云-部署证书至CDN** | 京东云内容分发网络 | 
 | 2.| **京东云-更新已有证书** | 更新SSL数字证书中的证书 | 
 | 3.| **京东云-上传新证书** | 上传证书到SSL数字证书中心 | 
-## 10. 七牛云
+## 10. 百度云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
+| 2.| **百度云-部署证书到负载均衡** | 部署到百度云负载均衡，包括BLB、APPBLB | 
+| 3.| **百度云-上传到证书托管** | 上传证书到百度云证书托管中心 | 
+## 11. 七牛云
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **七牛云-部署证书至OSS** | 自动部署域名证书至七牛云KODO，注意是自定义源站域名，不是CDN域名 | 
-| 2.| **七牛云-部署证书至CDN** | 自动部署域名证书至七牛云CDN | 
+| 2.| **七牛云-部署证书至CDN/DCDN** | 自动部署域名证书至七牛云CDN、DCDN | 
-## 11. 亚马逊云
+| 3.| **七牛云-上传证书到七牛云** | 上传到七牛云 | 
+## 12. 亚马逊云
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **AWS-部署证书到CloudFront** | 部署证书到 AWS CloudFront | 
-## 12. 其他
+| 2.| **AWS-上传证书到ACM** | 上传证书 AWS ACM | 
+| 3.| **AWS(国区)-部署证书到CloudFront** | 部署证书到 AWS CloudFront | 
+## 13. 其他
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **Demo-测试插件** |  | 
-| 2.| **重启 Certd** | 【仅管理员可用】 重启 certd的https服务，用于更新 Certd 的 ssl 证书 | 
+| 2.| **等待** | 等待一段时间 | 
-| 3.| **自定义js脚本** | 【仅管理员】运行自定义js脚本执行 | 
+| 3.| **邮件发送证书** | 通过邮件发送证书 | 
-| 4.| **等待** | 等待一段时间 | 
+| 4.| **webhook方式部署证书** | 调用webhook部署证书 | 
-| 5.| **数据库备份** | 仅支持备份SQLite数据库 | 
+| 5.| **Github-检查Release版本** | 检查最新Release版本并推送消息 | 
+## 14. 管理
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **重启 Certd** | 【仅管理员可用】 重启 certd的https服务，用于更新 Certd 的 ssl 证书 | 
+| 2.| **自定义js脚本** | 【仅管理员】运行自定义js脚本执行 | 
+| 3.| **数据库备份** | 【仅管理员可用】仅支持备份SQLite数据库 | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/dns-provider.md

@@ -3,13 +3,23 @@
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **阿里云** | 阿里云DNS解析提供商 | 
-| 2.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
+| 2.| **阿里ESA** | 阿里ESA DNS解析 | 
-| 3.| **华为云** | 华为云DNS解析提供商 | 
+| 3.| **火山引擎** | 火山引擎DNS解析提供商 | 
-| 4.| **西部数码** | west dns provider | 
+| 4.| **京东云** | 京东云DNS解析提供商 | 
-| 5.| **dns.la** | dns.la | 
+| 5.| **新网** | 新网域名解析 | 
-| 6.| **火山引擎** | 火山引擎DNS解析提供商 | 
+| 6.| **新网(代理方式)** | 新网域名解析(代理方式) | 
-| 7.| **京东云** | 京东云DNS解析提供商 | 
+| 7.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
-| 8.| **51dns** | 51DNS | 
+| 8.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
+| 9.| **华为云** | 华为云DNS解析提供商 | 
+| 10.| **西部数码** | west dns provider | 
+| 11.| **dns.la** | dns.la | 
+| 12.| **雨云** | 雨云DNS解析提供商 | 
+| 13.| **cloudflare** | cloudflare dns provider | 
+| 14.| **namesilo** | namesilo dns provider | 
+| 15.| **godaddy** | GoDaddy | 
+| 16.| **Dns提供商Demo** | dns provider示例 | 
+| 17.| **51dns** | 51DNS | 
+| 18.| **新网互联** | 新网互联 | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/notification.md

@@ -2,10 +2,10 @@
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **企业微信通知** | 企业微信群聊机器人通知 | 
+| 1.| **电子邮件** | 电子邮件通知 | 
-| 2.| **电子邮件** | 电子邮件通知 | 
+| 2.| **自定义webhook** | 根据模版自定义http请求 | 
-| 3.| **爱语飞飞微信通知(iyuu)** | https://iyuu.cn/ | 
+| 3.| **企业微信通知** | 企业微信群聊机器人通知 | 
-| 4.| **自定义webhook** | 根据模版自定义http请求 | 
+| 4.| **爱语飞飞微信通知(iyuu)** | https://iyuu.cn/ | 
 | 5.| **Server酱ᵀ** | https://sct.ftqq.com/ | 
 | 6.| **Server酱³** | https://doc.sc3.ft07.com/serverchan3 | 
 | 7.| **AnPush** | https://anpush.com | 
@@ -14,6 +14,10 @@
 | 10.| **Slack通知** | Slack消息推送通知 | 
 | 11.| **Bark 通知** | Bark 推送通知插件 | 
 | 12.| **飞书通知** | 飞书群聊webhook通知 | 
+| 13.| **钉钉通知** | 钉钉群聊通知 | 
+| 14.| **VoceChat通知** | https://voce.chat | 
+| 15.| **OneBot V11 通知** | 通过动态拼接URL发送 OneBot V11 协议消息 | 
+| 16.| **MeoW通知** | https://api.chuckfang.com/ | 
 
 <style module>
 table th:first-of-type {

docs/guide/qa/use.md

@@ -19,7 +19,7 @@
 "detail": too many certificates (5) already issued for this exact set of idantifiers in the last 168hm0s
 ```
 
-## ssl.com报错  CAA record does not include ssl.com which is required to issue the certificate
+## 4. ssl.com报错  CAA record does not include ssl.com which is required to issue the certificate
 ssl.com申请证书要求必须设置CAA记录，表示允许ssl.com为该域名颁发证书
 请按如下格式添加CAA记录
 
@@ -29,5 +29,26 @@ ssl.com申请证书要求必须设置CAA记录，表示允许ssl.com为该域名
 | 一级泛域名 | CAA | * | 0         | issue/issuewild | "ssl.com" |
 | 固定子域名 | CAA | sub |  0         | issue  |"ssl.com" |
 
+## 5. address family not supported
+启动时出现此错误，是由于您的服务器不支持绑定ipv6地址
+
+请配置环境变量 certd_koa_hostname=0.0.0.0
+
+在docker-compose.yml中添加如下配置
+
+```yaml
+service:
+  certd:
+    environment:
+      certd_koa_hostname: 0.0.0.0
+```
+
+## 6. DNS记录问题
+
+1. DNS 不要设置CAA记录，删除即可
+
+2. DNSSEC相关报错，DNSSEC管理中删除即可
+
+3. DNS 有其他平台申请过的_acme-challenge记录，删除即可
 
 

docs/guide/start.md

@@ -7,10 +7,16 @@
 
 https://certd.handsfree.work/
 
-> 注意数据将不定期清理，不定期停止定时任务，生产使用请自行部署    
+注册 -> 创建证书流水线 -> 添加部署任务 -> 测试运行
+
+> 注意demo的数据将不定期清理，生产使用请自行部署    
 > 包含敏感信息，务必自己本地部署进行生产使用
 
 
+![首页](../images/start/home-2.png)
+
+
+
 ## 二、私有化部署
 
 由于证书、授权信息等属于高度敏感数据，请务必私有化部署，保障数据安全

docs/guide/use/aliyun/index.md

@@ -5,8 +5,10 @@
 
 配置环境变量
 ```shell
-ALIYUN_CLIENT_CONNECT_TIMEOUT=10000 # 连接超时，单位毫秒
+# docker-compose.yaml
-ALIYUN_CLIENT_READ_TIMEOUT=10000 #读取数据超时，单位毫秒
+environment:
+  - ALIYUN_CLIENT_CONNECT_TIMEOUT=16000 # 连接超时，单位毫秒
+  - ALIYUN_CLIENT_READ_TIMEOUT=16000 #读取数据超时，单位毫秒
 
 ```
 

docs/guide/use/baota/white_list.md

@@ -17,7 +17,7 @@
 
 > 如果出现过： 100.25.1.5 ， 100.25.4.8
 >
-> 可以尝试配置 100.25.*.5
+> 可以尝试配置 100.25.*.*
 
 ## 二、nginx代理方案
 

docs/guide/use/cert/index.md

@@ -1,10 +0,0 @@
-# 证书申请失败情况
-
-
-## DNS记录问题
-
-1. DNS 不要设置CAA记录，删除即可
-
-2. DNSSEC相关报错，DNSSEC管理中删除即可
-
-3. DNS 有其他平台申请过的_acme-challenge记录，删除即可

docs/guide/use/cert/ip.md

@@ -0,0 +1,11 @@
+# IP证书申请
+certd已支持IP证书申请
+
+> 注意：IP证书有效期只有7天。
+
+## 申请方式
+相比普通的域名证书申请方式区别在于：
+1. 域名栏填写IP
+2. 校验方式选择HTTP（只能HTTP）
+3. 证书颁发机构选择默认的Let's Encrypt
+4. 过期更新天数改成2天

docs/guide/use/forgotpasswd/index.md

@@ -7,13 +7,14 @@
 services:
   certd:
     environment: # 环境变量
-      - certd_system_resetAdminPasswd=false
+      - certd_system_resetAdminPasswd=true
 ```
 ## 2. 重启容器
 ```shell
 docker compose up -d
 docker logs -f --tail 500 certd
-# 观察日志，当日志中输出“重置1号管理员用户的密码完成”，即可操作下一步
+# 观察日志，当日志中输出“重置1号管理员用户密码完成”，即可操作下一步
+# 这里会打印1号管理员记录的用户名，如果你修改过管理员用户名，请注意查看此条日志
 ```
 ## 3. 恢复环境变量
 修改docker-compose.yaml，将`certd_system_resetAdminPasswd`改回`false`
@@ -23,4 +24,6 @@ docker logs -f --tail 500 certd
 docker compose up -d
 ```
 ## 5. 默认密码登录
-使用`admin/123456`登录系统，请及时修改管理员密码
+使用`原管理员账号/123456`登录系统，请及时修改管理员密码
+> 默认管理员账号： admin
+> 如果忘记管理员账号，请查看修改密码时的启动日志，会打印管理员账号名

docs/guide/use/pipeline/valid.md

@@ -0,0 +1,17 @@
+# 流水线有效期功能
+
+可以为流水线设置有效期，超过有效期后，流水线将停止运行
+
+## 1. 打开有效期开关
+
+![setting.png](images/setting.png)
+
+## 2. 设置有效期
+
+![valid.png](images/edit.png)
+
+![valid.png](images/edit2.png)
+
+## 3. 设置完成
+该流水线将在有效期结束后停止运行
+![valid.png](images/show.png)

docs/guide/use/synology/index.md

@@ -18,6 +18,12 @@
 ### 3. 配置Certd项目
 
 ![](./images/3.png)
+建议加上 `:delegated` 提升性能
+```yaml
+  volumes:
+                                          ↓↓↓↓------加上这个提升性能
+    - /volume1/docker/certd:/app/data:delegated
+```
 
 ### 4. 外网访问设置
 

docs/index.md

@@ -24,13 +24,13 @@ features:
   - title: 全自动申请证书
     details: 支持所有注册商注册的域名
   - title: 全自动部署证书
-    details: 支持部署到主机、阿里云、腾讯云等，目前已支持60+部署插件
+    details: 支持部署到主机、阿里云、腾讯云等，目前已支持100+部署插件
   - title: 多域名、泛域名打到一个证书上
     details: 支持通配符域名/泛域名，支持多个域名打到一个证书上
   - title: 多证书格式支持
     details: 支持pem、pfx、der、jks等多种证书格式，支持Google、Letsencrypt、ZeroSSL证书颁发机构
-  - title: 支持私有化部署
+  - title: 私有化部署，数据安全
-    details: 授权数据加密存储，保障数据安全
+    details: 授权数据加密存储，保障数据安全，支持SQLite、Postgresql、MySQL多种数据库
-  - title: 多数据库支持
+  - title: 无痛升级
-    details: 支持SQLite、Postgresql、MySQL数据库
+    details: 有手就行，向下兼容，无需担心数据作废
 ---

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.37.1"
+  "version": "1.37.16"
 }

package.json

@@ -17,9 +17,10 @@
     "start:server": "cd ./packages/ui/certd-server && npm start",
     "devb": "lerna run dev-build",
     "i-all": "lerna link && lerna exec npm install  ",
-    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
+    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly ",
-    "afterpublishOnly": "npm run copylogs && time /t >trigger/build.trigger && git add ./trigger/build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
+    "afterpublishOnly": "npm run plugin-doc-gen && npm run copylogs && time /t >trigger/build.trigger && git add ./trigger/build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && npm run commitAll",
     "transform-sql": "cd ./packages/ui/certd-server/db/ && node --experimental-json-modules transform.js",
+    "plugin-doc-gen": "cd ./packages/ui/certd-server/ && npm run export-md",
     "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
     "commitPro": "cd ./packages/pro/ && git add . && git commit -m \"build: publish\" && git push",
     "copylogs": "copyfiles \"CHANGELOG.md\"  ./docs/guide/changelogs/",
@@ -33,7 +34,9 @@
     "docs:dev": "vitepress dev docs",
     "docs:build": "npm run copylogs && vitepress build docs",
     "docs:preview": "vitepress preview docs",
-    "pub": "echo 1"
+    "pub": "echo 1",
+    "dev": "pnpm run -r --parallel  compile ",
+    "release": "time /t >trigger/release.trigger && git add trigger/release.trigger && git commit -m \"build: release\" && git push"
   },
   "license": "AGPL-3.0",
   "dependencies": {

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,81 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/publishlab/node-acme-client/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Bug Fixes
+
+* 修复ipv6作为证书域名申请证书校验失败的bug ([e4e16bc](https://github.com/publishlab/node-acme-client/commit/e4e16bc6a65bb082c18ca0590226f0987a47d477))
+
+## [1.37.15](https://github.com/publishlab/node-acme-client/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.14](https://github.com/publishlab/node-acme-client/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.13](https://github.com/publishlab/node-acme-client/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.12](https://github.com/publishlab/node-acme-client/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+### Performance Improvements
+
+* 支持证书颁发机构 LiteSSL ([6be7591](https://github.com/publishlab/node-acme-client/commit/6be75913324e2828d9016eb307ff2d0abbbb2191))
+
+## [1.37.11](https://github.com/publishlab/node-acme-client/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* ssl.com支持ecc ([b5ec047](https://github.com/publishlab/node-acme-client/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/publishlab/node-acme-client/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.9](https://github.com/publishlab/node-acme-client/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.8](https://github.com/publishlab/node-acme-client/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.7](https://github.com/publishlab/node-acme-client/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/publishlab/node-acme-client/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/publishlab/node-acme-client/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
+## [1.37.6](https://github.com/publishlab/node-acme-client/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+### Performance Improvements
+
+* 支持letencrypt测试环境，支持IP证书？ ([1462cdd](https://github.com/publishlab/node-acme-client/commit/1462cddd1eb347b7ff238286b5c977b29a0591ec))
+
+## [1.37.5](https://github.com/publishlab/node-acme-client/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.4](https://github.com/publishlab/node-acme-client/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.3](https://github.com/publishlab/node-acme-client/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+### Bug Fixes
+
+* 修复并发情况下证书申请日志混乱的bug ([bb2714f](https://github.com/publishlab/node-acme-client/commit/bb2714ff241f9db4a71d805b23a1b0f9f2f6413a))
+
+## [1.37.2](https://github.com/publishlab/node-acme-client/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+### Bug Fixes
+
+* aliyunoss 选择证书接入点选择新加坡无法上传的bug ([e00733a](https://github.com/publishlab/node-acme-client/commit/e00733a34644c23ffe926486b15dc96bf2fa4b57))
+
 ## [1.37.1](https://github.com/publishlab/node-acme-client/compare/v1.37.0...v1.37.1) (2025-09-29)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.37.1",
+    "version": "1.37.16",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.37.1",
+        "@certd/basic": "^1.37.16",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
@@ -52,7 +52,8 @@
         "lint-types": "tsd",
         "prepublishOnly": "npm run build-docs",
         "test": "mocha -t 60000 \"test/setup.js\" \"test/**/*.spec.js\"",
-        "pub": "npm publish"
+        "pub": "npm publish",
+        "compile": "tsc --skipLibCheck --watch"
     },
     "repository": {
         "type": "git",
@@ -69,5 +70,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "e17cd1f298a72595f01e466b5e5c8971828c6bd9"
+    "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
 }

packages/core/acme-client/src/api.js

@@ -28,7 +28,6 @@ class AcmeApi {
                 }
             }
         }
-        console.log(locationUrl, mapping);
         return locationUrl;
     }
 

packages/core/acme-client/src/auto.js

@@ -2,9 +2,11 @@
  * ACME auto helper
  */
 import { readCsrDomains } from "./crypto/index.js";
-import { log } from "./logger.js";
 import { wait } from "./wait.js";
 import { CancelError } from "./error.js";
+import { domainUtils } from '@certd/basic';
+
+
 
 
 const defaultOpts = {
@@ -45,6 +47,9 @@ export default async (client, userOpts) => {
         accountPayload.externalAccountBinding = opts.externalAccountBinding;
     }
 
+    const log = (...args)=>{
+        return client.logger.info(...args);
+    }
     /**
      * Register account
      */
@@ -63,7 +68,7 @@ export default async (client, userOpts) => {
      * Parse domains from CSR
      */
 
-    log("[auto] Parsing domains from Certificate Signing Request ");
+    log("[auto] Parsing domains from Certificate Signing Request");
     const { commonName, altNames } = readCsrDomains(opts.csr);
     const uniqueDomains = Array.from(new Set([commonName].concat(altNames).filter((d) => d)));
 
@@ -74,9 +79,21 @@ export default async (client, userOpts) => {
      */
 
     log("[auto] Placing new certificate order with ACME provider");
-    const orderPayload = { identifiers: uniqueDomains.map((d) => ({ type: "dns", value: d })) };
+
-    if (opts.profile && client.sslProvider === 'letsencrypt' ){
+    let hasIp = false
+    const orderPayload = { identifiers: uniqueDomains.map((d) =>{
+        // 判断是否为IP（v4或v6），否则按域名处理
+        const type = domainUtils.isIp(d) ? 'ip' : 'dns';
+        if(type === 'ip'){
+            hasIp = true
+        }
+        return { type, value: d }
+    }) };
+    if (opts.profile && client.sslProvider.startsWith("letsencrypt") ){
         orderPayload.profile = opts.profile;
+        if(hasIp){
+            orderPayload.profile = "shortlived"
+        }
     }
     const order = await client.createOrder(orderPayload);
     const authorizations = await client.getAuthorizations(order);
@@ -255,7 +272,7 @@ export default async (client, userOpts) => {
                 await wait(waitDnsDiffuseTime * 1000)
             }
 
-            log("开始向提供商请求挑战验证");
+            log("开始向提供商请求检查验证");
             await runPromisePa(completeChallengeTasks, 1000);
         } catch (e) {
             log(`证书申请失败${e.message}`);

packages/core/acme-client/src/axios.js

@@ -3,9 +3,9 @@
  */
 import axios from 'axios';
 import { parseRetryAfterHeader } from './util.js';
-import { log } from './logger.js';
 const { AxiosError } = axios;
 import {getGlobalAgents, HttpError} from '@certd/basic'
+import { log } from './logger.js';
 /**
  * Defaults
  */

packages/core/acme-client/src/client.js

@@ -5,10 +5,9 @@
  */
 import { createHash } from 'crypto';
 import  { getPemBodyAsB64u } from './crypto/index.js';
-import { log } from './logger.js';
 import HttpClient from './http.js';
 import AcmeApi from './api.js';
-import verify from './verify.js';
+import {createChallengeFn} from './verify.js';
 import * as util from './util.js';
 import auto from './auto.js';
 import { CancelError } from './error.js';
@@ -104,8 +103,13 @@ class AcmeClient {
             max: this.opts.backoffMax,
         };
 
-        this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding, this.opts.urlMapping);
+        this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding, this.opts.urlMapping, opts.logger);
         this.api = new AcmeApi(this.http, this.opts.accountUrl);
+        this.logger = opts.logger;
+    }
+
+    log(...args) {
+        this.logger.info(...args);
     }
 
     /**
@@ -177,7 +181,7 @@ class AcmeClient {
             this.getAccountUrl();
 
             /* Account URL exists */
-            log('Account URL exists, returning updateAccount()');
+            this.log('Account URL exists, returning updateAccount()');
             return this.updateAccount(data);
         }
         catch (e) {
@@ -185,7 +189,7 @@ class AcmeClient {
 
             /* HTTP 200: Account exists */
             if (resp.status === 200) {
-                log('Account already exists (HTTP 200), returning updateAccount()');
+                this.log('Account already exists (HTTP 200), returning updateAccount()');
                 return this.updateAccount(data);
             }
 
@@ -214,7 +218,7 @@ class AcmeClient {
             this.api.getAccountUrl();
         }
         catch (e) {
-            log('No account URL found, returning createAccount()');
+            this.log('No account URL found, returning createAccount()');
             return this.createAccount(data);
         }
 
@@ -488,6 +492,9 @@ class AcmeClient {
             throw new Error('Unable to verify ACME challenge, URL not found');
         }
 
+        const {challenges} = createChallengeFn({logger:this.logger});
+ 
+        const verify = challenges
         if (typeof verify[challenge.type] === 'undefined') {
             throw new Error(`Unable to verify ACME challenge, unknown type: ${challenge.type}`);
         }
@@ -502,8 +509,13 @@ class AcmeClient {
             await verify[challenge.type](authz, challenge, keyAuthorization);
         };
 
-        log('Waiting for ACME challenge verification（等待ACME挑战验证）');
+        this.log('Waiting for ACME challenge verification（等待ACME检查验证）');
-        return util.retry(verifyFn, this.backoffOpts);
+
+
+        const log = (...args)=>{
+            this.logger.info(...args)
+        }
+        return util.retry(verifyFn, this.backoffOpts,log);
     }
 
     /**
@@ -570,7 +582,7 @@ class AcmeClient {
             const resp = await this.api.apiRequest(item.url, null, [200]);
 
             /* Verify status */
-            log(`[${d}] Item has status（挑战状态）: ${resp.data.status}`);
+            this.log(`[${d}] Item has status（检查状态）: ${resp.data.status}`);
 
             if (invalidStates.includes(resp.data.status)) {
                 abort();
@@ -586,7 +598,7 @@ class AcmeClient {
             throw new Error(`[${d}] Unexpected item status: ${resp.data.status}`);
         };
 
-        log(`[${d}] Waiting for valid status （等待valid状态）: ${item.url}`, this.backoffOpts);
+        this.log(`[${d}] Waiting for valid status （等待valid状态）: ${item.url}`, this.backoffOpts);
         return util.retry(verifyFn, this.backoffOpts);
     }
 

packages/core/acme-client/src/http.js

@@ -19,7 +19,7 @@ import { getJwk } from './crypto/index.js';
  */
 
 class HttpClient {
-    constructor(directoryUrl, accountKey, externalAccountBinding = {}, urlMapping = {}) {
+    constructor(directoryUrl, accountKey, externalAccountBinding = {}, urlMapping = {},logger) {
         this.directoryUrl = directoryUrl;
         this.accountKey = accountKey;
         this.externalAccountBinding = externalAccountBinding;
@@ -31,6 +31,7 @@ class HttpClient {
         this.directoryMaxAge = 86400;
         this.directoryTimestamp = 0;
         this.urlMapping = urlMapping;
+        this.log = logger? logger.info.bind(logger) : log;
     }
 
     /**
@@ -48,7 +49,7 @@ class HttpClient {
             for (const key in this.urlMapping.mappings) {
                 if (url.includes(key)) {
                     const newUrl = url.replace(key, this.urlMapping.mappings[key]);
-                    log(`use reverse proxy: ${newUrl}`);
+                    this.log(`use reverse proxy: ${newUrl}`);
                     url = newUrl;
                 }
             }
@@ -65,10 +66,10 @@ class HttpClient {
         opts.headers['Content-Type'] = 'application/jose+json';
 
         /* Request */
-        log(`HTTP request: ${method} ${url}`);
+        this.log(`HTTP request: ${method} ${url}`);
         const resp = await axios.request(opts);
 
-        log(`RESP ${resp.status} ${method} ${url}`);
+        this.log(`RESP ${resp.status} ${method} ${url}`);
         return resp;
     }
 
@@ -85,7 +86,7 @@ class HttpClient {
         const age = (now - this.directoryTimestamp);
 
         if (!this.directoryCache || (age > this.directoryMaxAge)) {
-            log(`Refreshing ACME directory, age: ${age}`);
+            this.log(`Refreshing ACME directory, age: ${age}`);
             const resp = await this.request(this.directoryUrl, 'get');
 
             if (resp.status >= 400) {
@@ -187,7 +188,7 @@ class HttpClient {
 
         /* Nonce */
         if (nonce) {
-            log(`Using nonce: ${nonce}`);
+            this.log(`Using nonce: ${nonce}`);
             header.nonce = nonce;
         }
 
@@ -314,7 +315,7 @@ class HttpClient {
             nonce = resp.headers['replay-nonce'] || null;
             attempts += 1;
 
-            log(`Caught invalid nonce error, retrying (${attempts}/${this.maxBadNonceRetries}) signed request to: ${url}`);
+            this.log(`Caught invalid nonce error, retrying (${attempts}/${this.maxBadNonceRetries}) signed request to: ${url}`);
             return this.signedRequest(url, payload, { kid, nonce, includeExternalAccountBinding }, attempts);
         }
 

packages/core/acme-client/src/index.js

@@ -21,6 +21,9 @@ export const directory = {
         staging: 'https://acme-staging-v02.api.letsencrypt.org/directory',
         production: 'https://acme-v02.api.letsencrypt.org/directory',
     },
+    letsencrypt_staging: {
+        production: 'https://acme-staging-v02.api.letsencrypt.org/directory',
+    },
     zerossl: {
         staging: 'https://acme.zerossl.com/v2/DV90',
         production: 'https://acme.zerossl.com/v2/DV90',
@@ -28,9 +31,32 @@ export const directory = {
     sslcom:{
       staging: 'https://acme.ssl.com/sslcom-dv-rsa',
       production: 'https://acme.ssl.com/sslcom-dv-rsa',
-    }
+      ec: 'https://acme.ssl.com/sslcom-dv-ecc',
+    },
+    litessl: {
+        staging: 'https://acme.litessl.com/acme/v2/directory',
+        production: 'https://acme.litessl.com/acme/v2/directory',
+    },
 };
 
+export function getDirectoryUrl(opts) {
+  const {sslProvider, pkType} = opts
+  const list= directory[sslProvider]
+  if (!list) {
+    throw new Error(`sslProvider ${sslProvider} not found`)
+  }
+  let pkTypePrefix = pkType || 'rsa'
+  if (pkType) {
+   pkTypePrefix = pkType.toLowerCase().split("_")[0]
+  }
+
+  if (pkTypePrefix && list[pkTypePrefix]) {
+    return list[pkTypePrefix]
+  }
+
+  return list.production
+}
+
 /**
  * Crypto
  */

packages/core/acme-client/src/util.js

@@ -48,7 +48,7 @@ class Backoff {
  * @returns {Promise}
  */
 
-async function retryPromise(fn, attempts, backoff) {
+async function retryPromise(fn, attempts, backoff, logger = log) {
     let aborted = false;
 
     try {
@@ -60,12 +60,12 @@ async function retryPromise(fn, attempts, backoff) {
             throw e;
         }
 
-        log(`Promise rejected: ${e.message}`);
+        logger(`Promise rejected: ${e.message}`);
         const duration = backoff.duration();
-        log(`Promise rejected attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
+        logger(`Promise rejected attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
 
         await new Promise((resolve) => { setTimeout(resolve, duration); });
-        return retryPromise(fn, attempts, backoff);
+        return retryPromise(fn, attempts, backoff, logger);
     }
 }
 
@@ -80,9 +80,9 @@ async function retryPromise(fn, attempts, backoff) {
  * @returns {Promise}
  */
 
-function retry(fn, { attempts = 5, min = 5000, max = 30000 } = {}) {
+function retry(fn, { attempts = 5, min = 5000, max = 30000 } = {}, logger = log) {
     const backoff = new Backoff({ min, max });
-    return retryPromise(fn, attempts, backoff);
+    return retryPromise(fn, attempts, backoff, logger);
 }
 
 /**
@@ -216,21 +216,21 @@ function formatResponseError(resp) {
  * @returns {Promise<string>} Root domain name
  */
 
-async function resolveDomainBySoaRecord(recordName) {
+async function resolveDomainBySoaRecord(recordName, logger = log) {
     try {
         await dns.resolveSoa(recordName);
-        log(`找到${recordName}的SOA记录`);
+        logger(`找到${recordName}的SOA记录`);
         return recordName;
     }
     catch (e) {
-        log(`找不到${recordName}的SOA记录,继续往主域名查找`);
+        logger(`找不到${recordName}的SOA记录,继续往主域名查找`);
         const parentRecordName = recordName.split('.').slice(1).join('.');
 
         if (!parentRecordName.includes('.')) {
             throw new Error('SOA record查找失败');
         }
 
-        return resolveDomainBySoaRecord(parentRecordName);
+        return resolveDomainBySoaRecord(parentRecordName,logger);
     }
 }
 
@@ -241,18 +241,18 @@ async function resolveDomainBySoaRecord(recordName) {
  * @returns {Promise<dns.Resolver>} DNS resolver
  */
 
-async function getAuthoritativeDnsResolver(recordName) {
+async function getAuthoritativeDnsResolver(recordName, logger = log) {
-    log(`获取域名${recordName}的权威NS服务器: `);
+    logger(`获取域名${recordName}的权威NS服务器: `);
     const resolver = new dns.Resolver();
 
     try {
         /* Resolve root domain by SOA */
-        const domain = await resolveDomainBySoaRecord(recordName);
+        const domain = await resolveDomainBySoaRecord(recordName,logger);
 
         /* Resolve authoritative NS addresses */
-        log(`获取到权威NS服务器name: ${domain}`);
+        logger(`获取到权威NS服务器name: ${domain}`);
         const nsRecords = await dns.resolveNs(domain);
-        log(`域名权威NS服务器：${nsRecords}`);
+        logger(`域名权威NS服务器：${nsRecords}`);
         const nsAddrArray = await Promise.all(nsRecords.map(async (r) => dns.resolve4(r)));
         const nsAddresses = [].concat(...nsAddrArray).filter((a) => a);
 
@@ -261,16 +261,16 @@ async function getAuthoritativeDnsResolver(recordName) {
         }
 
         /* Authoritative NS success */
-        log(`Found ${nsAddresses.length} authoritative NS addresses for domain: ${domain}`);
+        logger(`Found ${nsAddresses.length} authoritative NS addresses for domain: ${domain}`);
         resolver.setServers(nsAddresses);
     }
     catch (e) {
-        log(`Authoritative NS lookup error（获取权威NS服务器地址失败）: ${e.message}`);
+        logger(`Authoritative NS lookup error（获取权威NS服务器地址失败）: ${e.message}`);
     }
 
     /* Return resolver */
     const addresses = resolver.getServers();
-    log(`DNS resolver addresses（域名的权威NS服务器地址）: ${addresses.join(', ')}`);
+    logger(`DNS resolver addresses（域名的权威NS服务器地址）: ${addresses.join(', ')}`);
 
     return resolver;
 }

packages/core/acme-client/src/verify.js

@@ -4,14 +4,22 @@
 
 import dnsSdk from "dns"
 import https from 'https'
-import {log} from './logger.js'
+import {log as defaultLog} from './logger.js'
 import axios from './axios.js'
 import * as util from './util.js'
 import {isAlpnCertificateAuthorizationValid} from './crypto/index.js'
-
+import {utils} from '@certd/basic'
 
 const dns = dnsSdk.promises
-/**
+
+
+export function createChallengeFn(opts = {}){
+    const logger = opts?.logger || {info:defaultLog,error:defaultLog,warn:defaultLog,debug:defaultLog}
+    
+    const log = function(...args){
+        logger.info(...args)
+    }
+    /**
  * Verify ACME HTTP challenge
  *
  * https://datatracker.ietf.org/doc/html/rfc8555#section-8.3
@@ -52,11 +60,15 @@ async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix =
     }
 
     const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
-    const challengeUrl = `http://${authz.identifier.value}:${httpPort}${suffix}`;
+    let host = authz.identifier.value;
+    if(utils.domain.isIpv6(host)){
+        host = `[${host}]`;
+    }
+    const challengeUrl = `http://${host}:${httpPort}${suffix}`;
 
     if (!await doQuery(challengeUrl)) {
         const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
-        const httpsChallengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
+        const httpsChallengeUrl = `https://${host}:${httpsPort}${suffix}`;
         const res = await doQuery(httpsChallengeUrl)
         if (!res) {
             throw new Error(`[error] 验证失败，请检查以上测试url是否可以正常访问`);
@@ -112,7 +124,7 @@ async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
     return records
 }
 
-export async function walkTxtRecord(recordName,deep = 0) {
+ async function walkTxtRecord(recordName,deep = 0) {
     if(deep >5){
         log(`walkTxtRecord too deep (#${deep}) , skip walk`)
         return []
@@ -136,7 +148,7 @@ export async function walkTxtRecord(recordName,deep = 0) {
     try{
         /* Authoritative DNS resolver */
         log(`从域名权威服务器获取TXT解析记录`);
-        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
+        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName,log);
         const res = await walkDnsChallengeRecord(recordName, authoritativeResolver,deep);
         if (res && res.length > 0) {
             for (const item of res) {
@@ -173,7 +185,8 @@ async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '
     recordValues = [...new Set(recordValues)];
     log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录：${recordValues}`);
     if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
-        throw new Error(`没有找到需要的DNS TXT记录: ${recordName}，期望:${keyAuthorization},结果:${recordValues}`);
+        const err = `没有找到需要的DNS TXT记录: ${recordName}，期望:${keyAuthorization},结果:${recordValues}`
+        throw new Error(err);
     }
 
     log(`关键授权匹配成功（${challenge.type}/${recordName}）:${keyAuthorization}，校验成功， ACME challenge verified`);
@@ -207,12 +220,13 @@ async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
     return true;
 }
 
-/**
+    return {
- * Export API
+        challenges:{
- */
+            'http-01': verifyHttpChallenge,
+            'dns-01': verifyDnsChallenge,
+            'tls-alpn-01': verifyTlsAlpnChallenge,
+        },
+        walkTxtRecord,
+    }
 
-export default {
+}
-    'http-01': verifyHttpChallenge,
-    'dns-01': verifyDnsChallenge,
-    'tls-alpn-01': verifyTlsAlpnChallenge,
-};

packages/core/acme-client/types/index.d.ts

@@ -49,6 +49,7 @@ export interface ClientOptions {
     backoffMax?: number;
     urlMapping?: UrlMapping;
     signal?: AbortSignal;
+    logger?:any
 }
 
 export interface ClientExternalAccountBindingOptions {
@@ -107,12 +108,17 @@ export const directory: {
         staging: string,
         production: string
     },
+    letsencrypt_staging: {
+        production: string
+    },
     zerossl: {
         staging: string,
         production: string
     }
 };
 
+export function getDirectoryUrl(opts:{sslProvider:string, pkType: string}): string;
+
 /**
  * Crypto
  */
@@ -203,7 +209,8 @@ export const agents: any;
 
 export function setLogger(fn: (message: any, ...args: any[]) => void): void;
 
-export function walkTxtRecord(record: any): Promise<string[]>;
+export function createChallengeFn(opts?: {logger?:any}): any;
+// export function walkTxtRecord(record: any): Promise<string[]>;
 export function getAuthoritativeDnsResolver(record:string): Promise<any>;
 
 export const CancelError: typeof CancelError;

packages/core/basic/.gitignore

@@ -26,3 +26,4 @@ dist-ssr
 test/user.secret.*
 test/**/*.js
 src/**/*.spec.ts
+test.mjs

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,76 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Bug Fixes
+
+* 修复ipv6作为证书域名申请证书校验失败的bug ([e4e16bc](https://github.com/certd/certd/commit/e4e16bc6a65bb082c18ca0590226f0987a47d477))
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* 优化宝塔网站证书在并发部署时导致nginx配置文件错乱的问题 ([51cc084](https://github.com/certd/certd/commit/51cc08411fd2dbab66d769b495dc1b0bf2f2578c))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/certd/certd/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+### Performance Improvements
+
+* 支持网络测试 ([2bef608](https://github.com/certd/certd/commit/2bef608e07ceb56d52007f290667e0afef401b22))
+
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 
 **Note:** Version bump only for package @certd/basic

packages/core/basic/build.md

@@ -1 +1 @@
-20:32
+01:44

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.37.1",
+  "version": "1.37.16",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -13,9 +13,11 @@
     "dev-build": "npm run build",
     "preview": "vite preview",
     "test": "mocha   --loader=ts-node/esm",
-    "pub": "npm publish"
+    "pub": "npm publish",
+    "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
+    "async-lock": "^1.4.1",
     "axios": "^1.7.2",
     "dayjs": "^1.11.7",
     "http-proxy-agent": "^7.0.2",
@@ -45,5 +47,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "e17cd1f298a72595f01e466b5e5c8971828c6bd9"
+  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
 }

packages/core/basic/src/index.ts

@@ -1,2 +1 @@
-export * from './utils/index.js';
+export * from "./utils/index.js";
-export * from './utils/util.id.js';

packages/core/basic/src/utils/index.ts

@@ -37,6 +37,9 @@ import { mitter } from "./util.mitter.js";
 
 import * as request from "./util.request.js";
 export * from "./util.cache.js";
+
+export * from "./util.id.js";
+
 export const utils = {
   sleep,
   http,

packages/core/basic/src/utils/util.domain.ts

@@ -7,29 +7,29 @@ function match(targetDomains: string | string[], inDomains: string[]) {
     return false;
   }
 
-  if (typeof targetDomains === 'string') {
+  if (typeof targetDomains === "string") {
     targetDomains = [targetDomains];
   }
   for (let targetDomain of targetDomains) {
     let matched = false;
-    if (targetDomain.startsWith('.')) {
+    if (targetDomain.startsWith(".")) {
-      targetDomain = '*' + targetDomain;
+      targetDomain = "*" + targetDomain;
     }
     for (let inDomain of inDomains) {
-      if (inDomain.startsWith('.')) {
+      if (inDomain.startsWith(".")) {
-        inDomain = '*' + inDomain;
+        inDomain = "*" + inDomain;
       }
       if (targetDomain === inDomain) {
         matched = true;
         break;
       }
 
-      if (!inDomain.startsWith('*.')) {
+      if (!inDomain.startsWith("*.")) {
         //不可能匹配
         continue;
       }
       //子域名匹配通配符即可
-      const firstDotIndex = targetDomain.indexOf('.');
+      const firstDotIndex = targetDomain.indexOf(".");
       const targetDomainSuffix = targetDomain.substring(firstDotIndex + 1);
       if (targetDomainSuffix === inDomain.substring(2)) {
         matched = true;
@@ -46,6 +46,32 @@ function match(targetDomains: string | string[], inDomains: string[]) {
   return true;
 }
 
+function isIpv4(d: string) {
+  if (!d) {
+    return false;
+  }
+  const isIPv4Regex = /^(\d{1,3}\.){3}\d{1,3}$/;
+  return isIPv4Regex.test(d);
+}
+
+function isIpv6(d: string) {
+  if (!d) {
+    return false;
+  }
+  const isIPv6Regex = /^([0-9A-Fa-f]{0,4}:){2,7}([0-9A-Fa-f]{1,4}$|((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.|$)){4})$/gm;
+  return isIPv6Regex.test(d);
+}
+
+function isIp(d: string) {
+  if (!d) {
+    return false;
+  }
+  return isIpv4(d) || isIpv6(d);
+}
+
 export const domainUtils = {
   match,
+  isIpv4,
+  isIpv6,
+  isIp,
 };

packages/core/basic/src/utils/util.env.ts

@@ -1,4 +1,4 @@
 export function isDev() {
-  const nodeEnv = process.env.NODE_ENV || '';
+  const nodeEnv = process.env.NODE_ENV || 'dev';
   return nodeEnv === 'development' || nodeEnv.includes('local') || nodeEnv.startsWith('dev');
 }

packages/core/basic/src/utils/util.lock.ts

@@ -1,46 +1,16 @@
-import { logger, utils } from './index.js';
+// @ts-ignore
+import AsyncLock from "async-lock";
 
 export class Locker {
-  locked: Record<string, any> = {};
+  private asyncLocker: AsyncLock;
 
-  async execute(lockStr: string, callback: any) {
+  constructor() {
-    await this.lock(lockStr);
+    this.asyncLocker = new AsyncLock();
-    const timeoutId = setTimeout(() => {
-      logger.warn('Lock timeout,自动解锁', lockStr);
-      this.unlock(lockStr);
-    }, 20000);
-    try {
-      return await callback();
-    } finally {
-      clearTimeout(timeoutId);
-      this.unlock(lockStr);
-    }
   }
 
-  async lock(str: string) {
+  async execute(lockStr: string, callback: any, options?: { timeout?: number }) {
-    const isLocked = this.isLocked(str);
+    const timeout = options?.timeout ?? 120000;
-    if (isLocked) {
+    return this.asyncLocker.acquire(lockStr, callback, { timeout });
-      let count = 0;
-      while (true) {
-        await utils.sleep(100);
-        if (!this.isLocked(str)) {
-          break;
-        }
-        count++;
-        if (count > 20) {
-          throw new Error('Lock timeout');
-        }
-      }
-    }
-    this.locked[str] = true;
-  }
-
-  unlock(str: string) {
-    delete this.locked[str];
-  }
-
-  isLocked(str: string) {
-    return this.locked[str] ?? false;
   }
 }
 

packages/core/basic/src/utils/util.sp.ts

@@ -1,8 +1,10 @@
 //转换为import
-import childProcess from 'child_process';
+//@ts-ignore
-import { safePromise } from './util.promise.js';
+import childProcess from "child_process";
-import { ILogger, logger } from './util.log.js';
+import { safePromise } from "./util.promise.js";
-import iconv from 'iconv-lite';
+import { ILogger, logger } from "./util.log.js";
+//@ts-ignore
+import iconv from "iconv-lite";
 export type ExecOption = {
   cmd: string | string[];
   env: any;
@@ -11,12 +13,12 @@ export type ExecOption = {
 };
 
 async function exec(opts: ExecOption): Promise<string> {
-  let cmd = '';
+  let cmd = "";
   const log = opts.logger || logger;
   if (opts.cmd instanceof Array) {
     for (const item of opts.cmd) {
       if (cmd) {
-        cmd += ' && ' + item;
+        cmd += " && " + item;
       } else {
         cmd = item;
       }
@@ -28,17 +30,18 @@ async function exec(opts: ExecOption): Promise<string> {
       cmd,
       {
         env: {
+          //@ts-ignore
           ...process.env,
           ...opts.env,
         },
         ...opts.options,
       },
-      (error, stdout, stderr) => {
+      (error: any, stdout: { toString: (arg0: string) => any }, stderr: any) => {
         if (error) {
           log.error(`exec error: ${error}`);
           reject(error);
         } else {
-          const res = stdout.toString('utf-8');
+          const res = stdout.toString("utf-8");
           log.info(`stdout: ${res}`);
           resolve(res);
         }
@@ -57,11 +60,12 @@ export type SpawnOption = {
 };
 
 function isWindows() {
-  return process.platform === 'win32';
+  // @ts-ignore
+  return process.platform === "win32";
 }
 function convert(buffer: any) {
   if (isWindows()) {
-    const decoded = iconv.decode(buffer, 'GBK');
+    const decoded = iconv.decode(buffer, "GBK");
     // 检查是否有有效字符
     return decoded && decoded.trim().length > 0 ? decoded : buffer.toString();
   } else {
@@ -74,12 +78,12 @@ function convert(buffer: any) {
 // }
 
 async function spawn(opts: SpawnOption): Promise<string> {
-  let cmd = '';
+  let cmd = "";
   const log = opts.logger || logger;
   if (opts.cmd instanceof Array) {
     for (const item of opts.cmd) {
       if (cmd) {
-        cmd += ' && ' + item;
+        cmd += " && " + item;
       } else {
         cmd = item;
       }
@@ -88,37 +92,47 @@ async function spawn(opts: SpawnOption): Promise<string> {
     cmd = opts.cmd;
   }
   log.info(`执行命令: ${cmd}`);
-  let stdout = '';
+  let stdout = "";
-  let stderr = '';
+  let stderr = "";
   return safePromise((resolve, reject) => {
     const ls = childProcess.spawn(cmd, {
       shell: true,
       env: {
+        //@ts-ignore
         ...process.env,
         ...opts.env,
       },
       ...opts.options,
     });
-    ls.stdout.on('data', data => {
+    ls.stdout.on("data", (data: string) => {
       data = convert(data);
       log.info(`stdout: ${data}`);
       stdout += data;
     });
 
-    ls.stderr.on('data', data => {
+    ls.stderr.on("data", (data: string) => {
       data = convert(data);
       log.warn(`stderr: ${data}`);
       stderr += data;
     });
-    ls.on('error', error => {
+    ls.on("error", (error: any) => {
       log.error(`child process error: ${error}`);
+      //@ts-ignore
+      error.stderr = stderr;
+      //@ts-ignore
+      error.stdout = stdout;
       reject(error);
     });
 
-    ls.on('close', (code: number) => {
+    ls.on("close", (code: number) => {
       if (code !== 0) {
         log.error(`child process exited with code ${code}`);
-        reject(new Error(stderr));
+        const e = new Error(stderr || "return " + code);
+        //@ts-ignore
+        e.stderr = stderr;
+        //@ts-ignore
+        e.stdout = stdout;
+        reject(e);
       } else {
         resolve(stdout);
       }

packages/core/basic/test.mjs

@@ -0,0 +1,18 @@
+// import { random } from "lodash-es";
+// import { locker } from "./dist/utils/util.lock.js";
+
+// async function testLocker() {
+//   for (let i = 0; i < 10; i++) {
+//     await locker.execute("test", async () => {
+//       console.log("test", i);
+//       await new Promise(resolve => setTimeout(resolve, Math.random() * 1000));
+//       throw new Error("test error");
+//     });
+//   }
+// }
+
+// await testLocker();
+
+import { domainUtils } from "./dist/utils/util.domain.js";
+
+console.log(domainUtils.isIpv6("::0:0:0:FFFF:129.144.52.38"));

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,68 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Performance Improvements
+
+* 支持邮件模版设置 ([a6c0d2c](https://github.com/certd/certd/commit/a6c0d2c6f1fd6b60e6d7af290487c94564fd91ea))
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.37.1",
+  "version": "1.37.16",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -14,11 +14,12 @@
     "build3": "rollup -c",
     "preview": "vite preview",
     "test": "mocha   --loader=ts-node/esm",
-    "pub": "npm publish"
+    "pub": "npm publish",
+    "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.37.1",
+    "@certd/basic": "^1.37.16",
-    "@certd/plus-core": "^1.37.1",
+    "@certd/plus-core": "^1.37.16",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -44,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "e17cd1f298a72595f01e466b5e5c8971828c6bd9"
+  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
 }

packages/core/pipeline/src/core/executor.ts

@@ -423,31 +423,46 @@ export class Executor {
     let subject = "";
     let content = "";
     const errorMessage = error?.message;
+    const templateData: any = {
+      pipelineId: this.pipeline.id,
+      historyId: this.runtime.id,
+      pipelineTitle: this.pipeline.title,
+    };
+    let pipelineResult = "";
+    let errors = "";
     if (when === "start") {
-      subject = `开始执行，${this.pipeline.title}【${this.pipeline.id}】`;
+      pipelineResult = "开始执行";
+      subject = `${pipelineResult}，${this.pipeline.title}【${this.pipeline.id}】`;
       content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
     } else if (when === "success") {
-      subject = `执行成功，${this.pipeline.title}【${this.pipeline.id}】`;
+      pipelineResult = "执行成功";
+      subject = `${pipelineResult}，${this.pipeline.title}【${this.pipeline.id}】`;
       content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
     } else if (when === "turnToSuccess") {
-      subject = `执行成功（失败转成功），${this.pipeline.title}【${this.pipeline.id}】`;
+      pipelineResult = "执行成功（失败转成功）";
+      subject = `${pipelineResult}，${this.pipeline.title}【${this.pipeline.id}】`;
       content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
     } else if (when === "error") {
-      subject = `执行失败，${this.pipeline.title}【${this.pipeline.id}】`;
+      pipelineResult = "执行失败";
-
+      subject = `${pipelineResult}，${this.pipeline.title}【${this.pipeline.id}】`;
       if (error instanceof RunnableError) {
         const runnableError = error as RunnableError;
         content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n`;
         for (const re of runnableError.errors) {
-          content += ` - ${re.runnable.title} 执行失败，错误详情：${re.e?.message || re.e?.error?.message}\n\n`;
+          errors += ` - ${re.runnable.title} 执行失败，错误详情：${re.e?.message || re.e?.error?.message}\n\n`;
         }
+        content += errors;
       } else {
+        errors = error.message;
         content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n${this.currentStatusMap?.currentStep?.title} 执行失败\n\n错误详情:${error.message}`;
       }
     } else {
       return;
     }
 
+    templateData.errors = errors;
+    templateData.pipelineResult = pipelineResult;
+
     for (const notification of this.pipeline.notifications) {
       if (!notification.when.includes(when)) {
         continue;
@@ -455,9 +470,9 @@ export class Executor {
 
       if (notification.type === "email" && notification.options?.receivers) {
         try {
-          await this.options.emailService?.send({
+          await this.options.emailService?.sendByTemplate({
-            subject,
+            type: "pipelineResult",
-            content,
+            data: templateData,
             receivers: notification.options?.receivers,
           });
         } catch (e) {
@@ -472,15 +487,15 @@ export class Executor {
             useEmail: false,
             logger: this.logger,
             body: {
+              notificationType: "pipelineResult",
               title: subject,
               content,
               userId: this.pipeline.userId,
               pipeline: this.pipeline,
               result: this.lastRuntime?.pipeline?.status,
-              pipelineId: this.pipeline.id,
-              historyId: this.runtime.id,
               errorMessage,
               url,
+              ...templateData,
             },
           });
         } catch (e) {

packages/core/pipeline/src/notification/api.ts

@@ -15,6 +15,11 @@ export type NotificationBody = {
   historyId?: number;
   errorMessage?: string;
   url?: string;
+  notificationType?: string;
+  attachments?: any[];
+  pipelineResult?: string;
+  pipelineTitle?: string;
+  errors?: string;
 };
 
 export type NotificationRequestHandleReqInput<T = any> = {

packages/core/pipeline/src/plugin/api.ts

@@ -185,6 +185,8 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     if (res == null) {
       throw new Error("授权不存在，可能已被删除，请前往任务配置里面重新选择授权");
     }
+    res.ctx.logger = this.logger;
+    res.ctx.http = this.http;
     // @ts-ignore
     if (this.logger?.addSecret) {
       // 隐藏加密信息，不在日志中输出

packages/core/pipeline/src/plugin/group.ts

@@ -27,6 +27,7 @@ export const pluginGroups = {
   tencent: new PluginGroup("tencent", "腾讯云", 4, "svg:icon-tencentcloud"),
   volcengine: new PluginGroup("volcengine", "火山引擎", 4, "svg:icon-volcengine"),
   jdcloud: new PluginGroup("jdcloud", "京东云", 4, "svg:icon-jdcloud"),
+  ucloud: new PluginGroup("ucloud", "UCloud", 4, "svg:icon-ucloud"),
   baidu: new PluginGroup("baidu", "百度云", 4, "ant-design:baidu-outlined"),
   qiniu: new PluginGroup("qiniu", "七牛云", 5, "svg:icon-qiniuyun"),
   aws: new PluginGroup("aws", "亚马逊云", 6, "svg:icon-aws"),

packages/core/pipeline/src/service/email.ts

@@ -6,6 +6,14 @@ export type EmailSend = {
   html?: string;
 };
 
+export type EmailSendByTemplateReq = {
+  type: string;
+  data: any;
+  receivers: string[];
+  attachments?: any[];
+};
+
 export interface IEmailService {
   send(email: EmailSend): Promise<void>;
+  sendByTemplate(req: EmailSendByTemplateReq): Promise<void>;
 }

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,66 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.37.1",
+  "version": "1.37.16",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "e17cd1f298a72595f01e466b5e5c8971828c6bd9"
+  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,66 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.37.1",
+  "version": "1.37.16",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "e17cd1f298a72595f01e466b5e5c8971828c6bd9"
+  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,68 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,13 +1,11 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.37.1",
+  "version": "1.37.16",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
   "scripts": {
-    "test": "cross-env NODE_CONFIG_DIR=./test/config  mocha --recursive --require babel-register",
-    "dev": "babel src --out-dir babel -w",
     "build": "rollup -c ",
     "dev-build": "npm run build",
     "pub": "npm publish"
@@ -15,7 +13,6 @@
   "author": "",
   "license": "Apache",
   "dependencies": {
-    "babel-register": "^6.26.0",
     "buffer": "^5.0.8",
     "create-hash": "^1.1.3",
     "create-hmac": "^1.1.6",
@@ -30,8 +27,6 @@
     "@rollup/plugin-typescript": "^11.0.0",
     "@typescript-eslint/eslint-plugin": "^8.26.1",
     "@typescript-eslint/parser": "^8.26.1",
-    "babel-cli": "^6.26.0",
-    "babel-preset-env": "^1.6.1",
     "chai": "^4.1.2",
     "config": "^1.30.0",
     "cross-env": "^5.1.4",
@@ -61,5 +56,5 @@
       "fetch"
     ]
   },
-  "gitHead": "e17cd1f298a72595f01e466b5e5c8971828c6bd9"
+  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,69 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+### Performance Improvements
+
+* 邮件模版安全优化 ([adca151](https://github.com/certd/certd/commit/adca151e4f07a4c6a2a753bfa48ee0d4d6469fd2))
+* 支持k8s apply ([d55954a](https://github.com/certd/certd/commit/d55954a36391ebe6a9397ff7dcfb710193ac5e34))
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.37.1",
+  "version": "1.37.16",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,7 +17,7 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.37.1",
+    "@certd/basic": "^1.37.16",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -32,5 +32,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "e17cd1f298a72595f01e466b5e5c8971828c6bd9"
+  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
 }

packages/libs/lib-k8s/src/lib/k8s.client.ts

@@ -1,4 +1,4 @@
-import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret } from "@kubernetes/client-node";
+import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret, KubernetesObjectApi, loadYaml, KubernetesObject } from "@kubernetes/client-node";
 import dns from "dns";
 import { ILogger } from "@certd/basic";
 import { merge } from "lodash-es";
@@ -27,6 +27,11 @@ export class K8sClient {
   }
 
   init() {
+    const kubeconfig = this.getKubeConfig();
+    this.client = kubeconfig.makeApiClient(CoreV1Api);
+  }
+
+  getKubeConfig() {
     const kubeconfig = new KubeConfig();
     kubeconfig.loadFromString(this.kubeConfigStr);
     this.kubeconfig = kubeconfig;
@@ -41,16 +46,35 @@ export class K8sClient {
     } catch (e) {
       this.logger.warn("skipTLSVerify error", e);
     }
+    return kubeconfig;
+  }
 
-    this.client = kubeconfig.makeApiClient(CoreV1Api);
+  getKubeClient() {
+    const kc = this.getKubeConfig();
+    const client = KubernetesObjectApi.makeApiClient(kc);
+    return client;
+  }
 
-    // const reqOpts = { kubeconfig, request: {} } as any;
+  async apply(manifest: string) {
-    // if (this.lookup) {
+    const yml = loadYaml<KubernetesObject>(manifest);
-    //   reqOpts.request.lookup = this.lookup;
+    const client = this.getKubeClient();
-    // }
+    try {
-    //
+      await client.create(yml);
-    // const backend = new Request(reqOpts);
+    } catch (e) {
-    // this.client = new Client({ backend, version: '1.13' });
+      this.logger.error("apply error", e.response?.body);
+      if (e.response?.body?.reason === "AlreadyExists") {
+        //patch
+        this.logger.info("patch existing resource: ", yml.metadata?.name);
+        const existing = await client.read(yml as any);
+        if (!yml.metadata) {
+          yml.metadata = {};
+        }
+        yml.metadata.resourceVersion = existing.body.metadata.resourceVersion;
+        await client.patch(yml);
+        return;
+      }
+      throw e;
+    }
   }
 
   /**
@@ -168,6 +192,7 @@ export class K8sClient {
     const oldIngress = await client.readNamespacedIngress(ingressName, namespace);
     const newIngress = merge(oldIngress.body, opts.body);
     const res = await client.replaceNamespacedIngress(ingressName, namespace, newIngress);
+
     this.logger.info("ingress patched", opts.body);
     return res;
   }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,78 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Bug Fixes
+
+* 修复ipv6作为证书域名申请证书校验失败的bug ([e4e16bc](https://github.com/certd/certd/commit/e4e16bc6a65bb082c18ca0590226f0987a47d477))
+
+### Performance Improvements
+
+* 支持邮件模版设置 ([a6c0d2c](https://github.com/certd/certd/commit/a6c0d2c6f1fd6b60e6d7af290487c94564fd91ea))
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+### Performance Improvements
+
+* 第三方登录允许选择logo ([bb3085e](https://github.com/certd/certd/commit/bb3085ef84201ccd2dc632ba8c5097cb00258be4))
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+### Performance Improvements
+
+* 支持列表展示时固定证书最大天数，有助于列表进度条整齐展示 ([4a94eab](https://github.com/certd/certd/commit/4a94eab3935c89a63892661d9cf0d0891e54aa81))
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
 
 **Note:** Version bump only for package @certd/lib-server

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.37.1",
+  "version": "1.37.16",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -17,7 +17,8 @@
     "lint": "mwts check",
     "lint:fix": "mwts fix",
     "prepublish": "npm run build",
-    "pub": "npm publish"
+    "pub": "npm publish",
+    "compile": "tsc --skipLibCheck --watch"
   },
   "keywords": [],
   "author": "greper",
@@ -27,11 +28,11 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.37.1",
+    "@certd/acme-client": "^1.37.16",
-    "@certd/basic": "^1.37.1",
+    "@certd/basic": "^1.37.16",
-    "@certd/pipeline": "^1.37.1",
+    "@certd/pipeline": "^1.37.16",
-    "@certd/plugin-lib": "^1.37.1",
+    "@certd/plugin-lib": "^1.37.16",
-    "@certd/plus-core": "^1.37.1",
+    "@certd/plus-core": "^1.37.16",
     "@midwayjs/cache": "3.14.0",
     "@midwayjs/core": "3.20.11",
     "@midwayjs/i18n": "3.20.13",
@@ -63,5 +64,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "e17cd1f298a72595f01e466b5e5c8971828c6bd9"
+  "gitHead": "fa14f6219810ddbfcf1dde7b69963ee8a36c80c4"
 }

packages/libs/lib-server/src/basic/base-controller.ts

@@ -47,4 +47,12 @@ export abstract class BaseController {
     }
     return user;
   }
+
+  isAdmin() {
+    const roleIds: number[] = this.ctx?.user?.roles;
+    if (roleIds?.includes(1)) {
+      return true;
+    }
+  }
+
 }

packages/libs/lib-server/src/basic/base-service.ts

@@ -1,5 +1,5 @@
 import { PermissionException, ValidateException } from './exception/index.js';
-import { In, Repository, SelectQueryBuilder } from 'typeorm';
+import { FindOneOptions, In, Repository, SelectQueryBuilder } from 'typeorm';
 import { Inject } from '@midwayjs/core';
 import { TypeORMDataSourceManager } from '@midwayjs/typeorm';
 import { EntityManager } from 'typeorm/entity-manager/EntityManager.js';
@@ -238,4 +238,8 @@ export abstract class BaseService<T> {
 
     await this.delete(ids);
   }
+
+  async findOne(options: FindOneOptions<T>) {
+    return await this.getRepository().findOne(options);
+  }
 }

packages/libs/lib-server/src/system/basic/index.ts

@@ -2,3 +2,4 @@ export * from './service/plus-service.js';
 export * from './service/file-service.js';
 export * from './service/encryptor.js';
 export * from './service/ocr-service.js';
+export * from './service/executor-queue.js';

packages/libs/lib-server/src/system/basic/service/executor-queue.ts

@@ -0,0 +1,79 @@
+import { logger } from "@certd/basic";
+
+export type TaskItem = {
+  task: ()=>Promise<void>;
+}
+
+export class UserTaskQueue{
+  userId: number;
+  pendingQueue: TaskItem[] = [];
+  runningQueue: TaskItem[] = [];
+  getMaxRunningCount: ()=>number ;
+
+  constructor(req: { userId: number ,getMaxRunningCount: ()=>number }) {
+    this.userId = req.userId;
+    this.getMaxRunningCount = req.getMaxRunningCount ;
+  }
+
+  addTask(task: TaskItem) {
+    this.pendingQueue.push(task);
+    this.runTask();
+  }
+
+  runTask() {
+    logger.info(`[user_${this.userId}]当前运行队列：${this.runningQueue.length}, 等待队列：${this.pendingQueue.length}，最大运行队列：${this.getMaxRunningCount()}`);
+    if (this.runningQueue.length >= this.getMaxRunningCount()) {
+      return;
+    }
+    if (this.pendingQueue.length === 0) {
+      return;
+    }
+    const task = this.pendingQueue.shift();
+    if (!task) {
+      return;
+    }
+    // 执行任务
+    this.runningQueue.push(task);
+    const call = async ()=>{
+      try{
+        await task.task();
+      }finally{
+        // 任务执行完成，从运行队列中移除
+        const index = this.runningQueue.indexOf(task);
+        if (index > -1) {
+          this.runningQueue.splice(index, 1);
+        }
+        // 继续执行下一个任务
+        this.runTask();
+      }
+    }
+    logger.info(`[user_${this.userId}]执行任务，当前运行队列：${this.runningQueue.length}, 等待队列：${this.pendingQueue.length}`);
+    call()
+  }
+}
+
+export class ExecutorQueue{
+  queues: Record<number, UserTaskQueue> = {};
+  maxRunningCount: number = 8;
+
+
+  setMaxRunningCount(count: number) {
+    this.maxRunningCount = count;
+  }
+
+  getUserQueue(userId: number) {
+    const userQueue = this.queues[userId];
+    if (!userQueue) {
+      this.queues[userId] = new UserTaskQueue({ userId, getMaxRunningCount: ()=>this.maxRunningCount });
+    }
+    return this.queues[userId];
+  }
+
+  addTask(userId: number, task: TaskItem) {
+    const userQueue = this.getUserQueue(userId);
+    userQueue.addTask(task);
+  }
+ 
+}
+
+export const executorQueue = new ExecutorQueue();

packages/libs/lib-server/src/system/basic/service/file-service.ts

@@ -14,7 +14,7 @@ export const uploadTmpFileCacheKey = 'tmpfile_key_';
 /**
  */
 @Provide()
-@Scope(ScopeEnum.Request, { allowDowngrade: true })
+@Scope(ScopeEnum.Singleton, { allowDowngrade: true })
 export class FileService {
   async saveFile(userId: number, tmpCacheKey: any, permission: 'public' | 'private') {
     if (tmpCacheKey.startsWith(`/${permission}`)) {