v1.37.16

https://github.com/certd/certd/issues/590

.github/workflows/deploy-demo.yml

@@ -44,7 +44,8 @@ jobs:
       - name: deploy-certd-demo
         uses: tyrrrz/action-http-request@master
         with:
-          url: http://flow-openapi.aliyun.com/pipeline/webhook/lzCzlGrLCOHQaTMMt0mG
+          # 通过webhook 触发 certd-demo来部署
+          url: ${{ secrets.WEBHOOK_CERTD_DEMO }}
           method: POST
           headers: |
             Content-Type: application/json

.github/workflows/release-image.yml

@@ -121,10 +121,12 @@ jobs:
       - name: deploy-certd-doc
         uses: tyrrrz/action-http-request@master
         with:
-          url: http://flow-openapi.aliyun.com/pipeline/webhook/IiSxLDp9aOhgDUxJPytv
+          url: ${{ secrets.WEBHOOK_CERTD_DOC }}
           method: POST
           body: |
-            {}
+            {
+              "CERTD_VERSION": "1.0.0"
+            }
           headers: |
             Content-Type: application/json
           retry-count: 3

.vscode/settings.json

@@ -8,5 +8,7 @@
     "editor.defaultFormatter": "dbaeumer.vscode-eslint",
     "[typescript]": {
         "editor.defaultFormatter": "vscode.typescript-language-features"
-    }
+    },
+    "editor.tabSize": 2,
+    "explorer.autoReveal": false
 }

CHANGELOG.md

@@ -3,6 +3,87 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Bug Fixes
+
+* 修复ipv6作为证书域名申请证书校验失败的bug ([e4e16bc](https://github.com/certd/certd/commit/e4e16bc6a65bb082c18ca0590226f0987a47d477))
+* 优化西部数据 500 already exists 的问题 ([2bfad9f](https://github.com/certd/certd/commit/2bfad9fc651da208b610abd921fbfb2fbc04203f))
+
+### Performance Improvements
+
+* 批量设置定时，支持清除定时 ([63d8bcf](https://github.com/certd/certd/commit/63d8bcf8823f713365042d3c7aee3cf31d44b044))
+* 新增数据库迁移doc说明文档，优化datetime字段平滑迁移 ([45fbce0](https://github.com/certd/certd/commit/45fbce0c2af5fb3ead6d3dd12a42f8cc1714262f))
+* 支持彩虹聚合登录 ([6f18693](https://github.com/certd/certd/commit/6f186932ccad4becfdc0087c0539f7b2d0069844))
+* 支持邮件模版设置 ([a6c0d2c](https://github.com/certd/certd/commit/a6c0d2c6f1fd6b60e6d7af290487c94564fd91ea))
+* oidc支持使用第三方昵称或账号作为certd用户的用户名 ([b6fea0c](https://github.com/certd/certd/commit/b6fea0c8562abf912daa7d72958ceb2e93575d31))
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+### Bug Fixes
+
+* oidc 支持nonce ([a5ca411](https://github.com/certd/certd/commit/a5ca41131b308b36b17ca359d9709ea8e9b7cee1))
+
+### Performance Improvements
+
+* 第三方登录支持gitee ([5cee7d4](https://github.com/certd/certd/commit/5cee7d44f17bd36972f477bc1f270999da558d05))
+* 邮件模版安全优化 ([adca151](https://github.com/certd/certd/commit/adca151e4f07a4c6a2a753bfa48ee0d4d6469fd2))
+* 支持部署到中国移动CDN ([4351304](https://github.com/certd/certd/commit/43513049beff407558d2a234415521464165cebc))
+* 支持k8s apply ([d55954a](https://github.com/certd/certd/commit/d55954a36391ebe6a9397ff7dcfb710193ac5e34))
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+### Bug Fixes
+
+* 修复注销登录时，第三方登录注销请求失败的报错 ([677e110](https://github.com/certd/certd/commit/677e1101e6cf4451abd8a876cc1d0ddd26a10b88))
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+### Bug Fixes
+
+* 修复西部数据返回信息乱码问题 ([78b1650](https://github.com/certd/certd/commit/78b1650bdb071c858b3f90d53a700d11ee6de328))
+* 修复西部数码使用域名级别的key申请证书失败的问题 ([5edc72d](https://github.com/certd/certd/commit/5edc72d47550b8e3364dabda70a41cce75d87956))
+
+### Performance Improvements
+
+* 第三方登录允许选择logo ([bb3085e](https://github.com/certd/certd/commit/bb3085ef84201ccd2dc632ba8c5097cb00258be4))
+* 支持OIDC单点登录 ([fbf12f1](https://github.com/certd/certd/commit/fbf12f16b5eaa7676fd41923587bf6bd2595adba))
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+### Bug Fixes
+
+* 修复waf tls版本号小写 ([0adcc6a](https://github.com/certd/certd/commit/0adcc6a8d194469be0c26940ed4837fb34929b68))
+
+### Performance Improvements
+
+* 支持微信扫码登录 ([73325aa](https://github.com/certd/certd/commit/73325aaefb0e750a22aaac40929e7bf3f5864996))
+* 支持证书颁发机构 LiteSSL ([6be7591](https://github.com/certd/certd/commit/6be75913324e2828d9016eb307ff2d0abbbb2191))
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Bug Fixes
+
+* 修复阿里云 waf tlsVersion参数缺失导致部署失败的问题 ([2fabee6](https://github.com/certd/certd/commit/2fabee647acf64afe689f5bea3603028cd0ba4a2))
+* 修复备注撑开表格行高的bug ([c7b298c](https://github.com/certd/certd/commit/c7b298c46f0d52b43bd2bb17b374e7970a446446))
+* 修复域名管理无法创建tencent-eo dns授权的bug ([3406bb5](https://github.com/certd/certd/commit/3406bb5a4a56bb310cddc1a1f410c70909fd129b))
+* openapi 成功后失败都返回msg ([6e735bb](https://github.com/certd/certd/commit/6e735bbd1e29712e939f775a4db974db70e3b4b0))
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+* 优化宝塔网站证书在并发部署时导致nginx配置文件错乱的问题 ([51cc084](https://github.com/certd/certd/commit/51cc08411fd2dbab66d769b495dc1b0bf2f2578c))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+* 站点证书监控备注输入框改成textarea ([70b603d](https://github.com/certd/certd/commit/70b603d601c34f39148c2ab70c655c51babf563d))
+
 ## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 ### Bug Fixes

README.md

@@ -17,12 +17,6 @@ Certd® 是一个免费的全自动证书管理系统，让你的网站证书永
 > 流水线数量现已调整为无限制，欢迎大家使用
 
 
-**************************************************************************************************
-                   🔥🔥🔥永久专业版上线，双11活动火热进行中🔥🔥🔥
-       赶快升级到最新版点击右上角金色VIP按钮，点击立即赞助，看看你的优惠券金额是多少？
-**************************************************************************************************
-
-
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
 
@@ -158,9 +152,9 @@ https://certd.handfree.work/
 
 
 ## 八、捐赠
-************************
+
 开源为什么要做专业版收费？
-1. 纯靠为爱发电不可持续（比如：我的dev-sidecar项目即便是拥有20K+star,也差点凉凉，幸亏有另外大佬接手用爱发电）    
+1. 纯靠为爱发电不可持续（比如：我的dev-sidecar项目即便是拥有20K+star，也差点凉凉，幸亏有另外大佬接手用爱发电）    
 2. 没有赞助的项目，作者会比较任性，不会用心倾听用户的心声，不顾用户体验（比如：下意识拒绝需求、频繁破坏性变更升级、全盘推倒重来之类的） 
 3. 没有赞助的项目，交流群的戾气有时候比较重，容易起冲突     
 
@@ -171,16 +165,16 @@ https://certd.handfree.work/
 
 专业版特权对比
 
-| 功能      | 免费版                                   | 专业版                            |
+| 功能      | 免费版                                   | 专业版                     |
 |---------|---------------------------------------|--------------------------------|
-| 免费证书申请  | 免费无限制                                 | 免费无限制                          |
-| 域名数量 | 无限制                                   | 无限制                            |
-| 证书流水线条数 | 无限制                                   | 无限制                            |
-| 站点证书监控  | 限制1条                                  | 无限制                            |
-| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件 | 群晖                             |
-| 通知      | 邮件通知、自定义webhook                       | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
-| VIP群      | 无                                       | 可加，一对一技术支持，必要时远程协助       |
-************************
+| 免费证书申请  | 免费无限制                        | 免费无限制                      |
+| 域名数量      | 无限制                           | 无限制                          |
+| 证书流水线条数 | 无限制                           | 无限制                          |
+| 站点证书监控  | 限制1条                           | 无限制                          |
+| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件     |     群晖、威联通、proxmox等  |
+| 通知         | 邮件通知、自定义webhook            | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
+| 批量操作      | 无                               | 流水线模版，流水线复制，批量运行，批量设置通知、定时等 |
+| VIP群        | 无                               | 可加，一对一技术支持，必要时可申请远程协助  |
 
 
 ## 九、贡献代码

docs/.vitepress/config.ts

@@ -121,6 +121,7 @@ export default defineConfig({
                         {text: "ESXi", link: "/guide/use/ESXi/index.md"},
                         {text: "宝塔动态IP白名单", link: "/guide/use/baota/white_list.md"},
                         {text: "子域名托管", link: "/guide/use/cert/subdomain.md"},
+                        {text: "流水线有效期", link: "/guide/use/pipeline/valid.md"},
                     ]
                 },
                 {

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,82 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+### Bug Fixes
+
+* oidc 支持nonce ([a5ca411](https://github.com/certd/certd/commit/a5ca41131b308b36b17ca359d9709ea8e9b7cee1))
+
+### Performance Improvements
+
+* 第三方登录支持gitee ([5cee7d4](https://github.com/certd/certd/commit/5cee7d44f17bd36972f477bc1f270999da558d05))
+* 邮件模版安全优化 ([adca151](https://github.com/certd/certd/commit/adca151e4f07a4c6a2a753bfa48ee0d4d6469fd2))
+* 支持部署到中国移动CDN ([4351304](https://github.com/certd/certd/commit/43513049beff407558d2a234415521464165cebc))
+* 支持k8s apply ([d55954a](https://github.com/certd/certd/commit/d55954a36391ebe6a9397ff7dcfb710193ac5e34))
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+### Bug Fixes
+
+* 修复注销登录时，第三方登录注销请求失败的报错 ([677e110](https://github.com/certd/certd/commit/677e1101e6cf4451abd8a876cc1d0ddd26a10b88))
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+### Bug Fixes
+
+* 修复西部数据返回信息乱码问题 ([78b1650](https://github.com/certd/certd/commit/78b1650bdb071c858b3f90d53a700d11ee6de328))
+* 修复西部数码使用域名级别的key申请证书失败的问题 ([5edc72d](https://github.com/certd/certd/commit/5edc72d47550b8e3364dabda70a41cce75d87956))
+
+### Performance Improvements
+
+* 第三方登录允许选择logo ([bb3085e](https://github.com/certd/certd/commit/bb3085ef84201ccd2dc632ba8c5097cb00258be4))
+* 支持OIDC单点登录 ([fbf12f1](https://github.com/certd/certd/commit/fbf12f16b5eaa7676fd41923587bf6bd2595adba))
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+### Bug Fixes
+
+* 修复waf tls版本号小写 ([0adcc6a](https://github.com/certd/certd/commit/0adcc6a8d194469be0c26940ed4837fb34929b68))
+
+### Performance Improvements
+
+* 支持微信扫码登录 ([73325aa](https://github.com/certd/certd/commit/73325aaefb0e750a22aaac40929e7bf3f5864996))
+* 支持证书颁发机构 LiteSSL ([6be7591](https://github.com/certd/certd/commit/6be75913324e2828d9016eb307ff2d0abbbb2191))
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Bug Fixes
+
+* 修复阿里云 waf tlsVersion参数缺失导致部署失败的问题 ([2fabee6](https://github.com/certd/certd/commit/2fabee647acf64afe689f5bea3603028cd0ba4a2))
+* 修复备注撑开表格行高的bug ([c7b298c](https://github.com/certd/certd/commit/c7b298c46f0d52b43bd2bb17b374e7970a446446))
+* 修复域名管理无法创建tencent-eo dns授权的bug ([3406bb5](https://github.com/certd/certd/commit/3406bb5a4a56bb310cddc1a1f410c70909fd129b))
+* openapi 成功后失败都返回msg ([6e735bb](https://github.com/certd/certd/commit/6e735bbd1e29712e939f775a4db974db70e3b4b0))
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+* 优化宝塔网站证书在并发部署时导致nginx配置文件错乱的问题 ([51cc084](https://github.com/certd/certd/commit/51cc08411fd2dbab66d769b495dc1b0bf2f2578c))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+* 站点证书监控备注输入框改成textarea ([70b603d](https://github.com/certd/certd/commit/70b603d601c34f39148c2ab70c655c51babf563d))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+### Bug Fixes
+
+* 商用证书上传保存失败的bug ([075b1dc](https://github.com/certd/certd/commit/075b1dc0eb8c39acc277277b1b334d66b6717ab2))
+
+### Performance Improvements
+
+* 优化阿里云clb 过期证书清理报错的问题 ([d465367](https://github.com/certd/certd/commit/d4653678b2e3643460f918992eeae4044d3a1cc7))
+
 ## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
 
 ### Bug Fixes

docs/guide/install/1panel/index.md

@@ -7,7 +7,36 @@ https://1panel.cn/docs/installation/online_installation/
 
 ## 二、部署certd
 
+有两种安装方式
 
+### 1. 应用商店方式安装【推荐】
+
+#### 1.1 安装
+打开`1Panel->应用商店`，更新远程应用，搜索`certd`，点击安装
+
+   ![](./images/store-1.png)
+
+
+   ![](./images/store-2.png)
+
+#### 1.2 访问测试：
+http://ip:7001   
+https://ip:7002   
+默认账号密码      
+admin/123456     
+登录后请及时修改密码 
+
+#### 1.3 备份
+   ![](./images/store-3.png)
+
+#### 1.4 恢复
+ 安装新Certd后，点击导入备份按钮，选择上面备份的文件即可
+
+
+
+### 2. docker-compose方式安装
+
+#### 2.1 安装
 1. 打开`docker-compose.yaml`，整个内容复制下来    
    https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
 
@@ -22,7 +51,7 @@ https://1panel.cn/docs/installation/online_installation/
 > 默认使用sqlite数据库，数据保存在`/data/certd`目录下，您可以手动备份该目录   
 > certd还支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
 
-3. 访问测试
+#### 2.2 访问测试
 
 http://ip:7001   
 https://ip:7002   
@@ -30,7 +59,7 @@ https://ip:7002
 admin/123456     
 登录后请及时修改密码  
 
-## 三、升级
+#### 2.3 升级
 
 1. 找到容器，点击更多->升级
    ![](./images/upgrade-1.png)
@@ -39,11 +68,11 @@ admin/123456
 ![img.png](./images/upgrade-2.png)
 
 
-## 四、数据备份
+#### 2.4 备份
 
 > 默认数据保存在`/data/certd`目录下，可以手动备份    
 > 建议配置一条 [数据库备份流水线](../../use/backup/)，自动备份
 
-## 五、备份恢复
+#### 2.5 恢复
 
 将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可

docs/guide/install/database.md

@@ -65,9 +65,54 @@ docker-compose up -d
 
 ## 二、从旧版的sqlite切换数据库
 
-1. 先将`旧certd`升级到最新版 （`建议：备份sqlite数据库` ）
-2. 按照上面全新安装方式部署一套`新的certd` （`注意：新旧版本的certd要一致`）
-3. 使用数据库工具将数据从sqlite导入到mysql或postgresql （`注意：flyway_history数据表不要导入`）
-4. 重启新certd
-5. 确认没有问题之后，删除旧版certd
+从旧版`sqlite`迁移到`mysql`或`postgresql`数据库
 
+下面以 `SQLite` 转 `MySQL` 为例进行演示
+
+![db-0.png](images/db-0.png)
+
+#### 0.前提条件： 
+1. SQLite版Certd站点已经`升级到最新版` （`建议：备份sqlite数据库` ）
+2. `全新安装`MySQL版本Certd（`确保是全新的，因为里面的数据会被清空覆盖`）
+3. 两套Certd站点版本一致
+
+#### 1. 安装DBeaver工具
+
+[https://dbeaver.io/download/](https://dbeaver.io/download/)
+
+![db-1.png](images/db-1.png)
+
+#### 2. 连接到sqlite数据库
+
+![db-2.png](images/db-sqlite-1.png)
+
+![db-3.png](images/db-sqlite-2.png)
+
+#### 3. 连接到mysql或postgresql数据库
+
+![db-4.png](images/db-mysql-1.png)
+
+![db-5.png](images/db-mysql-2.png)
+
+
+#### 4. 开始同步数据
+
+选择mysql数据库，选择所有的表（`flyway_history除外`），右键导入数据
+
+> 切记flyway_history数据表不要导入
+
+![db-6.png](images/db-sync-1.jpg)
+![db-7.png](images/db-sync-2.png)
+![db-8.png](images/db-sync-3.png)
+下一步、下一步，直到数据加载设置，勾选`在加载前截断目标表`（此选项很重要，并且会清空mysql certd数据库中的数据）
+![db-7.png](images/db-sync-4.png)
+
+#### 5. 导入完成
+
+![db-9.png](images/db-success.png)
+
+#### 6. 重启MySQL版本Certd
+
+访问MySQL版本测试，数据已成功迁移     
+
+确认没有问题之后，删除旧版certd

docs/guide/open/index.md

@@ -19,9 +19,15 @@ header中传入x-certd-token即可调用开放接口
 4、然后将content和sign分别base64后用.号连接： x-certd-token = base64(content) +"."+base64(sign)   
 
 
-## 补充说明
-1.证书申请接口支持证书id和域名两种方式获取证书。
-2.autoApply=true将在没有证书时自动触发申请，申请过程中会提示`正在申请中`，可轮循获取状态，直到证书申请成功。
+## 参数
+支持证书id和域名两种方式获取证书。
+
+## 创建新的证书申请
+参数autoApply=true，将在没有证书时自动触发申请证书，检查逻辑如下：
+1. 如果证书仓库里面有，且没有过期，就直接返回证书
+2. 如果没有或者已过期，就会去找流水线，有就触发流水线执行
+3. 如果没有流水线，就创建一个流水线，触发运行（`注意：需要提前在域名管理中配置好域名校验方式，否则会申请失败`）
+4. 再次采用相同参数请求接口，如果在申请过程中，就会提示`正在申请中`，可轮循获取状态，直到证书申请成功。
 
 
 ## SDK

docs/guide/plugins/access.md

@@ -64,7 +64,8 @@
 | 60.| **新网授权** |  | 
 | 61.| **新网授权（代理方式）** |  | 
 | 62.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
-| 63.| **雨云授权** | https://app.rainyun.com/ | 
+| 63.| **中国移动CND授权** |  | 
+| 64.| **雨云授权** | https://app.rainyun.com/ | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/deploy.md

@@ -1,5 +1,5 @@
 # 任务插件
-共 `103` 款任务插件    
+共 `105` 款任务插件    
 ## 1. 证书申请
 
 | 序号 | 名称 | 说明 |
@@ -42,6 +42,7 @@
 | 19.| **网宿-更新证书** | 网宿证书自动更新 | 
 | 20.| **金山云-更新CDN证书** | 金山云自动更新CDN证书 | 
 | 21.| **APISIX-更新证书** | 自动更新APISIX证书 | 
+| 22.| **中国移动-部署证书到CDN** | 中国移动自动部署证书到CDN | 
 ## 4. 面板
 
 | 序号 | 名称 | 说明 |
@@ -54,15 +55,16 @@
 | 6.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
 | 7.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
 | 8.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
-| 9.| **1Panel-部署证书到1Panel** | 更新1Panel的证书 | 
-| 10.| **Plesk-部署Plesk网站证书** |  | 
-| 11.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
-| 12.| **lucky-更新Lucky证书** |  | 
-| 13.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
-| 14.| **威联通-部署证书到威联通** | 部署证书到qnap | 
-| 15.| **飞牛NAS-部署证书** |  | 
-| 16.| **Proxmox-上传证书到Proxmox** |  | 
-| 17.| **Dokploy-更新证书** | 自动更新Dokploy证书 | 
+| 9.| **K8S-Apply自定义yaml** | apply自定义yaml到k8s | 
+| 10.| **1Panel-部署证书到1Panel** | 更新1Panel的证书 | 
+| 11.| **Plesk-部署Plesk网站证书** |  | 
+| 12.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
+| 13.| **lucky-更新Lucky证书** |  | 
+| 14.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
+| 15.| **威联通-部署证书到威联通** | 部署证书到qnap | 
+| 16.| **飞牛NAS-部署证书** |  | 
+| 17.| **Proxmox-上传证书到Proxmox** |  | 
+| 18.| **Dokploy-部署server证书** | 自动更新Dokploy server证书 | 
 ## 5. 阿里云
 
 | 序号 | 名称 | 说明 |
@@ -72,7 +74,7 @@
 | 3.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
 | 4.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
 | 5.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
-| 6.| **阿里云-上传证书到阿里云CAS** | 上传证书到阿里云数字证书管理服务（CAS），注意：不会部署到任何应用上；如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
+| 6.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
 | 7.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
 | 8.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
 | 9.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 

docs/guide/use/aliyun/index.md

@@ -5,8 +5,10 @@
 
 配置环境变量
 ```shell
-ALIYUN_CLIENT_CONNECT_TIMEOUT=10000 # 连接超时，单位毫秒
-ALIYUN_CLIENT_READ_TIMEOUT=10000 #读取数据超时，单位毫秒
+# docker-compose.yaml
+environment:
+  - ALIYUN_CLIENT_CONNECT_TIMEOUT=16000 # 连接超时，单位毫秒
+  - ALIYUN_CLIENT_READ_TIMEOUT=16000 #读取数据超时，单位毫秒
 
 ```
 

docs/guide/use/pipeline/valid.md

@@ -0,0 +1,17 @@
+# 流水线有效期功能
+
+可以为流水线设置有效期，超过有效期后，流水线将停止运行
+
+## 1. 打开有效期开关
+
+![setting.png](images/setting.png)
+
+## 2. 设置有效期
+
+![valid.png](images/edit.png)
+
+![valid.png](images/edit2.png)
+
+## 3. 设置完成
+该流水线将在有效期结束后停止运行
+![valid.png](images/show.png)

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.37.9"
+  "version": "1.37.16"
 }

package.json

@@ -17,8 +17,8 @@
     "start:server": "cd ./packages/ui/certd-server && npm start",
     "devb": "lerna run dev-build",
     "i-all": "lerna link && lerna exec npm install  ",
-    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
-    "afterpublishOnly": "npm run plugin-doc-gen && npm run copylogs && time /t >trigger/build.trigger && git add ./trigger/build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
+    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly ",
+    "afterpublishOnly": "npm run plugin-doc-gen && npm run copylogs && time /t >trigger/build.trigger && git add ./trigger/build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && npm run commitAll",
     "transform-sql": "cd ./packages/ui/certd-server/db/ && node --experimental-json-modules transform.js",
     "plugin-doc-gen": "cd ./packages/ui/certd-server/ && npm run export-md",
     "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,40 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/publishlab/node-acme-client/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Bug Fixes
+
+* 修复ipv6作为证书域名申请证书校验失败的bug ([e4e16bc](https://github.com/publishlab/node-acme-client/commit/e4e16bc6a65bb082c18ca0590226f0987a47d477))
+
+## [1.37.15](https://github.com/publishlab/node-acme-client/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.14](https://github.com/publishlab/node-acme-client/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.13](https://github.com/publishlab/node-acme-client/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.12](https://github.com/publishlab/node-acme-client/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+### Performance Improvements
+
+* 支持证书颁发机构 LiteSSL ([6be7591](https://github.com/publishlab/node-acme-client/commit/6be75913324e2828d9016eb307ff2d0abbbb2191))
+
+## [1.37.11](https://github.com/publishlab/node-acme-client/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* ssl.com支持ecc ([b5ec047](https://github.com/publishlab/node-acme-client/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/publishlab/node-acme-client/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.37.9](https://github.com/publishlab/node-acme-client/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.37.9",
+    "version": "1.37.16",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.37.9",
+        "@certd/basic": "^1.37.16",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
@@ -70,5 +70,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "ac70821fea8fb283709870a3eb08f1cd92c94aeb"
+    "gitHead": "f2e4e59f8d1b54b835d5da43aef8b527d6a4ba0b"
 }

packages/core/acme-client/src/index.js

@@ -31,9 +31,32 @@ export const directory = {
     sslcom:{
       staging: 'https://acme.ssl.com/sslcom-dv-rsa',
       production: 'https://acme.ssl.com/sslcom-dv-rsa',
-    }
+      ec: 'https://acme.ssl.com/sslcom-dv-ecc',
+    },
+    litessl: {
+        staging: 'https://acme.litessl.com/acme/v2/directory',
+        production: 'https://acme.litessl.com/acme/v2/directory',
+    },
 };
 
+export function getDirectoryUrl(opts) {
+  const {sslProvider, pkType} = opts
+  const list= directory[sslProvider]
+  if (!list) {
+    throw new Error(`sslProvider ${sslProvider} not found`)
+  }
+  let pkTypePrefix = pkType || 'rsa'
+  if (pkType) {
+   pkTypePrefix = pkType.toLowerCase().split("_")[0]
+  }
+
+  if (pkTypePrefix && list[pkTypePrefix]) {
+    return list[pkTypePrefix]
+  }
+
+  return list.production
+}
+
 /**
  * Crypto
  */

packages/core/acme-client/src/verify.js

@@ -8,7 +8,7 @@ import {log as defaultLog} from './logger.js'
 import axios from './axios.js'
 import * as util from './util.js'
 import {isAlpnCertificateAuthorizationValid} from './crypto/index.js'
-
+import {utils} from '@certd/basic'
 
 const dns = dnsSdk.promises
 
@@ -60,11 +60,15 @@ async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix =
     }
 
     const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
-    const challengeUrl = `http://${authz.identifier.value}:${httpPort}${suffix}`;
+    let host = authz.identifier.value;
+    if(utils.domain.isIpv6(host)){
+        host = `[${host}]`;
+    }
+    const challengeUrl = `http://${host}:${httpPort}${suffix}`;
 
     if (!await doQuery(challengeUrl)) {
         const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
-        const httpsChallengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
+        const httpsChallengeUrl = `https://${host}:${httpsPort}${suffix}`;
         const res = await doQuery(httpsChallengeUrl)
         if (!res) {
             throw new Error(`[error] 验证失败，请检查以上测试url是否可以正常访问`);

packages/core/acme-client/types/index.d.ts

@@ -117,6 +117,8 @@ export const directory: {
     }
 };
 
+export function getDirectoryUrl(opts:{sslProvider:string, pkType: string}): string;
+
 /**
  * Crypto
  */

packages/core/basic/.gitignore

@@ -26,3 +26,4 @@ dist-ssr
 test/user.secret.*
 test/**/*.js
 src/**/*.spec.ts
+test.mjs

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,40 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Bug Fixes
+
+* 修复ipv6作为证书域名申请证书校验失败的bug ([e4e16bc](https://github.com/certd/certd/commit/e4e16bc6a65bb082c18ca0590226f0987a47d477))
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* 优化宝塔网站证书在并发部署时导致nginx配置文件错乱的问题 ([51cc084](https://github.com/certd/certd/commit/51cc08411fd2dbab66d769b495dc1b0bf2f2578c))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 **Note:** Version bump only for package @certd/basic

packages/core/basic/build.md

@@ -1 +1 @@
-15:24
+01:44

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.37.9",
+  "version": "1.37.16",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,6 +17,7 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
+    "async-lock": "^1.4.1",
     "axios": "^1.7.2",
     "dayjs": "^1.11.7",
     "http-proxy-agent": "^7.0.2",
@@ -46,5 +47,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ac70821fea8fb283709870a3eb08f1cd92c94aeb"
+  "gitHead": "f2e4e59f8d1b54b835d5da43aef8b527d6a4ba0b"
 }

packages/core/basic/src/utils/util.domain.ts

@@ -58,7 +58,7 @@ function isIpv6(d: string) {
   if (!d) {
     return false;
   }
-  const isIPv6Regex = /^([\da-f]{1,4}:){2,7}[\da-f]{1,4}$/i;
+  const isIPv6Regex = /^([0-9A-Fa-f]{0,4}:){2,7}([0-9A-Fa-f]{1,4}$|((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.|$)){4})$/gm;
   return isIPv6Regex.test(d);
 }
 

packages/core/basic/src/utils/util.env.ts

@@ -1,4 +1,4 @@
 export function isDev() {
-  const nodeEnv = process.env.NODE_ENV || '';
+  const nodeEnv = process.env.NODE_ENV || 'dev';
   return nodeEnv === 'development' || nodeEnv.includes('local') || nodeEnv.startsWith('dev');
 }

packages/core/basic/src/utils/util.lock.ts

@@ -1,46 +1,16 @@
-import { logger, utils } from './index.js';
+// @ts-ignore
+import AsyncLock from "async-lock";
 
 export class Locker {
-  locked: Record<string, any> = {};
+  private asyncLocker: AsyncLock;
 
-  async execute(lockStr: string, callback: any) {
-    await this.lock(lockStr);
-    const timeoutId = setTimeout(() => {
-      logger.warn('Lock timeout,自动解锁', lockStr);
-      this.unlock(lockStr);
-    }, 20000);
-    try {
-      return await callback();
-    } finally {
-      clearTimeout(timeoutId);
-      this.unlock(lockStr);
-    }
+  constructor() {
+    this.asyncLocker = new AsyncLock();
   }
 
-  async lock(str: string) {
-    const isLocked = this.isLocked(str);
-    if (isLocked) {
-      let count = 0;
-      while (true) {
-        await utils.sleep(100);
-        if (!this.isLocked(str)) {
-          break;
-        }
-        count++;
-        if (count > 20) {
-          throw new Error('Lock timeout');
-        }
-      }
-    }
-    this.locked[str] = true;
-  }
-
-  unlock(str: string) {
-    delete this.locked[str];
-  }
-
-  isLocked(str: string) {
-    return this.locked[str] ?? false;
+  async execute(lockStr: string, callback: any, options?: { timeout?: number }) {
+    const timeout = options?.timeout ?? 120000;
+    return this.asyncLocker.acquire(lockStr, callback, { timeout });
   }
 }
 

packages/core/basic/test.mjs

@@ -0,0 +1,18 @@
+// import { random } from "lodash-es";
+// import { locker } from "./dist/utils/util.lock.js";
+
+// async function testLocker() {
+//   for (let i = 0; i < 10; i++) {
+//     await locker.execute("test", async () => {
+//       console.log("test", i);
+//       await new Promise(resolve => setTimeout(resolve, Math.random() * 1000));
+//       throw new Error("test error");
+//     });
+//   }
+// }
+
+// await testLocker();
+
+import { domainUtils } from "./dist/utils/util.domain.js";
+
+console.log(domainUtils.isIpv6("::0:0:0:FFFF:129.144.52.38"));

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,36 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Performance Improvements
+
+* 支持邮件模版设置 ([a6c0d2c](https://github.com/certd/certd/commit/a6c0d2c6f1fd6b60e6d7af290487c94564fd91ea))
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.37.9",
+  "version": "1.37.16",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -18,8 +18,8 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.37.9",
-    "@certd/plus-core": "^1.37.9",
+    "@certd/basic": "^1.37.16",
+    "@certd/plus-core": "^1.37.16",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -45,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ac70821fea8fb283709870a3eb08f1cd92c94aeb"
+  "gitHead": "f2e4e59f8d1b54b835d5da43aef8b527d6a4ba0b"
 }

packages/core/pipeline/src/core/executor.ts

@@ -423,31 +423,46 @@ export class Executor {
     let subject = "";
     let content = "";
     const errorMessage = error?.message;
+    const templateData: any = {
+      pipelineId: this.pipeline.id,
+      historyId: this.runtime.id,
+      pipelineTitle: this.pipeline.title,
+    };
+    let pipelineResult = "";
+    let errors = "";
     if (when === "start") {
-      subject = `开始执行，${this.pipeline.title}【${this.pipeline.id}】`;
+      pipelineResult = "开始执行";
+      subject = `${pipelineResult}，${this.pipeline.title}【${this.pipeline.id}】`;
       content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
     } else if (when === "success") {
-      subject = `执行成功，${this.pipeline.title}【${this.pipeline.id}】`;
+      pipelineResult = "执行成功";
+      subject = `${pipelineResult}，${this.pipeline.title}【${this.pipeline.id}】`;
       content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
     } else if (when === "turnToSuccess") {
-      subject = `执行成功（失败转成功），${this.pipeline.title}【${this.pipeline.id}】`;
+      pipelineResult = "执行成功（失败转成功）";
+      subject = `${pipelineResult}，${this.pipeline.title}【${this.pipeline.id}】`;
       content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}`;
     } else if (when === "error") {
-      subject = `执行失败，${this.pipeline.title}【${this.pipeline.id}】`;
-
+      pipelineResult = "执行失败";
+      subject = `${pipelineResult}，${this.pipeline.title}【${this.pipeline.id}】`;
       if (error instanceof RunnableError) {
         const runnableError = error as RunnableError;
         content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n`;
         for (const re of runnableError.errors) {
-          content += ` - ${re.runnable.title} 执行失败，错误详情：${re.e?.message || re.e?.error?.message}\n\n`;
+          errors += ` - ${re.runnable.title} 执行失败，错误详情：${re.e?.message || re.e?.error?.message}\n\n`;
         }
+        content += errors;
       } else {
+        errors = error.message;
         content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n${this.currentStatusMap?.currentStep?.title} 执行失败\n\n错误详情:${error.message}`;
       }
     } else {
       return;
     }
 
+    templateData.errors = errors;
+    templateData.pipelineResult = pipelineResult;
+
     for (const notification of this.pipeline.notifications) {
       if (!notification.when.includes(when)) {
         continue;
@@ -455,10 +470,12 @@ export class Executor {
 
       if (notification.type === "email" && notification.options?.receivers) {
         try {
-          await this.options.emailService?.send({
-            subject,
-            content,
-            receivers: notification.options?.receivers,
+          await this.options.emailService?.sendByTemplate({
+            type: "pipelineResult",
+            data: templateData,
+            email: {
+              receivers: notification.options?.receivers,
+            },
           });
         } catch (e) {
           logger.error("send email error", e);
@@ -472,15 +489,15 @@ export class Executor {
             useEmail: false,
             logger: this.logger,
             body: {
+              notificationType: "pipelineResult",
               title: subject,
               content,
               userId: this.pipeline.userId,
               pipeline: this.pipeline,
               result: this.lastRuntime?.pipeline?.status,
-              pipelineId: this.pipeline.id,
-              historyId: this.runtime.id,
               errorMessage,
               url,
+              ...templateData,
             },
           });
         } catch (e) {

packages/core/pipeline/src/notification/api.ts

@@ -15,6 +15,11 @@ export type NotificationBody = {
   historyId?: number;
   errorMessage?: string;
   url?: string;
+  notificationType?: string;
+  attachments?: any[];
+  pipelineResult?: string;
+  pipelineTitle?: string;
+  errors?: string;
 };
 
 export type NotificationRequestHandleReqInput<T = any> = {

packages/core/pipeline/src/service/email.ts

@@ -6,6 +6,13 @@ export type EmailSend = {
   html?: string;
 };
 
+export type EmailSendByTemplateReq = {
+  type: string;
+  data: any;
+  email: { receivers: string[]; attachments?: any[] };
+};
+
 export interface IEmailService {
   send(email: EmailSend): Promise<void>;
+  sendByTemplate(req: EmailSendByTemplateReq): Promise<void>;
 }

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,34 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.37.9",
+  "version": "1.37.16",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "ac70821fea8fb283709870a3eb08f1cd92c94aeb"
+  "gitHead": "f2e4e59f8d1b54b835d5da43aef8b527d6a4ba0b"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,34 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.37.9",
+  "version": "1.37.16",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ac70821fea8fb283709870a3eb08f1cd92c94aeb"
+  "gitHead": "f2e4e59f8d1b54b835d5da43aef8b527d6a4ba0b"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,36 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,13 +1,11 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.37.9",
+  "version": "1.37.16",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
   "scripts": {
-    "test": "cross-env NODE_CONFIG_DIR=./test/config  mocha --recursive --require babel-register",
-    "dev": "babel src --out-dir babel -w",
     "build": "rollup -c ",
     "dev-build": "npm run build",
     "pub": "npm publish"
@@ -15,7 +13,6 @@
   "author": "",
   "license": "Apache",
   "dependencies": {
-    "babel-register": "^6.26.0",
     "buffer": "^5.0.8",
     "create-hash": "^1.1.3",
     "create-hmac": "^1.1.6",
@@ -30,8 +27,6 @@
     "@rollup/plugin-typescript": "^11.0.0",
     "@typescript-eslint/eslint-plugin": "^8.26.1",
     "@typescript-eslint/parser": "^8.26.1",
-    "babel-cli": "^6.26.0",
-    "babel-preset-env": "^1.6.1",
     "chai": "^4.1.2",
     "config": "^1.30.0",
     "cross-env": "^5.1.4",
@@ -61,5 +56,5 @@
       "fetch"
     ]
   },
-  "gitHead": "ac70821fea8fb283709870a3eb08f1cd92c94aeb"
+  "gitHead": "f2e4e59f8d1b54b835d5da43aef8b527d6a4ba0b"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,37 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+### Performance Improvements
+
+* 邮件模版安全优化 ([adca151](https://github.com/certd/certd/commit/adca151e4f07a4c6a2a753bfa48ee0d4d6469fd2))
+* 支持k8s apply ([d55954a](https://github.com/certd/certd/commit/d55954a36391ebe6a9397ff7dcfb710193ac5e34))
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.37.9",
+  "version": "1.37.16",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,7 +17,7 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.37.9",
+    "@certd/basic": "^1.37.16",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -32,5 +32,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ac70821fea8fb283709870a3eb08f1cd92c94aeb"
+  "gitHead": "f2e4e59f8d1b54b835d5da43aef8b527d6a4ba0b"
 }

packages/libs/lib-k8s/src/lib/k8s.client.ts

@@ -1,4 +1,4 @@
-import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret } from "@kubernetes/client-node";
+import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret, KubernetesObjectApi, loadYaml, KubernetesObject } from "@kubernetes/client-node";
 import dns from "dns";
 import { ILogger } from "@certd/basic";
 import { merge } from "lodash-es";
@@ -27,6 +27,11 @@ export class K8sClient {
   }
 
   init() {
+    const kubeconfig = this.getKubeConfig();
+    this.client = kubeconfig.makeApiClient(CoreV1Api);
+  }
+
+  getKubeConfig() {
     const kubeconfig = new KubeConfig();
     kubeconfig.loadFromString(this.kubeConfigStr);
     this.kubeconfig = kubeconfig;
@@ -41,16 +46,35 @@ export class K8sClient {
     } catch (e) {
       this.logger.warn("skipTLSVerify error", e);
     }
+    return kubeconfig;
+  }
 
-    this.client = kubeconfig.makeApiClient(CoreV1Api);
+  getKubeClient() {
+    const kc = this.getKubeConfig();
+    const client = KubernetesObjectApi.makeApiClient(kc);
+    return client;
+  }
 
-    // const reqOpts = { kubeconfig, request: {} } as any;
-    // if (this.lookup) {
-    //   reqOpts.request.lookup = this.lookup;
-    // }
-    //
-    // const backend = new Request(reqOpts);
-    // this.client = new Client({ backend, version: '1.13' });
+  async apply(manifest: string) {
+    const yml = loadYaml<KubernetesObject>(manifest);
+    const client = this.getKubeClient();
+    try {
+      await client.create(yml);
+    } catch (e) {
+      this.logger.error("apply error", e.response?.body);
+      if (e.response?.body?.reason === "AlreadyExists") {
+        //patch
+        this.logger.info("patch existing resource: ", yml.metadata?.name);
+        const existing = await client.read(yml as any);
+        if (!yml.metadata) {
+          yml.metadata = {};
+        }
+        yml.metadata.resourceVersion = existing.body.metadata.resourceVersion;
+        await client.patch(yml);
+        return;
+      }
+      throw e;
+    }
   }
 
   /**
@@ -168,6 +192,7 @@ export class K8sClient {
     const oldIngress = await client.readNamespacedIngress(ingressName, namespace);
     const newIngress = merge(oldIngress.body, opts.body);
     const res = await client.replaceNamespacedIngress(ingressName, namespace, newIngress);
+
     this.logger.info("ingress patched", opts.body);
     return res;
   }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,44 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Bug Fixes
+
+* 修复ipv6作为证书域名申请证书校验失败的bug ([e4e16bc](https://github.com/certd/certd/commit/e4e16bc6a65bb082c18ca0590226f0987a47d477))
+
+### Performance Improvements
+
+* 支持邮件模版设置 ([a6c0d2c](https://github.com/certd/certd/commit/a6c0d2c6f1fd6b60e6d7af290487c94564fd91ea))
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+### Performance Improvements
+
+* 第三方登录允许选择logo ([bb3085e](https://github.com/certd/certd/commit/bb3085ef84201ccd2dc632ba8c5097cb00258be4))
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 **Note:** Version bump only for package @certd/lib-server

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.37.9",
+  "version": "1.37.16",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -28,11 +28,11 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.37.9",
-    "@certd/basic": "^1.37.9",
-    "@certd/pipeline": "^1.37.9",
-    "@certd/plugin-lib": "^1.37.9",
-    "@certd/plus-core": "^1.37.9",
+    "@certd/acme-client": "^1.37.16",
+    "@certd/basic": "^1.37.16",
+    "@certd/pipeline": "^1.37.16",
+    "@certd/plugin-lib": "^1.37.16",
+    "@certd/plus-core": "^1.37.16",
     "@midwayjs/cache": "3.14.0",
     "@midwayjs/core": "3.20.11",
     "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ac70821fea8fb283709870a3eb08f1cd92c94aeb"
+  "gitHead": "f2e4e59f8d1b54b835d5da43aef8b527d6a4ba0b"
 }

packages/libs/lib-server/src/basic/base-service.ts

@@ -1,5 +1,5 @@
 import { PermissionException, ValidateException } from './exception/index.js';
-import { In, Repository, SelectQueryBuilder } from 'typeorm';
+import { FindOneOptions, In, Repository, SelectQueryBuilder } from 'typeorm';
 import { Inject } from '@midwayjs/core';
 import { TypeORMDataSourceManager } from '@midwayjs/typeorm';
 import { EntityManager } from 'typeorm/entity-manager/EntityManager.js';
@@ -238,4 +238,8 @@ export abstract class BaseService<T> {
 
     await this.delete(ids);
   }
+
+  async findOne(options: FindOneOptions<T>) {
+    return await this.getRepository().findOne(options);
+  }
 }

packages/libs/lib-server/src/system/settings/service/models.ts

@@ -16,7 +16,7 @@ export class SysPublicSettings extends BaseSettings {
   static __access__ = 'public';
 
   registerEnabled = false;
-  userValidTimeEnabled?:boolean = false;
+  userValidTimeEnabled?: boolean = false;
   passwordLoginEnabled = true;
   usernameRegisterEnabled = true;
   mobileRegisterEnabled = false;
@@ -36,7 +36,7 @@ export class SysPublicSettings extends BaseSettings {
   captchaEnabled = false;
   //验证码类型
   captchaType?: string;
-  captchaAddonId?:number;
+  captchaAddonId?: number;
 
 
 
@@ -49,6 +49,14 @@ export class SysPublicSettings extends BaseSettings {
   // 固定证书有效期天数，0表示不固定
   fixedCertExpireDays?: number;
 
+  // 第三方OAuth配置
+  oauthEnabled?: boolean = false;
+  oauthProviders: Record<string, {
+    type: string;
+    title: string;
+    addonId: number;
+  }> = {};
+
 }
 
 export class SysPrivateSettings extends BaseSettings {
@@ -69,9 +77,9 @@ export class SysPrivateSettings extends BaseSettings {
     type?: string;
     config?: any;
   } = {
-    type: 'aliyun',
-    config: {},
-  };
+      type: 'aliyun',
+      config: {},
+    };
 
   removeSecret() {
     const clone = cloneDeep(this);
@@ -100,6 +108,11 @@ export class SysLicenseInfo extends BaseSettings {
   license?: string;
 }
 
+
+export type EmailTemplate = {
+  addonId?: number;
+}
+
 export class SysEmailConf extends BaseSettings {
   static __title__ = '邮箱配置';
   static __key__ = 'sys.email';
@@ -118,6 +131,13 @@ export class SysEmailConf extends BaseSettings {
   };
   sender: string;
   usePlus?: boolean;
+
+  templates:{
+    registerCode?: EmailTemplate,
+    forgotPassword?: EmailTemplate,
+    pipelineResult?: EmailTemplate,
+    common?: EmailTemplate,
+  }
 }
 
 export class SysSiteInfo extends BaseSettings {
@@ -196,7 +216,7 @@ export class SysSuiteSetting extends BaseSettings {
   static __key__ = 'sys.suite';
   static __access__ = 'private';
 
-  enabled:boolean = false;
+  enabled: boolean = false;
 
   registerGift?: {
     productId: number;
@@ -221,11 +241,9 @@ export class SysSafeSetting extends BaseSettings {
   static __access__ = 'private';
 
   // 站点隐藏
-  hidden:SiteHidden = {
+  hidden: SiteHidden = {
     enabled: false,
-    hiddenOpenApi:false,
+    hiddenOpenApi: false,
     autoHiddenTimes: 5,
   };
 }
-
-

packages/libs/lib-server/src/user/addon/api/api.ts

@@ -31,6 +31,7 @@ export type AddonDefine = Registrable & {
     [key: string]: AddonInputDefine;
   };
   showTest?: boolean;
+  icon?: string;
 };
 
 export type AddonInstanceConfig = {
@@ -64,6 +65,7 @@ export abstract class BaseAddon implements IAddon {
   http!: HttpClient;
   logger!: ILogger;
 
+  title!: string;
 
 
 

packages/libs/lib-server/src/user/addon/service/addon-service.ts

@@ -76,7 +76,7 @@ export class AddonService extends BaseService<AddonEntity> {
 
 
   getDefineList(addonType: string) {
-    return addonRegistry.getDefineList();
+    return addonRegistry.getDefineList(addonType);
   }
 
   getDefineByType(type: string, prefix?: string) {
@@ -187,4 +187,14 @@ export class AddonService extends BaseService<AddonEntity> {
     });
     return this.buildAddonInstanceConfig(res);
   }
+
+  async getOneByType(req:{addonType:string,type:string,userId:number}) {
+    return await this.repository.findOne({
+      where: {
+        addonType: req.addonType,
+        type: req.type,
+        userId: req.userId
+      }
+    });
+  }
 }

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,34 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.37.9",
+  "version": "1.37.16",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ac70821fea8fb283709870a3eb08f1cd92c94aeb"
+  "gitHead": "f2e4e59f8d1b54b835d5da43aef8b527d6a4ba0b"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,46 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Bug Fixes
+
+* 修复ipv6作为证书域名申请证书校验失败的bug ([e4e16bc](https://github.com/certd/certd/commit/e4e16bc6a65bb082c18ca0590226f0987a47d477))
+
+### Performance Improvements
+
+* 支持邮件模版设置 ([a6c0d2c](https://github.com/certd/certd/commit/a6c0d2c6f1fd6b60e6d7af290487c94564fd91ea))
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+### Performance Improvements
+
+* 支持证书颁发机构 LiteSSL ([6be7591](https://github.com/certd/certd/commit/6be75913324e2828d9016eb307ff2d0abbbb2191))
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+
 ## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 **Note:** Version bump only for package @certd/plugin-cert

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.37.9",
+  "version": "1.37.16",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -17,10 +17,10 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.37.9",
-    "@certd/basic": "^1.37.9",
-    "@certd/pipeline": "^1.37.9",
-    "@certd/plugin-lib": "^1.37.9",
+    "@certd/acme-client": "^1.37.16",
+    "@certd/basic": "^1.37.16",
+    "@certd/pipeline": "^1.37.16",
+    "@certd/plugin-lib": "^1.37.16",
     "@google-cloud/publicca": "^1.3.0",
     "dayjs": "^1.11.7",
     "jszip": "^3.10.1",
@@ -43,5 +43,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ac70821fea8fb283709870a3eb08f1cd92c94aeb"
+  "gitHead": "f2e4e59f8d1b54b835d5da43aef8b527d6a4ba0b"
 }

packages/plugins/plugin-cert/src/dns-provider/domain-parser.ts

@@ -21,6 +21,11 @@ export class DomainParser implements IDomainParser {
   }
 
   async parse(fullDomain: string) {
+    //如果是ip
+    if (utils.domain.isIp(fullDomain)) {
+      return fullDomain;
+    }
+
     this.logger.info(`查找主域名:${fullDomain}`);
     const cacheKey = `domain_parse:${fullDomain}`;
     const value = utils.cache.get(cacheKey);

packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts

@@ -128,7 +128,7 @@ export class AcmeService {
       await this.saveAccountConfig(email, conf);
       this.logger.info(`创建新的Accountkey:${email}`);
     }
-    const directoryUrl = acme.directory[this.sslProvider].production;
+    const directoryUrl = acme.getDirectoryUrl({ sslProvider: this.sslProvider, pkType: this.options.privateKeyType });
     if (this.options.useMappingProxy) {
       urlMapping.enabled = true;
     } else {

packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts

@@ -154,6 +154,7 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {
       title: `证书申请成功【${this.pipeline.title}】`,
       content: `域名：${this.domains.join(",")}`,
       url: url,
+      notificationType: "certApplySuccess",
     };
     try {
       await this.ctx.notificationService.send({

packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts

@@ -36,6 +36,7 @@ export class CertReader {
   detail: CertificateInfo;
   //毫秒时间戳
   effective: number;
+  //毫秒时间戳
   expires: number;
   constructor(certInfo: CertInfo) {
     this.cert = certInfo;

packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts

@@ -136,6 +136,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
         { value: "letsencrypt", label: "Let's Encrypt（免费，新手推荐）", icon: "simple-icons:letsencrypt" },
         { value: "google", label: "Google（免费）", icon: "flat-color-icons:google" },
         { value: "zerossl", label: "ZeroSSL（免费）", icon: "emojione:digit-zero" },
+        { value: "litessl", label: "litessl（免费）", icon: "roentgen:free" },
         { value: "sslcom", label: "SSL.com（仅主域名和www免费）", icon: "la:expeditedssl" },
         { value: "letsencrypt_staging", label: "Let's Encrypt测试环境（IP证书）", icon: "simple-icons:letsencrypt" },
       ],
@@ -219,7 +220,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
           if(form.challengeType === 'cname' ){
               return '请按照上面的提示，给要申请证书的域名添加CNAME记录，添加后，点击验证，验证成功后不要删除记录，申请和续期证书会一直用它'
           }else if (form.challengeType === 'http'){
-              return '请按照上面的提示，给每个域名设置文件上传配置，证书申请过程中会上传校验文件到网站根目录下'
+              return '请按照上面的提示，给每个域名设置文件上传配置，证书申请过程中会上传校验文件到网站根目录的.well-known/acme-challenge/目录下'
           }else if (form.challengeType === 'http'){
               return '给每个域名单独配置dns提供商'
           }
@@ -250,6 +251,13 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
   })
   sslcomCommonEabAccessId!: number;
 
+  @TaskInput({
+    title: "litessl公共EAB授权",
+    isSys: true,
+    show: false,
+  })
+  litesslCommonEabAccessId!: number;
+
   @TaskInput({
     title: "EAB授权",
     component: {
@@ -262,13 +270,15 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
       "需要提供EAB授权" +
       "\nZeroSSL：请前往[zerossl开发者中心](https://app.zerossl.com/developer),生成 'EAB Credentials'" +
       "\nGoogle:请查看[google获取eab帮助文档](https://certd.docmirror.cn/guide/use/google/)，用过一次后会绑定邮箱，后续复用EAB要用同一个邮箱" +
-      "\nSSL.com:[SSL.com账号页面](https://secure.ssl.com/account),然后点击api credentials链接，然后点击编辑按钮，查看Secret key和HMAC key",
+      "\nSSL.com:[SSL.com账号页面](https://secure.ssl.com/account),然后点击api credentials链接，然后点击编辑按钮，查看Secret key和HMAC key" +
+      "\nlitessl:[litesslEAB页面](https://freessl.cn/automation/eab-manager),然后点击新增EAB",
     mergeScript: `
     return {
         show: ctx.compute(({form})=>{
             return (form.sslProvider === 'zerossl' && !form.zerosslCommonEabAccessId)
             || (form.sslProvider === 'google' && !form.googleCommonEabAccessId)
             || (form.sslProvider === 'sslcom' && !form.sslcomCommonEabAccessId)
+            || (form.sslProvider === 'litessl' && !form.litesslCommonEabAccessId)
         })
     }
     `,

packages/plugins/plugin-lib/.eslintrc

@@ -17,6 +17,7 @@
     "@typescript-eslint/ban-ts-ignore": "off",
     "@typescript-eslint/no-explicit-any": "off",
     "@typescript-eslint/no-empty-function": "off",
-    "@typescript-eslint/no-unused-vars": "off"
+    "@typescript-eslint/no-unused-vars": "off",
+    "max-len": [0, 160, 2, { "ignoreUrls": true }]
   }
 }

packages/plugins/plugin-lib/CHANGELOG.md

@@ -3,6 +3,37 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
 ## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 **Note:** Version bump only for package @certd/plugin-lib

packages/plugins/plugin-lib/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-lib",
   "private": false,
-  "version": "1.37.9",
+  "version": "1.37.16",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -22,8 +22,8 @@
     "@alicloud/pop-core": "^1.7.10",
     "@alicloud/tea-util": "^1.4.10",
     "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.37.9",
-    "@certd/pipeline": "^1.37.9",
+    "@certd/basic": "^1.37.16",
+    "@certd/pipeline": "^1.37.16",
     "@kubernetes/client-node": "0.21.0",
     "ali-oss": "^6.22.0",
     "basic-ftp": "^5.0.5",
@@ -35,7 +35,7 @@
     "rimraf": "^5.0.5",
     "socks": "^2.8.3",
     "socks-proxy-agent": "^8.0.4",
-    "ssh2": "^1.15.0",
+    "ssh2": "1.17.0",
     "strip-ansi": "^7.1.0",
     "tencentcloud-sdk-nodejs": "^4.0.1005"
   },
@@ -53,5 +53,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "ac70821fea8fb283709870a3eb08f1cd92c94aeb"
+  "gitHead": "f2e4e59f8d1b54b835d5da43aef8b527d6a4ba0b"
 }

packages/plugins/plugin-lib/src/index.ts

@@ -7,4 +7,5 @@ export * from "./qiniu/index.js";
 export * from "./ctyun/index.js";
 export * from "./oss/index.js";
 export * from "./s3/index.js";
-export * from "./lib/index.js";
+export * from "./lib/index.js";
+export * from "./service/index.js";

packages/plugins/plugin-lib/src/service/index.ts

@@ -0,0 +1 @@
+export * from "./site-info.js";

packages/plugins/plugin-lib/src/service/site-info.ts

@@ -0,0 +1,7 @@
+export type SiteInfo = {
+  siteUrl: string;
+};
+
+export interface ISiteInfoGetter {
+  getSiteInfo(): Promise<SiteInfo>;
+}

packages/plugins/plugin-lib/src/tencent/lib/ssl-client.ts

@@ -36,7 +36,7 @@ export class TencentSslClient {
 
   checkRet(ret: any) {
     if (!ret || ret.Error) {
-      throw new Error("请求失败：" + ret.Error.Code + "," + ret.Error.Message);
+      throw new Error("请求失败：" + ret.Error.Code + "," + ret.Error.Message + ",requestId" + ret.RequestId);
     }
   }
 
@@ -70,43 +70,33 @@ export class TencentSslClient {
   }
 
   async deployCertificateInstance(params: any) {
-    const client = await this.getSslClient();
-    const res = await client.DeployCertificateInstance(params);
-    this.checkRet(res);
-    return res;
+    return await this.doRequest("DeployCertificateInstance", params);
   }
 
   async DescribeHostUploadUpdateRecordDetail(params: any) {
-    const client = await this.getSslClient();
-    const res = await client.request("DescribeHostUploadUpdateRecordDetail", params);
-    this.checkRet(res);
-    return res;
+    return await this.doRequest("DescribeHostUploadUpdateRecordDetail", params);
   }
 
   async UploadUpdateCertificateInstance(params: any) {
-    const client = await this.getSslClient();
-    const res = await client.request("UploadUpdateCertificateInstance", params);
-    this.checkRet(res);
-    return res;
+    return await this.doRequest("UploadUpdateCertificateInstance", params);
   }
 
   async DescribeCertificates(params: { Limit?: number; Offset?: number; SearchKey?: string }) {
-    const client = await this.getSslClient();
-    const res = await client.DescribeCertificates({
+    return await this.doRequest("DescribeCertificates", {
       ExpirationSort: "ASC",
       ...params,
     });
-    this.checkRet(res);
-    return res;
   }
 
   async doRequest(action: string, params: any) {
     const client = await this.getSslClient();
-    if (!client[action]) {
-      throw new Error(`action ${action} not found`);
+    try {
+      const res = await client.request(action, params);
+      this.checkRet(res);
+      return res;
+    } catch (e) {
+      this.logger.error(`action ${action} error: ${e.message},requestId=${e.RequestId}`);
+      throw e;
     }
-    const res = await client[action](params);
-    this.checkRet(res);
-    return res;
   }
 }

packages/ui/Dockerfile

@@ -19,6 +19,8 @@ RUN apk add --no-cache openjdk8
 WORKDIR /app/
 COPY --from=builder /workspace/certd-server/ /app/
 
+COPY ./patch/ssh2/*.js /app/node_modules/.pnpm/node_modules/ssh2/lib/protocol/
+
 ENV LEGO_VERSION=4.22.2
 ENV LEGO_DOWNLOAD_DIR=/app/tools/lego
 RUN mkdir -p $LEGO_DOWNLOAD_DIR

packages/ui/certd-client/CHANGELOG.md

@@ -3,6 +3,62 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.16](https://github.com/certd/certd/compare/v1.37.15...v1.37.16) (2025-12-15)
+
+### Bug Fixes
+
+* 修复ipv6作为证书域名申请证书校验失败的bug ([e4e16bc](https://github.com/certd/certd/commit/e4e16bc6a65bb082c18ca0590226f0987a47d477))
+
+### Performance Improvements
+
+* 批量设置定时，支持清除定时 ([63d8bcf](https://github.com/certd/certd/commit/63d8bcf8823f713365042d3c7aee3cf31d44b044))
+* 支持彩虹聚合登录 ([6f18693](https://github.com/certd/certd/commit/6f186932ccad4becfdc0087c0539f7b2d0069844))
+* 支持邮件模版设置 ([a6c0d2c](https://github.com/certd/certd/commit/a6c0d2c6f1fd6b60e6d7af290487c94564fd91ea))
+
+## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
+
+### Performance Improvements
+
+* 第三方登录支持gitee ([5cee7d4](https://github.com/certd/certd/commit/5cee7d44f17bd36972f477bc1f270999da558d05))
+
+## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
+
+### Bug Fixes
+
+* 修复注销登录时，第三方登录注销请求失败的报错 ([677e110](https://github.com/certd/certd/commit/677e1101e6cf4451abd8a876cc1d0ddd26a10b88))
+
+## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
+
+### Performance Improvements
+
+* 第三方登录允许选择logo ([bb3085e](https://github.com/certd/certd/commit/bb3085ef84201ccd2dc632ba8c5097cb00258be4))
+* 支持OIDC单点登录 ([fbf12f1](https://github.com/certd/certd/commit/fbf12f16b5eaa7676fd41923587bf6bd2595adba))
+
+## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
+
+### Performance Improvements
+
+* 支持微信扫码登录 ([73325aa](https://github.com/certd/certd/commit/73325aaefb0e750a22aaac40929e7bf3f5864996))
+* 支持证书颁发机构 LiteSSL ([6be7591](https://github.com/certd/certd/commit/6be75913324e2828d9016eb307ff2d0abbbb2191))
+
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Bug Fixes
+
+* 修复备注撑开表格行高的bug ([c7b298c](https://github.com/certd/certd/commit/c7b298c46f0d52b43bd2bb17b374e7970a446446))
+* 修复域名管理无法创建tencent-eo dns授权的bug ([3406bb5](https://github.com/certd/certd/commit/3406bb5a4a56bb310cddc1a1f410c70909fd129b))
+
+### Performance Improvements
+
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 站点证书监控备注输入框改成textarea ([70b603d](https://github.com/certd/certd/commit/70b603d601c34f39148c2ab70c655c51babf563d))
+
 ## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
 
 ### Bug Fixes

packages/ui/certd-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-client",
-  "version": "1.37.9",
+  "version": "1.37.16",
   "private": true,
   "scripts": {
     "dev": "vite --open",
@@ -33,11 +33,11 @@
     "@aws-sdk/s3-request-presigner": "^3.535.0",
     "@certd/vue-js-cron-light": "^4.0.14",
     "@ctrl/tinycolor": "^4.1.0",
-    "@fast-crud/editor-code": "^1.27.4",
-    "@fast-crud/fast-crud": "^1.27.4",
-    "@fast-crud/fast-extends": "^1.27.4",
-    "@fast-crud/ui-antdv4": "^1.27.4",
-    "@fast-crud/ui-interface": "^1.27.4",
+    "@fast-crud/editor-code": "^1.27.7",
+    "@fast-crud/fast-crud": "^1.27.7",
+    "@fast-crud/fast-extends": "^1.27.7",
+    "@fast-crud/ui-antdv4": "^1.27.7",
+    "@fast-crud/ui-interface": "^1.27.7",
     "@iconify/tailwind": "^1.2.0",
     "@iconify/vue": "^4.1.1",
     "@manypkg/get-packages": "^2.2.2",
@@ -106,8 +106,8 @@
     "zod-defaults": "^0.1.3"
   },
   "devDependencies": {
-    "@certd/lib-iframe": "^1.37.9",
-    "@certd/pipeline": "^1.37.9",
+    "@certd/lib-iframe": "^1.37.16",
+    "@certd/pipeline": "^1.37.16",
     "@rollup/plugin-commonjs": "^25.0.7",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/chai": "^4.3.12",

packages/ui/certd-client/src/api/service.ts

@@ -47,11 +47,12 @@ function createService() {
         //如果不需要解包
         return dataAxios;
       }
-
+      //@ts-ignore
+      const showErrorNotify = response?.config?.showErrorNotify;
       // 这个状态码是和后端约定的
       if (dataAxios?.code === undefined) {
         // 如果没有 code 代表这不是项目后端开发的接口
-        errorCreate(`非标准返回：${dataAxios}， ${response.config.url}`);
+        errorCreate(`非标准返回：${dataAxios}， ${response.config.url}`, showErrorNotify);
         return dataAxios;
       }
       const { code } = dataAxios;
@@ -70,8 +71,6 @@ function createService() {
             // @ts-ignore
             response.config.onError(err);
           }
-          //@ts-ignore
-          const showErrorNotify = response?.config?.showErrorNotify;
           errorCreate(`${errorMessage}: ${response.config.url}`, showErrorNotify, dataAxios);
       }
     },

packages/ui/certd-client/src/api/tools.ts

@@ -69,7 +69,7 @@ export function errorLog(error: any, notify = true) {
  * @description 创建一个错误
  */
 export function errorCreate(msg: string, notify = true, data?: any) {
-  const err = new CodeError(msg, data.code, data.data);
+  const err = new CodeError(msg, data?.code || 1, data?.data);
   console.error("errorCreate", err);
   if (notify) {
     uiContext.get().notification.error({ message: err.message });

packages/ui/certd-client/src/components/plugins/common/params-show.vue

@@ -0,0 +1,33 @@
+<template>
+  <div class="params-show">
+    <a-tag type="primary" color="green" v-for="item of params" :key="item.value" class="item">
+      <span class="label">{{ item.label }}=</span>
+      <fs-copyable :modelValue="`\$\{${item.value}\}`" :button="{show:false}" :inline="true"></fs-copyable>
+    </a-tag>
+  </div>
+</template>
+<script setup lang="ts">
+defineOptions({
+  name: "ParamsShow",
+});
+
+const props = defineProps<{
+  params: { value: string; label: string }[];
+}>();
+</script>
+
+<style lang="less">
+.params-show {
+  display: flex;
+  flex-wrap: wrap;
+  align-items: center;
+  min-height: 32px;
+
+  .item {
+    display: flex;
+    align-items: center;
+    margin-bottom: 2px;
+    margin-top: 2px;
+  }
+}
+</style>

packages/ui/certd-client/src/components/plugins/index.ts

@@ -11,6 +11,7 @@ import AccessSelector from "/@/views/certd/access/access-selector/index.vue";
 import InputPassword from "./common/input-password.vue";
 import CertInfoUpdater from "/@/views/certd/pipeline/cert-upload/index.vue";
 import ApiTest from "./common/api-test.vue";
+import ParamsShow from "./common/params-show.vue";
 export * from "./cert/index.js";
 export default {
   install(app: any) {
@@ -29,5 +30,6 @@ export default {
     app.component("RemoteInput", RemoteInput);
     app.component("CertDomainsGetter", CertDomainsGetter);
     app.component("InputPassword", InputPassword);
+    app.component("ParamsShow", ParamsShow);
   },
 };

packages/ui/certd-client/src/components/tutorial/tutorial-steps.vue

@@ -164,7 +164,7 @@ const steps = ref<Step[]>([
       {
         image: "/static/doc/images/15-1-email.png",
         title: t("guide.scheduleAndEmailTask.setEmailNotification"),
-        descriptions: [t("guide.scheduleAndEmailTask.suggestErrorAndRecoveryEmails"), t("guide.scheduleAndEmailTask.basicVersionNeedsMailServer")],
+        descriptions: [t("guide.scheduleAndEmailTask.suggestErrorAndRecoveryEmails")],
       },
       {
         title: t("guide.scheduleAndEmailTask.tutorialEndTitle"),

packages/ui/certd-client/src/layout/layout-basic.vue

@@ -82,7 +82,7 @@ provide("fn:ai.open", openChat);
       <LockScreen :avatar @to-login="handleLogout" />
     </template>
     <template #header-right-0>
-      <div v-if="!settingStore.isComm" class="hover:bg-accent ml-1 mr-2 cursor-pointer rounded-full hidden md:block">
+      <div class="hover:bg-accent ml-1 mr-2 cursor-pointer rounded-full hidden md:block">
         <tutorial-button class="flex-center header-btn" />
       </div>
       <div class="hover:bg-accent ml-1 mr-2 cursor-pointer rounded-full">

packages/ui/certd-client/src/layout/layout-framework.vue

@@ -75,7 +75,7 @@
         <div>
           <span v-if="!settingStore.isComm">
             <span>Powered by</span>
-            <a> handsfree.work </a>
+            <a> handfree.work </a>
           </span>
 
           <template v-if="siteInfo.licenseTo">

packages/ui/certd-client/src/layout/layout-outside.vue

@@ -1,8 +1,8 @@
 <template>
   <div id="userLayout" :class="['user-layout-wrapper']">
-    <div class="login-container flex-center">
-      <div class="user-layout-content flex-center flex-col">
-        <div class="top flex flex-col items-center justify-center">
+    <div class="login-container flex justify-start">
+      <div class="user-layout-content flex-col justify-start">
+        <div class="top flex flex-col items-center justify-start">
           <div class="header flex flex-row items-center">
             <img :src="siteInfo.loginLogo" class="logo" alt="logo" />
             <span class="title"></span>
@@ -10,8 +10,9 @@
           <div class="desc">{{ siteInfo.slogan }}</div>
         </div>
 
-        <router-view />
-
+        <div class="flex-1 flex flex-col justify-start items-center">
+          <router-view />
+        </div>
         <div class="footer">
           <div class="copyright">
             <span v-if="!settingStore.isComm">
@@ -73,6 +74,7 @@ const sysPublic: Ref<SysPublicSetting> = computed(() => {
   .login-container {
     width: 100%;
     height: 100%;
+    overflow: auto;
     background: #f0f2f5 url(/static/background.svg) no-repeat 50%;
     background-size: 100%;
     //padding: 50px 0 84px;

packages/ui/certd-client/src/locales/langs/en-US/authentication.ts

@@ -57,6 +57,7 @@ export default {
   passwordPlaceholder: "Please enter your password",
   mobilePlaceholder: "Please enter your mobile number",
   loginButton: "Log In",
+  bindButton: "Bind Account",
   forgotPassword: "Forgot password?",
   forgotAdminPassword: "Forgot admin password?",
   registerLink: "Register",
@@ -83,4 +84,6 @@ export default {
   phoneNumber: "Phone Number",
   changePassword: "Change Password",
   updateProfile: "Update Profile",
+  oauthLoginTitle: "Other ways of login",
+  oauthOnlyLoginTitle: "Login",
 };

packages/ui/certd-client/src/locales/langs/en-US/certd.ts

@@ -631,7 +631,7 @@ export default {
   autoHideTime: "Auto Hide Time",
   autoHideTimeHelper: "Minutes without requests before auto hiding",
   hideOpenApi: "Hide Open API",
-  hideOpenApiHelper: "Whether to hide open APIs; whether to expose /api/v1 prefixed endpoints",
+  hideOpenApiHelper: "Whether to hide open APIs; whether to hide /api/v1 prefixed endpoints",
   hideSiteImmediately: "Hide Site Immediately",
   hideImmediately: "Hide Immediately",
   confirmHideSiteTitle: "Are you sure to hide the site immediately?",
@@ -743,6 +743,8 @@ export default {
       paymentSetting: "Payment Settings",
       captchaSetting: "Captcha Setting",
       pipelineSetting: "Pipeline Settings",
+      oauthSetting: "OAuth2 Settings",
+
       showRunStrategy: "Show RunStrategy",
       showRunStrategyHelper: "Allow modify the run strategy of the task",
 
@@ -760,6 +762,36 @@ export default {
       fixedCertExpireDays: "Fixed Cert Expire Days",
       fixedCertExpireDaysHelper: "Fixed cert expiration days, helpful for table list progress bar display",
       fixedCertExpireDaysRecommend: "Recommend 90",
+
+      enableOauth: "Enable OAuth2 Login",
+      oauthEnabledHelper: "Whether to enable OAuth2 login",
+      oauthProviders: "OAuth2 Login Providers",
+      oauthType: "OAuth2 Login Type",
+      oauthConfig: "OAuth2 Login Config",
+      oauthProviderSelectorPlaceholder: "Not Configured",
+      oauthCallback: "Callback URL",
+      oauthCallbackHelper: "Copy this URL to the callback address of the OAuth2 login provider",
+      oauthCallbackCopy: "Copy Callback URL",
+      oauthAutoRegister: "Auto Register User",
+      oauthAutoRegisterCheckedText: "Auto Register",
+      oauthAutoRegisterUnCheckedText: "User Select",
+      oauthAutoRegisterHelper: "Whether to auto register user when login",
+      oauthAutoRedirect: "Auto Redirect to OAuth2 Login",
+      oauthAutoRedirectHelper: "Whether to auto redirect to OAuth2 login when login (using the first enabled OAuth2 login type)",
+      oauthOnly: "OAuth2 Login Only",
+      oauthOnlyHelper: "Whether to only allow OAuth2 login, disable password login",
+
+      email: {
+        templates: "Email Templates",
+        templateType: "Template Type",
+        templateProvider: "Template Config",
+
+        templateSetting: "Email Template Setting",
+        serverSetting: "Email Server Setting",
+        sendTest: "Send Test",
+
+        templateProviderSelectorPlaceholder: "Not Configured",
+      },
     },
   },
   modal: {

packages/ui/certd-client/src/locales/langs/en-US/guide.ts

@@ -64,7 +64,6 @@ export default {
     recommendDailyRun: "Recommend configuring to run once daily; new certs requested 35 days before expiry and auto-skipped otherwise",
     setEmailNotification: "Set Email Notifications",
     suggestErrorAndRecoveryEmails: "Suggest listening for 'On Error' and 'Error to Success' to quickly troubleshoot failures (basic version requires mail server setup)",
-    basicVersionNeedsMailServer: "(basic version requires configuring mail server)",
     tutorialEndTitle: "Tutorial End",
     thanksForWatching: "Thank you for watching, hope it helps you",
   },

packages/ui/certd-client/src/locales/langs/zh-CN/authentication.ts

@@ -57,6 +57,7 @@ export default {
   passwordPlaceholder: "请输入密码",
   mobilePlaceholder: "请输入手机号",
   loginButton: "登录",
+  bindButton: "绑定账号",
   forgotPassword: "忘记密码？",
   forgotAdminPassword: "忘记管理员密码？",
   registerLink: "注册",
@@ -84,4 +85,7 @@ export default {
   phoneNumber: "手机号",
   changePassword: "修改密码",
   updateProfile: "修改个人信息",
+
+  oauthLoginTitle: "其他登录方式",
+  oauthOnlyLoginTitle: "登录",
 };