v1.38.5

.vscode/settings.json

@@ -16,5 +16,9 @@
     },
     "[less]": {
         "editor.defaultFormatter": "vscode.css-language-features"
-    }
+    },
+    "scm.repositories.visible": 9,
+    "scm.repositories.explorer": false,
+    "scm.repositories.selectionMode": "multiple",
+    "scm.repositories.sortOrder": "discovery time"
 }

CHANGELOG.md

@@ -3,6 +3,39 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+### Bug Fixes
+
+* 阿里云esa查询证书限制接口无效，改成配置证书数量上限检查方式进行清理 ([2302567](https://github.com/certd/certd/commit/230256793f8ad87ef8a0738c37108bf7b5ab9853))
+* 某些情况下登陆页面没有显示重置密码文档链接的问题 ([40801d0](https://github.com/certd/certd/commit/40801d0a0668c77adb57fae42b4b6615b198a88d))
+* 修复部署到火山引擎vod，获取域名列表为空的bug ([0719f4c](https://github.com/certd/certd/commit/0719f4c99e9198544d03431107b53652e076e881))
+* 修复litessl new-nonce报428的bug ([540ef96](https://github.com/certd/certd/commit/540ef967457a7871637cfdb5012ed1fa3261757b))
+* 修复oidc配置取消后获取登出地址失败后无法列出oauth列表的bug ([eb5de15](https://github.com/certd/certd/commit/eb5de150332fd914c56b812c3ba2c2445f902bb7))
+
+### Performance Improvements
+
+* 将重置密码的日志挪到启动成功之后，方便查看 ([0fa9b34](https://github.com/certd/certd/commit/0fa9b344e08cf355aee7a7566f061cc5d95dc374))
+* 支持绑定两个url地址 ([a2e9a41](https://github.com/certd/certd/commit/a2e9a41a7e712395c0e3ee6fe55b370aa1fc1f12))
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+### Bug Fixes
+
+* 修复1:: 形式的ipv6校验失败的bug ([8b96f21](https://github.com/certd/certd/commit/8b96f218d5284033f10c186c0ce18e4c16d8e9b2))
+* 修复阿里云esa超过免费配额之后无法部署证书的bug，改成删除最旧的那张证书 ([32de8d9](https://github.com/certd/certd/commit/32de8d9ccb08d26414adbdde950d7cd405dc344a))
+
+### Performance Improvements
+
+* 当ip证书天数太小时，自动调整更新天数，避免每次运行都重新申请ip证书 ([433e98b](https://github.com/certd/certd/commit/433e98b6450fa7d0491151f159e432bf3dfe4feb))
+* 首页证书数量支持点击跳转 ([52cbff0](https://github.com/certd/certd/commit/52cbff0e15329aecd3edcf81315fb7ceab9ec290))
+* 修复旧版本流水线数据发送通知标题为空的bug ([9bee0e4](https://github.com/certd/certd/commit/9bee0e460bfebe8db76742b80b2d52854392f4de))
+* 验证码支持 Cloudflare Turnstile ，谨慎启用，国内被墙了 ([ca43c77](https://github.com/certd/certd/commit/ca43c775250154def63c4acd96d65dc95d1c0c2b))
+* 优化证书未过期时的任务日志提示 ([ac85488](https://github.com/certd/certd/commit/ac85488245197694560aad7df9425ca215ef7ff7))
+* 支持部署到阿里云GA ([1a0d3ee](https://github.com/certd/certd/commit/1a0d3eeb1b0b5ce08f05af84b6161e00c1fe1815))
+* 支持部署到华为elb ([60c8ace](https://github.com/certd/certd/commit/60c8ace443e848155d3ce12e95b84766a4610d3a))
+* 支持部署到AcePanel ([1661cae](https://github.com/certd/certd/commit/1661caed05e3413dc3e2b14ce62b75aa03ad90e0))
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 ### Bug Fixes

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,48 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+### Bug Fixes
+
+* 修复1:: 形式的ipv6校验失败的bug ([8b96f21](https://github.com/certd/certd/commit/8b96f218d5284033f10c186c0ce18e4c16d8e9b2))
+* 修复阿里云esa超过免费配额之后无法部署证书的bug，改成删除最旧的那张证书 ([32de8d9](https://github.com/certd/certd/commit/32de8d9ccb08d26414adbdde950d7cd405dc344a))
+
+### Performance Improvements
+
+* 当ip证书天数太小时，自动调整更新天数，避免每次运行都重新申请ip证书 ([433e98b](https://github.com/certd/certd/commit/433e98b6450fa7d0491151f159e432bf3dfe4feb))
+* 首页证书数量支持点击跳转 ([52cbff0](https://github.com/certd/certd/commit/52cbff0e15329aecd3edcf81315fb7ceab9ec290))
+* 修复旧版本流水线数据发送通知标题为空的bug ([9bee0e4](https://github.com/certd/certd/commit/9bee0e460bfebe8db76742b80b2d52854392f4de))
+* 验证码支持 Cloudflare Turnstile ，谨慎启用，国内被墙了 ([ca43c77](https://github.com/certd/certd/commit/ca43c775250154def63c4acd96d65dc95d1c0c2b))
+* 优化证书未过期时的任务日志提示 ([ac85488](https://github.com/certd/certd/commit/ac85488245197694560aad7df9425ca215ef7ff7))
+* 支持部署到阿里云GA ([1a0d3ee](https://github.com/certd/certd/commit/1a0d3eeb1b0b5ce08f05af84b6161e00c1fe1815))
+* 支持部署到华为elb ([60c8ace](https://github.com/certd/certd/commit/60c8ace443e848155d3ce12e95b84766a4610d3a))
+* 支持部署到AcePanel ([1661cae](https://github.com/certd/certd/commit/1661caed05e3413dc3e2b14ce62b75aa03ad90e0))
+
+## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
+
+### Bug Fixes
+
+* 当通知配置被删除时，使用默认通知配置进行发送 ([5398300](https://github.com/certd/certd/commit/53983002b6553a929b72e2c70a26809a9f306e89))
+* 站点检查多个ip连接超时的报错显示不出来的bug ([33b284a](https://github.com/certd/certd/commit/33b284afc0ae6391658d573e32b1ce7765e51cb2))
+
+### Performance Improvements
+
+* 部署插件支持ucloud alb ([640950d](https://github.com/certd/certd/commit/640950d4c847c72cae2986e3c2cae10d52a67fdf))
+* 多个dns 提供商支持导入域名 ([d3c0914](https://github.com/certd/certd/commit/d3c0914ac16db8ac77f9c60285bb20cfab7a3cb0))
+* 首次使用提示新手教程按钮 ([e054c8f](https://github.com/certd/certd/commit/e054c8fc55063fd96548f1c19049070524a63411))
+* 输入证书域名时，支持点击导入域名 ([40be424](https://github.com/certd/certd/commit/40be42406c6fd5de11f594fc6913178d9e7d8943))
+* 所有的dnsprovider 支持导入域名列表 ([9f21b1a](https://github.com/certd/certd/commit/9f21b1a09797d7dab253e4416c538b55fb8f4488))
+* 优化首页统计数据，饼图替换成证书数量统计 ([9fa1c2e](https://github.com/certd/certd/commit/9fa1c2eb3e55ef630333ae24284aa8b54e3414b6))
+* 优化首页图标 ([998de0f](https://github.com/certd/certd/commit/998de0f9a031339b019aa7a09e61e994664a8047))
+* 域名导入任务进度条 ([7058d5c](https://github.com/certd/certd/commit/7058d5cb935cab8c75b98493ed497a22dbe70883))
+* 站点监控，检查状态挪到前面显示 ([48f1bf0](https://github.com/certd/certd/commit/48f1bf091869b87dd17feaca5efd8680ef741582))
+* 证书仓库页面增加到期状态查询条件 ([58c3d70](https://github.com/certd/certd/commit/58c3d7087bb66358d896a741e12005f690b2bd5e))
+* 证书流水线创建域名输入框支持获取域名数据进行选择 ([1d5b1c2](https://github.com/certd/certd/commit/1d5b1c239cf350920eb2eb9fd293af74ef412853))
+* 支持导入51dns域名 ([7eb9694](https://github.com/certd/certd/commit/7eb96942214aed0dfc9c3c5a669374da67052c49))
+* ucloud支持部署到alb ([78004bd](https://github.com/certd/certd/commit/78004bdfb552a3b83298fa09d518ca282a529d90))
+* ucloud支持部署到ulb（alb、clb统一成一个） ([c408687](https://github.com/certd/certd/commit/c408687af7669afe733b5506720ca795555acdce))
+
 ## [1.38.2](https://github.com/certd/certd/compare/v1.38.1...v1.38.2) (2026-01-22)
 
 ### Bug Fixes

docs/guide/plugins/access.md

@@ -14,62 +14,63 @@
 | 10.| **baota授权** |  | 
 | 11.| **天翼云授权** |  | 
 | 12.| **51dns授权** |  | 
-| 13.| **SFTP授权** |  | 
-| 14.| **阿里云OSS授权** | 包含地域和Bucket | 
-| 15.| **APISIX授权** |  | 
-| 16.| **亚马逊云aws授权** |  | 
-| 17.| **亚马逊云科技（国区）授权** |  | 
-| 18.| **CacheFly** | CacheFly | 
-| 19.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
-| 20.| **google cloud** | 谷歌云授权 | 
-| 21.| **cloudflare授权** |  | 
-| 22.| **中国移动CND授权** |  | 
-| 23.| **授权插件示例** | 这是一个示例授权插件，用于演示如何实现一个授权插件 | 
-| 24.| **dns.la授权** |  | 
-| 25.| **多吉云** |  | 
-| 26.| **Dokploy授权** |  | 
-| 27.| **farcdn授权** |  | 
-| 28.| **FlexCDN授权** |  | 
-| 29.| **Gcore** | Gcore | 
-| 30.| **Github授权** |  | 
-| 31.| **godaddy授权** |  | 
-| 32.| **金山云授权** |  | 
-| 33.| **FTP授权** |  | 
-| 34.| **七牛OSS授权** |  | 
-| 35.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
-| 36.| **s3/minio授权** | S3/minio oss授权 | 
-| 37.| **namesilo授权** |  | 
-| 38.| **1panel授权** | 账号和密码 | 
-| 39.| **支付宝** |  | 
-| 40.| **白山云授权** |  | 
-| 41.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
-| 42.| **cdnfly授权** |  | 
-| 43.| **k8s授权** |  | 
-| 44.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 45.| **LeCDN授权** |  | 
-| 46.| **lucky** |  | 
-| 47.| **猫云授权** |  | 
-| 48.| **plesk授权** |  | 
-| 49.| **长亭雷池授权** |  | 
-| 50.| **群晖登录授权** |  | 
-| 51.| **uniCloud** | unicloud授权 | 
-| 52.| **微信支付** |  | 
-| 53.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
-| 54.| **易发云短信** | sms.yfyidc.cn/ | 
-| 55.| **易盾DCDN授权** | https://user.yiduncdn.com | 
-| 56.| **易支付** |  | 
-| 57.| **proxmox** |  | 
-| 58.| **UCloud授权** | 优刻得授权 | 
-| 59.| **又拍云** |  | 
-| 60.| **网宿授权** |  | 
-| 61.| **西部数码授权** |  | 
-| 62.| **我爱云授权** | 我爱云CDN | 
-| 63.| **新网授权（代理方式）** |  | 
-| 64.| **新网授权** |  | 
-| 65.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
-| 66.| **Zenlayer授权** | Zenlayer授权 | 
-| 67.| **GoEdge授权** |  | 
-| 68.| **雨云授权** | https://app.rainyun.com/ | 
+| 13.| **AcePanel授权** |  | 
+| 14.| **SFTP授权** |  | 
+| 15.| **阿里云OSS授权** | 包含地域和Bucket | 
+| 16.| **APISIX授权** |  | 
+| 17.| **亚马逊云aws授权** |  | 
+| 18.| **亚马逊云科技（国区）授权** |  | 
+| 19.| **CacheFly** | CacheFly | 
+| 20.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
+| 21.| **google cloud** | 谷歌云授权 | 
+| 22.| **cloudflare授权** |  | 
+| 23.| **中国移动CND授权** |  | 
+| 24.| **授权插件示例** | 这是一个示例授权插件，用于演示如何实现一个授权插件 | 
+| 25.| **dns.la授权** |  | 
+| 26.| **多吉云** |  | 
+| 27.| **Dokploy授权** |  | 
+| 28.| **farcdn授权** |  | 
+| 29.| **FlexCDN授权** |  | 
+| 30.| **Gcore** | Gcore | 
+| 31.| **Github授权** |  | 
+| 32.| **godaddy授权** |  | 
+| 33.| **金山云授权** |  | 
+| 34.| **FTP授权** |  | 
+| 35.| **七牛OSS授权** |  | 
+| 36.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
+| 37.| **s3/minio授权** | S3/minio oss授权 | 
+| 38.| **namesilo授权** |  | 
+| 39.| **1panel授权** | 账号和密码 | 
+| 40.| **支付宝** |  | 
+| 41.| **白山云授权** |  | 
+| 42.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
+| 43.| **cdnfly授权** |  | 
+| 44.| **k8s授权** |  | 
+| 45.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 46.| **LeCDN授权** |  | 
+| 47.| **lucky** |  | 
+| 48.| **猫云授权** |  | 
+| 49.| **plesk授权** |  | 
+| 50.| **长亭雷池授权** |  | 
+| 51.| **群晖登录授权** |  | 
+| 52.| **uniCloud** | unicloud授权 | 
+| 53.| **微信支付** |  | 
+| 54.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 55.| **易发云短信** | sms.yfyidc.cn/ | 
+| 56.| **易盾DCDN授权** | https://user.yiduncdn.com | 
+| 57.| **易支付** |  | 
+| 58.| **proxmox** |  | 
+| 59.| **UCloud授权** | 优刻得授权 | 
+| 60.| **又拍云** |  | 
+| 61.| **网宿授权** |  | 
+| 62.| **西部数码授权** |  | 
+| 63.| **我爱云授权** | 我爱云CDN | 
+| 64.| **新网授权（代理方式）** |  | 
+| 65.| **新网授权** |  | 
+| 66.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
+| 67.| **Zenlayer授权** | Zenlayer授权 | 
+| 68.| **GoEdge授权** |  | 
+| 69.| **雨云授权** | https://app.rainyun.com/ | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/deploy.md

@@ -1,5 +1,5 @@
 # 任务插件
-共 `118` 款任务插件    
+共 `122` 款任务插件    
 ## 1. 证书申请
 
 | 序号 | 名称 | 说明 |
@@ -53,26 +53,28 @@
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **Dokploy-部署server证书** | 自动更新Dokploy server证书 | 
-| 2.| **飞牛NAS-部署证书** |  | 
-| 3.| **1Panel-部署面板证书** | 更新1Panel的面板证书 | 
-| 4.| **1Panel-更新证书** | 更新1Panel的证书，包括面板证书和站点证书 | 
-| 5.| **宝塔-删除过期证书** | 删除证书夹中过期证书 | 
-| 6.| **宝塔-WAF证书部署** | 部署宝塔云WAF/aaWAF | 
-| 7.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
-| 8.| **宝塔win-网站证书部署** | 部署到Windows版宝塔管理的站点的ssl证书 | 
-| 9.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持宝塔网站站点、docker站点等。本插件也支持aaPanel。 | 
-| 10.| **K8S-Apply自定义yaml** | apply自定义yaml到k8s | 
-| 11.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
-| 12.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
-| 13.| **lucky-更新Lucky证书** |  | 
-| 14.| **Plesk-部署Plesk网站证书** |  | 
-| 15.| **Plesk-更新证书** | 不会创建新证书记录，直接更新旧的证书 | 
-| 16.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
-| 17.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
-| 18.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
-| 19.| **Proxmox-上传证书到Proxmox** |  | 
-| 20.| **威联通-部署证书到威联通** | 部署证书到qnap | 
+| 1.| **AcePanel-部署到网站** | 上传证书并部署到指定网站 | 
+| 2.| **AcePanel-面板证书** | 部署AcePanel面板证书 | 
+| 3.| **Dokploy-部署server证书** | 自动更新Dokploy server证书 | 
+| 4.| **飞牛NAS-部署证书** |  | 
+| 5.| **1Panel-部署面板证书** | 更新1Panel的面板证书 | 
+| 6.| **1Panel-更新证书** | 更新1Panel的证书，包括面板证书和站点证书 | 
+| 7.| **宝塔-删除过期证书** | 删除证书夹中过期证书 | 
+| 8.| **宝塔-WAF证书部署** | 部署宝塔云WAF/aaWAF | 
+| 9.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
+| 10.| **宝塔win-网站证书部署** | 部署到Windows版宝塔管理的站点的ssl证书 | 
+| 11.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持宝塔网站站点、docker站点等。本插件也支持aaPanel。 | 
+| 12.| **K8S-Apply自定义yaml** | apply自定义yaml到k8s | 
+| 13.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
+| 14.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
+| 15.| **lucky-更新Lucky证书** |  | 
+| 16.| **Plesk-部署Plesk网站证书** |  | 
+| 17.| **Plesk-更新证书** | 不会创建新证书记录，直接更新旧的证书 | 
+| 18.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
+| 19.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
+| 20.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
+| 21.| **Proxmox-上传证书到Proxmox** |  | 
+| 22.| **威联通-部署证书到威联通** | 部署证书到qnap | 
 ## 5. 阿里云
 
 | 序号 | 名称 | 说明 |
@@ -86,19 +88,21 @@
 | 7.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
 | 8.| **阿里云-部署至ESA** | 部署证书到阿里云ESA(边缘安全加速)，自动删除过期证书 | 
 | 9.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0） | 
-| 10.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
-| 11.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
-| 12.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) | 
-| 13.| **阿里云-部署至VOD** | 部署证书到阿里云视频点播（vod） | 
-| 14.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
-| 15.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
+| 10.| **阿里云-部署至GA** | 部署证书到阿里云GA(全球加速)，支持更新默认证书和扩展证书 | 
+| 11.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
+| 12.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
+| 13.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) | 
+| 14.| **阿里云-部署至VOD** | 部署证书到阿里云视频点播（vod） | 
+| 15.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
+| 16.| **阿里云-上传证书到CAS** | 上传证书到阿里云证书管理服务（CAS），如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
 ## 6. 华为云
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **华为云-部署证书至CDN** |  | 
-| 2.| **华为云-部署证书至OBS** |  | 
-| 3.| **华为云-上传证书至CCM** | 上传证书到华为云云证书管理（CCM） | 
+| 2.| **华为云-部署证书至ELB负载均衡** |  | 
+| 3.| **华为云-部署证书至OBS** |  | 
+| 4.| **华为云-上传证书至CCM** | 上传证书到华为云云证书管理（CCM） | 
 ## 7. 腾讯云
 
 | 序号 | 名称 | 说明 |

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.38.3"
+  "version": "1.38.5"
 }

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,16 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/publishlab/node-acme-client/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+### Bug Fixes
+
+* 修复litessl new-nonce报428的bug ([540ef96](https://github.com/publishlab/node-acme-client/commit/540ef967457a7871637cfdb5012ed1fa3261757b))
+
+## [1.38.4](https://github.com/publishlab/node-acme-client/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.38.3](https://github.com/publishlab/node-acme-client/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.38.3",
+    "version": "1.38.5",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.38.3",
+        "@certd/basic": "^1.38.5",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.9.0",
@@ -70,5 +70,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "f92dc6a1ad103de9cc184da3b84096943906cb59"
+    "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
 }

packages/core/acme-client/src/client.js

@@ -103,7 +103,9 @@ class AcmeClient {
             max: this.opts.backoffMax,
         };
 
-        this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding, this.opts.urlMapping, opts.logger);
+        const cacheNonce = true
+        // const cacheNonce = this.sslProvider === 'litessl';
+        this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding, this.opts.urlMapping, opts.logger, cacheNonce);
         this.api = new AcmeApi(this.http, this.opts.accountUrl);
         this.logger = opts.logger;
     }

packages/core/acme-client/src/http.js

@@ -19,7 +19,7 @@ import { getJwk } from './crypto/index.js';
  */
 
 class HttpClient {
-    constructor(directoryUrl, accountKey, externalAccountBinding = {}, urlMapping = {},logger) {
+    constructor(directoryUrl, accountKey, externalAccountBinding = {}, urlMapping = {}, logger, cacheNonce= false) {
         this.directoryUrl = directoryUrl;
         this.accountKey = accountKey;
         this.externalAccountBinding = externalAccountBinding;
@@ -31,7 +31,34 @@ class HttpClient {
         this.directoryMaxAge = 86400;
         this.directoryTimestamp = 0;
         this.urlMapping = urlMapping;
-        this.log = logger? logger.info.bind(logger) : log;
+        this.log = logger ? logger.info.bind(logger) : log;
+        this.nonces = [];
+        this.cacheNonce = cacheNonce;
+    }
+
+    pushNonce(nonce) {
+        if (!this.cacheNonce || !nonce) {
+            return;
+        }
+        this.nonces.push({
+            nonce,
+            expires: Date.now() + 30*1000,
+        });
+    }
+    popNonce() {
+        while (true) {
+            if (this.nonces.length === 0) {
+                return null;
+            }
+            const item = this.nonces.shift();
+            if (!item) {
+                return null;
+            }
+            if (item.expires < Date.now()) {
+                continue;
+            }
+            return item.nonce;
+        }
     }
 
     /**
@@ -70,6 +97,13 @@ class HttpClient {
         const resp = await axios.request(opts);
 
         this.log(`RESP ${resp.status} ${method} ${url}`);
+
+        const nonce = resp.headers['replay-nonce'];
+        if (nonce) {
+            //如果有nonce
+            this.pushNonce(nonce);
+        }
+
         return resp;
     }
 
@@ -127,6 +161,13 @@ class HttpClient {
      */
 
     async getNonce() {
+
+        //尝试从队列中pop一个nonce
+        const nonce = this.popNonce();
+        if (nonce) {
+            return nonce;
+        }
+
         const url = await this.getResourceUrl('newNonce');
         const resp = await this.request(url, 'head');
 
@@ -134,7 +175,11 @@ class HttpClient {
             throw new Error('Failed to get nonce from ACME provider');
         }
 
+        if (this.cacheNonce) {
+            return this.popNonce();
+        }
         return resp.headers['replay-nonce'];
+       
     }
 
     /**

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,21 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+### Bug Fixes
+
+* 修复1:: 形式的ipv6校验失败的bug ([8b96f21](https://github.com/certd/certd/commit/8b96f218d5284033f10c186c0ce18e4c16d8e9b2))
+
+### Performance Improvements
+
+* 支持部署到阿里云GA ([1a0d3ee](https://github.com/certd/certd/commit/1a0d3eeb1b0b5ce08f05af84b6161e00c1fe1815))
+* 支持部署到华为elb ([60c8ace](https://github.com/certd/certd/commit/60c8ace443e848155d3ce12e95b84766a4610d3a))
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 ### Bug Fixes

packages/core/basic/build.md

@@ -1 +1 @@
-00:57
+23:59

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.38.3",
+  "version": "1.38.5",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -47,5 +47,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "f92dc6a1ad103de9cc184da3b84096943906cb59"
+  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
 }

packages/core/basic/src/utils/util.domain.ts

@@ -58,8 +58,13 @@ function isIpv6(d: string) {
   if (!d) {
     return false;
   }
-  const isIPv6Regex = /^([0-9A-Fa-f]{0,4}:){2,7}([0-9A-Fa-f]{1,4}$|((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.|$)){4})$/gm;
-  return isIPv6Regex.test(d);
+  try {
+    // 尝试构造URL，用IPv6作为hostname
+    new URL(`http://[${d}]`);
+    return true;
+  } catch {
+    return false;
+  }
 }
 
 function isIp(d: string) {

packages/core/basic/src/utils/util.request.ts

@@ -177,39 +177,40 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
     },
     (error: any) => {
       const status = error.response?.status;
+      let message = "";
       switch (status) {
         case 400:
-          error.message = "请求错误";
+          message = "请求错误";
           break;
         case 401:
-          error.message = "认证/登录失败";
+          message = "认证/登录失败";
           break;
         case 403:
-          error.message = "拒绝访问";
+          message = "拒绝访问";
           break;
         case 404:
-          error.message = `请求地址出错`;
+          message = `请求地址出错`;
           break;
         case 408:
-          error.message = "请求超时";
+          message = "请求超时";
           break;
         case 500:
-          error.message = "服务器内部错误";
+          message = "服务器内部错误";
           break;
         case 501:
-          error.message = "服务未实现";
+          message = "服务未实现";
           break;
         case 502:
-          error.message = "网关错误";
+          message = "网关错误";
           break;
         case 503:
-          error.message = "服务不可用";
+          message = "服务不可用";
           break;
         case 504:
-          error.message = "网关超时";
+          message = "网关超时";
           break;
         case 505:
-          error.message = "HTTP版本不受支持";
+          message = "HTTP版本不受支持";
           break;
         case 302:
           //重定向
@@ -217,9 +218,12 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
         default:
           break;
       }
+      if (status) {
+        message += ` [${status}] `;
+      }
 
       const errorCode = error.code;
-      let errorMessage = null;
+      let errorMessage = "";
       if (errorCode === "ECONNABORTED") {
         errorMessage = "请求连接终止";
       } else if (errorCode === "ETIMEDOUT") {
@@ -231,14 +235,17 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
       } else if (errorCode === "ENOTFOUND") {
         errorMessage = "请求地址不存在";
       }
-      if (errorMessage) {
-        if (error.message) {
-          errorMessage += `,${error.message}`;
-        }
-        error.message = errorMessage;
+      if (errorCode) {
+        errorMessage += ` [${errorCode}] `;
       }
-
-      logger.error(`请求出错：${errorMessage} status:${error.response?.status || error.code},statusText:${error.response?.statusText || error.code},url:${error.config?.url},method:${error.config?.method}。`);
+      if (message) {
+        errorMessage += `,${message}`;
+      }
+      if (error.message) {
+        errorMessage += `(${error.message})`;
+      }
+      error.message = errorMessage;
+      logger.error(`请求出错：${errorMessage} status:${status},statusText:${error.response?.statusText || error.code},url:${error.config?.url},method:${error.config?.method}。`);
       logger.error("返回数据:", JSON.stringify(error.response?.data));
       if (error.response?.data) {
         const message = error.response.data.message || error.response.data.msg || error.response.data.error;

packages/core/basic/src/utils/util.string.ts

@@ -1,8 +1,17 @@
+import dayjs from "dayjs";
+
 export const stringUtils = {
   maxLength(str?: string, length = 100) {
     if (str) {
-      return str.length > length ? str.slice(0, length) + '...' : str;
+      return str.length > length ? str.slice(0, length) + "..." : str;
     }
-    return '';
+    return "";
+  },
+
+  appendTimeSuffix(str?: string) {
+    if (str) {
+      return `${str}-${dayjs().format("YYYYMMDDHHmmssSSS")}`;
+    }
+    return "";
   },
 };

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,17 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+### Performance Improvements
+
+* 修复旧版本流水线数据发送通知标题为空的bug ([9bee0e4](https://github.com/certd/certd/commit/9bee0e460bfebe8db76742b80b2d52854392f4de))
+* 支持部署到阿里云GA ([1a0d3ee](https://github.com/certd/certd/commit/1a0d3eeb1b0b5ce08f05af84b6161e00c1fe1815))
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.38.3",
+  "version": "1.38.5",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -18,8 +18,8 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.38.3",
-    "@certd/plus-core": "^1.38.3",
+    "@certd/basic": "^1.38.5",
+    "@certd/plus-core": "^1.38.5",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -45,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "f92dc6a1ad103de9cc184da3b84096943906cb59"
+  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
 }

packages/core/pipeline/src/core/executor.ts

@@ -465,6 +465,8 @@ export class Executor {
 
     templateData.errors = errors;
     templateData.pipelineResult = pipelineResult;
+    templateData.title = subject;
+    templateData.content = content;
 
     for (const notification of this.pipeline.notifications) {
       if (!notification.when.includes(when)) {

packages/core/pipeline/src/plugin/api.ts

@@ -249,10 +249,7 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
   abstract execute(): Promise<void | string>;
 
   appendTimeSuffix(name?: string) {
-    if (name == null) {
-      name = "certd";
-    }
-    return name + "_" + dayjs().format("YYYYMMDDHHmmssSSS");
+    return utils.string.appendTimeSuffix(name);
   }
 
   buildCertName(domain: string, prefix = "") {
@@ -297,6 +294,10 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
   getStepIdFromRefInput(ref = ".") {
     return ref.split(".")[1];
   }
+
+  buildDomainGroupOptions(options: any[], domains: string[]) {
+    return utils.options.buildGroupOptions(options, domains);
+  }
 }
 
 export type OutputVO = {

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.38.3",
+  "version": "1.38.5",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "f92dc6a1ad103de9cc184da3b84096943906cb59"
+  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.38.3",
+  "version": "1.38.5",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "f92dc6a1ad103de9cc184da3b84096943906cb59"
+  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.38.3",
+  "version": "1.38.5",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
@@ -56,5 +56,5 @@
       "fetch"
     ]
   },
-  "gitHead": "f92dc6a1ad103de9cc184da3b84096943906cb59"
+  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.38.3",
+  "version": "1.38.5",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,7 +17,7 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.38.3",
+    "@certd/basic": "^1.38.5",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -32,5 +32,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "f92dc6a1ad103de9cc184da3b84096943906cb59"
+  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
 }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,16 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+### Performance Improvements
+
+* 支持绑定两个url地址 ([a2e9a41](https://github.com/certd/certd/commit/a2e9a41a7e712395c0e3ee6fe55b370aa1fc1f12))
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 ### Performance Improvements

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.38.3",
+  "version": "1.38.5",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -28,11 +28,11 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.38.3",
-    "@certd/basic": "^1.38.3",
-    "@certd/pipeline": "^1.38.3",
-    "@certd/plugin-lib": "^1.38.3",
-    "@certd/plus-core": "^1.38.3",
+    "@certd/acme-client": "^1.38.5",
+    "@certd/basic": "^1.38.5",
+    "@certd/pipeline": "^1.38.5",
+    "@certd/plugin-lib": "^1.38.5",
+    "@certd/plus-core": "^1.38.5",
     "@midwayjs/cache": "3.14.0",
     "@midwayjs/core": "3.20.11",
     "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "f92dc6a1ad103de9cc184da3b84096943906cb59"
+  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
 }

packages/libs/lib-server/src/system/basic/service/plus-service.ts

@@ -20,6 +20,7 @@ export class PlusService {
 
     const subjectId = installInfo.siteId;
     const bindUrl = installInfo.bindUrl;
+    const bindUrl2 = installInfo.bindUrl2;
     const installTime = installInfo.installTime;
     const saveLicense = async (license: string) => {
       let licenseInfo: SysLicenseInfo = await this.sysSettingsService.getSetting(SysLicenseInfo);
@@ -30,7 +31,7 @@ export class PlusService {
       await this.sysSettingsService.saveSetting(licenseInfo);
     };
 
-    return new PlusRequestService({ subjectId, bindUrl, installTime, saveLicense });
+    return new PlusRequestService({ subjectId, bindUrl, bindUrl2, installTime, saveLicense });
   }
 
   async getSubjectId() {
@@ -53,9 +54,9 @@ export class PlusService {
     await plusRequestService.verify({ license: licenseInfo.license });
   }
 
-  async bindUrl(url: string) {
+  async bindUrl(url: string, url2?:string) {
     const plusRequestService = await this.getPlusRequestService();
-    const res = await plusRequestService.bindUrl(url);
+    const res = await plusRequestService.bindUrl(url,url2);
     this.plusRequestService = null;
     return res;
   }
@@ -150,6 +151,12 @@ export class PlusService {
     }
   }
 
+  async getTodayOrderCount () {
+    await this.register();
+    const plusRequestService = await this.getPlusRequestService();
+    return await plusRequestService.getOrderCount()
+  }
+
   async requestWithToken(config: HttpRequestConfig) {
     const plusRequestService = await this.getPlusRequestService();
     const token = await this.getAccessToken();

packages/libs/lib-server/src/system/settings/service/models.ts

@@ -107,6 +107,7 @@ export class SysInstallInfo extends BaseSettings {
   siteId?: string;
   bindUserId?: number;
   bindUrl?: string;
+  bindUrl2?: string;
   accountServerBaseUrl?: string;
   appKey?: string;
 }

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.38.3",
+  "version": "1.38.5",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "f92dc6a1ad103de9cc184da3b84096943906cb59"
+  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 **Note:** Version bump only for package @certd/plugin-cert

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.38.3",
+  "version": "1.38.5",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -17,10 +17,10 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.38.3",
-    "@certd/basic": "^1.38.3",
-    "@certd/pipeline": "^1.38.3",
-    "@certd/plugin-lib": "^1.38.3",
+    "@certd/acme-client": "^1.38.5",
+    "@certd/basic": "^1.38.5",
+    "@certd/pipeline": "^1.38.5",
+    "@certd/plugin-lib": "^1.38.5",
     "psl": "^1.9.0",
     "punycode.js": "^2.3.1"
   },
@@ -38,5 +38,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "f92dc6a1ad103de9cc184da3b84096943906cb59"
+  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
 }

packages/plugins/plugin-lib/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 ### Performance Improvements

packages/plugins/plugin-lib/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-lib",
   "private": false,
-  "version": "1.38.3",
+  "version": "1.38.5",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -22,10 +22,10 @@
     "@alicloud/pop-core": "^1.7.10",
     "@alicloud/tea-util": "^1.4.11",
     "@aws-sdk/client-s3": "^3.964.0",
-    "@certd/acme-client": "^1.38.3",
-    "@certd/basic": "^1.38.3",
-    "@certd/pipeline": "^1.38.3",
-    "@certd/plus-core": "^1.38.3",
+    "@certd/acme-client": "^1.38.5",
+    "@certd/basic": "^1.38.5",
+    "@certd/pipeline": "^1.38.5",
+    "@certd/plus-core": "^1.38.5",
     "@kubernetes/client-node": "0.21.0",
     "ali-oss": "^6.22.0",
     "basic-ftp": "^5.0.5",
@@ -57,5 +57,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "f92dc6a1ad103de9cc184da3b84096943906cb59"
+  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
 }

packages/plugins/plugin-lib/src/cert/dns-provider/api.ts

@@ -62,6 +62,7 @@ export interface IDnsProvider<T = any> {
 
 export interface ISubDomainsGetter {
   getSubDomains(): Promise<string[]>;
+  hasSubDomain(domain: string): Promise<string>;
 }
 
 export interface IDomainParser {

packages/plugins/plugin-lib/src/cert/dns-provider/domain-parser.ts

@@ -38,20 +38,28 @@ export class DomainParser implements IDomainParser {
       return value;
     }
 
-    const subDomains = await this.subDomainsGetter.getSubDomains();
-    if (subDomains && subDomains.length > 0) {
-      const fullDomainDot = "." + fullDomain;
-      for (const subDomain of subDomains) {
-        if (fullDomainDot.endsWith("." + subDomain)) {
-          //找到子域名托管
-          utils.cache.set(cacheKey, subDomain, {
-            ttl: 60 * 1000,
-          });
-          this.logger.info(`获取到子域名托管域名:${fullDomain}->${subDomain}`);
-          return subDomain;
-        }
-      }
+    //检查是否有子域名托管
+    const subDomain = await this.subDomainsGetter.hasSubDomain(fullDomain);
+    if (subDomain) {
+      utils.cache.set(cacheKey, subDomain, {
+        ttl: 60 * 1000,
+      });
+      this.logger.info(`获取到托管域名:${fullDomain}->${subDomain}`);
+      return subDomain;
     }
+    // if (subDomains && subDomains.length > 0) {
+    //   const fullDomainDot = "." + fullDomain;
+    //   for (const subDomain of subDomains) {
+    //     if (fullDomainDot.endsWith("." + subDomain)) {
+    //       //找到子域名托管
+    //       utils.cache.set(cacheKey, subDomain, {
+    //         ttl: 60 * 1000,
+    //       });
+    //       this.logger.info(`获取到子域名托管域名:${fullDomain}->${subDomain}`);
+    //       return subDomain;
+    //     }
+    //   }
+    // }
 
     const res = this.parseDomainByPsl(fullDomain);
     this.logger.info(`从psl获取主域名:${fullDomain}->${res}`);

packages/ui/certd-client/CHANGELOG.md

@@ -3,6 +3,28 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+### Bug Fixes
+
+* 某些情况下登陆页面没有显示重置密码文档链接的问题 ([40801d0](https://github.com/certd/certd/commit/40801d0a0668c77adb57fae42b4b6615b198a88d))
+
+### Performance Improvements
+
+* 支持绑定两个url地址 ([a2e9a41](https://github.com/certd/certd/commit/a2e9a41a7e712395c0e3ee6fe55b370aa1fc1f12))
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+### Bug Fixes
+
+* 修复1:: 形式的ipv6校验失败的bug ([8b96f21](https://github.com/certd/certd/commit/8b96f218d5284033f10c186c0ce18e4c16d8e9b2))
+
+### Performance Improvements
+
+* 首页证书数量支持点击跳转 ([52cbff0](https://github.com/certd/certd/commit/52cbff0e15329aecd3edcf81315fb7ceab9ec290))
+* 验证码支持 Cloudflare Turnstile ，谨慎启用，国内被墙了 ([ca43c77](https://github.com/certd/certd/commit/ca43c775250154def63c4acd96d65dc95d1c0c2b))
+* 优化证书未过期时的任务日志提示 ([ac85488](https://github.com/certd/certd/commit/ac85488245197694560aad7df9425ca215ef7ff7))
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 ### Performance Improvements

packages/ui/certd-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-client",
-  "version": "1.38.3",
+  "version": "1.38.5",
   "private": true,
   "scripts": {
     "dev": "vite --open",
@@ -106,8 +106,8 @@
     "zod-defaults": "^0.1.3"
   },
   "devDependencies": {
-    "@certd/lib-iframe": "^1.38.3",
-    "@certd/pipeline": "^1.38.3",
+    "@certd/lib-iframe": "^1.38.5",
+    "@certd/pipeline": "^1.38.5",
     "@rollup/plugin-commonjs": "^25.0.7",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/chai": "^4.3.12",

packages/ui/certd-client/src/App.vue

@@ -8,19 +8,23 @@
 </template>
 
 <script lang="ts" setup>
-import { computed, provide, ref } from "vue";
+import { computed, provide, Ref, ref } from "vue";
 import { preferences, usePreferences } from "/@/vben/preferences";
 import { useAntdDesignTokens } from "/@/vben/hooks";
 import { Modal, theme } from "ant-design-vue";
 import AConfigProvider from "ant-design-vue/es/config-provider";
 import { antdvLocale } from "./locales/antdv";
 import { setI18nLanguage } from "/@/locales";
+import { mitter } from "./utils/util.mitt";
 defineOptions({
   name: "App",
 });
 
 const [modal, contextHolder] = Modal.useModal();
 provide("modal", modal);
+mitter.on("getModal", (event: any) => {
+  event.ModalRef = modal;
+});
 
 const locale = preferences.app.locale;
 setI18nLanguage(locale);

packages/ui/certd-client/src/components/captcha/captchas/cfTurnstile_captcha.vue

@@ -0,0 +1,97 @@
+<template>
+  <div class="cf-turnstile">
+    <div id="turnstile-container" class="cf-turnstile-container" :data-sitekey="siteKeyRef"></div>
+  </div>
+</template>
+<script setup lang="ts">
+import { nextTick, onMounted, onUnmounted, ref, watch } from "vue";
+
+import { loadScript } from "vue-plugin-load-script";
+const loaded = ref(false);
+async function loadCaptchaScript() {
+  await loadScript("https://challenges.cloudflare.com/turnstile/v0/api.js");
+  loaded.value = true;
+}
+
+defineOptions({
+  name: "CfTurnstileCaptcha",
+});
+const emit = defineEmits(["update:modelValue", "change"]);
+const props = defineProps<{
+  modelValue: any;
+  captchaGet: () => Promise<any>;
+}>();
+const captchaRef = ref(null);
+const siteKeyRef = ref("");
+const widgetIdRef = ref(null);
+
+onMounted(async () => {
+  await loadCaptchaScript();
+  await nextTick();
+  const { siteKey } = await props.captchaGet();
+  siteKeyRef.value = siteKey; //这里确定是string类型
+  //@ts-ignore
+  const widgetId = turnstile.render("#turnstile-container", {
+    sitekey: siteKey,
+    size: "flexible",
+    callback: function (token: string) {
+      console.log("turnstile success:", token);
+      emitChange({
+        token: token,
+      });
+    },
+  });
+  widgetIdRef.value = widgetId;
+});
+
+onUnmounted(() => {
+  //@ts-ignore
+  if (turnstile && widgetIdRef.value) {
+    //@ts-ignore
+    turnstile.remove(widgetIdRef.value);
+  }
+});
+
+function checkExpired() {
+  //@ts-ignore
+  if (turnstile && widgetIdRef.value) {
+    //@ts-ignore
+    return turnstile.isExpired(widgetIdRef.value);
+  }
+}
+
+function emitChange(value: any) {
+  emit("update:modelValue", value);
+  emit("change", value);
+}
+function reset() {
+  // 重置验证码
+  //@ts-ignore
+  if (turnstile && widgetIdRef.value) {
+    //@ts-ignore
+    turnstile.reset(widgetIdRef.value);
+  }
+}
+
+watch(
+  () => {
+    return props.modelValue;
+  },
+  value => {
+    if (value == null) {
+      reset();
+    }
+  }
+);
+
+defineExpose({
+  reset,
+});
+</script>
+<style lang="less">
+.cf-turnstile-container {
+  iframe {
+    width: 100% !important;
+  }
+}
+</style>

packages/ui/certd-client/src/components/captcha/captchas/image_captcha.vue

@@ -11,8 +11,7 @@
   </div>
 </template>
 <script setup lang="ts">
-import { defineEmits, defineExpose, defineProps, ref, watch } from "vue";
-import { nanoid } from "nanoid";
+import { ref, watch } from "vue";
 
 const props = defineProps<{
   modelValue: any;

packages/ui/certd-client/src/components/captcha/captchas/tencent_captcha.vue

@@ -11,8 +11,8 @@
   </div>
 </template>
 <script setup lang="ts">
-import { onMounted, defineProps, defineEmits, ref, onUnmounted, Ref, watch } from "vue";
 import { notification } from "ant-design-vue";
+import { ref, Ref, watch } from "vue";
 
 import { loadScript } from "vue-plugin-load-script";
 const loaded = ref(false);

packages/ui/certd-client/src/components/plugins/common/domain-selector.vue

@@ -60,6 +60,7 @@ import { request } from "/@/api/service";
 import { Dicts } from "../lib/dicts";
 import { useRouter } from "vue-router";
 import { useDomainImport, useDomainImportManage } from "/@/views/certd/cert/domain/use";
+import { openRouteInNewWindow } from "/@/vben/utils";
 
 defineOptions({
   name: "DomainSelector",
@@ -190,7 +191,7 @@ const router = useRouter();
 function openDomainManager(e: any) {
   e.preventDefault();
   // router.push("/certd/cert/domain");
-  window.open(`${window.location.origin}/#/certd/cert/domain`);
+  openRouteInNewWindow("/certd/cert/domain");
 }
 
 const openDomainImportManageDialog = useDomainImportManage();

packages/ui/certd-client/src/components/vip-button/api.ts

@@ -15,3 +15,10 @@ export async function getVipTrial(vipType: string) {
     data: { vipType },
   });
 }
+
+export async function getTodayVipOrderCount() {
+  return await request({
+    url: "/sys/plus/getTodayVipOrderCount",
+    method: "post",
+  });
+}

packages/ui/certd-client/src/components/vip-button/index.vue

@@ -14,16 +14,20 @@
 <script lang="tsx" setup>
 import { message, Modal } from "ant-design-vue";
 import dayjs from "dayjs";
-import { computed, onMounted, reactive, ref } from "vue";
+import { computed, onMounted, ref } from "vue";
 import { useI18n } from "vue-i18n";
 import { useRouter } from "vue-router";
 import * as api from "./api";
-import { useSettingStore } from "/@/store/settings";
+import { useSettingStore } from "/src/store/settings/index";
 import { useUserStore } from "/@/store/user";
 import { env } from "/@/utils/util.env";
 import { mitter } from "/@/utils/util.mitt";
+import VipModalContent from "./vip-modal-content.vue";
 const { t } = useI18n();
 
+defineOptions({
+  name: "VipButton",
+});
 const settingStore = useSettingStore();
 const props = withDefaults(
   defineProps<{
@@ -39,6 +43,7 @@ type Text = {
 };
 const text = computed<Text>(() => {
   const vipLabel = settingStore.vipLabel;
+  const plusMessage = settingStore.plusInfo?.message;
   const map = {
     isComm: {
       comm: {
@@ -91,7 +96,7 @@ const text = computed<Text>(() => {
       },
       nav: {
         name: t("vip.free.nav.name"),
-        title: t("vip.free.nav.title"),
+        title: plusMessage || t("vip.free.nav.title"),
       },
     },
   };
@@ -113,58 +118,16 @@ const expireTime = computed(() => {
 
 const expiredDays = computed(() => {
   if (settingStore.plusInfo?.isPlus && !settingStore.isPlus) {
-    //已过期多少天
     const days = dayjs().diff(dayjs(settingStore.plusInfo.expireTime), "day");
     return `${settingStore.vipLabel}已过期${days}天`;
   }
   return "";
 });
 
-const formState = reactive({
-  code: "",
-  inviteCode: "",
-});
-
 const router = useRouter();
-async function doActive() {
-  if (!formState.code) {
-    message.error(t("vip.enterCode"));
-    throw new Error(t("vip.enterCode"));
-  }
-  const res = await api.doActive(formState);
-  if (res) {
-    await settingStore.init();
-    const vipLabel = settingStore.vipLabel;
-    Modal.success({
-      title: t("vip.successTitle"),
-      content: t("vip.successContent", {
-        vipLabel,
-        expireDate: dayjs(settingStore.plusInfo.expireTime).format("YYYY-MM-DD"),
-      }),
-      onOk() {
-        if (!(settingStore.installInfo.bindUserId > 0)) {
-          Modal.confirm({
-            title: t("vip.bindAccountTitle"),
-            content: t("vip.bindAccountContent"),
-            onOk() {
-              router.push("/sys/account");
-            },
-          });
-        }
-      },
-    });
-  }
-}
-
-const computedSiteId = computed(() => settingStore.installInfo?.siteId);
 const [modal, contextHolder] = Modal.useModal();
 const userStore = useUserStore();
 
-function goAccount() {
-  Modal.destroyAll();
-  router.push("/sys/account");
-}
-
 async function getVipTrial(vipType = "plus") {
   const res = await api.getVipTrial(vipType);
   message.success(t("vip.congratulations_vip_trial", { duration: res.duration }));
@@ -253,6 +216,7 @@ function openUpgrade() {
       throw new Error(t("vip.already_perpetual_plus"));
     }
   }
+
   function goBuyPlusPage() {
     checkPerpetualPlus();
     if (settingStore.isComm) {
@@ -264,6 +228,7 @@ function openUpgrade() {
     }
     window.open(goBuyUrl);
   }
+
   function goBuyCommPage() {
     checkPerpetualPlus();
     if (settingStore.isPlus && !settingStore.isComm) {
@@ -278,75 +243,6 @@ function openUpgrade() {
     }
     window.open(goBuyCommUrl);
   }
-  const vipTypeDefine = {
-    free: {
-      title: t("vip.basic_edition"),
-      desc: t("vip.community_free_version"),
-      type: "free",
-      icon: "lucide:package-open",
-      privilege: [t("vip.unlimited_certificate_application"), t("vip.unlimited_domain_count"), t("vip.unlimited_certificate_pipelines"), t("vip.common_deployment_plugins"), t("vip.email_webhook_notifications")],
-    },
-    plus: {
-      title: t("vip.professional_edition"),
-      desc: t("vip.open_source_support"),
-      type: "plus",
-      privilege: [t("vip.vip_group_priority"), t("vip.unlimited_site_certificate_monitoring"), t("vip.more_notification_methods"), t("vip.plugins_fully_open")],
-      trial: {
-        title: t("vip.click_to_get_7_day_trial"),
-        click: () => {
-          openStarModal("plus");
-        },
-      },
-      icon: "stash:thumb-up",
-      priceText: productInfo.plus.priceText || `¥${productInfo.plus.price}/${t("vip.years")}`,
-      discountText: productInfo.plus.discountText || `¥${productInfo.plus.price3}/3${t("vip.years")}`,
-      tooltip: productInfo.plus.tooltip,
-      get() {
-        return (
-          <a-tooltip title={t("vip.afdian_support_vip")}>
-            <a-button size="small" type="primary" onClick={goBuyPlusPage}>
-              {t("vip.get_after_support")}
-            </a-button>
-          </a-tooltip>
-        );
-      },
-    },
-    comm: {
-      title: t("vip.business_edition"),
-      desc: t("vip.commercial_license"),
-      type: "comm",
-      icon: "vaadin:handshake",
-      privilege: [t("vip.all_pro_privileges"), t("vip.allow_commercial_use_modify_logo_title"), t("vip.data_statistics"), t("vip.plugin_management"), t("vip.unlimited_multi_users"), t("vip.support_user_payment")],
-      priceText: productInfo.comm.priceText || `¥${productInfo.comm.price}/${t("vip.years")}`,
-      discountText: productInfo.comm.discountText || `¥${productInfo.comm.price3}/3${t("vip.years")}`,
-      tooltip: productInfo.comm.tooltip,
-      trial: {
-        title: t("vip.click_to_get_7_day_trial"),
-        click: () => {
-          openStarModal("comm");
-        },
-      },
-      get() {
-        return (
-          <a-button size="small" type="primary" onClick={goBuyCommPage}>
-            {t("vip.buy")}
-          </a-button>
-        );
-      },
-    },
-  };
-
-  const manualActiveFlag = ref();
-  function showManualActivation() {
-    manualActiveFlag.value = true;
-  }
-
-  function goBindAccount() {
-    modalRef?.destroy();
-    router.push({
-      path: "/sys/account",
-    });
-  }
   const modalRef = modal.success({
     title,
     class: "vip-modal",
@@ -354,119 +250,7 @@ function openUpgrade() {
     okText: t("vip.close"),
     width: 1100,
     content: () => {
-      let manualActiveBlock: any = "";
-      if (manualActiveFlag.value) {
-        manualActiveBlock = (
-          <div>
-            <div class="mt-10">
-              <a-input-search class="w-2/6" v-model:value={formState.code} placeholder={placeholder} enter-button={t("vip.activate")} onSearch={doActive}></a-input-search>
-            </div>
-            <div class="mt-10">
-              {t("vip.activation_code_one_use")}
-              <a onClick={goAccount}>{t("vip.bind_account")}</a>，{t("vip.transfer_vip")}
-            </div>
-          </div>
-        );
-      }
-      const vipLabel = settingStore.vipLabel;
-      let plusInfo: any = "";
-      if (isPlus) {
-        plusInfo = (
-          <div class="mt-10 flex flex-col md:flex-row ">
-            <span class="mr-2">
-              {t("vip.current")} {vipLabel} {t("vip.activated_expire_time")} {settingStore.expiresText}
-            </span>
-            <a href="https://app.handfree.work/subject/#/page/detail/1" target="_blank">
-              {t("vip.learn_more")}
-            </a>
-          </div>
-        );
-      }
-
-      const slots = [];
-      for (const key in vipTypeDefine) {
-        // @ts-ignore
-        const item = vipTypeDefine[key];
-        const vipBlockClass = `vip-block  ${key === settingStore.plusInfo.vipType ? "current" : ""}`;
-        slots.push(
-          <div class="w-full md:w-1/3 mb-4 p-5">
-            <div class={vipBlockClass}>
-              <h3 class="block-header ">
-                <span class="flex-o">{item.title}</span>
-                {item.trial && (
-                  <span class="trial">
-                    <a-tooltip title={item.trial.message}>
-                      <a onClick={item.trial.click}>{item.trial.title}</a>
-                    </a-tooltip>
-                  </span>
-                )}
-              </h3>
-              <div style="color:green" class="flex-o">
-                <fs-icon icon={item.icon} class="fs-16 flex-o" />
-                {item.desc}
-              </div>
-              <ul class="flex-1 privilege">
-                {item.privilege.map((p: string) => (
-                  <li class="flex-baseline">
-                    <fs-icon class="color-green" icon="ion:checkmark-sharp" />
-                    {p}
-                  </li>
-                ))}
-              </ul>
-              <div class="footer flex-between flex-vc">
-                <div class="price-show">
-                  {item.priceText && (
-                    <span class="flex">
-                      <span class="-text">{item.priceText}</span>
-                      <a-tooltip class="ml-5" title={item.discountText}>
-                        <fs-icon class="pointer color-red" icon="ic:outline-discount"></fs-icon>
-                      </a-tooltip>
-                    </span>
-                  )}
-                  {!item.priceText && (
-                    <span>
-                      <span class="price-text">{t("vip.freee")}</span>
-                    </span>
-                  )}
-                </div>
-                <div class="get-show">{item.get && <div>{item.get()}</div>}</div>
-              </div>
-            </div>
-          </div>
-        );
-      }
-      return (
-        <div class="mt-10 mb-10 vip-active-modal">
-          {productInfo.notice && (
-            <div class="mb-10">
-              <a-alert type="error" message={productInfo.notice}></a-alert>
-            </div>
-          )}
-          <div class="vip-type-vs">
-            <a-row gutter={20}>{slots}</a-row>
-          </div>
-          <div>
-            <a href="https://certd.docmirror.cn/guide/donate/#相关问题" target="_blank">
-              {t("vip.question")}
-            </a>
-          </div>
-          <div class="mt-10">
-            <div class=" w-100 flex-col md:flex-row ">
-              <span>{t("vip.site_id")}：</span>
-              <fs-copyable v-model={computedSiteId.value} class="mr-2"></fs-copyable>
-              <a onClick={goBindAccount}>{t("vip.not_effective")}</a>
-            </div>
-          </div>
-          {plusInfo}
-          <div class="mt-10 ">
-            <span class="mr-2">{t("vip.have_activation_code")}</span>
-            <span>
-              <a onClick={showManualActivation}>{t("vip.manual_activation")}</a>
-            </span>
-          </div>
-          <div class="mt-10">{manualActiveBlock}</div>
-        </div>
-      );
+      return <VipModalContent placeholder={placeholder} isPlus={isPlus} productInfo={productInfo} goBuyPlusPage={goBuyPlusPage} goBuyCommPage={goBuyCommPage} openStarModal={openStarModal} modalRef={modalRef} />;
     },
   });
 }
@@ -502,69 +286,4 @@ onMounted(() => {
   .text {
   }
 }
-
-.vip-active-modal {
-  .vip-block {
-    display: flex;
-    flex-direction: column;
-    padding: 10px;
-    border: 1px solid #eee;
-    border-radius: 5px;
-    height: 275px;
-    line-height: 24px;
-
-    .privilege {
-      margin-top: 5px;
-    }
-
-    //background-color: rgba(250, 237, 167, 0.79);
-    &.current {
-      border-color: green;
-    }
-
-    .block-header {
-      padding: 0px;
-      display: flex;
-      justify-content: space-between;
-
-      .trial {
-        font-size: 12px;
-        font-wight: 400;
-      }
-    }
-
-    .footer {
-      padding-top: 5px;
-      margin-top: 0px;
-      border-top: 1px solid #eee;
-
-      .price-text {
-        font-size: 18px;
-        color: red;
-      }
-    }
-  }
-
-  ul {
-    list-style-type: unset;
-    margin-left: 0px;
-    padding: 0;
-  }
-
-  .color-green {
-    color: green;
-  }
-
-  .vip-type-vs {
-    .privilege {
-      .fs-icon {
-        color: green;
-      }
-    }
-
-    .fs-icon {
-      margin-right: 5px;
-    }
-  }
-}
 </style>

packages/ui/certd-client/src/components/vip-button/vip-modal-content.vue

@@ -0,0 +1,404 @@
+<template>
+  <div class="mt-10 vip-active-modal">
+    <div v-if="todayOrderCount.enabled" class="order-count hidden md:flex">
+      <div v-for="(stage, index) in todayOrderCount.stages" :key="index" class="status-item" :class="{ 'status-show': TodayVipOrderCountRef.current === index }">
+        <div class="background">
+          <img :src="stage.bg" alt="" />
+        </div>
+        <div class="flex flex-col order-count-text weight-bold">
+          <div class="count-text ml-4 flex items-center">
+            <fs-icon icon="noto:fire" class="fs-20 mr-2"></fs-icon>
+            <span> 今日赞助 </span>
+            <span class="count-number color-red font-bold text-2xl ml-1 mr-1"> {{ stage.orderCount }} </span>人，
+            <span> {{ stage.title }} </span>
+          </div>
+        </div>
+      </div>
+    </div>
+    <div v-if="productInfo.notice" class="mt-10">
+      <a-alert type="error" :message="productInfo.notice"></a-alert>
+    </div>
+    <div class="vip-type-vs mt-10">
+      <a-row :gutter="20">
+        <div v-for="(item, key) in vipTypeDefine" :key="key" class="w-full md:w-1/3 mb-4 p-5">
+          <div :class="`vip-block  ${key === settingStore.plusInfo.vipType ? 'current' : ''}`">
+            <h3 class="block-header">
+              <span class="flex-o">{{ item.title }}</span>
+              <span v-if="item.trial" class="trial">
+                <a-tooltip :title="item.trial.message">
+                  <a @click="item.trial.click">{{ item.trial.title }}</a>
+                </a-tooltip>
+              </span>
+            </h3>
+            <div style="color: green" class="flex-o">
+              <fs-icon :icon="item.icon" class="fs-16 flex-o" />
+              {{ item.desc }}
+            </div>
+            <ul class="flex-1 privilege">
+              <li v-for="p in item.privilege" :key="p" class="flex-baseline">
+                <fs-icon class="color-green" icon="ion:checkmark-sharp" />
+                {{ p }}
+              </li>
+            </ul>
+            <div class="footer flex-between flex-vc">
+              <div class="price-show">
+                <span v-if="item.priceText" class="flex">
+                  <span class="-text">{{ item.priceText }}</span>
+                  <a-tooltip class="ml-5" :title="item.discountText">
+                    <fs-icon class="pointer color-red" icon="ic:outline-discount"></fs-icon>
+                  </a-tooltip>
+                </span>
+                <span v-else>
+                  <span class="price-text">{{ t("vip.freee") }}</span>
+                </span>
+              </div>
+              <div class="get-show">
+                <template v-if="item.type === 'plus'">
+                  <a-tooltip :title="t('vip.afdian_support_vip')">
+                    <a-button size="small" type="primary" @click="goBuyPlusPage">
+                      {{ t("vip.get_after_support") }}
+                    </a-button>
+                  </a-tooltip>
+                </template>
+                <template v-else-if="item.type === 'comm'">
+                  <a-button size="small" type="primary" @click="goBuyCommPage">
+                    {{ t("vip.buy") }}
+                  </a-button>
+                </template>
+              </div>
+            </div>
+          </div>
+        </div>
+      </a-row>
+    </div>
+    <div>
+      <a href="https://certd.docmirror.cn/guide/donate/#相关问题" target="_blank">
+        {{ t("vip.question") }}
+      </a>
+    </div>
+    <div class="mt-10">
+      <div class="w-100 flex-col md:flex-row">
+        <span>{{ t("vip.site_id") }}：</span>
+        <fs-copyable v-model="computedSiteId" class="mr-2"></fs-copyable>
+        <a @click="goBindAccount">{{ t("vip.not_effective") }}</a>
+      </div>
+    </div>
+    <div v-if="isPlus" class="mt-10 flex flex-col md:flex-row">
+      <span class="mr-2"> {{ t("vip.current") }} {{ vipLabel }} {{ t("vip.activated_expire_time") }} {{ settingStore.expiresText }} </span>
+      <a href="https://app.handfree.work/subject/#/page/detail/1" target="_blank">
+        {{ t("vip.learn_more") }}
+      </a>
+    </div>
+    <div class="mt-10">
+      <span class="mr-2">{{ t("vip.have_activation_code") }}</span>
+      <span>
+        <a @click="showManualActivation">{{ t("vip.manual_activation") }}</a>
+      </span>
+    </div>
+    <div v-if="manualActiveFlag" class="mt-10">
+      <div class="mt-10">
+        <a-input-search v-model:value="formState.code" class="w-2/6" :placeholder="placeholder" :enter-button="t('vip.activate')" @search="doActive"></a-input-search>
+      </div>
+      <div class="mt-10">
+        {{ t("vip.activation_code_one_use") }}
+        <a @click="goAccount">{{ t("vip.bind_account") }}</a
+        >，{{ t("vip.transfer_vip") }}
+      </div>
+    </div>
+  </div>
+</template>
+
+<script lang="ts" setup>
+import { computed, nextTick, onMounted, reactive, Ref, ref } from "vue";
+import { message, Modal } from "ant-design-vue";
+import dayjs from "dayjs";
+import { useI18n } from "vue-i18n";
+import { useRouter } from "vue-router";
+import { useSettingStore } from "/@/store/settings";
+import * as api from "./api";
+import { utils } from "/@/utils";
+
+const { t } = useI18n();
+const router = useRouter();
+const settingStore = useSettingStore();
+
+const props = defineProps<{
+  placeholder: string;
+  isPlus: boolean;
+  productInfo: any;
+  goBuyPlusPage: () => void;
+  goBuyCommPage: () => void;
+  openStarModal: (vipType: string) => void;
+  modalRef: any;
+}>();
+
+const formState = reactive({
+  code: "",
+  inviteCode: "",
+});
+
+async function doActive() {
+  if (!formState.code) {
+    message.error(t("vip.enterCode"));
+    throw new Error(t("vip.enterCode"));
+  }
+  const res = await api.doActive(formState);
+  if (res) {
+    await settingStore.init();
+    const vipLabel = settingStore.vipLabel;
+    Modal.success({
+      title: t("vip.successTitle"),
+      content: t("vip.successContent", {
+        vipLabel,
+        expireDate: dayjs(settingStore.plusInfo.expireTime).format("YYYY-MM-DD"),
+      }),
+      onOk() {
+        if (!(settingStore.installInfo.bindUserId > 0)) {
+          Modal.confirm({
+            title: t("vip.bindAccountTitle"),
+            content: t("vip.bindAccountContent"),
+            onOk() {
+              router.push("/sys/account");
+            },
+          });
+        }
+      },
+    });
+  }
+}
+
+const vipLabel = computed(() => settingStore.vipLabel);
+const computedSiteId = computed(() => settingStore.installInfo?.siteId);
+
+const manualActiveFlag = ref(false);
+
+function showManualActivation() {
+  manualActiveFlag.value = true;
+}
+
+function goAccount() {
+  props.modalRef?.destroy();
+  router.push("/sys/account");
+}
+
+function goBindAccount() {
+  props.modalRef?.destroy();
+  router.push({
+    path: "/sys/account",
+  });
+}
+
+const vipTypeDefine: any = {
+  free: {
+    title: t("vip.basic_edition"),
+    desc: t("vip.community_free_version"),
+    type: "free",
+    icon: "lucide:package-open",
+    privilege: [t("vip.unlimited_certificate_application"), t("vip.unlimited_domain_count"), t("vip.unlimited_certificate_pipelines"), t("vip.common_deployment_plugins"), t("vip.email_webhook_notifications")],
+  },
+  plus: {
+    title: t("vip.professional_edition"),
+    desc: t("vip.open_source_support"),
+    type: "plus",
+    privilege: [t("vip.vip_group_priority"), t("vip.unlimited_site_certificate_monitoring"), t("vip.more_notification_methods"), t("vip.plugins_fully_open")],
+    trial: {
+      title: t("vip.click_to_get_7_day_trial"),
+      click: () => {
+        props.openStarModal("plus");
+      },
+    },
+    icon: "stash:thumb-up",
+    priceText: props.productInfo.plus.priceText || `¥${props.productInfo.plus.price}/${t("vip.years")}`,
+    discountText: props.productInfo.plus.discountText || `¥${props.productInfo.plus.price3}/3${t("vip.years")}`,
+    tooltip: props.productInfo.plus.tooltip,
+  },
+  comm: {
+    title: t("vip.business_edition"),
+    desc: t("vip.commercial_license"),
+    type: "comm",
+    icon: "vaadin:handshake",
+    privilege: [t("vip.all_pro_privileges"), t("vip.allow_commercial_use_modify_logo_title"), t("vip.data_statistics"), t("vip.plugin_management"), t("vip.unlimited_multi_users"), t("vip.support_user_payment")],
+    priceText: props.productInfo.comm.priceText || `¥${props.productInfo.comm.price}/${t("vip.years")}`,
+    discountText: props.productInfo.comm.discountText || `¥${props.productInfo.comm.price3}/3${t("vip.years")}`,
+    tooltip: props.productInfo.comm.tooltip,
+    trial: {
+      title: t("vip.click_to_get_7_day_trial"),
+      click: () => {
+        props.openStarModal("comm");
+      },
+    },
+  },
+};
+
+const TodayVipOrderCountRef: Ref = ref({});
+
+async function getTodayVipOrderCount() {
+  const res = await api.getTodayVipOrderCount();
+  if (res) {
+    TodayVipOrderCountRef.value = res;
+  }
+}
+
+const todayOrderCount = computed(() => {
+  const countInfo = TodayVipOrderCountRef.value;
+  const enabled = countInfo?.enabled || false;
+  const orderCount = countInfo?.orderCount || 0;
+  for (const stage of countInfo?.stages) {
+    stage.orderCount = stage.countGe || 0;
+  }
+  const lastStage = countInfo?.stages?.[countInfo?.stages?.length - 1] || {};
+  lastStage.orderCount = orderCount;
+  return {
+    enabled: enabled,
+    orderCount: orderCount,
+    title: lastStage.title || "",
+    stages: countInfo?.stages,
+  };
+});
+
+async function scrollOrderCount() {
+  const stages = todayOrderCount.value.stages;
+  if (!stages.length) {
+    return;
+  }
+  let index = 0;
+  for (const stage of stages) {
+    TodayVipOrderCountRef.value.current = index;
+    await utils.sleep(500);
+    index++;
+  }
+}
+
+onMounted(async () => {
+  await getTodayVipOrderCount();
+  await scrollOrderCount();
+});
+</script>
+
+<style lang="less">
+.vip-active-modal {
+  .order-count {
+    height: 80px;
+    position: relative;
+    border: 1px solid #fee2c5;
+    border-radius: 5px;
+
+    .background {
+      border: 0px;
+      border-radius: 5px;
+      height: 100%;
+      width: 100%;
+      position: absolute;
+      top: 0;
+      left: 0;
+      z-index: 0;
+      display: flex;
+      justify-content: flex-end;
+      overflow: hidden;
+
+      img {
+        height: 100%;
+        object-fit: cover;
+      }
+    }
+
+    .order-count-text {
+      position: absolute;
+      width: 100%;
+      top: 0;
+      left: 0;
+      right: 0;
+      bottom: 0;
+      z-index: 2;
+      padding: 10px;
+      display: flex;
+      flex-direction: column;
+      justify-content: space-evenly;
+      /* 左至右渐变*/
+      background: linear-gradient(to right, rgba(255, 217, 167, 0.5), rgba(255, 255, 255, 0));
+
+      .count-text {
+        font-size: 16px;
+        font-weight: 600;
+        color: #ff6600;
+        display: flex;
+
+        .count-number {
+          margin-bottom: 5px;
+        }
+      }
+    }
+
+    .status-item {
+      opacity: 0;
+      transition: all 0.7s ease-in-out;
+    }
+
+    .status-show {
+      opacity: 1;
+    }
+  }
+
+  .vip-block {
+    display: flex;
+    flex-direction: column;
+    padding: 10px;
+    border: 1px solid #eee;
+    border-radius: 5px;
+    height: 275px;
+    line-height: 24px;
+
+    .privilege {
+      margin-top: 5px;
+    }
+
+    &.current {
+      border-color: green;
+    }
+
+    .block-header {
+      padding: 0px;
+      display: flex;
+      justify-content: space-between;
+
+      .trial {
+        font-size: 12px;
+        font-wight: 400;
+      }
+    }
+
+    .footer {
+      padding-top: 5px;
+      margin-top: 0px;
+      border-top: 1px solid #eee;
+
+      .price-text {
+        font-size: 18px;
+        color: red;
+      }
+    }
+  }
+
+  ul {
+    list-style-type: unset;
+    margin-left: 0px;
+    padding: 0;
+  }
+
+  .color-green {
+    color: green;
+  }
+
+  .vip-type-vs {
+    .privilege {
+      .fs-icon {
+        color: green;
+      }
+    }
+
+    .fs-icon {
+      margin-right: 5px;
+    }
+  }
+}
+</style>

packages/ui/certd-client/src/plugin/validator/index.ts

@@ -4,8 +4,16 @@ function isIpv6(d: string) {
   if (!d) {
     return false;
   }
-  const isIPv6Regex = /^([0-9A-Fa-f]{0,4}:){2,7}([0-9A-Fa-f]{1,4}$|((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.|$)){4})$/gm;
-  return isIPv6Regex.test(d);
+  // const isIPv6Regex = /^([0-9A-Fa-f]{0,4}:){2,7}([0-9A-Fa-f]{1,4}$|((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.|$)){4})$/gm;
+  // return isIPv6Regex.test(d);
+
+  try {
+    // 尝试构造URL，用IPv6作为hostname
+    new URL(`http://[${d}]`);
+    return true;
+  } catch {
+    return false;
+  }
 }
 function isIpv4(d: string) {
   if (!d) {

packages/ui/certd-client/src/store/settings/api.basic.ts

@@ -27,6 +27,7 @@ export type PlusInfo = {
   expireTime?: number;
   isPlus: boolean;
   isComm?: boolean;
+  message?: string;
 };
 export type SysPublicSetting = {
   registerEnabled?: boolean;
@@ -107,6 +108,8 @@ export type SysPrivateSetting = {
 };
 export type SysInstallInfo = {
   siteId: string;
+  bindUrl?: string;
+  bindUrl2?: string;
 };
 export type MenuItem = {
   id: string;

packages/ui/certd-client/src/store/settings/index.tsx

@@ -1,5 +1,5 @@
 import { defineStore } from "pinia";
-import { Modal, notification } from "ant-design-vue";
+import { notification } from "ant-design-vue";
 import * as basicApi from "./api.basic";
 import { AppInfo, HeaderMenus, PlusInfo, SiteEnv, SiteInfo, SuiteSetting, SysInstallInfo, SysPublicSetting } from "./api.basic";
 import { useUserStore } from "../user";
@@ -20,6 +20,7 @@ export interface SettingState {
     installTime?: number;
     bindUserId?: number;
     bindUrl?: string;
+    bindUrl2?: string;
     accountServerBaseUrl?: string;
     appKey?: string;
   };
@@ -153,9 +154,11 @@ export const useSettingStore = defineStore({
       if (this.plusInfo?.expireTime === -1) {
         return "永久";
       }
+      //@ts-ignore
       return dayjs(this.plusInfo?.expireTime).format("YYYY-MM-DD");
     },
     isForever() {
+      //@ts-ignore
       return this.isPlus && this.plusInfo?.expireTime === -1;
     },
     vipLabel(): string {
@@ -251,9 +254,17 @@ export const useSettingStore = defineStore({
       url = url.split("#")[0];
       return url;
     },
-    async doBindUrl() {
-      const url = this.getBaseUrl();
-      await basicApi.bindUrl({ url });
+    async doBindUrl(key: string = "url") {
+      const url = this.installInfo.bindUrl;
+      const url2 = this.installInfo.bindUrl2;
+
+      const thisUrl = this.getBaseUrl();
+      const form = {
+        url,
+        url2,
+        [key]: thisUrl,
+      };
+      await basicApi.bindUrl(form);
       await this.loadSysSettings();
     },
     async checkUrlBound() {
@@ -262,24 +273,64 @@ export const useSettingStore = defineStore({
       if (!userStore.isAdmin) {
         return;
       }
-
+      const event: any = { ModalRef: null };
+      mitter.emit("getModal", event);
+      const Modal = event.ModalRef;
+      let modalRef: any = null;
       const bindUrl = this.installInfo.bindUrl;
+      const bindUrl2 = this.installInfo.bindUrl2;
+
+      const doBindRequest = async (key: string) => {
+        await this.doBindUrl(key);
+        if (modalRef) {
+          modalRef.destroy();
+        }
+      };
 
       if (!bindUrl) {
         //绑定url
-        await this.doBindUrl();
+        await this.doBindUrl("url");
       } else {
         //检查当前url 是否与绑定的url一致
         const url = window.location.href;
-        if (!url.startsWith(bindUrl)) {
-          Modal.confirm({
-            title: "URL地址有变化",
-            content: "以后都用这个新地址访问本系统吗？",
-            onOk: async () => {
-              await this.doBindUrl();
+        if (!url.startsWith(bindUrl) && !url.startsWith(bindUrl2)) {
+          modalRef = Modal.warning({
+            title: "URL地址未绑定，是否绑定此地址？",
+            width: 500,
+            keyboard: false,
+            content: () => {
+              return (
+                <div class="p-4">
+                  <div class="flex items-center justify-between">
+                    <span>
+                      绑定地址1：
+                      <a-tag color="green">{bindUrl || "未占用"}</a-tag>
+                    </span>
+                    <a-button type="primary" onClick={() => doBindRequest("url")}>
+                      绑定到地址1
+                    </a-button>
+                  </div>
+                  <div class="flex items-center justify-between mt-3">
+                    <span>
+                      绑定地址2：
+                      <a-tag color="green">{bindUrl2 || "未占用"}</a-tag>
+                    </span>
+                    <a-button type="primary" onClick={() => doBindRequest("url2")}>
+                      绑定到地址2
+                    </a-button>
+                  </div>
+                </div>
+              );
             },
-            okText: "是的，继续",
-            cancelText: "不是，回到原来的地址",
+            onOk: async () => {
+              // await this.doBindUrl();
+              window.location.href = bindUrl;
+            },
+            okButtonProps: {
+              danger: true,
+            },
+            okText: "不，回到原来的地址",
+            cancelText: "不，回到原来的地址",
             onCancel: () => {
               window.location.href = bindUrl;
             },

packages/ui/certd-client/src/style/common.less

@@ -320,10 +320,25 @@ h6 {
   font-size: 16px !important;
 }
 
+.fs-18 {
+  font-size: 18px !important;
+}
+
+.fs-20 {
+  font-size: 20px !important;
+}
+.fs-24 {
+  font-size: 24px !important;
+}
+.fs-26 {
+  font-size: 26px !important;
+}
 .fs-28 {
   font-size: 28px !important;
 }
-
+.fs-32 {
+  font-size: 32px !important;
+}
 .w-50\% {
   width: 50%;
 }
@@ -455,4 +470,10 @@ h6 {
     background: #ffecb3;
     color: #f57c00;
   }
+}
+
+.ant-tag{
+  .fs-icon{
+    margin-right: 5px;
+  }
 }

packages/ui/certd-client/src/vben/layouts/basic/menu/use-navigation.ts

@@ -1,11 +1,12 @@
 import type { RouteRecordNormalized } from "vue-router";
 
-import { useRouter } from "vue-router";
+import { useRoute, useRouter } from "vue-router";
 
 import { isHttpUrl, openRouteInNewWindow, openWindow } from "../../../utils";
 
 function useNavigation() {
   const router = useRouter();
+  const route1 = useRoute();
   const routes = router.getRoutes();
 
   const routeMetaMap = new Map<string, RouteRecordNormalized>();
@@ -15,6 +16,9 @@ function useNavigation() {
   });
 
   const navigation = async (path: string) => {
+    if (route1.path === path) {
+      return;
+    }
     const route = routeMetaMap.get(path);
     const { openInNewWindow = false, query = {} as any } = route?.meta ?? {};
     if (isHttpUrl(path)) {

packages/ui/certd-client/src/vben/shared/utils/window.ts

@@ -27,8 +27,12 @@ function openWindow(url: string, options: OpenWindowOptions = {}): void {
  */
 function openRouteInNewWindow(path: string) {
   const { hash, origin } = location;
+  let pathname = location.pathname;
+  if (pathname.endsWith("/")) {
+    pathname = pathname.slice(0, -1);
+  }
   const fullPath = path.startsWith("/") ? path : `/${path}`;
-  const url = `${origin}${hash ? "/#" : ""}${fullPath}`;
+  const url = `${origin}${pathname}${hash ? "/#" : ""}${fullPath}`;
   openWindow(url, { target: "_blank" });
 }
 

packages/ui/certd-client/src/views/certd/monitor/cert/crud.tsx

@@ -33,7 +33,6 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
     const res = await api.AddObj(form);
     return res;
   };
-  const { openCrudFormDialog } = useFormWrapper();
   const router = useRouter();
 
   const settingStore = useSettingStore();

packages/ui/certd-client/src/views/certd/pipeline/index.vue

@@ -3,7 +3,7 @@
     <template #header>
       <div class="title">
         {{ t("certd.myPipelines") }}
-        <div class="sub">{{ t("certd.pipelinePage.myPipelinesDesc") }}</div>
+        <span class="sub">{{ t("certd.pipelinePage.myPipelinesDesc") }}</span>
       </div>
     </template>
     <!-- <a-alert v-if="settingStore.sysPublic.notice" type="warning" show-icon>

packages/ui/certd-client/src/views/framework/forgot-password/index.vue

@@ -76,7 +76,7 @@
         <a-button type="primary" size="large" html-type="submit" class="submit-button"> 找回密码</a-button>
 
         <div class="mt-2 flex-between">
-          <a v-comm="false" href="https://certd.docmirror.cn/guide/use/forgotpasswd/" target="_blank"> 管理员无绑定通信方式或MFA丢失找回 </a>
+          <a v-comm="false" href="https://certd.docmirror.cn/guide/use/forgotpasswd/" target="_blank"> 管理员忘记密码 </a>
 
           <router-link :to="{ name: 'login' }"> 返回登录 </router-link>
         </div>

packages/ui/certd-client/src/views/framework/home/dashboard/charts/expiring-list.vue

@@ -1,6 +1,6 @@
 <template>
   <div v-if="data.length !== 0" class="expiring-pipeline-list">
-    <div v-for="item of data" class="pipeline-row">
+    <div v-for="item of data" :key="item.id" class="pipeline-row">
       <div class="title" :title="item.title">
         <pi-status-show :status="item.status"></pi-status-show> <a @click="goDetail(item)">{{ item.title }}</a>
       </div>

packages/ui/certd-client/src/views/framework/home/dashboard/index.vue

@@ -67,7 +67,7 @@
     <div class="statistic-data m-20">
       <a-row :gutter="20" class="flex-wrap">
         <a-col :md="6" :xs="24">
-          <statistic-card icon="fluent-color:data-line-24" :title="t('certd.dashboard.pipelineCount')" :count="count.pipelineCount" :sub-counts="count.pipelineEnableCount">
+          <statistic-card icon="fluent-color:data-line-24" :title="t('certd.dashboard.pipelineCount')" :count="count.pipelineCount" link="/certd/pipeline" :sub-counts="count.pipelineEnableCount">
             <template v-if="count.pipelineCount === 0" #default>
               <div class="flex-center flex-1 flex-col">
                 <div style="font-size: 18px; font-weight: 700">{{ t("certd.dashboard.noPipeline") }}</div>
@@ -85,7 +85,7 @@
           </statistic-card>
         </a-col> -->
         <a-col :md="6" :xs="24">
-          <statistic-card icon="fluent-color:certificate-24" :title="t('certd.dashboard.certCount')" :count="count.certCount" :sub-counts="count.certStatusCount">
+          <statistic-card icon="fluent-color:certificate-24" :title="t('certd.dashboard.certCount')" :count="count.certCount" link="/certd/monitor/cert" :sub-counts="count.certStatusCount">
             <template v-if="count.certCount === 0" #default>
               <div class="flex-center flex-1 flex-col">
                 <div style="font-size: 18px; font-weight: 700">{{ t("certd.dashboard.noCert") }}</div>
@@ -216,6 +216,9 @@ const siteInfo: Ref<SiteInfo> = computed(() => {
   return settingStore.siteInfo;
 });
 const settingsStore = useSettingStore();
+const defaultExpireDays = computed(() => {
+  return settingsStore.sysPublic.defaultCertRenewDays || settingsStore.sysPublic.defaultWillExpireDays || 15;
+});
 const userStore = useUserStore();
 const userInfo: ComputedRef<UserInfoRes> = computed(() => {
   return userStore.getUserInfo;
@@ -266,9 +269,16 @@ function transformStatusCount() {
   ];
   const certCount = count.value.certCount;
   count.value.certStatusCount = [
-    { name: t("certd.dashboard.certExpiredCount"), value: certCount.expired, color: "red", checkIcon: "mingcute:warning-fill:#f44336" },
-    { name: t("certd.dashboard.certExpiringCount"), value: certCount.expiring, color: "yellow", checkIcon: "mingcute:alert-fill:#ff9800", title: "到期不足15天" },
-    { name: t("certd.dashboard.certNoExpireCount"), value: certCount.notExpired, color: "green" },
+    { name: t("certd.dashboard.certExpiredCount"), value: certCount.expired, color: "red", checkIcon: "mingcute:warning-fill:#f44336", link: { path: "/certd/monitor/cert", query: { expireStatus: "expired" } } },
+    {
+      name: t("certd.dashboard.certExpiringCount"),
+      value: certCount.expiring,
+      color: "yellow",
+      checkIcon: "mingcute:alert-fill:#ff9800",
+      title: `到期不足${defaultExpireDays.value}天`,
+      link: { path: "/certd/monitor/cert", query: { expireStatus: "expiring" } },
+    },
+    { name: t("certd.dashboard.certNoExpireCount"), value: certCount.notExpired, color: "green", link: { path: "/certd/monitor/cert", query: { expireStatus: "noExpired" } } },
   ];
   count.value.certCount = certCount.total;
 }
@@ -380,6 +390,12 @@ const { tour, tourHandleOpen } = useTour();
 
 <style lang="less">
 .dashboard-user {
+  .ant-card-head {
+    padding: 0px 18px;
+  }
+  .ant-card-body {
+    padding: 15px 18px;
+  }
   .warning {
     .ant-alert {
       border-left: 0;

packages/ui/certd-client/src/views/framework/home/dashboard/statistic-card.vue

@@ -12,13 +12,13 @@
         <div class="content">
           <div v-if="!slots.default" class="statistic">
             <div v-if="count !== 0" class="value flex items-center w-full">
-              <div class="total flex-center flex-1 flex-col">
+              <div class="total flex-center flex-1 flex-col pointer" @click="goDetail(link)">
                 <span>{{ count }}</span>
                 <span class="sub-title">{{ title }}</span>
               </div>
               <a-divider type="vertical h-10"></a-divider>
-              <div class="sub flex-1 flex-col h-[80%] flex-evenly pl-4">
-                <div v-for="item in subCounts" :key="item.name" class="sub-item flex justify-center w-full" :title="item.title">
+              <div class="sub flex-1 flex-col h-[80%] flex-evenly pl-1 2xl:pl-4">
+                <div v-for="item in subCounts" :key="item.name" class="sub-item flex justify-center w-full pointer" :title="item.title" @click="goDetail(item.link)">
                   <div class="flex items-center w-[60%] ellipsis overflow-hidden">
                     <div class="status-indicator" :class="`bg-${item.color}`"></div>
                     {{ item.name }}：
@@ -45,27 +45,37 @@
 </template>
 <script setup lang="ts">
 import { FsIcon } from "@fast-crud/fast-crud";
+import { useRouter } from "vue-router";
 const props = defineProps<{
   icon: string;
   title: string;
   count?: number;
+  link?: any;
   subCounts?: {
     name: string;
     value: number;
     color: string;
     checkIcon?: string;
     title?: string;
+    link?: any;
   }[];
 }>();
 const slots = defineSlots();
+const router = useRouter();
+function goDetail(link: any) {
+  if (!link) {
+    return;
+  }
+  if (typeof link === "string") {
+    router.push({ path: link });
+  } else {
+    router.push(link);
+  }
+}
 </script>
 <style lang="less">
 .statistic-card {
   margin-bottom: 10px;
-
-  .ant-card-body {
-    padding: 15px 24px;
-  }
   .icon-text {
     display: inline-flex;
     justify-content: left;

packages/ui/certd-client/src/views/framework/login/index.vue

@@ -59,6 +59,9 @@
               <router-link v-if="!!settingStore.sysPublic.selfServicePasswordRetrievalEnabled && !queryBindCode" :to="{ name: 'forgotPassword' }">
                 {{ t("authentication.forgotPassword") }}
               </router-link>
+              <a v-else v-comm="false" href="https://certd.docmirror.cn/guide/use/forgotpasswd/" target="_blank">
+                {{ t("authentication.forgotPassword") }}
+              </a>
             </div>
 
             <router-link v-if="hasRegisterTypeEnabled() && !queryBindCode" class="register" :to="{ name: 'register' }">

packages/ui/certd-client/src/views/sys/settings/tabs/captcha.vue

@@ -9,9 +9,11 @@
         <addon-selector v-model:model-value="formState.public.captchaAddonId" addon-type="captcha" from="sys" @selected-change="onAddonChanged" />
       </a-form-item>
       <a-form-item v-if="formState.public.captchaType === settingsStore.sysPublic.captchaType" :label="t('certd.sys.setting.captchaTest')">
-        <div class="flex">
-          <CaptchaInput v-model:model-value="captchaTestForm.captcha" class="w-50%"></CaptchaInput>
-          <a-button class="ml-2" type="primary" @click="doCaptchaValidate">后端验证</a-button>
+        <div class="flex items-center">
+          <CaptchaInput v-model:model-value="captchaTestForm.captcha" class="w-60%"></CaptchaInput>
+          <a-button class="ml-2 mr-2" type="primary" @click="doCaptchaValidate">后端验证</a-button>
+          <a-tag v-if="captchaTestForm.pass" color="green" class="flex items-center"> <fs-icon icon="material-symbols:check-circle-rounded"></fs-icon> 校验通过</a-tag>
+          <a-tag v-else class="flex items-center"> <fs-icon icon="material-symbols:info-rounded"></fs-icon> 请先点击验证</a-tag>
         </div>
       </a-form-item>
 

packages/ui/certd-client/vite.config.ts

@@ -19,14 +19,15 @@ process.env.VITE_APP_VERSION = require("./package.json").version;
 process.env.VITE_APP_BUILD_TIME = require("dayjs")().format("YYYY-M-D HH:mm:ss");
 import * as https from "node:https";
 
-export default ({ command, mode }) => {
+export default (req: any) => {
+  const { command, mode } = req;
   console.log("args", command, mode);
   const env = loadEnv(mode, process.cwd());
   const devServerFs: any = {};
   const devAlias: any[] = [];
   const base = "./";
   // if (mode.startsWith("dev")) {
-  //   base = "./";
+  //   base = "/certd";
   // }
   return {
     base: base,
@@ -87,7 +88,7 @@ export default ({ command, mode }) => {
       host: "0.0.0.0",
       port: 3008,
       fs: devServerFs,
-      allowedHosts: ["localhost", "127.0.0.1", "yfy.docmirror.cn"],
+      allowedHosts: ["localhost", "127.0.0.1", "yfy.docmirror.cn", "docmirror.top", "*"],
       proxy: {
         // with options
         "/api": {
@@ -96,6 +97,13 @@ export default ({ command, mode }) => {
           //忽略证书
           agent: new https.Agent({ rejectUnauthorized: false }),
         },
+        "/certd/api": {
+          //配套后端 https://github.com/fast-crud/fs-server-js
+          target: "https://127.0.0.1:7002/api",
+          rewrite: path => path.replace(/^\/certd\/api/, ""),
+          //忽略证书
+          agent: new https.Agent({ rejectUnauthorized: false }),
+        },
       },
     },
   };

packages/ui/certd-server/CHANGELOG.md

@@ -3,6 +3,35 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+### Bug Fixes
+
+* 阿里云esa查询证书限制接口无效，改成配置证书数量上限检查方式进行清理 ([2302567](https://github.com/certd/certd/commit/230256793f8ad87ef8a0738c37108bf7b5ab9853))
+* 修复部署到火山引擎vod，获取域名列表为空的bug ([0719f4c](https://github.com/certd/certd/commit/0719f4c99e9198544d03431107b53652e076e881))
+* 修复oidc配置取消后获取登出地址失败后无法列出oauth列表的bug ([eb5de15](https://github.com/certd/certd/commit/eb5de150332fd914c56b812c3ba2c2445f902bb7))
+
+### Performance Improvements
+
+* 将重置密码的日志挪到启动成功之后，方便查看 ([0fa9b34](https://github.com/certd/certd/commit/0fa9b344e08cf355aee7a7566f061cc5d95dc374))
+* 支持绑定两个url地址 ([a2e9a41](https://github.com/certd/certd/commit/a2e9a41a7e712395c0e3ee6fe55b370aa1fc1f12))
+
+## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)
+
+### Bug Fixes
+
+* 修复阿里云esa超过免费配额之后无法部署证书的bug，改成删除最旧的那张证书 ([32de8d9](https://github.com/certd/certd/commit/32de8d9ccb08d26414adbdde950d7cd405dc344a))
+
+### Performance Improvements
+
+* 当ip证书天数太小时，自动调整更新天数，避免每次运行都重新申请ip证书 ([433e98b](https://github.com/certd/certd/commit/433e98b6450fa7d0491151f159e432bf3dfe4feb))
+* 修复旧版本流水线数据发送通知标题为空的bug ([9bee0e4](https://github.com/certd/certd/commit/9bee0e460bfebe8db76742b80b2d52854392f4de))
+* 验证码支持 Cloudflare Turnstile ，谨慎启用，国内被墙了 ([ca43c77](https://github.com/certd/certd/commit/ca43c775250154def63c4acd96d65dc95d1c0c2b))
+* 优化证书未过期时的任务日志提示 ([ac85488](https://github.com/certd/certd/commit/ac85488245197694560aad7df9425ca215ef7ff7))
+* 支持部署到阿里云GA ([1a0d3ee](https://github.com/certd/certd/commit/1a0d3eeb1b0b5ce08f05af84b6161e00c1fe1815))
+* 支持部署到华为elb ([60c8ace](https://github.com/certd/certd/commit/60c8ace443e848155d3ce12e95b84766a4610d3a))
+* 支持部署到AcePanel ([1661cae](https://github.com/certd/certd/commit/1661caed05e3413dc3e2b14ce62b75aa03ad90e0))
+
 ## [1.38.3](https://github.com/certd/certd/compare/v1.38.2...v1.38.3) (2026-01-28)
 
 ### Bug Fixes

packages/ui/certd-server/metadata/access_acepanel.yaml

@@ -0,0 +1,41 @@
+name: acepanel
+title: AcePanel授权
+desc: ''
+icon: svg:icon-lucky
+input:
+  endpoint:
+    title: AcePanel管理地址
+    component:
+      placeholder: http://127.0.0.1:25475/entrance
+    helper: 请输入AcePanel管理地址，格式为http://127.0.0.1:25475/entrance, 要带安全入口，最后面不要加/
+    required: true
+  tokenId:
+    title: 访问令牌ID
+    component:
+      name: a-input-number
+      vModel: value
+    helper: AcePanel控制台->设置->用户->访问令牌->创建访问令牌
+    required: true
+  accessToken:
+    title: 访问令牌
+    component:
+      placeholder: AccessToken
+    helper: 创建访问令牌后复制该令牌填到这里
+    required: true
+    encrypt: true
+  skipSslVerify:
+    title: 忽略证书校验
+    value: true
+    component:
+      name: a-switch
+      vModel: checked
+    helper: 如果面板的url是https，且使用的是自签名证书，则需要开启此选项，其他情况可以关闭
+  testRequest:
+    title: 测试
+    component:
+      name: api-test
+      action: TestRequest
+    helper: 点击测试接口是否正常
+pluginType: access
+type: builtIn
+scriptFilePath: /plugins/plugin-acepanel/access.js

packages/ui/certd-server/metadata/addon_captcha_cfTurnstile.yaml

@@ -0,0 +1,23 @@
+addonType: captcha
+name: cfTurnstile
+title: Cloudflare Turnstile
+desc: 谨慎使用，国内被墙了
+showTest: false
+input:
+  siteKey:
+    title: 站点密钥
+    component:
+      placeholder: SiteKey
+    helper: >-
+      [Cloudflare
+      Turnstile](https://www.cloudflare.com/zh-cn/application-services/products/turnstile/)
+      -> 添加小组件
+    required: true
+  secretKey:
+    title: 密钥
+    component:
+      placeholder: SecretKey
+    required: true
+pluginType: addon
+type: builtIn
+scriptFilePath: /plugins/plugin-captcha/cf-turnstile/index.js

packages/ui/certd-server/metadata/deploy_AcePanelDeployToWebsite.yaml

@@ -0,0 +1,73 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: AcePanelDeployToWebsite
+title: AcePanel-部署到网站
+desc: 上传证书并部署到指定网站
+icon: svg:icon-lucky
+group: panel
+needPlus: true
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: false
+    order: 0
+  accessId:
+    title: ACEPanel授权
+    component:
+      name: access-selector
+      type: acepanel
+    required: true
+    order: 0
+  websiteList:
+    title: 部署网站
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      action: onGetWebsiteList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 选择需要部署证书的网站
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: /plugins/plugin-acepanel/plugins/plugin-deploy-to-website.js

packages/ui/certd-server/metadata/deploy_AcePanelPanelCert.yaml

@@ -0,0 +1,30 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: AcePanelPanelCert
+title: AcePanel-面板证书
+desc: 部署AcePanel面板证书
+icon: svg:icon-lucky
+group: panel
+needPlus: true
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    order: 0
+  accessId:
+    title: ACEPanel授权
+    component:
+      name: access-selector
+      type: acepanel
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: /plugins/plugin-acepanel/plugins/plugin-panel-cert.js

packages/ui/certd-server/metadata/deploy_AliyunDeployCertToESA.yaml

@@ -98,6 +98,15 @@ input:
               
     helper: 请选择要部署证书的站点
     order: 0
+  certLimit:
+    title: 免费证书数量限制
+    value: 2
+    component:
+      name: a-input-number
+      vModel: value
+    helper: 将检查证书数量限制，如果超限将删除最旧的那张证书
+    required: true
+    order: 0
 output: {}
 pluginType: deploy
 type: builtIn

packages/ui/certd-server/metadata/deploy_AliyunDeployCertToGA.yaml

@@ -0,0 +1,158 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: AliyunDeployCertToGA
+title: 阿里云-部署至GA
+icon: svg:icon-aliyun
+group: aliyun
+desc: 部署证书到阿里云GA(全球加速)，支持更新默认证书和扩展证书
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择证书申请任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+        - uploadCertToAliyun
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: false
+    order: 0
+  casEndpoint:
+    title: 证书接入点
+    helper: 不会选就保持默认即可
+    value: cas.aliyuncs.com
+    component:
+      name: a-select
+      options:
+        - value: cas.aliyuncs.com
+          label: 中国大陆
+        - value: cas.ap-southeast-1.aliyuncs.com
+          label: 新加坡
+    required: true
+    order: 0
+  accessId:
+    title: Access授权
+    helper: 阿里云授权AccessKeyId、AccessKeySecret
+    component:
+      name: access-selector
+      type: aliyun
+    required: true
+    order: 0
+  acceleratorId:
+    title: 全球加速实例
+    component:
+      name: remote-select
+      vModel: value
+      type: plugin
+      action: onGetAcceleratorList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 请选择要部署证书的全球加速实例
+    order: 0
+  listenerIds:
+    title: 监听
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      action: onGetListenerList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+        - accessId
+        - acceleratorId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 请选择要部署证书的监听
+    order: 0
+  certType:
+    title: 证书类型
+    helper: 选择更新默认证书还是扩展证书
+    value: default
+    component:
+      name: a-select
+      options:
+        - value: default
+          label: 默认证书
+        - value: additional
+          label: 扩展证书
+    required: true
+    order: 0
+  additionalDomains:
+    title: 扩展证书域名
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      action: onGetAdditionalDomainList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+        - accessId
+        - acceleratorId
+        - listenerIds
+        - certType
+    required: true
+    mergeScript: |2-
+
+              return {
+                show: ctx.compute(({form})=>{
+                  return form.certType === "additional";
+                })
+              }
+          
+    helper: 将证书里的域名扩展绑定到监听器中
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: /plugins/plugin-aliyun/plugin/deploy-to-ga/index.js

packages/ui/certd-server/metadata/deploy_CertApply.yaml

@@ -3,7 +3,7 @@ default:
   strategy:
     runStrategy: 0
   input:
-    renewDays: 18
+    renewDays: 15
     forceUpdate: false
 name: CertApply
 title: 证书申请（JS版）
@@ -17,7 +17,9 @@ input:
       name: domain-selector
       vModel: value
       mode: tags
-      placeholder: 请输入证书域名，比如：foo.com , *.foo.com , *.sub.foo.com , *.bar.com
+      placeholder: >-
+        请输入证书域名/IP，比如：foo.com , *.foo.com , *.sub.foo.com , *.bar.com ,
+        123.123.123.123
       tokenSeparators:
         - ','
         - ' '

packages/ui/certd-server/metadata/deploy_CertApplyGetFormAliyun.yaml

@@ -14,7 +14,9 @@ input:
       name: domain-selector
       vModel: value
       mode: tags
-      placeholder: 请输入证书域名，比如：foo.com , *.foo.com , *.sub.foo.com , *.bar.com
+      placeholder: >-
+        请输入证书域名/IP，比如：foo.com , *.foo.com , *.sub.foo.com , *.bar.com ,
+        123.123.123.123
       tokenSeparators:
         - ','
         - ' '

packages/ui/certd-server/metadata/deploy_CertApplyLego.yaml

@@ -17,7 +17,9 @@ input:
       name: domain-selector
       vModel: value
       mode: tags
-      placeholder: 请输入证书域名，比如：foo.com , *.foo.com , *.sub.foo.com , *.bar.com
+      placeholder: >-
+        请输入证书域名/IP，比如：foo.com , *.foo.com , *.sub.foo.com , *.bar.com ,
+        123.123.123.123
       tokenSeparators:
         - ','
         - ' '

packages/ui/certd-server/metadata/deploy_CertApplyUpload.yaml

@@ -79,7 +79,9 @@ input:
       name: domain-selector
       vModel: value
       mode: tags
-      placeholder: 请输入证书域名，比如：foo.com , *.foo.com , *.sub.foo.com , *.bar.com
+      placeholder: >-
+        请输入证书域名/IP，比如：foo.com , *.foo.com , *.sub.foo.com , *.bar.com ,
+        123.123.123.123
       tokenSeparators:
         - ','
         - ' '

packages/ui/certd-server/metadata/deploy_HauweiDeployCertToELB.yaml

@@ -0,0 +1,104 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: HauweiDeployCertToELB
+title: 华为云-部署证书至ELB负载均衡
+icon: svg:icon-huawei
+group: huawei
+desc: ''
+input:
+  cert:
+    title: 域名证书
+    helper: >-
+      请选择前置任务输出的域名证书
+
+      如果你选择使用ccm证书ID，则需要在[域名管理页面右上角开启SCM授权](https://console.huaweicloud.com/cdn/#/cdn/domain)
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: false
+    order: 0
+  accessId:
+    title: Access授权
+    helper: 华为云授权AccessKeyId、AccessKeySecret
+    component:
+      name: access-selector
+      type: huawei
+    required: true
+    order: 0
+  projectId:
+    title: 项目ID
+    component:
+      name: remote-select
+      vModel: value
+      type: plugin
+      typeName: HauweiDeployCertToELB
+      action: onGetProjectList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 请选择项目
+    order: 0
+  certIds:
+    title: ELB已有证书
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: HauweiDeployCertToELB
+      action: onGetCertList
+      search: true
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 请选择域名或输入域名
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: /plugins/plugin-huawei/plugins/deploy-to-elb/index.js

packages/ui/certd-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-server",
-  "version": "1.38.3",
+  "version": "1.38.5",
   "description": "fast-server base midway",
   "private": true,
   "type": "module",
@@ -48,23 +48,25 @@
     "@aws-sdk/client-iam": "^3.964.0",
     "@aws-sdk/client-route-53": "^3.964.0",
     "@aws-sdk/client-s3": "^3.964.0",
-    "@certd/acme-client": "^1.38.3",
-    "@certd/basic": "^1.38.3",
-    "@certd/commercial-core": "^1.38.3",
+    "@certd/acme-client": "^1.38.5",
+    "@certd/basic": "^1.38.5",
+    "@certd/commercial-core": "^1.38.5",
     "@certd/cv4pve-api-javascript": "^8.4.2",
-    "@certd/jdcloud": "^1.38.3",
-    "@certd/lib-huawei": "^1.38.3",
-    "@certd/lib-k8s": "^1.38.3",
-    "@certd/lib-server": "^1.38.3",
-    "@certd/midway-flyway-js": "^1.38.3",
-    "@certd/pipeline": "^1.38.3",
-    "@certd/plugin-cert": "^1.38.3",
-    "@certd/plugin-lib": "^1.38.3",
-    "@certd/plugin-plus": "^1.38.3",
-    "@certd/plus-core": "^1.38.3",
+    "@certd/jdcloud": "^1.38.5",
+    "@certd/lib-huawei": "^1.38.5",
+    "@certd/lib-k8s": "^1.38.5",
+    "@certd/lib-server": "^1.38.5",
+    "@certd/midway-flyway-js": "^1.38.5",
+    "@certd/pipeline": "^1.38.5",
+    "@certd/plugin-cert": "^1.38.5",
+    "@certd/plugin-lib": "^1.38.5",
+    "@certd/plugin-plus": "^1.38.5",
+    "@certd/plus-core": "^1.38.5",
     "@google-cloud/publicca": "^1.3.0",
-    "@huaweicloud/huaweicloud-sdk-cdn": "^3.1.120",
-    "@huaweicloud/huaweicloud-sdk-core": "^3.1.120",
+    "@huaweicloud/huaweicloud-sdk-cdn": "^3.1.185",
+    "@huaweicloud/huaweicloud-sdk-core": "^3.1.185",
+    "@huaweicloud/huaweicloud-sdk-elb": "^3.1.185",
+    "@huaweicloud/huaweicloud-sdk-iam": "^3.1.185",
     "@koa/cors": "^5.0.0",
     "@midwayjs/bootstrap": "3.20.11",
     "@midwayjs/cache": "3.14.0",

packages/ui/certd-server/src/controller/basic/code-controller.ts

@@ -1,5 +1,5 @@
 import { BaseController, Constants, SysSettingsService } from "@certd/lib-server";
-import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
+import { ALL, Body, Controller, Inject, Post, Provide, Query, RequestIP } from "@midwayjs/core";
 import { Rule, RuleType } from "@midwayjs/validate";
 import { CaptchaService } from "../../modules/basic/service/captcha-service.js";
 import { CodeService } from "../../modules/basic/service/code-service.js";
@@ -62,7 +62,8 @@ export class BasicController extends BaseController {
   @Post('/sendSmsCode', { summary: Constants.per.guest })
   public async sendSmsCode(
     @Body(ALL)
-    body: SmsCodeReq
+    body: SmsCodeReq,
+    @RequestIP() remoteIp: string
   ) {
     const opts = {
       verificationType: body.verificationType,
@@ -74,7 +75,7 @@ export class BasicController extends BaseController {
       // opts.verificationCodeLength = 6; //部分厂商这里会设置参数长度这里就不改了
     }
 
-    await this.codeService.checkCaptcha(body.captcha);
+    await this.codeService.checkCaptcha(body.captcha,{remoteIp});
     await this.codeService.sendSmsCode(body.phoneCode, body.mobile, opts);
     return this.ok(null);
   }
@@ -82,7 +83,8 @@ export class BasicController extends BaseController {
   @Post('/sendEmailCode', { summary: Constants.per.guest })
   public async sendEmailCode(
     @Body(ALL)
-    body: EmailCodeReq
+    body: EmailCodeReq,
+    @RequestIP() remoteIp: string
   ) {
     const opts = {
       verificationType: body.verificationType,
@@ -99,7 +101,7 @@ export class BasicController extends BaseController {
     }
 
 
-    await this.codeService.checkCaptcha(body.captcha);
+    await this.codeService.checkCaptcha(body.captcha,{remoteIp});
     await this.codeService.sendEmailCode(body.email, opts);
     // 设置缓存内容
     return this.ok(null);

packages/ui/certd-server/src/controller/basic/login/login-controller.ts

@@ -1,4 +1,4 @@
-import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
+import { ALL, Body, Controller, Inject, Post, Provide, RequestIP } from "@midwayjs/core";
 import { LoginService } from "../../../modules/login/service/login-service.js";
 import { AddonService, BaseController, Constants, SysPublicSettings, SysSettingsService } from "@certd/lib-server";
 import { CodeService } from "../../../modules/basic/service/code-service.js";
@@ -26,11 +26,13 @@ export class LoginController extends BaseController {
   @Post('/login', { summary: Constants.per.guest })
   public async login(
     @Body(ALL)
-    body: any
+    body: any,
+    @RequestIP()
+    remoteIp: string
   ) {
    const settings = await this.sysSettingsService.getPublicSettings()
     if (settings.captchaEnabled === true) {
-      await this.captchaService.doValidate({form:body.captcha,must:false,captchaAddonId:settings.captchaAddonId})
+      await this.captchaService.doValidate({form:body.captcha,must:false,captchaAddonId:settings.captchaAddonId,req:{remoteIp}})
     }
     const token = await this.loginService.loginByPassword(body);
     this.writeTokenCookie(token);

packages/ui/certd-server/src/controller/basic/login/register-controller.ts

@@ -1,4 +1,4 @@
-import { ALL, Body, Controller, Inject, Post, Provide } from '@midwayjs/core';
+import { ALL, Body, Controller, Inject, Post, Provide, RequestIP } from '@midwayjs/core';
 import { BaseController, Constants, SysSettingsService } from '@certd/lib-server';
 import { RegisterType, UserService } from '../../../modules/sys/authority/service/user-service.js';
 import { CodeService } from '../../../modules/basic/service/code-service.js';
@@ -32,7 +32,8 @@ export class RegisterController extends BaseController {
   @Post('/register', { summary: Constants.per.guest })
   public async register(
     @Body(ALL)
-    body: RegisterReq
+    body: RegisterReq,
+    @RequestIP() remoteIp: string
   ) {
     const sysPublicSettings = await this.sysSettingsService.getPublicSettings();
     if (sysPublicSettings.registerEnabled === false) {
@@ -51,7 +52,7 @@ export class RegisterController extends BaseController {
         throw new Error('用户名不能为空');
       }
 
-      await this.codeService.checkCaptcha(body.captcha);
+      await this.codeService.checkCaptcha(body.captcha,{remoteIp});
       const newUser = await this.userService.register(body.type, {
         username: body.username,
         password: body.password,

packages/ui/certd-server/src/controller/sys/plus/plus-controller.ts

@@ -22,14 +22,13 @@ export class SysPlusController extends BaseController {
     return this.ok(true);
   }
   @Post('/bindUrl', { summary: 'sys:settings:edit' })
-  async bindUrl(@Body(ALL) body: { url: string }) {
-    const { url } = body;
-
+  async bindUrl(@Body(ALL) body: { url: string ,url2?:string }) {
+    const { url,url2 } = body;  
     await this.plusService.register();
     const installInfo: SysInstallInfo = await this.sysSettingsService.getSetting(SysInstallInfo);
-    await this.plusService.bindUrl(url);
-
+    await this.plusService.bindUrl(url,url2);
     installInfo.bindUrl = url;
+    installInfo.bindUrl2 = url2;
     await this.sysSettingsService.saveSetting(installInfo);
 
     //重新验证vip
@@ -48,6 +47,11 @@ export class SysPlusController extends BaseController {
     const res = await this.plusService.getVipTrial(vipType);
     return this.ok(res);
   }
+  @Post('/getTodayVipOrderCount', { summary: 'sys:settings:edit' })
+  async getTodayVipOrderCount() {
+    const res = await this.plusService.getTodayOrderCount();
+    return this.ok(res);
+  }
   //
   // @Get('/test', { summary: Constants.per.guest })
   // async test() {

packages/ui/certd-server/src/controller/sys/settings/sys-settings-controller.ts

@@ -1,4 +1,4 @@
-import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
+import { ALL, Body, Controller, Inject, Post, Provide, Query, RequestIP } from "@midwayjs/core";
 import {
   addonRegistry,
   AddonService,
@@ -218,8 +218,8 @@ export class SysSettingsController extends CrudController<SysSettingsService> {
 
 
   @Post("/captchaTest", { summary: "sys:settings:edit" })
-  async captchaTest(@Body(ALL) body: any) {
-    await this.codeService.checkCaptcha(body)
+  async captchaTest(@Body(ALL) body: any,@RequestIP() remoteIp: string) {
+    await this.codeService.checkCaptcha(body,{remoteIp});
     return this.ok({});
   }
 

packages/ui/certd-server/src/controller/user/pipeline/sub-domain-controller.ts

@@ -1,8 +1,8 @@
-import {ALL, Body, Controller, Inject, Post, Provide, Query} from '@midwayjs/core';
-import {Constants, CrudController} from '@certd/lib-server';
-import {SubDomainService} from "../../../modules/pipeline/service/sub-domain-service.js";
-import {DomainParser} from '@certd/plugin-cert';
-import { SubDomainsGetter } from '../../../modules/pipeline/service/getter/sub-domain-getter.js';
+import { Constants, CrudController } from '@certd/lib-server';
+import { DomainParser } from '@certd/plugin-cert';
+import { ALL, Body, Controller, Inject, Post, Provide, Query } from '@midwayjs/core';
+import { SubDomainService } from "../../../modules/pipeline/service/sub-domain-service.js";
+import { TaskServiceBuilder } from '../../../modules/pipeline/service/getter/task-service-getter.js';
 
 /**
  * 子域名托管
@@ -13,6 +13,9 @@ export class SubDomainController extends CrudController<SubDomainService> {
   @Inject()
   service: SubDomainService;
 
+  @Inject()
+  taskServiceBuilder: TaskServiceBuilder;
+
   getService() {
     return this.service;
   }
@@ -20,7 +23,8 @@ export class SubDomainController extends CrudController<SubDomainService> {
   @Post('/parseDomain', { summary: Constants.per.authOnly })
   async parseDomain(@Body("fullDomain") fullDomain:string) {
     const userId = this.getUserId()
-    const subDomainGetter = new SubDomainsGetter(userId, this.service)
+    const taskService = this.taskServiceBuilder.create({ userId: userId });
+    const subDomainGetter = await taskService.getSubDomainsGetter();
     const domainParser = new DomainParser(subDomainGetter)
     const domain = await domainParser.parse(fullDomain)
     return this.ok(domain);

packages/ui/certd-server/src/middleware/reset-passwd/middleware.ts

@@ -1,9 +1,8 @@
+import { CommonException, SysSettingsService } from "@certd/lib-server";
 import { Autoload, Config, Init, Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
 import { IMidwayKoaContext, IWebMiddleware, NextFunction } from '@midwayjs/koa';
-import { CommonException, SysSettingsService } from "@certd/lib-server";
+import { UserSettingsService } from "../../modules/mine/service/user-settings-service.js";
 import { UserService } from '../../modules/sys/authority/service/user-service.js';
-import { logger } from '@certd/basic';
-import {UserSettingsService} from "../../modules/mine/service/user-settings-service.js";
 
 /**
  * 重置密码模式
@@ -33,21 +32,6 @@ export class ResetPasswdMiddleware implements IWebMiddleware {
 
   @Init()
   async init() {
-    if (this.resetAdminPasswd === true) {
-      logger.info('开始重置1号管理员用户的密码');
-      const newPasswd = '123456';
-      await this.userService.resetPassword(1, newPasswd);
-      await this.userService.updateStatus(1, 1);
-      await this.userSettingsService.deleteWhere({
-        userId: 1,
-        key:"user.two.factor"
-      })
-      const publicSettings = await this.sysSettingsService.getPublicSettings()
-      publicSettings.captchaEnabled = false
-      await this.sysSettingsService.savePublicSettings(publicSettings);
-
-      const user = await this.userService.info(1);
-      logger.info(`重置1号管理员用户的密码完成，2FA设置已删除，验证码登录已禁用，用户名：${user.username},新密码：${newPasswd}，请在登录进去之后尽快修改密码`);
-    }
+    
   }
 }

packages/ui/certd-server/src/modules/auto/auto-z.ts

@@ -7,6 +7,8 @@ import { getVersion } from '../../utils/version.js';
 import dayjs from 'dayjs';
 import { Application } from '@midwayjs/koa';
 import { httpsServer, HttpsServerOptions } from './https/server.js';
+import { UserService } from '../sys/authority/service/user-service.js';
+import { UserSettingsService } from '../mine/service/user-settings-service.js';
 
 @Autoload()
 @Scope(ScopeEnum.Request, { allowDowngrade: true })
@@ -22,6 +24,15 @@ export class AutoZPrint {
   @Config('koa')
   koaConfig: any;
 
+  @Inject()
+  userService: UserService;
+  
+  @Inject()
+  userSettingsService: UserSettingsService;
+
+  @Config('system.resetAdminPasswd')
+  private resetAdminPasswd: boolean;
+
   @Init()
   async init() {
     //监听https
@@ -41,6 +52,26 @@ export class AutoZPrint {
     }
     logger.info('Certd已启动');
     logger.info('=========================================');
+    await this.resetPasswd();
+  }
+
+  async resetPasswd(){
+    if (this.resetAdminPasswd === true) {
+      logger.info('开始重置1号管理员用户的密码');
+      const newPasswd = '123456';
+      await this.userService.resetPassword(1, newPasswd);
+      await this.userService.updateStatus(1, 1);
+      await this.userSettingsService.deleteWhere({
+        userId: 1,
+        key:"user.two.factor"
+      })
+      const publicSettings = await this.sysSettingsService.getPublicSettings()
+      publicSettings.captchaEnabled = false
+      await this.sysSettingsService.savePublicSettings(publicSettings);
+
+      const user = await this.userService.info(1);
+      logger.info(`重置1号管理员用户的密码完成，2FA设置已删除，验证码登录已禁用，用户名：${user.username},新密码：${newPasswd}，请在登录进去之后尽快修改密码`);
+    }
   }
 
   startHeapLog() {

packages/ui/certd-server/src/modules/basic/service/captcha-service.ts

@@ -1,7 +1,7 @@
 import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
 import { SysSettingsService } from "@certd/lib-server";
 import { logger } from "@certd/basic";
-import { ICaptchaAddon } from "../../../plugins/plugin-captcha/api.js";
+import { CaptchaRequest, ICaptchaAddon } from "../../../plugins/plugin-captcha/api.js";
 import { AddonGetterService } from "../../pipeline/service/addon-getter-service.js";
 
 @Provide()
@@ -29,7 +29,7 @@ export class CaptchaService {
   }
 
 
-  async doValidate(opts: { form: any, must?: boolean, captchaAddonId?: number }) {
+  async doValidate(opts: { form: any, must?: boolean, captchaAddonId?: number,req:CaptchaRequest }) {
     if (!opts.captchaAddonId) {
       const settings = await this.sysSettingsService.getPublicSettings();
       opts.captchaAddonId = settings.captchaAddonId ?? 0;
@@ -46,7 +46,7 @@ export class CaptchaService {
     if (!opts.form) {
       throw new Error("请输入验证码");
     }
-    const res = await addon.onValidate(opts.form);
+    const res = await addon.onValidate(opts.form,opts.req);
     if (!res) {
       throw new Error("验证码错误");
     }

packages/ui/certd-server/src/modules/basic/service/code-service.ts

@@ -5,6 +5,7 @@ import { ISmsService } from '../sms/api.js';
 import { SmsServiceFactory } from '../sms/factory.js';
 import { CaptchaService } from "./captcha-service.js";
 import { EmailService } from './email-service.js';
+import { CaptchaRequest } from '../../../plugins/plugin-captcha/api.js';
 
 // {data: '<svg.../svg>', text: 'abcd'}
 /**
@@ -25,8 +26,8 @@ export class CodeService {
 
 
 
-  async checkCaptcha(body:any) {
-    return await this.captchaService.doValidate({form:body})
+  async checkCaptcha(body:any,req:CaptchaRequest) {
+    return await this.captchaService.doValidate({form:body,req});
   }
   /**
    */

packages/ui/certd-server/src/modules/basic/service/email-service.ts

@@ -77,6 +77,13 @@ export class EmailService implements IEmailService {
       }
     }
     let subject = email.subject;
+
+    if (!subject) {
+      logger.error(new Error('邮件标题不能为空'));
+      subject = `邮件标题为空，请联系管理员排查`;
+    }
+
+
     if (!subject.includes(`【${sysTitle}】`)) {
       subject = `【${sysTitle}】${subject}`;
     }
@@ -121,7 +128,7 @@ export class EmailService implements IEmailService {
       data: {
         title: '测试邮件,from certd',
         content: '测试邮件,from certd',
-        url:"https://certd.handfree.work",
+        url: "https://certd.handfree.work",
       },
       receivers: [receiver],
     });
@@ -150,32 +157,31 @@ export class EmailService implements IEmailService {
 
   async sendByTemplate(req: EmailSendByTemplateReq) {
     let content = null
-    if (isPlus()) {
-      const emailConf = await this.sysSettingsService.getSetting<SysEmailConf>(SysEmailConf);
-      const template = emailConf?.templates?.[req.type]
-      if (template && template.addonId) {
-        const addon: ITemplateProvider<EmailContent> = await this.addonGetterService.getAddonById(template.addonId, true, 0)
+    const emailConf = await this.sysSettingsService.getSetting<SysEmailConf>(SysEmailConf);
+    const template = emailConf?.templates?.[req.type]
+    if (isPlus() && template &&  template.addonId) {
+      const addon: ITemplateProvider<EmailContent> = await this.addonGetterService.getAddonById(template.addonId, true, 0)
+      if (addon) {
+        content = await addon.buildContent({ data: req.data })
+      }
+    }
+    if (isPlus() && !content ) {
+      //看看有没有通用模版
+      if (emailConf?.templates?.common && emailConf?.templates?.common.addonId) {
+        const addon: ITemplateProvider<EmailContent> = await this.addonGetterService.getAddonById(emailConf.templates.common.addonId, true, 0)
         if (addon) {
           content = await addon.buildContent({ data: req.data })
         }
       }
-      if (!content) {
-        //看看有没有通用模版
-        if (emailConf?.templates?.common && emailConf?.templates?.common.addonId) {
-          const addon: ITemplateProvider<EmailContent> = await this.addonGetterService.getAddonById(emailConf.templates.common.addonId, true, 0)
-          if (addon) {
-            content = await addon.buildContent({ data: req.data })
-          }
-        }
-      }
-      // 没有找到模版，使用默认模版
-      if (!content) {
-        try {
-          const addon: ITemplateProvider<EmailContent> = await this.addonGetterService.getBlank("emailTemplate", req.type)
-          content = await addon.buildDefaultContent({ data: req.data })
-        } catch (e) {
-          // 对应的通知类型模版可能没有注册或者开发
-        }
+    }
+
+    // 没有找到模版，使用默认模版
+    if (!content) {
+      try {
+        const addon: ITemplateProvider<EmailContent> = await this.addonGetterService.getBlank("emailTemplate", req.type)
+        content = await addon.buildDefaultContent({ data: req.data })
+      } catch (e) {
+        // 对应的通知类型模版可能没有注册或者开发
       }
     }
 

packages/ui/certd-server/src/modules/cert/service/domain-service.ts

@@ -12,7 +12,6 @@ import { CnameRecordEntity } from "../../cname/entity/cname-record.js";
 import { CnameRecordService } from '../../cname/service/cname-record-service.js';
 import { UserDomainImportSetting } from '../../mine/service/models.js';
 import { UserSettingsService } from '../../mine/service/user-settings-service.js';
-import { SubDomainsGetter } from '../../pipeline/service/getter/sub-domain-getter.js';
 import { TaskServiceBuilder } from '../../pipeline/service/getter/task-service-getter.js';
 import { SubDomainService } from "../../pipeline/service/sub-domain-service.js";
 import { DomainEntity } from '../entity/domain.js';
@@ -112,7 +111,8 @@ export class DomainService extends BaseService<DomainEntity> {
   async getDomainVerifiers(userId: number, domains: string[]): Promise<DomainVerifiers> {
 
     const mainDomainMap: Record<string, string> = {}
-    const subDomainGetter = new SubDomainsGetter(userId, this.subDomainService)
+    const taskService = this.taskServiceBuilder.create({ userId: userId });
+    const subDomainGetter = await taskService.getSubDomainsGetter();
     const domainParser = new DomainParser(subDomainGetter)
 
     const mainDomains = []
@@ -215,7 +215,7 @@ export class DomainService extends BaseService<DomainEntity> {
   }
 
 
-  async startDomainImportTask(req: {userId:number,key:string}) {
+  async startDomainImportTask(req: { userId: number, key: string }) {
     const key = req.key
     const setting = await this.userSettingService.getSetting<UserDomainImportSetting>(req.userId, UserDomainImportSetting)
 
@@ -223,10 +223,10 @@ export class DomainService extends BaseService<DomainEntity> {
     if (!item) {
       throw new Error(`域名导入任务配置（${key}）还未注册`)
     }
-    const { dnsProviderType, dnsProviderAccessId,title } = item
+    const { dnsProviderType, dnsProviderAccessId, title } = item
 
     taskExecutor.start(new BackTask({
-      type: DOMAIN_IMPORT_TASK_TYPE,  
+      type: DOMAIN_IMPORT_TASK_TYPE,
       key,
       title: title,
       run: async (task: BackTask) => {
@@ -241,9 +241,11 @@ export class DomainService extends BaseService<DomainEntity> {
 
   private async _syncFromProvider(req: SyncFromProviderReq, task: BackTask) {
     const { userId, dnsProviderType, dnsProviderAccessId } = req;
-    const subDomainGetter = new SubDomainsGetter(userId, this.subDomainService)
-    const domainParser = new DomainParser(subDomainGetter)
+
     const serviceGetter = this.taskServiceBuilder.create({ userId });
+    const subDomainGetter = await serviceGetter.getSubDomainsGetter();
+    const domainParser = new DomainParser(subDomainGetter)
+
     const access = await this.accessService.getById(dnsProviderAccessId, userId);
     const context = { access, logger, http, utils, domainParser, serviceGetter };
     // 翻页查询dns的记录
@@ -312,30 +314,30 @@ export class DomainService extends BaseService<DomainEntity> {
     logger.info(`从域名提供商${dnsProviderType}导入域名完成(${key})，共导入${task.total}个域名，跳过${task.getSkipCount()}个域名，成功${task.getSuccessCount()}个域名，失败${task.getErrorCount()}个域名`)
   }
 
-  async getDomainImportTaskStatus(req:{userId?:number}) {
+  async getDomainImportTaskStatus(req: { userId?: number }) {
     const userId = req.userId || 0
 
     const setting = await this.userSettingService.getSetting<UserDomainImportSetting>(userId, UserDomainImportSetting)
-    const list= setting?.domainImportList || []
+    const list = setting?.domainImportList || []
 
-    const taskList:any = []
+    const taskList: any = []
 
     for (const item of list) {
-      const {  key } = item
-      
-      const task =  taskExecutor.get(DOMAIN_IMPORT_TASK_TYPE,key)
+      const { key } = item
+
+      const task = taskExecutor.get(DOMAIN_IMPORT_TASK_TYPE, key)
 
       taskList.push({
         ...item,
-        task:task,
+        task: task,
       })
     }
     return taskList
   }
 
-  async getProviderTitle(req:{userId?:number,dnsProviderType:string,dnsProviderAccessId:number}) {
+  async getProviderTitle(req: { userId?: number, dnsProviderType: string, dnsProviderAccessId: number }) {
     const userId = req.userId || 0
-    const { dnsProviderType, dnsProviderAccessId} = req
+    const { dnsProviderType, dnsProviderAccessId } = req
     const dnsProviderDefine = dnsProviderRegistry.getDefine(dnsProviderType)
     if (!dnsProviderDefine) {
       throw new Error(`该域名提供商（${dnsProviderType}）不存在，请检查是否已被注册`)
@@ -351,12 +353,12 @@ export class DomainService extends BaseService<DomainEntity> {
     }
   }
 
-  async addDomainImportTask(req:{userId?:number,dnsProviderType:string,dnsProviderAccessId:number,index?:number}) {
+  async addDomainImportTask(req: { userId?: number, dnsProviderType: string, dnsProviderAccessId: number, index?: number }) {
     const userId = req.userId || 0
-    const { dnsProviderType, dnsProviderAccessId,index=0 } = req    
+    const { dnsProviderType, dnsProviderAccessId, index = 0 } = req
     const key = `user_${userId}_${dnsProviderType}_${dnsProviderAccessId}`
 
-    const {title,icon} = await this.getProviderTitle(req)
+    const { title, icon } = await this.getProviderTitle(req)
 
 
     const setting = await this.userSettingService.getSetting<UserDomainImportSetting>(userId, UserDomainImportSetting)
@@ -383,7 +385,7 @@ export class DomainService extends BaseService<DomainEntity> {
     return item
   }
 
-  async deleteDomainImportTask(req:{userId?:number,key:string}) {
+  async deleteDomainImportTask(req: { userId?: number, key: string }) {
     const userId = req.userId || 0
     const { key } = req
 
@@ -394,13 +396,13 @@ export class DomainService extends BaseService<DomainEntity> {
       throw new Error(`该域名导入任务${key}不存在`)
     }
     setting.domainImportList.splice(index, 1)
-    taskExecutor.clear(DOMAIN_IMPORT_TASK_TYPE,key)
+    taskExecutor.clear(DOMAIN_IMPORT_TASK_TYPE, key)
     await this.userSettingService.saveSetting(userId, setting)
   }
 
-  async saveDomainImportTask(req:{userId?:number,dnsProviderType:string,dnsProviderAccessId:number,key?:string}) {
+  async saveDomainImportTask(req: { userId?: number, dnsProviderType: string, dnsProviderAccessId: number, key?: string }) {
     const userId = req.userId || 0
-    const { dnsProviderType, dnsProviderAccessId,key } = req
+    const { dnsProviderType, dnsProviderAccessId, key } = req
     const setting = await this.userSettingService.getSetting<UserDomainImportSetting>(userId, UserDomainImportSetting)
     setting.domainImportList = setting.domainImportList || []
 
@@ -410,19 +412,19 @@ export class DomainService extends BaseService<DomainEntity> {
       if (index === -1) {
         throw new Error(`该域名导入任务${key}不存在`)
       }
-      await this.deleteDomainImportTask({userId,key})
+      await this.deleteDomainImportTask({ userId, key })
     }
 
-    return await this.addDomainImportTask({userId,dnsProviderType,dnsProviderAccessId,index})
+    return await this.addDomainImportTask({ userId, dnsProviderType, dnsProviderAccessId, index })
   }
 
 
 
-  
-  async getSyncExpirationTaskStatus(req:{userId?:number}) {
+
+  async getSyncExpirationTaskStatus(req: { userId?: number }) {
     const userId = req.userId ?? 'all'
     const key = `user_${userId}`
-    const task = taskExecutor.get(DOMAIN_EXPIRE_TASK_TYPE,key)
+    const task = taskExecutor.get(DOMAIN_EXPIRE_TASK_TYPE, key)
     return task
   }
 
@@ -544,8 +546,8 @@ export class DomainService extends BaseService<DomainEntity> {
 
     await doPageTurn({ pager, getPage: getDomainPage, itemHandle: itemHandle })
     const key = `user_${req.userId || 'all'}`
-    logger.info(`同步用户(${key})注册域名过期时间完成(${req.task.getSuccessCount()}个成功，${req.task.getErrorCount()}个失败)` )
+    logger.info(`同步用户(${key})注册域名过期时间完成(${req.task.getSuccessCount()}个成功，${req.task.getErrorCount()}个失败)`)
   }
 
-  
+
 }

packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts

@@ -1,6 +1,5 @@
-import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
-import { InjectEntityModel } from "@midwayjs/typeorm";
-import { Repository } from "typeorm";
+import { createChallengeFn, getAuthoritativeDnsResolver } from "@certd/acme-client";
+import { cache, http, isDev, logger, utils } from "@certd/basic";
 import {
   AccessService,
   BaseService,
@@ -9,20 +8,19 @@ import {
   SysSettingsService,
   ValidateException
 } from "@certd/lib-server";
-import { CnameRecordEntity, CnameRecordStatusType } from "../entity/cname-record.js";
-import { createDnsProvider, IDnsProvider } from "@certd/plugin-cert";
 import { CnameProvider, CnameRecord } from "@certd/pipeline";
-import { cache, http, isDev, logger, utils } from "@certd/basic";
-import { getAuthoritativeDnsResolver, createChallengeFn } from "@certd/acme-client";
-import { CnameProviderService } from "./cname-provider-service.js";
-import { CnameProviderEntity } from "../entity/cname-provider.js";
-import { CommonDnsProvider } from "./common-provider.js";
-import { DomainParser } from "@certd/plugin-cert";
+import { createDnsProvider, DomainParser, IDnsProvider } from "@certd/plugin-cert";
+import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
+import { InjectEntityModel } from "@midwayjs/typeorm";
 import punycode from "punycode.js";
-import { SubDomainService } from "../../pipeline/service/sub-domain-service.js";
-import { SubDomainsGetter } from "../../pipeline/service/getter/sub-domain-getter.js";
-import { TaskServiceBuilder } from "../../pipeline/service/getter/task-service-getter.js";
+import { Repository } from "typeorm";
 import { BackTask, taskExecutor } from "../../basic/service/task-executor.js";
+import { TaskServiceBuilder } from "../../pipeline/service/getter/task-service-getter.js";
+import { SubDomainService } from "../../pipeline/service/sub-domain-service.js";
+import { CnameProviderEntity } from "../entity/cname-provider.js";
+import { CnameRecordEntity, CnameRecordStatusType } from "../entity/cname-record.js";
+import { CnameProviderService } from "./cname-provider-service.js";
+import { CommonDnsProvider } from "./common-provider.js";
 
 type CnameCheckCacheValue = {
   validating: boolean;
@@ -106,7 +104,8 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
   private async cnameProviderChanged(userId: number, param: any, cnameProvider: CnameProviderEntity) {
     param.cnameProviderId = cnameProvider.id;
 
-    const subDomainGetter = new SubDomainsGetter(userId, this.subDomainService);
+    const taskService = this.taskServiceBuilder.create({ userId: userId });
+    const subDomainGetter = await taskService.getSubDomainsGetter();
     const domainParser = new DomainParser(subDomainGetter);
 
     const realDomain = await domainParser.parse(param.domain);
@@ -254,7 +253,8 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
 
     await this.getByDomain(bean.domain, bean.userId);
 
-    const subDomainGetter = new SubDomainsGetter(bean.userId, this.subDomainService);
+    const taskService = this.taskServiceBuilder.create({ userId: bean.userId });
+    const subDomainGetter = await taskService.getSubDomainsGetter();
     const domainParser = new DomainParser(subDomainGetter);
 
     const cacheKey = `cname.record.verify.${bean.id}`;

packages/ui/certd-server/src/modules/pipeline/service/getter/sub-domain-getter.ts

@@ -1,17 +1,49 @@
 import {ISubDomainsGetter} from "@certd/plugin-cert";
 import {SubDomainService} from "../sub-domain-service.js";
+import { DomainService } from "../../../cert/service/domain-service.js";
 
 export class SubDomainsGetter implements ISubDomainsGetter {
   userId: number;
   subDomainService: SubDomainService;
+  domainService: DomainService;
 
-  constructor(userId: number, subDomainService: SubDomainService) {
+  constructor(userId: number, subDomainService: SubDomainService, domainService: DomainService) {
     this.userId = userId;
     this.subDomainService = subDomainService;
+    this.domainService = domainService;
   }
 
   async getSubDomains() {
     return await this.subDomainService.getListByUserId(this.userId)
   }
 
+  async hasSubDomain(fullDomain: string) {
+    const subDomains = await this.getSubDomains()
+     if (subDomains && subDomains.length > 0) {
+      const fullDomainDot = "." + fullDomain;
+      for (const subDomain of subDomains) {
+        if (fullDomainDot.endsWith("." + subDomain)) {
+          //找到子域名托管
+          return subDomain;
+        }
+      }
+    }
+    let arr = fullDomain.split(".")
+    while(arr.length>0){
+      const subDomain = arr.join(".")
+      const domain = await this.domainService.findOne({
+        where: {
+          userId: this.userId,
+          domain: subDomain,
+          challengeType: "dns",
+        }
+      })
+      if(domain){
+        return subDomain
+      }
+       arr = arr.slice(1)
+    }
+    return null
+  }
+
 }

packages/ui/certd-server/src/modules/pipeline/service/getter/task-service-getter.ts

@@ -45,7 +45,8 @@ export class TaskServiceGetter implements IServiceGetter{
 
   async getSubDomainsGetter(): Promise<SubDomainsGetter> {
     const subDomainsService:SubDomainService = await  this.appCtx.getAsync("subDomainService")
-    return new SubDomainsGetter(this.userId, subDomainsService)
+    const domainService:DomainService = await  this.appCtx.getAsync("domainService")
+    return new SubDomainsGetter(this.userId, subDomainsService,domainService)
   }
 
   async getAccessService(): Promise<AccessGetter> {

packages/ui/certd-server/src/plugins/plugin-acepanel/access.ts

@@ -0,0 +1,243 @@
+import {AccessInput, BaseAccess, IsAccess, Pager, PageSearch} from "@certd/pipeline";
+import {HttpRequestConfig} from "@certd/basic";
+import crypto from "crypto";
+import url from "url";
+
+
+
+/**
+ * AcePanel授权
+ */
+@IsAccess({
+  name: "acepanel",
+  title: "AcePanel授权",
+  desc: "",
+  icon: "svg:icon-lucky"
+})
+export class AcePanelAccess extends BaseAccess {
+
+  @AccessInput({
+    title: "AcePanel管理地址",
+    component: {
+      placeholder: "http://127.0.0.1:25475/entrance",
+    },
+    helper:"请输入AcePanel管理地址，格式为http://127.0.0.1:25475/entrance, 要带安全入口，最后面不要加/",    
+    required: true,
+  })
+  endpoint = '';
+
+  @AccessInput({
+    title: '访问令牌ID',
+    component: {
+      name: "a-input-number",
+      vModel: "value",
+    },
+    helper: "AcePanel控制台->设置->用户->访问令牌->创建访问令牌",
+    required: true,
+  })
+  tokenId :number;
+
+  @AccessInput({
+    title: '访问令牌',
+    component: {
+      placeholder: 'AccessToken',
+    },
+    helper: "创建访问令牌后复制该令牌填到这里",
+    required: true,
+    encrypt: true,
+  })
+  accessToken = '';
+
+ @AccessInput({
+    title: "忽略证书校验",
+    value: true,
+    component: {
+      name: "a-switch",
+      vModel: "checked",
+    },
+    helper: "如果面板的url是https，且使用的是自签名证书，则需要开启此选项，其他情况可以关闭",
+  })
+  skipSslVerify: boolean;
+
+  @AccessInput({
+    title: "测试",
+    component: {
+      name: "api-test",
+      action: "TestRequest"
+    },
+    helper: "点击测试接口是否正常"
+  })
+  testRequest = true;
+
+  async onTestRequest() {
+    await this.testApi();
+    return "ok"
+  }
+
+
+
+/**
+ * 计算字符串的SHA256哈希值
+ */
+ sha256Hash(text: string) {
+    return crypto.createHash('sha256').update(text || '').digest('hex');
+}
+
+/**
+ * 使用HMAC-SHA256算法计算签名
+ */
+ hmacSha256(key: string, message: string) {
+    return crypto.createHmac('sha256', key).update(message).digest('hex');
+}
+
+/**
+ * 为API请求生成签名
+ */
+ signRequest(method: string, apiUrl: string, body: string, id: number, token: string) {
+    // 解析URL
+    const parsedUrl = new url.URL(apiUrl);
+    const path = parsedUrl.pathname;
+    const query = parsedUrl.search.slice(1); // 移除开头的'?'
+
+    // 规范化路径
+    let canonicalPath = path;
+    if (!path.startsWith('/api')) {
+        const apiPos = path.indexOf('/api');
+        if (apiPos !== -1) {
+            canonicalPath = path.slice(apiPos);
+        }
+    }
+
+    // 构造规范化请求
+    const canonicalRequest = [
+        method,
+        canonicalPath,
+        query,
+        this.sha256Hash(body || '')
+    ].join('\n');
+
+    // 获取当前时间戳
+    const timestamp = Math.floor(Date.now() / 1000);
+
+    // 构造待签名字符串
+    const stringToSign = [
+        'HMAC-SHA256',
+        timestamp,
+        this.sha256Hash(canonicalRequest)
+    ].join('\n');
+
+    // 计算签名
+    const signature = this.hmacSha256(token, stringToSign);
+
+    return {
+        timestamp,
+        signature,
+        id
+    };
+}
+
+
+  async doRequest(req: HttpRequestConfig) {
+    let endpoint = this.endpoint
+    if (endpoint.endsWith('/')) {
+      endpoint = endpoint.slice(0, -1);
+    }
+    const fullUrl = endpoint + req.url;
+
+
+    const method = req.method || 'GET';
+    const body = req.data ? JSON.stringify(req.data) : '';
+    const token = this.accessToken;
+    const tokenId = this.tokenId;
+    const signingData = this.signRequest(method, fullUrl, body, tokenId, token);
+
+    // 准备HTTP请求头
+    const headers = {
+        'Content-Type': 'application/json',
+        'X-Timestamp': signingData.timestamp,
+        'Authorization': `HMAC-SHA256 Credential=${signingData.id}, Signature=${signingData.signature}`
+    };
+
+    // 发送请求
+    const res = await this.ctx.http.request({
+      ...req,
+      method,
+      headers,
+      url: fullUrl,
+      // baseURL: this.endpoint,
+      logRes: false,
+      skipSslVerify: this.skipSslVerify,
+    });
+
+    return res;
+
+  }
+
+  async testApi() {
+    
+    await this.getWebSiteList({
+      pageNo: 1,
+      pageSize: 1,
+    })
+
+    return "ok"
+  }
+
+  async getWebSiteList(opts: PageSearch) {
+    const pager = new Pager(opts);
+    const req = {
+      url: `/api/website?limit=${pager.pageSize}&page=${pager.pageNo}&type=all`,
+      method: "GET",
+    };
+    return await this.doRequest(req);
+  }
+
+  async uploadCert(cert: string, key: string) {
+    const req = {
+      url: "/api/cert/cert/upload",
+      method: "POST",
+      data: {
+        cert,
+        key
+      }
+    };
+    return await this.doRequest(req);
+  }
+
+  async deployCert(certId: number, websiteId: number) {
+    const req = {
+      url: `/api/cert/cert/${certId}/deploy`,
+      method: "POST",
+      data: {
+        id: certId,
+        website_id: websiteId
+      }
+    };
+    return await this.doRequest(req);
+  }
+
+  async updatePanelCert(cert: string, key: string) {
+
+    const oldSettingRes = await this.doRequest({
+      url: "/api/setting",
+      method: "GET",
+    });
+
+    const oldSetting = oldSettingRes.data || {};
+    const req = {
+      url: "/api/setting",
+      method: "POST",
+      data: {
+        ...oldSetting,
+        acme: false,
+        https: true,
+        cert,
+        key
+      }
+    };
+    return await this.doRequest(req);
+  }
+
+}
+
+new AcePanelAccess();

packages/ui/certd-server/src/plugins/plugin-acepanel/index.ts

@@ -0,0 +1,2 @@
+export * from "./plugins/index.js";
+export * from "./access.js";

packages/ui/certd-server/src/plugins/plugin-acepanel/plugins/index.ts

@@ -0,0 +1,3 @@
+export * from "./plugin-deploy-to-website.js";
+export * from "./plugin-panel-cert.js";
+

packages/ui/certd-server/src/plugins/plugin-acepanel/plugins/plugin-deploy-to-website.ts

@@ -0,0 +1,102 @@
+import { IsTaskPlugin, PageSearch, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
+import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
+import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from "@certd/plugin-lib";
+import { AbstractPlusTaskPlugin } from "@certd/plugin-plus";
+import { AcePanelAccess } from "../access.js";
+
+@IsTaskPlugin({
+  name: "AcePanelDeployToWebsite",
+  title: "AcePanel-部署到网站",
+  desc: "上传证书并部署到指定网站",
+  icon: "svg:icon-lucky",
+  group: pluginGroups.panel.key,
+  needPlus: true,
+  default: {
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed
+    }
+  }
+})
+
+export class AcePanelDeployToWebsite extends AbstractPlusTaskPlugin {
+  @TaskInput({
+    title: "域名证书",
+    helper: "请选择前置任务输出的域名证书",
+    component: {
+      name: "output-selector",
+      from: [...CertApplyPluginNames]
+    }
+  })
+  cert!: CertInfo;
+
+  @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
+  certDomains!: string[];
+
+  @TaskInput({
+    title: "ACEPanel授权",
+    component: {
+      name: "access-selector",
+      type: "acepanel"
+    },
+    required: true
+  })
+  accessId!: string;
+
+  @TaskInput(
+    createRemoteSelectInputDefine({
+      title: "部署网站",
+      helper: "选择需要部署证书的网站",
+      action: AcePanelDeployToWebsite.prototype.onGetWebsiteList.name,
+      pager: false,
+      search: false
+    })
+  )
+  websiteList!: number[];
+
+  async onInstance() {
+  }
+
+  async onGetWebsiteList(data: PageSearch = {}) {
+    const access = await this.getAccess<AcePanelAccess>(this.accessId);
+    const res = await access.getWebSiteList(data);
+    const items = res.data.items;
+    if (!items || items.length === 0) {
+      throw new Error("没有找到网站");
+    }
+    const options = items.map((item: any) => {
+      return {
+        label: `${item.name} (${item.domains.join(', ')})`,
+        value: item.id,
+        domain: item.domains
+      };
+    });
+    return {
+      list: this.ctx.utils.options.buildGroupOptions(options, this.certDomains),
+    };
+  }
+
+  async execute(): Promise<void> {
+    const access = await this.getAccess<AcePanelAccess>(this.accessId);
+
+    // 上传证书
+    this.logger.info("开始上传证书");
+    const result = await access.uploadCert(this.cert.crt, this.cert.key);
+    const certId = result.data.id;
+    this.logger.info(`证书上传成功，证书ID：${certId}`);
+    this.logger.info(`证书域名：${result.data.domains.join(', ')}`);
+
+    // 部署证书到选择的网站
+    if (this.websiteList && this.websiteList.length > 0) {
+      this.logger.info(`开始部署证书到 ${this.websiteList.length} 个网站`);
+      for (const websiteId of this.websiteList) {
+        this.logger.info(`部署证书到网站ID：${websiteId}`);
+        await access.deployCert(certId, websiteId);
+        this.logger.info(`证书部署到网站ID：${websiteId} 成功`);
+      }
+    }
+
+    this.logger.info("部署完成");
+  }
+}
+
+new AcePanelDeployToWebsite();

packages/ui/certd-server/src/plugins/plugin-acepanel/plugins/plugin-panel-cert.ts

@@ -0,0 +1,53 @@
+import {IsTaskPlugin, pluginGroups, RunStrategy, TaskInput} from "@certd/pipeline";
+import {CertApplyPluginNames, CertInfo} from "@certd/plugin-cert";
+import {AcePanelAccess} from "../access.js";
+import { AbstractPlusTaskPlugin } from "@certd/plugin-plus";
+
+@IsTaskPlugin({
+  name: "AcePanelPanelCert",
+  title: "AcePanel-面板证书",
+  desc: "部署AcePanel面板证书",
+  icon: "svg:icon-lucky",
+  group: pluginGroups.panel.key,
+  needPlus: true,
+  default: {
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed
+    }
+  }
+})
+
+export class AcePanelPanelCert extends AbstractPlusTaskPlugin {
+  @TaskInput({
+    title: "域名证书",
+    helper: "请选择前置任务输出的域名证书",
+    component: {
+      name: "output-selector",
+      from: [...CertApplyPluginNames]
+    }
+  })
+  cert!: CertInfo;
+
+  @TaskInput({
+    title: "ACEPanel授权",
+    component: {
+      name: "access-selector",
+      type: "acepanel"
+    },
+    required: true
+  })
+  accessId!: string;
+
+  async onInstance() {
+  }
+
+  async execute(): Promise<void> {
+    const access = await this.getAccess<AcePanelAccess>(this.accessId);
+
+    this.logger.info("开始部署面板证书");
+    await access.updatePanelCert(this.cert.crt, this.cert.key);
+    this.logger.info("面板证书部署完成");
+  }
+}
+
+new AcePanelPanelCert();  

packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-alb/index.ts

@@ -305,11 +305,13 @@ export class AliyunDeployCertToALB extends AbstractTaskPlugin {
       });
 
       const certName = this.buildCertName(CertReader.getMainDomain(this.cert.crt));
-      certId = await sslClient.uploadCert({
+      const certIdRes = await sslClient.uploadCertificate({
         name: certName,
         cert: this.cert
       });
+      certId = certIdRes.certId as any; 
     }
+
     return certId;
   }
 

packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-all/index.ts

@@ -155,10 +155,11 @@ export class AliyunDeployCertToAll extends AbstractTaskPlugin {
     //
     let certId: any = this.cert;
     if (typeof this.cert === "object") {
-      certId = await sslClient.uploadCert({
+      const certIdRes = await sslClient.uploadCertificate({
         name: this.appendTimeSuffix("certd"),
         cert: this.cert,
       });
+      certId = certIdRes.certId as any;
     }
 
     const jobId = await this.createDeployJob(sslClient, certId);