v1.36.15

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

.github/ISSUE_TEMPLATE/bug.md

@@ -1,21 +1,28 @@
+---
+name: Bug Report
+about: 报告一个错误或问题
+title: "[BUG] "
+labels: bug
+---
+
+
 > 感谢您支持certd，请按如下规范提交issue    
 > 如果有条件，请尽量在[github上提交](https://github.com/certd/certd/issues)
 
-
-## 一、问题描述
+# bug提交
+## 1、问题描述
 `请在此处简要描述你所遇到的问题，必要时请贴出相关截图辅助理解和定位`
 
-### 复现步骤
+### 2、复现步骤
 `请描述复现问题的详细步骤`
 `如果非示例页面的问题，最好能提供最小复现示例的代码、或者仓库链接`
 
 
-### 报错截图
+### 3.报错截图
 `请贴出报错日志截图`
 
-### 效果截图
+### 4、效果截图
 `请贴出效果截图`
-#### 1. 期望效果
-
-#### 2. 实际效果
+#### 4.1. 期望效果
 
+#### 4.2. 实际效果

.github/ISSUE_TEMPLATE/dns.md

@@ -0,0 +1,36 @@
+---
+name: DNS Provider Apply
+about: 请求支持新的域名提供商
+title: "[DNS] "
+labels: feature
+---
+
+
+> 感谢您支持certd，请按如下规范提交issue    
+> 如果有条件，请尽量在[github上提交](https://github.com/certd/certd/issues)
+
+# 新域名提供商支持申请
+
+## 1. 基本信息
+请填写如下内容：
+
+1. 域名提供商名称：  
+
+
+2. 管理页面地址：
+
+
+3. 是否有API接口，接口地址： 
+
+
+4. 如果没有API接口，网页登录是否有验证码： 
+
+
+5. 是否可以提供测试账号？（如果可以请留下联系方式或者加作者好友）
+
+
+
+## 2. 截图 
+
+`域名管理页面截图`
+

.github/ISSUE_TEMPLATE/feature.md

@@ -0,0 +1,23 @@
+---
+name: Feature Request
+about: 新需求、新特性
+title: "[Feature] "
+labels: feature
+---
+
+> > 感谢您支持certd，请按如下规范提交issue    
+> 如果有条件，请尽量在[github上提交](https://github.com/certd/certd/issues)
+
+
+# 新需求申请
+
+## 1. 需求描述，需求背景
+`请在此处简要描述你所遇到的问题，必要时请贴出相关截图辅助理解`
+
+
+## 2. 期望效果
+`必要时可以截图描述你的期望效果`
+
+
+## 3. 你的解决方案
+`如果你有解决方案，请描述你的方案`

.github/ISSUE_TEMPLATE/plugin.md

@@ -0,0 +1,36 @@
+---
+name: Plugin Apply
+about: 请求支持新部署插件
+title: "[Plugin] "
+labels: feature
+---
+
+> > 感谢您支持certd，请按如下规范提交issue    
+> 如果有条件，请尽量在[github上提交](https://github.com/certd/certd/issues)
+
+# 新部署插件申请支持
+
+## 1. 需求描述
+`请在此处简要描述你的需求`
+
+
+## 2. 要部署证书应用的信息
+
+1. 应用名称：
+
+
+2. 应用网址/项目地址/官方网站：
+
+
+3. 管理证书界面截图（或者手动部署证书方式介绍及截图）：
+
+
+4. 是否有API接口，接口地址：
+
+
+5. 如果没有API接口，网页登录是否需要验证码：
+
+
+6. 是否可以提供测试账号？（如果可以请留下联系方式或者加作者好友）
+
+

CHANGELOG.md

@@ -3,6 +3,63 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+### Bug Fixes
+
+* 修复  https://cas.undefined.aliyuncs.com 的bug ([60e6aa9](https://github.com/certd/certd/commit/60e6aa9b54a761a47e39acee4a1ff947a745be27))
+* 修复阿里云clb api接口没有使用region的问题 ([0770f17](https://github.com/certd/certd/commit/0770f174a14313e28d08113e69829ef6cc02d719))
+* 修复站点监控使用自定义dns解析域名报错的bug ([eb8cd53](https://github.com/certd/certd/commit/eb8cd53de27991321e36dd14e5ce95f42b51351f))
+
+### Performance Improvements
+
+* 部署到阿里云支持选择bucket和域名 ([013b9c4](https://github.com/certd/certd/commit/013b9c4c7c2adf485d086123ccea448719577fd4))
+* 清理数据库备份的临时目录 ([fd95549](https://github.com/certd/certd/commit/fd95549de9a5d8cec09772ee2630bb7521e15e1f))
+* 添加免费通知,OneBot V11协议通知支持 ([#491](https://github.com/certd/certd/issues/491)) [@ayakasuki](https://github.com/ayakasuki)  ([be053d4](https://github.com/certd/certd/commit/be053d47e41084f817882400882b64143d036d1a))
+* 支持webhook部署证书 ([cbe0b1c](https://github.com/certd/certd/commit/cbe0b1c5a6538f232e9a63f1693d20d5acf0a306))
+* 注册时支持填写用户名 ([fdcfcc7](https://github.com/certd/certd/commit/fdcfcc77a0db87954e0b026635d3ccdd9bc6cee8))
+* add start:server npm script for quick server launch from root directory ([#484](https://github.com/certd/certd/issues/484)) [@orzyyyy](https://github.com/orzyyyy) ([fae1981](https://github.com/certd/certd/commit/fae1981161080f698c3f1263b712306d63baae64))
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Bug Fixes
+
+* 修复复制流水线为空的bug ([b070773](https://github.com/certd/certd/commit/b0707739fdfbae3d78db4efd3f180db05c4e4164))
+* 修复商用证书上传第二次运行无法使用pfx格式证书的bug ([251dd1f](https://github.com/certd/certd/commit/251dd1fe457a7b152f43eb6de18f7beb9f0b194e))
+
+### Performance Improvements
+
+* 1panel支持 currenNode ([acc8907](https://github.com/certd/certd/commit/acc890730f43d492c9b1bd3668814cf10efdf7b8))
+* 授权管理支持模糊查询 ([866eb62](https://github.com/certd/certd/commit/866eb6241baa7b21f6eddc649966324c188236c6))
+* 新增找回密码功能 [@nicheng-he](https://github.com/nicheng-he) ([81ac240](https://github.com/certd/certd/commit/81ac240ac84db0af2f56b6352e227ecb49f38377))
+* 优化start脚本 ([238ad7c](https://github.com/certd/certd/commit/238ad7ce51f17e1098c624e7f61ee2d98de1e02d))
+* 运行主机脚本插件支持选择运行策略 ([86b3df1](https://github.com/certd/certd/commit/86b3df194126476e1f58e0952a77e986f62eecce))
+* cdnfly 支持 账号密码登陆授权 ([e87f6d5](https://github.com/certd/certd/commit/e87f6d56f524dbbb9e3243e382b348b6e49f0d2c))
+* k8s ack、tke 支持重启ingress ([95715a0](https://github.com/certd/certd/commit/95715a007d931c64fa7dd953d94957398e00a443))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+### Bug Fixes
+
+* 修复阿里云发送短信验证码失败的bug ([2e6d03f](https://github.com/certd/certd/commit/2e6d03ff001f521f57368e7a62b97ed7b122e8d0))
+
+### Performance Improvements
+
+* 阿里云部分插件优化  [@nicheng-he](https://github.com/nicheng-he) ([e3738f6](https://github.com/certd/certd/commit/e3738f6422270d75ec414c15a343248cc4cad6e1))
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+### Bug Fixes
+
+* 上传到阿里云cas，证书前缀无效的bug ([b382351](https://github.com/certd/certd/commit/b382351c7b91ec10e1f61d94bec5aad075207ec8))
+* 修复自定义插件onlyAdmin报错的bug ([4e5e862](https://github.com/certd/certd/commit/4e5e862f5834ad180e4428959c272d444a6f78ab))
+
+### Performance Improvements
+
+* 部署到k8s，tke，ack忽悠证书校验 ([ab84835](https://github.com/certd/certd/commit/ab848353621869464a2c9a45fdb5e28d998b8a58))
+* 首页增加更新日志按钮 ([41ce848](https://github.com/certd/certd/commit/41ce8489dc2f03a705dfa3fbb357769defb56c60))
+* 增加版本过低提示 ([d1ce360](https://github.com/certd/certd/commit/d1ce36038cab72b5dc1b320d0a708c261ffbdacb))
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 ### Bug Fixes

README.md

@@ -16,7 +16,6 @@ Certd® 是一个免费的全自动证书管理系统，让你的网站证书永
 
 > 流水线数量现已调整为无限制，欢迎大家使用
 
-
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
 
@@ -87,8 +86,8 @@ https://certd.handfree.work/
 1. 【推荐】[Docker方式部署 ](https://certd.docmirror.cn/guide/install/docker/)
 2. 【推荐】[宝塔面板方式部署 ](https://certd.docmirror.cn/guide/install/docker/)
 3. 【推荐】[1Panel面板方式部署](https://certd.docmirror.cn/guide/install/1panel/)
-4. 【推荐】[雨云一键部署](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2_) ： 首充翻倍，每月仅需2.2元    
-[<img src="https://rainyun-apps.cn-nb1.rains3.com/materials/deploy-on-rainyun-cn.svg">](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2_)
+4. 【推荐】[雨云一键部署](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2) ： 首充翻倍，每月仅需2.2元    
+[<img src="https://rainyun-apps.cn-nb1.rains3.com/materials/deploy-on-rainyun-cn.svg">](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2)
 5. 【不推荐】[源码方式部署 ](https://certd.docmirror.cn/guide/install/source/)
 
 #### Docker镜像说明：

build.trigger

@@ -1 +1 @@
-12:27
+23:44

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,46 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Bug Fixes
+
+* 修复复制流水线为空的bug ([b070773](https://github.com/certd/certd/commit/b0707739fdfbae3d78db4efd3f180db05c4e4164))
+* 修复商用证书上传第二次运行无法使用pfx格式证书的bug ([251dd1f](https://github.com/certd/certd/commit/251dd1fe457a7b152f43eb6de18f7beb9f0b194e))
+
+### Performance Improvements
+
+* 1panel支持 currenNode ([acc8907](https://github.com/certd/certd/commit/acc890730f43d492c9b1bd3668814cf10efdf7b8))
+* 授权管理支持模糊查询 ([866eb62](https://github.com/certd/certd/commit/866eb6241baa7b21f6eddc649966324c188236c6))
+* 新增找回密码功能 [@nicheng-he](https://github.com/nicheng-he) ([81ac240](https://github.com/certd/certd/commit/81ac240ac84db0af2f56b6352e227ecb49f38377))
+* 优化start脚本 ([238ad7c](https://github.com/certd/certd/commit/238ad7ce51f17e1098c624e7f61ee2d98de1e02d))
+* 运行主机脚本插件支持选择运行策略 ([86b3df1](https://github.com/certd/certd/commit/86b3df194126476e1f58e0952a77e986f62eecce))
+* cdnfly 支持 账号密码登陆授权 ([e87f6d5](https://github.com/certd/certd/commit/e87f6d56f524dbbb9e3243e382b348b6e49f0d2c))
+* k8s ack、tke 支持重启ingress ([95715a0](https://github.com/certd/certd/commit/95715a007d931c64fa7dd953d94957398e00a443))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+### Bug Fixes
+
+* 修复阿里云发送短信验证码失败的bug ([2e6d03f](https://github.com/certd/certd/commit/2e6d03ff001f521f57368e7a62b97ed7b122e8d0))
+
+### Performance Improvements
+
+* 阿里云部分插件优化  [@nicheng-he](https://github.com/nicheng-he) ([e3738f6](https://github.com/certd/certd/commit/e3738f6422270d75ec414c15a343248cc4cad6e1))
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+### Bug Fixes
+
+* 上传到阿里云cas，证书前缀无效的bug ([b382351](https://github.com/certd/certd/commit/b382351c7b91ec10e1f61d94bec5aad075207ec8))
+* 修复自定义插件onlyAdmin报错的bug ([4e5e862](https://github.com/certd/certd/commit/4e5e862f5834ad180e4428959c272d444a6f78ab))
+
+### Performance Improvements
+
+* 部署到k8s，tke，ack忽悠证书校验 ([ab84835](https://github.com/certd/certd/commit/ab848353621869464a2c9a45fdb5e28d998b8a58))
+* 首页增加更新日志按钮 ([41ce848](https://github.com/certd/certd/commit/41ce8489dc2f03a705dfa3fbb357769defb56c60))
+* 增加版本过低提示 ([d1ce360](https://github.com/certd/certd/commit/d1ce36038cab72b5dc1b320d0a708c261ffbdacb))
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 ### Bug Fixes

docs/guide/install/baota/index.md

@@ -10,7 +10,8 @@
 * 登录宝塔面板，在菜单栏中点击 Docker，首次进入会提示安装Docker服务，点击立即安装，按提示完成安装
 
 ### 2、部署certd
-以下两种方式人选一种：
+以下两种方式任选一种：
+
 #### 2.1 应用商店方式一键部署【推荐】
 
 * 在宝塔Docker应用商店中找到`certd`（要先点右上角更新应用）

docs/guide/install/source/index.md

@@ -4,7 +4,7 @@
 ## 一、源码安装
 
 ### 环境要求
-- nodejs 20 及以上
+- nodejs 22 及以上
 ### 源码启动
 ```shell
 # 克隆代码

docs/guide/use/comm/payments/alipay.md

@@ -2,19 +2,24 @@
 
 ## 配置步骤
 
-1. 创建应用，获取APPID
+
+1. 注册支付宝商家账号
+   * 开通电脑网站支付产品(需营业执照)： https://b.alipay.com/page/product-workspace/all-product
+   
+
+2. 开放平台，创建应用，获取APPID
    * 登录支付宝开放平台，进入开发者中心，创建网页应用，获取应用的AppId（左上角复制）
    * 开发者中心：https://open.alipay.com/develop/manage
 
 
-2. 进入应用详情，选择开发设置，配置接口加签方式 （选择密钥类型）
+3. 进入应用详情，选择开发设置，配置接口加签方式 （选择密钥类型）
 
    * 参考文档：https://opendocs.alipay.com/common/02kdnc?pathHash=fb0c752a
    * 此步骤完成后，可以获取应用的私钥、支付宝公钥。     
    * 注意：支付宝不会保存应用的私钥，你需要自己保管好私钥。
 
 
-3. 在Certd后台配置支付宝 
+4. 在Certd后台配置支付宝 
 
    * 进入“系统”->"设置"->“支付设置”
    * 启用支付宝，选择“支付宝配置”，点击添加

docs/guide/use/tencent/index.md

@@ -8,8 +8,11 @@
 ![](./tencent-access.png)
 
 
+
 ## 如何避免收到腾讯云证书过期邮件
 
+> 新版本已经自动将证书设置为免提醒，certd上传的证书后续都不会再提醒了。
+
 腾讯云在证书有效期还剩28天时会发送过期通知邮件    
 您可以通过配置“腾讯云过期证书删除”任务来避免收到此类邮件。
 
@@ -18,4 +21,17 @@
 注意点：
 > 1. 选择腾讯云授权，需授权`服务角色SSL_QCSLinkedRoleInReplaceLoadCertificate`权限
 > 2. `1.26.14`版本之前Certd创建的证书流水线默认是到期前20天才更新证书，需要将之前创建的证书申请任务的更新天数修改为35天，保证删除之前就已经替换掉即将过期证书
-![](./images/delete2.png)
+![](./images/delete2.png)
+
+
+
+
+## TKE service 的 TCP_SSL Opaque类型证书授权
+
+部署证书到腾讯云TKE，如果报以下错误：     
+`is forbidden: User "xxxxxx-xxxxx" cannot get resource "secrets" in API group "" in the namespace "default"'`     
+则需要单独从授权管理侧再授权子用户的权限
+
+![](./images/tcpssl.png)
+
+![](./images/opaque.png)

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.36.11"
+  "version": "1.36.15"
 }

package.json

@@ -14,6 +14,7 @@
   },
   "scripts": {
     "start": "lerna bootstrap --hoist",
+    "start:server": "cd ./packages/ui/certd-server && npm start",
     "devb": "lerna run dev-build",
     "i-all": "lerna link && lerna exec npm install  ",
     "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/publishlab/node-acme-client/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.14](https://github.com/publishlab/node-acme-client/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.13](https://github.com/publishlab/node-acme-client/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.12](https://github.com/publishlab/node-acme-client/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.36.11](https://github.com/publishlab/node-acme-client/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.36.11",
+    "version": "1.36.15",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.36.11",
+        "@certd/basic": "^1.36.15",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
@@ -69,5 +69,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "7f9c4e52ac5c3837b251d3b2508457ce802e11cb"
+    "gitHead": "f3a90a63b66646a6beddcead43b4d4df7be704fc"
 }

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 **Note:** Version bump only for package @certd/basic

packages/core/basic/build.md

@@ -1 +1 @@
-12:23
+23:18

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.36.11",
+  "version": "1.36.15",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -45,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "7f9c4e52ac5c3837b251d3b2508457ce802e11cb"
+  "gitHead": "f3a90a63b66646a6beddcead43b4d4df7be704fc"
 }

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+### Bug Fixes
+
+* 修复自定义插件onlyAdmin报错的bug ([4e5e862](https://github.com/certd/certd/commit/4e5e862f5834ad180e4428959c272d444a6f78ab))
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 ### Bug Fixes

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.36.11",
+  "version": "1.36.15",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,8 +17,8 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.36.11",
-    "@certd/plus-core": "^1.36.11",
+    "@certd/basic": "^1.36.15",
+    "@certd/plus-core": "^1.36.15",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -44,5 +44,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "7f9c4e52ac5c3837b251d3b2508457ce802e11cb"
+  "gitHead": "f3a90a63b66646a6beddcead43b4d4df7be704fc"
 }

packages/core/pipeline/src/plugin/api.ts

@@ -165,7 +165,7 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
       this.registerSecret(cert.one);
     }
 
-    if (this.ctx.define.onlyAdmin) {
+    if (this.ctx?.define?.onlyAdmin) {
       if (!this.isAdmin()) {
         throw new Error("只有管理员才能运行此任务");
       }

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.36.11",
+  "version": "1.36.15",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "7f9c4e52ac5c3837b251d3b2508457ce802e11cb"
+  "gitHead": "f3a90a63b66646a6beddcead43b4d4df7be704fc"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.36.11",
+  "version": "1.36.15",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "7f9c4e52ac5c3837b251d3b2508457ce802e11cb"
+  "gitHead": "f3a90a63b66646a6beddcead43b4d4df7be704fc"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.36.11",
+  "version": "1.36.15",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
@@ -61,5 +61,5 @@
       "fetch"
     ]
   },
-  "gitHead": "7f9c4e52ac5c3837b251d3b2508457ce802e11cb"
+  "gitHead": "f3a90a63b66646a6beddcead43b4d4df7be704fc"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,26 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Performance Improvements
+
+* k8s ack、tke 支持重启ingress ([95715a0](https://github.com/certd/certd/commit/95715a007d931c64fa7dd953d94957398e00a443))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+### Performance Improvements
+
+* 部署到k8s，tke，ack忽悠证书校验 ([ab84835](https://github.com/certd/certd/commit/ab848353621869464a2c9a45fdb5e28d998b8a58))
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.36.11",
+  "version": "1.36.15",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,7 +17,7 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.36.11",
+    "@certd/basic": "^1.36.15",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -32,5 +32,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "7f9c4e52ac5c3837b251d3b2508457ce802e11cb"
+  "gitHead": "f3a90a63b66646a6beddcead43b4d4df7be704fc"
 }

packages/libs/lib-k8s/src/lib/k8s.client.ts

@@ -150,4 +150,18 @@ export class K8sClient {
     this.logger.info("ingress patched", opts.body);
     return res;
   }
+
+  async restartIngress(namespace: string, ingressNames: string[], labels: any) {
+    const body = {
+      metadata: {
+        labels: {
+          ...labels,
+        },
+      },
+    };
+    for (const ingress of ingressNames) {
+      await this.patchIngress({ namespace, ingressName: ingress, body });
+      this.logger.info(`ingress已重启:${ingress}`);
+    }
+  }
 }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Performance Improvements
+
+* 新增找回密码功能 [@nicheng-he](https://github.com/nicheng-he) ([81ac240](https://github.com/certd/certd/commit/81ac240ac84db0af2f56b6352e227ecb49f38377))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 **Note:** Version bump only for package @certd/lib-server

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.36.11",
+  "version": "1.36.15",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -27,10 +27,10 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.36.11",
-    "@certd/basic": "^1.36.11",
-    "@certd/pipeline": "^1.36.11",
-    "@certd/plus-core": "^1.36.11",
+    "@certd/acme-client": "^1.36.15",
+    "@certd/basic": "^1.36.15",
+    "@certd/pipeline": "^1.36.15",
+    "@certd/plus-core": "^1.36.15",
     "@midwayjs/cache": "~3.14.0",
     "@midwayjs/core": "~3.20.3",
     "@midwayjs/i18n": "~3.20.3",
@@ -61,5 +61,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "7f9c4e52ac5c3837b251d3b2508457ce802e11cb"
+  "gitHead": "f3a90a63b66646a6beddcead43b4d4df7be704fc"
 }

packages/libs/lib-server/src/system/settings/service/models.ts

@@ -22,6 +22,7 @@ export class SysPublicSettings extends BaseSettings {
   mobileRegisterEnabled = false;
   smsLoginEnabled = false;
   emailRegisterEnabled = false;
+  selfServicePasswordRetrievalEnabled = false;
 
   limitUserPipelineCount = 0;
   managerOtherUserPipeline = false;

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.36.11",
+  "version": "1.36.15",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "7f9c4e52ac5c3837b251d3b2508457ce802e11cb"
+  "gitHead": "f3a90a63b66646a6beddcead43b4d4df7be704fc"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Bug Fixes
+
+* 修复商用证书上传第二次运行无法使用pfx格式证书的bug ([251dd1f](https://github.com/certd/certd/commit/251dd1fe457a7b152f43eb6de18f7beb9f0b194e))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 **Note:** Version bump only for package @certd/plugin-cert

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.36.11",
+  "version": "1.36.15",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -16,10 +16,10 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.36.11",
-    "@certd/basic": "^1.36.11",
-    "@certd/pipeline": "^1.36.11",
-    "@certd/plugin-lib": "^1.36.11",
+    "@certd/acme-client": "^1.36.15",
+    "@certd/basic": "^1.36.15",
+    "@certd/pipeline": "^1.36.15",
+    "@certd/plugin-lib": "^1.36.15",
     "@google-cloud/publicca": "^1.3.0",
     "dayjs": "^1.11.7",
     "jszip": "^3.10.1",
@@ -43,5 +43,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "7f9c4e52ac5c3837b251d3b2508457ce802e11cb"
+  "gitHead": "f3a90a63b66646a6beddcead43b4d4df7be704fc"
 }

packages/plugins/plugin-cert/src/plugin/cert-plugin/base-convert.ts

@@ -194,4 +194,13 @@ cert.jks：jks格式证书文件，java服务器使用
     };
     return newCert;
   }
+
+  async readLastCert(): Promise<CertReader | undefined> {
+    const cert = this.lastStatus?.status?.output?.cert;
+    if (cert == null) {
+      this.logger.info("没有找到上次的证书");
+      return undefined;
+    }
+    return new CertReader(cert);
+  }
 }

packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts

@@ -130,15 +130,6 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {
     return null;
   }
 
-  async readLastCert(): Promise<CertReader | undefined> {
-    const cert = this.lastStatus?.status?.output?.cert;
-    if (cert == null) {
-      this.logger.info("没有找到上次的证书");
-      return undefined;
-    }
-    return new CertReader(cert);
-  }
-
   /**
    * 检查是否过期，默认提前35天
    * @param expires

packages/plugins/plugin-cert/src/plugin/cert-plugin/custom/index.ts

@@ -100,8 +100,17 @@ export class CertApplyUploadPlugin extends CertApplyBaseConvertPlugin {
   async onInit(): Promise<void> {}
 
   async getCertFromStore() {
-    const certReader = new CertReader(this.uploadCert);
-    if (!certReader.expires && certReader.expires < new Date().getTime()) {
+    let certReader = null;
+    try {
+      this.logger.info("读取上次证书");
+      certReader = await this.readLastCert();
+    } catch (e) {
+      this.logger.warn("读取cert失败：", e);
+    }
+    if (certReader == null) {
+      certReader = new CertReader(this.uploadCert);
+    }
+    if (!certReader.expires || certReader.expires < new Date().getTime()) {
       throw new Error("证书已过期，停止部署，请重新上传证书");
     }
 

packages/plugins/plugin-lib/CHANGELOG.md

@@ -3,6 +3,28 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+### Performance Improvements
+
+* 支持webhook部署证书 ([cbe0b1c](https://github.com/certd/certd/commit/cbe0b1c5a6538f232e9a63f1693d20d5acf0a306))
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Performance Improvements
+
+* 1panel支持 currenNode ([acc8907](https://github.com/certd/certd/commit/acc890730f43d492c9b1bd3668814cf10efdf7b8))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+### Bug Fixes
+
+* 修复阿里云发送短信验证码失败的bug ([2e6d03f](https://github.com/certd/certd/commit/2e6d03ff001f521f57368e7a62b97ed7b122e8d0))
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 **Note:** Version bump only for package @certd/plugin-lib

packages/plugins/plugin-lib/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-lib",
   "private": false,
-  "version": "1.36.11",
+  "version": "1.36.15",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -21,8 +21,8 @@
     "@alicloud/pop-core": "^1.7.10",
     "@alicloud/tea-util": "^1.4.10",
     "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.36.11",
-    "@certd/pipeline": "^1.36.11",
+    "@certd/basic": "^1.36.15",
+    "@certd/pipeline": "^1.36.15",
     "@kubernetes/client-node": "0.21.0",
     "ali-oss": "^6.22.0",
     "basic-ftp": "^5.0.5",
@@ -53,5 +53,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "7f9c4e52ac5c3837b251d3b2508457ce802e11cb"
+  "gitHead": "f3a90a63b66646a6beddcead43b4d4df7be704fc"
 }

packages/plugins/plugin-lib/src/aliyun/lib/base-client.ts

@@ -35,7 +35,7 @@ export class AliyunClient {
   }
 
   checkRet(ret: any) {
-    if (ret.Code != null) {
+    if (ret.Code != null && ret.Code !== "OK" && ret.Message !== "OK") {
       throw new Error("执行失败：" + ret.Message);
     }
   }

packages/plugins/plugin-lib/src/common/util.ts

@@ -17,7 +17,7 @@ export function createCertDomainGetterInputDefine(opts?: { certInputKey?: string
           }
         }
         `,
-      template:false,
+      template: false,
       required: true,
     },
     opts?.props
@@ -42,6 +42,7 @@ export function createRemoteSelectInputDefine(opts?: {
   search?: boolean;
   pager?: boolean;
   component?: any;
+  value?: any;
 }) {
   const title = opts?.title || "请选择";
   const certDomainsInputKey = opts?.certDomainsInputKey || "certDomains";
@@ -74,6 +75,7 @@ export function createRemoteSelectInputDefine(opts?: {
       watches: [certDomainsInputKey, accessIdInputKey, ...watches],
       ...opts.component,
     },
+    value: opts.value,
     rules: opts?.rules,
     required: opts.required ?? true,
     mergeScript:

packages/plugins/plugin-lib/src/ssh/ssh-access.ts

@@ -45,8 +45,8 @@ export class SshAccess extends BaseAccess {
     title: "私钥登录",
     helper: "私钥或密码必填一项",
     component: {
-      name: "a-textarea",
-      vModel: "value",
+      name: "pem-input",
+      vModel: "modelValue",
     },
     encrypt: true,
   })

packages/ui/certd-client/.env

@@ -9,4 +9,5 @@ VITE_APP_COPYRIGHT_URL=https://certd.handsfree.work
 VITE_APP_LOGO=static/images/logo/logo.svg
 VITE_APP_LOGIN_LOGO=static/images/logo/rect-black.svg
 VITE_APP_PROJECT_PATH=https://github.com/certd/certd
-VITE_APP_NAMESPACE=fs
+VITE_APP_NAMESPACE=fs
+VITE_APP_VIP_PRODUCT_URL=http://localhost:1017/subject#/product/list

packages/ui/certd-client/CHANGELOG.md

@@ -3,6 +3,42 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+### Performance Improvements
+
+* 部署到阿里云支持选择bucket和域名 ([013b9c4](https://github.com/certd/certd/commit/013b9c4c7c2adf485d086123ccea448719577fd4))
+* 支持webhook部署证书 ([cbe0b1c](https://github.com/certd/certd/commit/cbe0b1c5a6538f232e9a63f1693d20d5acf0a306))
+* 注册时支持填写用户名 ([fdcfcc7](https://github.com/certd/certd/commit/fdcfcc77a0db87954e0b026635d3ccdd9bc6cee8))
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Bug Fixes
+
+* 修复复制流水线为空的bug ([b070773](https://github.com/certd/certd/commit/b0707739fdfbae3d78db4efd3f180db05c4e4164))
+
+### Performance Improvements
+
+* 授权管理支持模糊查询 ([866eb62](https://github.com/certd/certd/commit/866eb6241baa7b21f6eddc649966324c188236c6))
+* 新增找回密码功能 [@nicheng-he](https://github.com/nicheng-he) ([81ac240](https://github.com/certd/certd/commit/81ac240ac84db0af2f56b6352e227ecb49f38377))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+### Performance Improvements
+
+* 阿里云部分插件优化  [@nicheng-he](https://github.com/nicheng-he) ([e3738f6](https://github.com/certd/certd/commit/e3738f6422270d75ec414c15a343248cc4cad6e1))
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+### Bug Fixes
+
+* 上传到阿里云cas，证书前缀无效的bug ([b382351](https://github.com/certd/certd/commit/b382351c7b91ec10e1f61d94bec5aad075207ec8))
+
+### Performance Improvements
+
+* 首页增加更新日志按钮 ([41ce848](https://github.com/certd/certd/commit/41ce8489dc2f03a705dfa3fbb357769defb56c60))
+* 增加版本过低提示 ([d1ce360](https://github.com/certd/certd/commit/d1ce36038cab72b5dc1b320d0a708c261ffbdacb))
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 **Note:** Version bump only for package @certd/ui-client

packages/ui/certd-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-client",
-  "version": "1.36.11",
+  "version": "1.36.15",
   "private": true,
   "scripts": {
     "dev": "vite --open",
@@ -103,8 +103,8 @@
     "zod-defaults": "^0.1.3"
   },
   "devDependencies": {
-    "@certd/lib-iframe": "^1.36.11",
-    "@certd/pipeline": "^1.36.11",
+    "@certd/lib-iframe": "^1.36.15",
+    "@certd/pipeline": "^1.36.15",
     "@rollup/plugin-commonjs": "^25.0.7",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/chai": "^4.3.12",

packages/ui/certd-client/src/components/pem-input.vue

@@ -1,7 +1,7 @@
 <template>
   <div class="pem-input">
     <FileInput v-bind="fileInput" class="mb-5" type="primary" text="选择文件" @change="onChange" />
-    <a-textarea v-bind="textarea" :value="modelValue" @update:value="emitValue"></a-textarea>
+    <a-textarea placeholder="或直接粘贴" v-bind="textarea" :value="modelValue" @update:value="emitValue"></a-textarea>
   </div>
 </template>
 
@@ -27,7 +27,7 @@ function onChange(e: any) {
   const size = file.size;
   if (size > 100 * 1024) {
     notification.error({
-      message: "文件超过100k，请选择正确的证书文件",
+      message: "文件超过100k，请选择正确的文件",
     });
     return;
   }

packages/ui/certd-client/src/components/plugins/common/remote-auto-complete.vue

@@ -0,0 +1,164 @@
+<template>
+  <div class="remote-auto-complete">
+    <div class="flex flex-row">
+      <a-auto-complete class="remote-auto-complete-input" :filter-option="filterOption" :options="optionsRef" :value="value" v-bind="attrs" @click="onClick" @update:value="emit('update:value', $event)">
+      </a-auto-complete>
+      <div class="ml-5">
+        <fs-button :loading="loading" title="刷新选项" icon="ion:refresh-outline" @click="refreshOptions"></fs-button>
+      </div>
+    </div>
+    <div class="helper" :class="{ error: hasError }">
+      {{ message }}
+    </div>
+  </div>
+</template>
+<script setup lang="ts">
+import { ComponentPropsType, doRequest } from "/@/components/plugins/lib";
+import { defineComponent, inject, ref, useAttrs, watch, Ref } from "vue";
+import { PluginDefine } from "@certd/pipeline";
+
+defineOptions({
+  name: "RemoteAutoComplete",
+});
+
+const props = defineProps<
+  {
+    watches: string[];
+  } & ComponentPropsType
+>();
+
+const emit = defineEmits<{
+  "update:value": any;
+}>();
+
+const attrs = useAttrs();
+
+const getCurrentPluginDefine: any = inject("getCurrentPluginDefine", () => {
+  return {};
+});
+const getScope: any = inject("get:scope", () => {
+  return {};
+});
+const getPluginType: any = inject("get:plugin:type", () => {
+  return "plugin";
+});
+
+const optionsRef = ref([]);
+const message = ref("");
+const hasError = ref(false);
+const loading = ref(false);
+
+const getOptions = async () => {
+  if (loading.value) {
+    return;
+  }
+
+  if (!getCurrentPluginDefine) {
+    return;
+  }
+
+  const define: PluginDefine = getCurrentPluginDefine()?.value;
+  if (!define) {
+    return;
+  }
+  const pluginType = getPluginType();
+  const { form } = getScope();
+  const input = (pluginType === "plugin" ? form?.input : form) || {};
+
+  for (let key in define.input) {
+    const inWatches = props.watches.includes(key);
+    const inputDefine = define.input[key];
+    if (inWatches && inputDefine.required) {
+      const value = input[key];
+      if (value == null || value === "") {
+        console.log("remote-select required", key);
+        return;
+      }
+    }
+  }
+
+  message.value = "";
+  hasError.value = false;
+  loading.value = true;
+  try {
+    const res = await doRequest(
+      {
+        type: pluginType,
+        typeName: form.type,
+        action: props.action,
+        input,
+        data: {},
+      },
+      {
+        onError(err: any) {
+          hasError.value = true;
+          message.value = `获取选项出错：${err.message}`;
+        },
+        showErrorNotify: false,
+      }
+    );
+    const list = res?.list || res || [];
+    if (list.length > 0) {
+      message.value = "获取数据成功，请从下拉框中选择";
+    } else {
+      message.value = "获取数据成功，没有数据";
+    }
+    optionsRef.value = list;
+
+    return res;
+  } finally {
+    loading.value = false;
+  }
+};
+
+const filterOption = (input: string, option: any) => {
+  return option.label.toLowerCase().indexOf(input.toLowerCase()) >= 0 || String(option.value).toLowerCase().indexOf(input.toLowerCase());
+};
+
+async function onClick() {
+  if (optionsRef.value?.length === 0) {
+    await refreshOptions();
+  }
+}
+
+async function refreshOptions() {
+  await getOptions();
+}
+
+watch(
+  () => {
+    const pluginType = getPluginType();
+    const { form, key } = getScope();
+    const input = (pluginType === "plugin" ? form?.input : form) || {};
+    const watches = {};
+    for (const key of props.watches) {
+      //@ts-ignore
+      watches[key] = input[key];
+    }
+    return {
+      form: watches,
+      key,
+    };
+  },
+  async (value, oldValue) => {
+    const { form } = value;
+    const oldForm: any = oldValue?.form;
+    let changed = oldForm == null || optionsRef.value.length == 0;
+    for (const key of props.watches) {
+      //@ts-ignore
+      if (oldForm && form[key] != oldForm[key]) {
+        changed = true;
+        break;
+      }
+    }
+    if (changed) {
+      await getOptions();
+    }
+  },
+  {
+    immediate: true,
+  }
+);
+</script>
+
+<style lang="less"></style>

packages/ui/certd-client/src/components/plugins/common/remote-select.vue

@@ -145,6 +145,8 @@ const getOptions = async () => {
     const list = res?.list || res || [];
     if (list.length > 0) {
       message.value = "获取数据成功，请从下拉框中选择";
+    } else {
+      message.value = "获取数据成功，没有数据";
     }
     optionsRef.value = list;
     pagerRef.value.total = list.length;

packages/ui/certd-client/src/components/plugins/index.ts

@@ -1,4 +1,5 @@
 import SynologyIdDeviceGetter from "./synology/device-id-getter.vue";
+import RemoteAutoComplete from "./common/remote-auto-complete.vue";
 import RemoteSelect from "./common/remote-select.vue";
 import RemoteInput from "./common/remote-input.vue";
 import CertDomainsGetter from "./common/cert-domains-getter.vue";
@@ -21,6 +22,7 @@ export default {
     app.component("ApiTest", ApiTest);
 
     app.component("SynologyDeviceIdGetter", SynologyIdDeviceGetter);
+    app.component("RemoteAutoComplete", RemoteAutoComplete);
     app.component("RemoteSelect", RemoteSelect);
     app.component("RemoteInput", RemoteInput);
     app.component("CertDomainsGetter", CertDomainsGetter);

packages/ui/certd-client/src/locales/langs/en-US/authentication.ts

@@ -57,6 +57,7 @@ export default {
   passwordPlaceholder: "Please enter your password",
   mobilePlaceholder: "Please enter your mobile number",
   loginButton: "Log In",
+  forgotPassword: "Forgot password?",
   forgotAdminPassword: "Forgot admin password?",
   registerLink: "Register",
 

packages/ui/certd-client/src/locales/langs/en-US/certd.ts

@@ -565,6 +565,7 @@ export default {
   dualStackNetworkHelper: "If IPv6 priority is selected, enable IPv6 in docker-compose.yaml",
   enableCommonCnameService: "Enable Public CNAME Service",
   commonCnameHelper: "Allow use of public CNAME service. If disabled and no <router-link to='/sys/cname/provider'>custom CNAME service</router-link> is set, CNAME proxy certificate application will not work.",
+  enableCommonSelfServicePasswordRetrieval: "Enable self-service password recovery",
   saveButton: "Save",
   stopSuccess: "Stopped successfully",
   google: "Google",

packages/ui/certd-client/src/locales/langs/zh-CN/authentication.ts

@@ -57,6 +57,7 @@ export default {
   passwordPlaceholder: "请输入密码",
   mobilePlaceholder: "请输入手机号",
   loginButton: "登录",
+  forgotPassword: "忘记密码？",
   forgotAdminPassword: "忘记管理员密码？",
   registerLink: "注册",
 

packages/ui/certd-client/src/locales/langs/zh-CN/certd.ts

@@ -571,6 +571,7 @@ export default {
   dualStackNetworkHelper: "如果选择IPv6优先，需要在docker-compose.yaml中启用ipv6",
   enableCommonCnameService: "启用公共CNAME服务",
   commonCnameHelper: "是否可以使用公共CNAME服务，如果禁用，且没有设置<router-link to='/sys/cname/provider'>自定义CNAME服务</router-link>，则无法使用CNAME代理方式申请证书",
+  enableCommonSelfServicePasswordRetrieval: "启用自助找回密码",
   saveButton: "保存",
   stopSuccess: "停止成功",
   google: "Google",

packages/ui/certd-client/src/router/source/outside.ts

@@ -24,6 +24,14 @@ export const outsideResource = [
         path: "/register",
         component: "/framework/register/index.vue",
       },
+      {
+        meta: {
+          title: "找回密码",
+        },
+        name: "forgotPassword",
+        path: "/forgotPassword",
+        component: "/framework/forgot-password/index.vue",
+      },
     ],
   },
   ...errorPage,

packages/ui/certd-client/src/store/settings/api.basic.ts

@@ -36,6 +36,7 @@ export type SysPublicSetting = {
   emailRegisterEnabled?: boolean;
   passwordLoginEnabled?: boolean;
   smsLoginEnabled?: boolean;
+  selfServicePasswordRetrievalEnabled?: boolean;
 
   limitUserPipelineCount?: number;
   managerOtherUserPipeline?: boolean;

packages/ui/certd-client/src/store/settings/index.ts

@@ -46,6 +46,10 @@ export interface SettingState {
       price3: number;
       tooltip?: string;
     };
+    app?: {
+      minVersion?: string;
+      minVersionTip?: string;
+    };
   };
 }
 
@@ -107,6 +111,10 @@ export const useSettingStore = defineStore({
         price: 399,
         price3: 899,
       },
+      app: {
+        minVersion: "",
+        minVersionTip: "",
+      },
     },
   }),
   getters: {

packages/ui/certd-client/src/store/user/api.user.ts

@@ -20,6 +20,17 @@ export interface SmsLoginReq {
   randomStr: string;
 }
 
+export interface ForgotPasswordReq {
+  forgotPasswordType: string;
+  input: string;
+  randomStr: string;
+  imgCode: string;
+  validateCode: string;
+
+  password: string;
+  confirmPassword: string;
+}
+
 export interface UserInfoRes {
   id: string | number;
   username: string;
@@ -43,6 +54,13 @@ export async function register(user: RegisterReq): Promise<UserInfoRes> {
     data: user,
   });
 }
+export async function forgotPassword(data: ForgotPasswordReq): Promise<any> {
+  return await request({
+    url: "/forgotPassword",
+    method: "post",
+    data: data,
+  });
+}
 export async function logout() {
   return await request({
     url: "/logout",

packages/ui/certd-client/src/store/user/index.ts

@@ -4,7 +4,7 @@ import router from "../../router";
 import { LocalStorage } from "/src/utils/util.storage";
 // @ts-ignore
 import * as UserApi from "./api.user";
-import { RegisterReq, SmsLoginReq } from "./api.user";
+import { ForgotPasswordReq, RegisterReq, SmsLoginReq } from "./api.user";
 // @ts-ignore
 import { LoginReq, UserInfoRes } from "/@/store/user/api.user";
 import { message, Modal, notification } from "ant-design-vue";
@@ -67,6 +67,13 @@ export const useUserStore = defineStore({
       });
       await router.replace("/login");
     },
+    async forgotPassword(params: ForgotPasswordReq): Promise<any> {
+      await UserApi.forgotPassword(params);
+      notification.success({
+        message: "密码已重置，请登录",
+      });
+      await router.replace("/login");
+    },
     /**
      * @description: login
      */

packages/ui/certd-client/src/vben/layout-ui/vben-layout.vue

@@ -488,7 +488,7 @@ const idMainContent = ELEMENT_ID_MAIN_CONTENT;
         </template>
       </LayoutContent>
 
-      <LayoutFooter v-if="footerEnable" class="hidden md:block" :fixed="footerFixed" :height="footerHeight" :show="!isFullContent" :width="footerWidth" :z-index="zIndex + 2">
+      <LayoutFooter v-if="footerEnable" class="hidden md:block" :fixed="footerFixed" :height="footerHeight" :show="!isFullContent" :width="footerWidth" :z-index="zIndex">
         <slot name="footer"></slot>
       </LayoutFooter>
     </div>

packages/ui/certd-client/src/views/certd/access/access-selector/access/crud.tsx

@@ -57,7 +57,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
         show: false,
       },
       search: {
-        show: false,
+        show: true,
       },
       form: {
         wrapper: {

packages/ui/certd-client/src/views/certd/pipeline/crud.tsx

@@ -14,6 +14,7 @@ import { useCertUpload } from "/@/views/certd/pipeline/cert-upload/use";
 import GroupSelector from "/@/views/certd/pipeline/group/group-selector.vue";
 import { useCertViewer } from "/@/views/certd/pipeline/use";
 import { useI18n } from "/src/locales";
+import { GetDetail, GetObj } from "./api";
 
 export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys } }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const router = useRouter();
@@ -200,7 +201,9 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
               const { ui } = useUi();
               // @ts-ignore
               let row = context[ui.tableColumn.row];
-              row = cloneDeep(row);
+              const info = await GetDetail(row.id);
+              row = info.pipeline;
+              row.content = JSON.parse(row.content);
               row.title = row.title + "_copy";
               await crudExpose.openCopy({
                 row: row,

packages/ui/certd-client/src/views/certd/pipeline/pipeline/index.vue

@@ -298,7 +298,7 @@ import { FsIcon } from "@fast-crud/fast-crud";
 import { useSettingStore } from "/@/store/settings";
 import { useUserStore } from "/@/store/user";
 import TaskShortcuts from "./component/shortcut/task-shortcuts.vue";
-import { eachSteps, findStep } from "../utils";
+import { eachSteps, findStep, eachStages } from "../utils";
 import { usePluginStore } from "/@/store/plugin";
 import { getCronNextTimes } from "/@/components/cron-editor/utils";
 import { useCertViewer } from "/@/views/certd/pipeline/use";
@@ -381,6 +381,9 @@ export default defineComponent({
         //取消历史记录查看模式
         currentHistory.value = null;
         pipeline.value = cloneDeep(currentPipeline.value);
+        eachStages(pipeline.value.stages, item => {
+          item.status = null;
+        });
         return;
       }
       currentHistory.value = history;

packages/ui/certd-client/src/views/framework/forgot-password/index.vue

@@ -0,0 +1,179 @@
+<template>
+  <div class="main forgot-password-page">
+    <a-form
+      ref="formRef"
+      class="user-layout-forgot-password"
+      name="custom-validation"
+      :model="formState"
+      :rules="rules"
+      v-bind="layout"
+      :label-col="{ span: 6 }"
+      @finish="handleFinish"
+      @finish-failed="handleFinishFailed"
+    >
+      <a-tabs v-model:active-key="forgotPasswordType" :destroyInactiveTabPane="true">
+        <a-tab-pane key="email" tab="邮箱找回">
+          <a-form-item has-feedback name="input" label="邮箱">
+            <a-input v-model:value="formState.input" placeholder="邮箱" size="large" autocomplete="off">
+              <template #prefix>
+                <fs-icon icon="ion:mail-outline"></fs-icon>
+              </template>
+            </a-input>
+          </a-form-item>
+          <a-form-item has-feedback name="validateCode" label="邮件验证码">
+            <email-code
+              v-model:value="formState.validateCode"
+              :img-code="formState.imgCode"
+              :email="formState.input"
+              :random-str="formState.randomStr"
+              verification-type="forgotPassword"
+            />
+          </a-form-item>
+        </a-tab-pane>
+        <a-tab-pane key="mobile" tab="手机号找回">
+          <a-form-item required has-feedback name="input" label="手机号">
+            <a-input v-model:value="formState.input" placeholder="手机号" autocomplete="off">
+              <template #prefix>
+                <fs-icon icon="ion:phone-portrait-outline"></fs-icon>
+              </template>
+            </a-input>
+          </a-form-item>
+          <a-form-item name="validateCode" label="手机验证码">
+            <sms-code
+              v-model:value="formState.validateCode"
+              :img-code="formState.imgCode"
+              :mobile="formState.input"
+              :phone-code="formState.phoneCode"
+              :random-str="formState.randomStr"
+              verification-type="forgotPassword"
+            />
+          </a-form-item>
+        </a-tab-pane>
+      </a-tabs>
+
+      <a-form-item has-feedback name="imgCode" label="图片验证码">
+        <image-code ref="imageCodeRef" v-model:value="formState.imgCode" v-model:random-str="formState.randomStr"></image-code>
+      </a-form-item>
+
+      <a-form-item has-feedback name="password" label="新密码">
+        <a-input-password v-model:value="formState.password" placeholder="新密码" size="large" autocomplete="off">
+          <template #prefix>
+            <fs-icon icon="ion:lock-closed-outline"></fs-icon>
+          </template>
+        </a-input-password>
+      </a-form-item>
+      <a-form-item has-feedback name="confirmPassword" label="确认密码">
+        <a-input-password v-model:value="formState.confirmPassword" placeholder="确认密码" size="large" autocomplete="off">
+          <template #prefix>
+            <fs-icon icon="ion:lock-closed-outline"></fs-icon>
+          </template>
+        </a-input-password>
+      </a-form-item>
+      <a-form-item>
+        <a-button type="primary" size="large" html-type="submit" class="submit-button"> 找回密码</a-button>
+
+        <div class="mt-2">
+          <a href="https://certd.docmirror.cn/guide/use/forgotpasswd/" target="_blank"> 管理员无绑定通信方式或MFA丢失找回 </a>
+        </div>
+      </a-form-item>
+    </a-form>
+  </div>
+</template>
+
+<script setup lang="ts">
+import { onMounted, reactive, ref, toRaw, watch } from "vue";
+import ImageCode from "/@/views/framework/login/image-code.vue";
+import EmailCode from "/@/views/framework/register/email-code.vue";
+import SmsCode from "/@/views/framework/login/sms-code.vue";
+import { utils } from "@fast-crud/fast-crud";
+import { useUserStore } from "/@/store/user";
+
+defineOptions({
+  name: "ForgotPasswordPage",
+});
+
+const rules = {
+  input: [{ required: true }],
+  validateCode: [{ required: true }],
+  imgCode: [{ required: true }, { min: 4, max: 4, message: "请输入4位图片验证码" }],
+  password: [
+    { required: true, trigger: "change", message: "请输入密码" },
+    { min: 6, message: "至少输入6位密码" },
+  ],
+  confirmPassword: [
+    { required: true, trigger: "change", message: "请确认密码" },
+    {
+      validator: async (rule: any, value: any) => {
+        if (value && value !== formState.password) {
+          throw new Error("两次输入密码不一致");
+        }
+        return true;
+      },
+    },
+  ],
+};
+const layout = {
+  labelCol: {
+    span: 0,
+  },
+  wrapperCol: {
+    span: 24,
+  },
+};
+
+const forgotPasswordType = ref();
+const userStore = useUserStore();
+const formRef = ref();
+const imageCodeRef = ref();
+
+const formState: any = reactive({
+  input: "",
+  randomStr: "",
+  imgCode: "",
+  phoneCode: "86",
+  validateCode: "",
+
+  password: "",
+  confirmPassword: "",
+});
+
+// TODO 这里配置不同的找回方式
+onMounted(() => {
+  forgotPasswordType.value = "email";
+});
+
+// 监控找回类型变化
+watch(forgotPasswordType, () => {
+  formState.input = "";
+  formState.validateCode = "";
+  imageCodeRef.value.resetImageCode();
+  formRef.value.clearValidate(Object.keys(formState).filter(key => !["password", "confirmPassword"].includes(key)));
+});
+
+const handleFinish = async (values: any) => {
+  await userStore.forgotPassword(
+    toRaw({
+      type: forgotPasswordType.value,
+      input: formState.input,
+      randomStr: formState.randomStr,
+      imgCode: formState.imgCode,
+      validateCode: formState.validateCode,
+      password: formState.password,
+      confirmPassword: formState.confirmPassword,
+    }) as any
+  );
+};
+
+const handleFinishFailed = (errors: any) => {
+  utils.logger.log(errors);
+};
+</script>
+<style scoped lang="less">
+.forgot-password-page {
+  .user-layout-forgot-password {
+    .submit-button {
+      width: 100%;
+    }
+  }
+}
+</style>

packages/ui/certd-client/src/views/framework/home/dashboard/index.vue

@@ -156,32 +156,48 @@ import * as api from "./api";
 import { useI18n } from "/src/locales";
 const { t } = useI18n();
 import { usePluginStore } from "/@/store/plugin";
+import { notification } from "ant-design-vue";
 defineOptions({
   name: "DashboardUser",
 });
 
 const version = ref(import.meta.env.VITE_APP_VERSION);
 const latestVersion = ref("");
-const hasNewVersion = computed(() => {
-  if (!latestVersion.value) {
+
+function isNewVersion(version: string, latestVersion: string) {
+  if (!latestVersion) {
     return false;
   }
-  if (latestVersion.value === version.value) {
+  if (latestVersion === version) {
     return false;
   }
   //分段比较
-  const current = version.value.split(".");
-  const latest = latestVersion.value.split(".");
+  const current = version.split(".");
+  const latest = latestVersion.split(".");
   for (let i = 0; i < current.length; i++) {
-    if (parseInt(latest[i]) < parseInt(current[i])) {
-      return false;
+    if (parseInt(latest[i]) > parseInt(current[i])) {
+      return true;
     }
   }
-  return true;
+  return false;
+}
+
+const hasNewVersion = computed(() => {
+  return isNewVersion(version.value, latestVersion.value);
 });
 async function loadLatestVersion() {
   latestVersion.value = await api.GetLatestVersion();
   console.log("latestVersion", latestVersion.value);
+
+  const minVersion = settingsStore.productInfo?.app?.minVersion;
+  if (minVersion) {
+    //
+    if (isNewVersion(version.value, minVersion)) {
+      notification.error({
+        message: settingsStore.productInfo?.app?.minVersionTip ?? "版本过低，为了您的数据安全，请尽快升级",
+      });
+    }
+  }
 }
 const settingStore = useSettingStore();
 const siteInfo: Ref<SiteInfo> = computed(() => {

packages/ui/certd-client/src/views/framework/login/image-code.vue

@@ -11,7 +11,7 @@
   </div>
 </template>
 <script setup lang="ts">
-import { ref, useAttrs } from "vue";
+import { ref, useAttrs, defineExpose } from "vue";
 import { nanoid } from "nanoid";
 
 const props = defineProps<{
@@ -32,5 +32,10 @@ function resetImageCode() {
   imageCodeUrl.value = url + "?randomStr=" + randomStr;
   emit("update:randomStr", randomStr);
 }
+
+defineExpose({
+  resetImageCode,
+})
+
 resetImageCode();
 </script>

packages/ui/certd-client/src/views/framework/login/index.vue

@@ -47,10 +47,10 @@
           {{ t("authentication.loginButton") }}
         </a-button>
 
-        <div v-if="!settingStore.isComm" class="mt-2">
-          <a href="https://certd.docmirror.cn/guide/use/forgotpasswd/" target="_blank">
-            {{ t("authentication.forgotAdminPassword") }}
-          </a>
+        <div v-if="!!settingStore.sysPublic.selfServicePasswordRetrievalEnabled" class="mt-2">
+          <router-link :to="{ name: 'forgotPassword' }">
+            {{ t("authentication.forgotPassword") }}
+          </router-link>
         </div>
       </a-form-item>
 

packages/ui/certd-client/src/views/framework/login/sms-code.vue

@@ -23,6 +23,7 @@ const props = defineProps<{
   phoneCode?: string;
   imgCode?: string;
   randomStr?: string;
+  verificationType?: string;
 }>();
 const emit = defineEmits(["update:value", "change"]);
 
@@ -58,6 +59,7 @@ async function sendSmsCode() {
       mobile: props.mobile,
       imgCode: props.imgCode,
       randomStr: props.randomStr,
+      verificationType: props.verificationType,
     });
   } finally {
     loading.value = false;

packages/ui/certd-client/src/views/framework/register/email-code.vue

@@ -22,6 +22,7 @@ const props = defineProps<{
   email?: string;
   imgCode?: string;
   randomStr?: string;
+  verificationType?: string;
 }>();
 const emit = defineEmits(["update:value", "change"]);
 
@@ -53,6 +54,7 @@ async function sendSmsCode() {
       email: props.email,
       imgCode: props.imgCode,
       randomStr: props.randomStr,
+      verificationType: props.verificationType,
     });
   } finally {
     loading.value = false;

packages/ui/certd-client/src/views/framework/register/index.vue

@@ -32,6 +32,13 @@
         </a-tab-pane>
         <a-tab-pane key="email" tab="邮箱注册" :disabled="!settingsStore.sysPublic.emailRegisterEnabled">
           <template v-if="registerType === 'email'">
+            <a-form-item required has-feedback name="username" label="用户名" :rules="rules.username">
+              <a-input v-model:value="formState.username" placeholder="用户名" size="large" autocomplete="off">
+                <template #prefix>
+                  <fs-icon icon="ion:person-outline"></fs-icon>
+                </template>
+              </a-input>
+            </a-form-item>
             <a-form-item required has-feedback name="email" label="邮箱">
               <a-input v-model:value="formState.email" placeholder="邮箱" size="large" autocomplete="off">
                 <template #prefix>

packages/ui/certd-client/src/views/sys/settings/tabs/base.vue

@@ -47,6 +47,10 @@
         <div class="helper" v-html="t('certd.commonCnameHelper')"></div>
       </a-form-item>
 
+      <a-form-item :label="t('certd.enableCommonSelfServicePasswordRetrieval')" :name="['public', 'selfServicePasswordRetrievalEnabled']">
+        <a-switch v-model:checked="formState.public.selfServicePasswordRetrievalEnabled" />
+      </a-form-item>
+
       <a-form-item label=" " :colon="false" :wrapper-col="{ span: 8 }">
         <a-button :loading="saveLoading" type="primary" html-type="submit">{{ t("certd.saveButton") }}</a-button>
       </a-form-item>

packages/ui/certd-server/CHANGELOG.md

@@ -3,6 +3,46 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+### Bug Fixes
+
+* 修复  https://cas.undefined.aliyuncs.com 的bug ([60e6aa9](https://github.com/certd/certd/commit/60e6aa9b54a761a47e39acee4a1ff947a745be27))
+* 修复阿里云clb api接口没有使用region的问题 ([0770f17](https://github.com/certd/certd/commit/0770f174a14313e28d08113e69829ef6cc02d719))
+* 修复站点监控使用自定义dns解析域名报错的bug ([eb8cd53](https://github.com/certd/certd/commit/eb8cd53de27991321e36dd14e5ce95f42b51351f))
+
+### Performance Improvements
+
+* 部署到阿里云支持选择bucket和域名 ([013b9c4](https://github.com/certd/certd/commit/013b9c4c7c2adf485d086123ccea448719577fd4))
+* 清理数据库备份的临时目录 ([fd95549](https://github.com/certd/certd/commit/fd95549de9a5d8cec09772ee2630bb7521e15e1f))
+* 添加免费通知,OneBot V11协议通知支持 ([#491](https://github.com/certd/certd/issues/491)) [@ayakasuki](https://github.com/ayakasuki)  ([be053d4](https://github.com/certd/certd/commit/be053d47e41084f817882400882b64143d036d1a))
+* 支持webhook部署证书 ([cbe0b1c](https://github.com/certd/certd/commit/cbe0b1c5a6538f232e9a63f1693d20d5acf0a306))
+* 注册时支持填写用户名 ([fdcfcc7](https://github.com/certd/certd/commit/fdcfcc77a0db87954e0b026635d3ccdd9bc6cee8))
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Performance Improvements
+
+* 授权管理支持模糊查询 ([866eb62](https://github.com/certd/certd/commit/866eb6241baa7b21f6eddc649966324c188236c6))
+* 新增找回密码功能 [@nicheng-he](https://github.com/nicheng-he) ([81ac240](https://github.com/certd/certd/commit/81ac240ac84db0af2f56b6352e227ecb49f38377))
+* 运行主机脚本插件支持选择运行策略 ([86b3df1](https://github.com/certd/certd/commit/86b3df194126476e1f58e0952a77e986f62eecce))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+### Performance Improvements
+
+* 阿里云部分插件优化  [@nicheng-he](https://github.com/nicheng-he) ([e3738f6](https://github.com/certd/certd/commit/e3738f6422270d75ec414c15a343248cc4cad6e1))
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+### Bug Fixes
+
+* 上传到阿里云cas，证书前缀无效的bug ([b382351](https://github.com/certd/certd/commit/b382351c7b91ec10e1f61d94bec5aad075207ec8))
+
+### Performance Improvements
+
+* 部署到k8s，tke，ack忽悠证书校验 ([ab84835](https://github.com/certd/certd/commit/ab848353621869464a2c9a45fdb5e28d998b8a58))
+
 ## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
 
 ### Bug Fixes

packages/ui/certd-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-server",
-  "version": "1.36.11",
+  "version": "1.36.15",
   "description": "fast-server base midway",
   "private": true,
   "type": "module",
@@ -42,20 +42,20 @@
     "@aws-sdk/client-cloudfront": "^3.699.0",
     "@aws-sdk/client-iam": "^3.699.0",
     "@aws-sdk/client-s3": "^3.705.0",
-    "@certd/acme-client": "^1.36.11",
-    "@certd/basic": "^1.36.11",
-    "@certd/commercial-core": "^1.36.11",
+    "@certd/acme-client": "^1.36.15",
+    "@certd/basic": "^1.36.15",
+    "@certd/commercial-core": "^1.36.15",
     "@certd/cv4pve-api-javascript": "^8.4.1",
-    "@certd/jdcloud": "^1.36.11",
-    "@certd/lib-huawei": "^1.36.11",
-    "@certd/lib-k8s": "^1.36.11",
-    "@certd/lib-server": "^1.36.11",
-    "@certd/midway-flyway-js": "^1.36.11",
-    "@certd/pipeline": "^1.36.11",
-    "@certd/plugin-cert": "^1.36.11",
-    "@certd/plugin-lib": "^1.36.11",
-    "@certd/plugin-plus": "^1.36.11",
-    "@certd/plus-core": "^1.36.11",
+    "@certd/jdcloud": "^1.36.15",
+    "@certd/lib-huawei": "^1.36.15",
+    "@certd/lib-k8s": "^1.36.15",
+    "@certd/lib-server": "^1.36.15",
+    "@certd/midway-flyway-js": "^1.36.15",
+    "@certd/pipeline": "^1.36.15",
+    "@certd/plugin-cert": "^1.36.15",
+    "@certd/plugin-lib": "^1.36.15",
+    "@certd/plugin-plus": "^1.36.15",
+    "@certd/plus-core": "^1.36.15",
     "@huaweicloud/huaweicloud-sdk-cdn": "^3.1.120",
     "@huaweicloud/huaweicloud-sdk-core": "^3.1.120",
     "@koa/cors": "^5.0.0",

packages/ui/certd-server/src/controller/basic/app-controller.ts

@@ -1,4 +1,4 @@
-import { Controller, Get, Inject, Provide } from '@midwayjs/core';
+import {Body, Controller, Get, Inject, Post, Provide} from '@midwayjs/core';
 import { BaseController, Constants, FileService, SysSettingsService, SysSiteInfo } from '@certd/lib-server';
 import { http, logger } from '@certd/basic';
 import { isComm } from '@certd/plus-core';
@@ -46,4 +46,10 @@ export class AppController extends BaseController {
     this.ctx.response.redirect(redirect);
     this.ctx.response.set('Cache-Control', 'public,max-age=25920');
   }
+
+  @Post('/webhook', { summary: Constants.per.guest })
+  public async webhook( @Body() body: any) {
+    logger.info('webhook', JSON.stringify(body))
+    return this.ok("success")
+  }
 }

packages/ui/certd-server/src/controller/basic/code-controller.ts

@@ -27,6 +27,9 @@ export class EmailCodeReq {
 
   @Rule(RuleType.string().required().max(4))
   imgCode: string;
+
+  @Rule(RuleType.string())
+  verificationType: string;
 }
 
 /**
@@ -55,8 +58,20 @@ export class BasicController extends BaseController {
     @Body(ALL)
     body: EmailCodeReq
   ) {
+    const opts = {
+      verificationType: body.verificationType,
+      title: undefined,
+      content: undefined,
+      duration: undefined,
+    };
+    if(body?.verificationType === 'forgotPassword') {
+      opts.title = '找回密码';
+      opts.content = '验证码：${code}。您正在找回密码，请输入验证码并完成操作。如非本人操作请忽略';
+      opts.duration = 3;
+    }
+
     await this.codeService.checkCaptcha(body.randomStr, body.imgCode);
-    await this.codeService.sendEmailCode(body.email, body.randomStr);
+    await this.codeService.sendEmailCode(body.email, body.randomStr, opts);
     // 设置缓存内容
     return this.ok(null);
   }

packages/ui/certd-server/src/controller/user/login/forgot-password-controller.ts

@@ -0,0 +1,56 @@
+import { ALL, Body, Controller, Inject, Post, Provide } from '@midwayjs/core';
+import { BaseController, CommonException, Constants, SysSettingsService } from "@certd/lib-server";
+import { CodeService } from '../../../modules/basic/service/code-service.js';
+import { UserService } from '../../../modules/sys/authority/service/user-service.js';
+import { LoginService } from "../../../modules/login/service/login-service.js";
+
+/**
+ */
+@Provide()
+@Controller('/api')
+export class LoginController extends BaseController {
+  @Inject()
+  loginService: LoginService;
+  @Inject()
+  userService: UserService;
+  @Inject()
+  codeService: CodeService;
+
+  @Inject()
+  sysSettingsService: SysSettingsService;
+
+  @Post('/forgotPassword', { summary: Constants.per.guest })
+  public async forgotPassword(
+    @Body(ALL)
+    body: any,
+  ) {
+    const sysSettings = await this.sysSettingsService.getPublicSettings();
+    if(!sysSettings.selfServicePasswordRetrievalEnabled) {
+      throw new CommonException('暂未开启自助找回');
+    }
+
+    if(body.type === 'email') {
+      this.codeService.checkEmailCode({
+        verificationType: 'forgotPassword',
+        email: body.input,
+        randomStr: body.randomStr,
+        validateCode: body.validateCode,
+        throwError: true,
+      });
+    } else if(body.type === 'mobile') {
+      await this.codeService.checkSmsCode({
+        verificationType: 'forgotPassword',
+        mobile: body.input,
+        randomStr: body.randomStr,
+        phoneCode: body.phoneCode,
+        smsCode: body.validateCode,
+        throwError: true,
+      });
+    } else {
+      throw new CommonException('暂不支持的找回类型,请联系管理员找回');
+    }
+    const username = await this.userService.forgotPassword(body);
+    username && this.loginService.clearCacheOnSuccess(username)
+    return this.ok();
+  }
+}

packages/ui/certd-server/src/controller/user/login/register-controller.ts

@@ -40,10 +40,18 @@ export class RegisterController extends BaseController {
       throw new Error('当前站点已禁止自助注册功能');
     }
 
+    if (body.username && ["admin","certd"].includes(body.username) ) {
+      throw new Error('用户名不能为保留字');
+    }
+
     if (body.type === 'username') {
       if (sysPublicSettings.usernameRegisterEnabled === false) {
         throw new Error('当前站点已禁止用户名注册功能');
       }
+      if (!body.username) {
+        throw new Error('用户名不能为空');
+      }
+
       await this.codeService.checkCaptcha(body.randomStr, body.imgCode);
       const newUser = await this.userService.register(body.type, {
         username: body.username,
@@ -64,6 +72,7 @@ export class RegisterController extends BaseController {
         throwError: true,
       });
       const newUser = await this.userService.register(body.type, {
+        username: body.username,
         phoneCode: body.phoneCode,
         mobile: body.mobile,
         password: body.password,
@@ -81,6 +90,7 @@ export class RegisterController extends BaseController {
         throwError: true,
       });
       const newUser = await this.userService.register(body.type, {
+        username: body.username,
         email: body.email,
         password: body.password,
       } as any);

packages/ui/certd-server/src/controller/user/pipeline/access-controller.ts

@@ -23,8 +23,13 @@ export class AccessController extends CrudController<AccessService> {
   async page(@Body(ALL) body) {
     body.query = body.query ?? {};
     delete body.query.userId;
+    body.query.userId = this.getUserId()
+    let name = body.query?.name;
+    delete body.query.name;
     const buildQuery = qb => {
-      qb.andWhere('user_id = :userId', { userId: this.getUserId() });
+      if (name) {
+        qb.andWhere('name like :name', { name: `%${name.trim()}%` });
+      }
     };
     const res = await this.service.page({
       query: body.query,

packages/ui/certd-server/src/controller/user/pipeline/handle-controller.ts

@@ -15,6 +15,7 @@ import {EmailService} from '../../../modules/basic/service/email-service.js';
 import {http, HttpRequestConfig, logger, mergeUtils, utils} from '@certd/basic';
 import {NotificationService} from '../../../modules/pipeline/service/notification-service.js';
 import {TaskServiceBuilder} from "../../../modules/pipeline/service/getter/task-service-getter.js";
+import { cloneDeep } from 'lodash-es';
 
 @Provide()
 @Controller('/api/pi/handle')
@@ -103,6 +104,7 @@ export class HandleController extends BaseController {
     const taskCtx: TaskInstanceContext = {
       pipeline: undefined,
       step: undefined,
+      define: cloneDeep( pluginDefine.define),
       lastStatus: undefined,
       http,
       download,

packages/ui/certd-server/src/modules/basic/service/code-service.ts

@@ -57,7 +57,15 @@ export class CodeService {
   }
   /**
    */
-  async sendSmsCode(phoneCode = '86', mobile: string, randomStr: string) {
+  async sendSmsCode(
+    phoneCode = '86',
+    mobile: string,
+    randomStr: string,
+    opts?: {
+      duration?: number,
+      verificationType?: string
+    },
+  ) {
     if (!mobile) {
       throw new Error('手机号不能为空');
     }
@@ -65,6 +73,8 @@ export class CodeService {
       throw new Error('randomStr不能为空');
     }
 
+    const duration = Math.max(Math.floor(Math.min(opts?.duration || 5, 15)), 1);
+
     const sysSettings = await this.sysSettingsService.getPrivateSettings();
     if (!sysSettings.sms?.config?.accessId) {
       throw new Error('当前站点还未配置短信');
@@ -84,16 +94,29 @@ export class CodeService {
       phoneCode,
     });
 
-    const key = this.buildSmsCodeKey(phoneCode, mobile, randomStr);
+    const key = this.buildSmsCodeKey(phoneCode, mobile, randomStr, opts?.verificationType);
     cache.set(key, smsCode, {
-      ttl: 5 * 60 * 1000, //5分钟
+      ttl: duration * 60 * 1000, //5分钟
     });
     return smsCode;
   }
 
   /**
+   *
+   * @param email 收件邮箱
+   * @param randomStr
+   * @param opts title标题 content内容模版 duration有效时间单位分钟 verificationType验证类型
    */
-  async sendEmailCode(email: string, randomStr: string) {
+  async sendEmailCode(
+    email: string,
+    randomStr: string,
+    opts?: {
+      title?: string,
+      content?: string,
+      duration?: number,
+      verificationType?: string
+    },
+  ) {
     if (!email) {
       throw new Error('Email不能为空');
     }
@@ -110,15 +133,20 @@ export class CodeService {
     }
 
     const code = randomNumber(4);
+    const duration = Math.max(Math.floor(Math.min(opts?.duration || 5, 15)), 1);
+
+    const title = `【${siteTitle}】${!!opts?.title ? opts.title : '验证码'}`;
+    const content = !!opts.content ? this.compile(opts.content)({code, duration}) : `您的验证码是${code}，请勿泄露`;
+
     await this.emailService.send({
-      subject: `【${siteTitle}】验证码`,
-      content: `您的验证码是${code}，请勿泄露`,
+      subject: title,
+      content: content,
       receivers: [email],
     });
 
-    const key = this.buildEmailCodeKey(email, randomStr);
+    const key = this.buildEmailCodeKey(email, randomStr, opts?.verificationType);
     cache.set(key, code, {
-      ttl: 5 * 60 * 1000, //5分钟
+      ttl: duration * 60 * 1000, //5分钟
     });
     return code;
   }
@@ -126,20 +154,20 @@ export class CodeService {
   /**
    * checkSms
    */
-  async checkSmsCode(opts: { mobile: string; phoneCode: string; smsCode: string; randomStr: string; throwError: boolean }) {
-    const key = this.buildSmsCodeKey(opts.phoneCode, opts.mobile, opts.randomStr);
+  async checkSmsCode(opts: { mobile: string; phoneCode: string; smsCode: string; randomStr: string; verificationType?: string; throwError: boolean }) {
+    const key = this.buildSmsCodeKey(opts.phoneCode, opts.mobile, opts.randomStr, opts.verificationType);
     if (isDev()) {
       return true;
     }
     return this.checkValidateCode(key, opts.smsCode, opts.throwError);
   }
 
-  buildSmsCodeKey(phoneCode: string, mobile: string, randomStr: string) {
-    return `sms:${phoneCode}${mobile}:${randomStr}`;
+  buildSmsCodeKey(phoneCode: string, mobile: string, randomStr: string, verificationType?: string) {
+    return ['sms', verificationType, phoneCode, mobile, randomStr].filter(item => !!item).join(':');
   }
 
-  buildEmailCodeKey(email: string, randomStr: string) {
-    return `email:${email}:${randomStr}`;
+  buildEmailCodeKey(email: string, randomStr: string, verificationType?: string) {
+    return ['email', verificationType, email, randomStr].filter(item => !!item).join(':');
   }
   checkValidateCode(key: string, userCode: string, throwError = true) {
     //验证图片验证码
@@ -154,8 +182,18 @@ export class CodeService {
     return true;
   }
 
-  checkEmailCode(opts: { randomStr: string; validateCode: string; email: string; throwError: boolean }) {
-    const key = this.buildEmailCodeKey(opts.email, opts.randomStr);
+  checkEmailCode(opts: { randomStr: string; validateCode: string; email: string; verificationType?: string; throwError: boolean }) {
+    const key = this.buildEmailCodeKey(opts.email, opts.randomStr, opts.verificationType);
     return this.checkValidateCode(key, opts.validateCode, opts.throwError);
   }
+
+  compile(templateString: string) {
+    return new Function(
+      "data",
+      `    with(data || {}) {
+        return \`${templateString}\`;
+      }
+    `
+    );
+  }
 }

packages/ui/certd-server/src/modules/monitor/service/dns-custom.ts

@@ -1,60 +1,110 @@
-import { LocalCache } from '@certd/basic';
-import dnsSdk from 'dns'
+import {LocalCache, logger} from '@certd/basic';
+import dnsSdk, {AnyRecord} from 'dns'
+import {LookupAddress} from "node:dns";
+
 const dns = dnsSdk.promises
 
 export class DnsCustom{
-  resolver: any;
+  private resolver: dnsSdk.promises.Resolver;
+  // private cache = new LRUCache<string, any>({
+  //   max: 1000,
+  //   ttl: 1000 * 60 * 5,
+  // });
 
   constructor(dnsServers:string[]) {
     const resolver = new dns.Resolver();
     resolver.setServers(dnsServers);
     this.resolver = resolver;
   }
-  async resolve(hostname:string,options:any):Promise<string[]>{
-    // { family: undefined, hints: 0, all: true }
 
-    const cnames = await this.resolver.resolveCname(hostname)
-    let cnameIps = []
-    // deep
-    if (cnames && cnames.length > 0) {
-      for (let cname of cnames) {
-        const cnameIp = await this.resolve(cname,options)
-        if (cnameIp && cnameIp.length > 0) {
-          cnameIps.push(...cnameIp)
+  // async lookup(hostname:string,options?:{ family: any, hints: number, all: boolean }):Promise<LookupAddress[]>{
+  //   const cacheKey = hostname + JSON.stringify(options)
+  //   let res = this.cache.get(cacheKey)
+  //   if (res){
+  //     return res
+  //   }
+  //   res = await this.doLookup(hostname,options)
+  //   this.cache.set(cacheKey,res)
+  //   return res
+  // }
+  async lookup(hostname:string,options?:{ family: any, hints: number, all: boolean }):Promise<LookupAddress[]>{
+    // { family: undefined, hints: 0, all: true }
+    let v4:LookupAddress[] = []
+    let v6:LookupAddress[] = []
+    let errors = []
+    const queryV6 = async ()=>{
+      try{
+        const list = await this.resolver.resolve6(hostname)
+        if (list && list.length > 0) {
+          v6 = list.map(item=>{
+            return {
+              address: item,
+              family: 6
+            }
+          })
         }
+      }catch (e) {
+        logger.warn("query v6 error",e)
+        errors.push(e)
       }
     }
-    let v4 = []
-    let v6 = []
+    const queryV4 = async ()=>{
+      try{
+        const list =await this.resolver.resolve4(hostname)
+        if (list && list.length > 0) {
+          v4 = list.map(item=>{
+            return {
+              address: item,
+              family: 4
+            }
+          })
+        }
+      }catch (e) {
+        logger.warn("query v4 error",e)
+        errors.push(e)
+      }
+    }
+
+    const queries:Promise<any>[] = []
+
 
     const {family, all} = options
-    if(family === 6 && !all){
-      v6= await this.resolver.resolve6(hostname)
+    if (all){
+      queries.push(queryV6())
+      queries.push(queryV4())
+    }else{
+      if(family === 6 ){
+        queries.push(queryV6())
+      }
+      if(family === 4 ){
+        queries.push(queryV4())
+      }
     }
-    if(family === 4 && !all){
-      v4 = await this.resolver.resolve4(hostname)
+    await Promise.all(queries)
+    const res = [...v4,...v6]
+    if(res.length === 0){
+      if (errors.length > 0){
+        const e =  new Error(errors[0])
+        // @ts-ignore
+        e.errors =  errors
+        throw e
+      }
     }
-
-    if(all){
-       v4 = await this.resolver.resolve4(hostname)
-       v6 = await this.resolver.resolve6(hostname)
-    }
-
-    return [...v4,...v6,...cnameIps]
+    return res
   }
 
-  async resolve4(hostname:string,options:any):Promise<string[]>{
-    return await this.resolver.resolve4(hostname,options)
+  async resolve4(hostname:string):Promise<string[]>{
+    return await this.resolver.resolve4(hostname)
   }
-  async resolve6(hostname:string,options:any):Promise<string[]>{
-    return await this.resolver.resolve6(hostname,options)
+  async resolve6(hostname:string):Promise<string[]>{
+    return await this.resolver.resolve6(hostname)
   }
-  async resolveAny(hostname:string,options:any):Promise<string[]>{
-    return await this.resolver.resolveAny(hostname,options)
+  async resolveAny(hostname:string):Promise<AnyRecord[]>{
+    return await this.resolver.resolveAny(hostname)
   }
 
-  async resolveCname(hostname:string,options:any):Promise<string[]>{
-    return await this.resolver.resolveCname(hostname,options)
+  async resolveCname(hostname:string):Promise<string[]>{
+    return await this.resolver.resolveCname(hostname)
   }
 
 

packages/ui/certd-server/src/modules/monitor/service/site-info-service.ts

@@ -112,9 +112,9 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
 
     const setting = await this.userSettingsService.getSetting<UserSiteMonitorSetting>(site.userId, UserSiteMonitorSetting);
     const dnsServer = setting.dnsServer
-    let resolver = null
+    let customDns = null
     if (dnsServer && dnsServer.length > 0) {
-      resolver = dnsContainer.getDns(dnsServer) as any
+      customDns = dnsContainer.getDns(dnsServer) as any
     }
 
     try {
@@ -127,7 +127,7 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
         host: site.domain,
         port: site.httpsPort,
         retryTimes,
-        resolver
+        customDns
       });
 
       const certi: PeerCertificate = res.certificate;
@@ -154,7 +154,7 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
         error: null,
         checkStatus: "ok"
       };
-
+      logger.info(`测试站点成功：id=${updateData.id},site=${site.name},expiresTime=${updateData.certExpiresTime}`)
       if (site.ipCheck) {
         delete updateData.checkStatus
       }

packages/ui/certd-server/src/modules/monitor/service/site-ip-service.ts

@@ -134,6 +134,7 @@ export class SiteIpService extends BaseService<SiteIpEntity> {
     if (!entity) {
       return;
     }
+    logger.info(`开始测试站点ip: id=${entity.id},ip=${entity.ipAddress}`)
     try {
       await this.update({
         id: entity.id,
@@ -173,7 +174,7 @@ export class SiteIpService extends BaseService<SiteIpEntity> {
       };
 
       await this.update(updateData);
-
+      logger.info(`测试站点ip成功: id=${updateData.id},ip=${entity.ipAddress},expiresTime=${updateData.certExpiresTime}`)
       return updateData
 
     } catch (e) {
@@ -231,7 +232,7 @@ export class SiteIpService extends BaseService<SiteIpEntity> {
       try{
         return await resolver.resolve4(domain);
       }catch (err) {
-        logger.error(`[${domain}] resolve4 error`, err)
+        logger.warn(`[${domain}] resolve4 error`, err)
         return []
       }
     }
@@ -239,7 +240,7 @@ export class SiteIpService extends BaseService<SiteIpEntity> {
       try{
         return await resolver.resolve6(domain);
       }catch (err) {
-        logger.error(`[${domain}] resolve6 error`, err)
+        logger.warn(`[${domain}] resolve6 error`, err)
         return []
       }
     }

packages/ui/certd-server/src/modules/monitor/service/site-tester.ts

@@ -2,6 +2,7 @@ import { logger, safePromise, utils } from "@certd/basic";
 import { merge } from "lodash-es";
 import https from "https";
 import { PeerCertificate } from "tls";
+import {DnsCustom} from "./dns-custom.js";
 
 export type SiteTestReq = {
   host: string; // 只用域名部分
@@ -10,7 +11,7 @@ export type SiteTestReq = {
   retryTimes?: number;
   ipAddress?: string;
 
-  resolver?: any;
+  customDns?: DnsCustom;
 };
 
 export type SiteTestRes = {
@@ -19,7 +20,9 @@ export type SiteTestRes = {
 
 export class SiteTester {
   async test(req: SiteTestReq): Promise<SiteTestRes> {
-    logger.info("测试站点:", JSON.stringify(req));
+    const req_ = {...req}
+    delete req_.customDns
+    logger.info("测试站点:", JSON.stringify(req_));
     const maxRetryTimes = req.retryTimes == null ? 3 : req.retryTimes;
     let tryCount = 0;
     let result: SiteTestRes = {};
@@ -61,15 +64,18 @@ export class SiteTester {
         servername: options.host
       };
       options.host = ipAddress;
-    }else if (req.resolver ) {
+    }else if (req.customDns ) {
       // 非ip address 请求时
-      const resolver = req.resolver
+      const customDns = req.customDns
       customLookup = async (hostname:string, options:any, callback)=> {
         console.log(hostname, options);
 
         // { family: undefined, hints: 0, all: true }
-        const res = await resolver.resolve(hostname, options)
+        const res = await customDns.lookup(hostname, options)
         console.log("custom lookup res:",res)
+        if (!res || res.length === 0) {
+          callback(new Error("没有解析到IP"));
+        }
         callback(null, res);
       }
     }

packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts

@@ -458,10 +458,10 @@ export class PipelineService extends BaseService<PipelineEntity> {
     }
     cron = cron.trim();
     if (cron.startsWith("* *")) {
-      cron = cron.replace("* *", "0 0");
+      cron = cron.replace("\* \*", "0 0");
     }
     if (cron.startsWith("*")) {
-      cron = cron.replace("*", "0");
+      cron = cron.replace("\*", "0");
     }
     const triggerId = trigger.id;
     const name = this.buildCronKey(pipelineId, triggerId);

packages/ui/certd-server/src/modules/sys/authority/service/user-service.ts

@@ -15,6 +15,7 @@ import { DbAdapter } from '../../../db/index.js';
 import { simpleNanoId, utils } from '@certd/basic';
 
 export type RegisterType = 'username' | 'mobile' | 'email';
+export type ForgotPasswordType = 'mobile' | 'email';
 
 export const AdminRoleId = 1
 /**
@@ -23,7 +24,7 @@ export const AdminRoleId = 1
 @Provide()
 @Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class UserService extends BaseService<UserEntity> {
- 
+
   @InjectEntityModel(UserEntity)
   repository: Repository<UserEntity>;
   @Inject()
@@ -174,25 +175,26 @@ export class UserService extends BaseService<UserEntity> {
     if (!user.password) {
       user.password = simpleNanoId();
     }
-    if (!user.username) {
-      user.username = 'user_' + simpleNanoId();
-    }
 
-    if (type === 'username') {
+
+    if (user.username) {
       const username = user.username;
       const old = await this.findOne([{ username: username }, { mobile: username }, { email: username }]);
       if (old != null) {
         throw new CommonException('用户名已被注册');
       }
-    } else if (type === 'mobile') {
+    }
+
+    if (user.mobile) {
       const mobile = user.mobile;
 
-      user.nickName = mobile.substring(0, 3) + '****' + mobile.substring(7);
+      user.nickName = user.username || mobile.substring(0, 3) + '****' + mobile.substring(7);
       const old = await this.findOne([{ username: mobile }, { mobile: mobile }, { email: mobile }]);
       if (old != null) {
         throw new CommonException('手机号已被注册');
       }
-    } else if (type === 'email') {
+    }
+    if (user.email) {
       const email = user.email;
       const old = await this.findOne([{ username: email }, { mobile: email }, { email: email }]);
       if (old != null) {
@@ -200,6 +202,11 @@ export class UserService extends BaseService<UserEntity> {
       }
     }
 
+
+    if (!user.username) {
+      user.username = 'user_' + simpleNanoId();
+    }
+
     let newUser: UserEntity = UserEntity.of({
       username: user.username,
       password: user.password,
@@ -229,6 +236,29 @@ export class UserService extends BaseService<UserEntity> {
     return newUser;
   }
 
+  async forgotPassword(
+    data: {
+      type: ForgotPasswordType; input?: string, phoneCode?: string,
+      randomStr: string, imgCode:string, validateCode: string,
+      password: string, confirmPassword: string,
+    }
+  ) {
+    if(!data.type) {
+      throw new CommonException('找回类型不能为空');
+    }
+    if(data.password !== data.confirmPassword) {
+      throw new CommonException('两次输入的密码不一致');
+    }
+    const user = await this.findOne([{ [data.type]: data.input }]);
+    console.log('user', user)
+    if(!user) {
+      throw new CommonException('用户不存在');
+      // return;
+    }
+    await this.resetPassword(user.id, data.password)
+    return user.username;
+  }
+
   async changePassword(userId: any, form: any) {
     const user = await this.info(userId);
     const passwordChecked = await this.checkPassword(form.password, user.password, user.passwordVersion);

packages/ui/certd-server/src/plugins/plugin-admin/plugin-db-backup.ts

@@ -202,16 +202,22 @@ export class DBBackupPlugin extends AbstractPlusTaskPlugin {
     const backupDir = this.backupDir || defaultBackupDir;
     const backupFilePath = `${backupDir}/${dbZipFilename}`;
 
-    if (this.backupMode === 'local') {
-      await this.localBackup(dbZipPath, backupDir, backupFilePath);
-    } else if (this.backupMode === 'ssh') {
-      await this.sshBackup(dbZipPath, backupDir, backupFilePath);
-    } else if (this.backupMode === 'oss') {
-      await this.ossBackup(dbZipPath, backupDir, backupFilePath);
-    } else {
-      throw new Error(`不支持的备份方式:${this.backupMode}`);
+    try{
+      if (this.backupMode === 'local') {
+        await this.localBackup(dbZipPath, backupDir, backupFilePath);
+      } else if (this.backupMode === 'ssh') {
+        await this.sshBackup(dbZipPath, backupDir, backupFilePath);
+      } else if (this.backupMode === 'oss') {
+        await this.ossBackup(dbZipPath, backupDir, backupFilePath);
+      } else {
+        throw new Error(`不支持的备份方式:${this.backupMode}`);
+      }
+    }finally{
+      //删除临时目录
+      await fs.promises.rm(tempDir, {recursive: true, force: true});
     }
 
+
     this.logger.info('数据库备份完成');
   }
 

packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-esa/index.ts

@@ -26,7 +26,7 @@ export class AliyunDeployCertToESA extends AbstractTaskPlugin {
     helper: "请选择证书申请任务输出的域名证书",
     component: {
       name: "output-selector",
-      from: [...CertApplyPluginNames]
+      from: [...CertApplyPluginNames, 'uploadCertToAliyun']
     },
     required: true
   })
@@ -58,8 +58,8 @@ export class AliyunDeployCertToESA extends AbstractTaskPlugin {
       name: "a-select",
       options: [
         { value: "cas.aliyuncs.com", label: "中国大陆" },
-        { value: "cas.ap-southeast-1.aliyuncs.com", label: "新加坡" },
-        { value: "cas.eu-central-1.aliyuncs.com", label: "德国（法兰克福）" }
+        { value: "cas.ap-southeast-1.aliyuncs.com", label: "新加坡" }
+        // { value: "cas.eu-central-1.aliyuncs.com", label: "德国（法兰克福）" }
       ]
     },
     required: true

packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-oss/index.ts

@@ -1,7 +1,14 @@
-import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
-import {AliyunAccess, AliyunSslClient} from '@certd/plugin-lib';
+import {AbstractTaskPlugin, IsTaskPlugin, Pager, pluginGroups, RunStrategy, TaskInput} from '@certd/pipeline';
+import {
+  AliyunAccess,
+  AliyunSslClient,
+  createCertDomainGetterInputDefine,
+  createRemoteSelectInputDefine
+} from '@certd/plugin-lib';
 import {CertInfo, CertReader} from '@certd/plugin-cert';
 import { CertApplyPluginNames} from '@certd/plugin-cert';
+import {optionsUtils} from "@certd/basic/dist/utils/util.options.js";
+import {isArray} from "lodash-es";
 @IsTaskPlugin({
   name: 'DeployCertToAliyunOSS',
   title: '阿里云-部署证书至OSS',
@@ -15,6 +22,22 @@ import { CertApplyPluginNames} from '@certd/plugin-cert';
   },
 })
 export class DeployCertToAliyunOSS extends AbstractTaskPlugin {
+
+  @TaskInput({
+    title: '域名证书',
+    helper: '请选择前置任务输出的域名证书',
+    component: {
+      name: 'output-selector',
+      from: [...CertApplyPluginNames,"uploadCertToAliyun"],
+    },
+    required: true,
+  })
+  cert!: CertInfo | string;
+
+  @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
+  certDomains!: string[];
+
+
   @TaskInput({
     title: '大区',
     component: {
@@ -59,16 +82,27 @@ export class DeployCertToAliyunOSS extends AbstractTaskPlugin {
   @TaskInput({
     title: 'Bucket',
     helper: '存储桶名称',
+    component: {
+      name: 'remote-auto-complete',
+      vModel: 'value',
+      type: 'plugin',
+      action: 'onGetBucketList',
+      search: false,
+      pager: false,
+      watches: ['accessId', 'region']
+    },
     required: true,
   })
   bucket!: string;
 
-  @TaskInput({
+  @TaskInput(createRemoteSelectInputDefine({
     title: '绑定的域名',
     helper: '你在阿里云OSS上绑定的域名，比如:certd.docmirror.cn',
     required: true,
-  })
-  domainName!: string;
+    action: DeployCertToAliyunOSS.prototype.onGetDomainList.name,
+    watches: ['certDomains', 'accessId','bucket'],
+  }))
+  domainName!: string | string[];
 
 
   @TaskInput({
@@ -77,21 +111,12 @@ export class DeployCertToAliyunOSS extends AbstractTaskPlugin {
   })
   certName!: string;
 
-  @TaskInput({
-    title: '域名证书',
-    helper: '请选择前置任务输出的域名证书',
-    component: {
-      name: 'output-selector',
-      from: [...CertApplyPluginNames,"uploadCertToAliyun"],
-    },
-    required: true,
-  })
-  cert!: CertInfo | string;
+
 
   @TaskInput({
     title: '证书服务接入点',
     helper: '不会选就按默认',
-    value: 'cas.aliyuncs.com',
+    value: 'cn-hangzhou',
     component: {
       name: 'a-select',
       options: [
@@ -101,6 +126,7 @@ export class DeployCertToAliyunOSS extends AbstractTaskPlugin {
       ],
     },
     required: true,
+    order: -99,
   })
   casRegion!: string;
 
@@ -112,6 +138,7 @@ export class DeployCertToAliyunOSS extends AbstractTaskPlugin {
       type: 'aliyun',
     },
     required: true,
+    order: -98,
   })
   accessId!: string;
 
@@ -123,16 +150,58 @@ export class DeployCertToAliyunOSS extends AbstractTaskPlugin {
     await this.getAliyunCertId(access)
     this.logger.info(`bucket: ${this.bucket}, region: ${this.region}, domainName: ${this.domainName}`);
     const client = await this.getClient(access);
-    await this.doRequest(client, {});
+    if (typeof this.domainName === "string"){
+      this.domainName = [this.domainName];
+    }
+    for (const domainName of this.domainName) {
+      this.logger.info("开始部署证书到阿里云oss自定义域名:", domainName)
+      await this.updateCert(domainName,client, {});
+    }
+
     this.logger.info('部署完成');
   }
 
+
+  async updateCert(domainName:string,client: any, params: any) {
+    params = client._bucketRequestParams('POST', this.bucket, {
+      cname: '',
+      comp: 'add',
+    });
+
+    let certStr =  ""
+    if (typeof this.cert === "object" ){
+      certStr = `
+      <PrivateKey>${this.cert.key}</PrivateKey>
+      <Certificate>${this.cert.crt}</Certificate>
+`
+    }else{
+      certStr = `<CertId>${this.cert}-${this.casRegion}</CertId>`
+    }
+
+    const xml = `
+ <BucketCnameConfiguration>
+  <Cname>
+    <Domain>${domainName}</Domain>
+    <CertificateConfiguration>
+      ${certStr}
+      <Force>true</Force>
+    </CertificateConfiguration>
+  </Cname>
+</BucketCnameConfiguration>`;
+    params.content = xml;
+    params.mime = 'xml';
+    params.successStatuses = [200];
+    const res = await client.request(params);
+    this.checkRet(res);
+    return res;
+  }
+
   async getAliyunCertId(access: AliyunAccess) {
     let certId: any = this.cert;
     let certName: any = this.appendTimeSuffix("certd");
     if (typeof this.cert === "object") {
       let endpoint = `cas.${this.casRegion}.aliyuncs.com`;
-      if (this.casRegion === "cn-hangzhou"){
+      if (this.casRegion === "cn-hangzhou" || !this.casRegion){
         endpoint = "cas.aliyuncs.com";
       }
       const sslClient = new AliyunSslClient({
@@ -170,43 +239,66 @@ export class DeployCertToAliyunOSS extends AbstractTaskPlugin {
     });
   }
 
-  async doRequest(client: any, params: any) {
-    params = client._bucketRequestParams('POST', this.bucket, {
-      cname: '',
-      comp: 'add',
-    });
+  async onGetBucketList(data: Pager) {
 
-    let certStr =  ""
-    if (typeof this.cert === "object" ){
-      certStr = `
-      <PrivateKey>${this.cert.key}</PrivateKey>
-      <Certificate>${this.cert.crt}</Certificate>
-`
-    }else{
-      certStr = `<CertId>${this.cert}-${this.casRegion}</CertId>`
+    const access = (await this.getAccess(this.accessId)) as AliyunAccess;
+    const client = await this.getClient(access);
+
+    let res;
+    const buckets = []
+    do{
+      const requestData = {'marker': res?.nextMarker || null, 'max-keys': 1000};
+      res = await client.listBuckets(requestData)
+      buckets.push(...(res?.buckets || []))
+    } while (!!res?.nextMarker)
+    return buckets
+      .filter(bucket => bucket?.region === this.region)
+      .map(bucket => ({label: `${bucket.name}<${bucket.region}>`, value: bucket.name}));
+  }
+
+  async onGetDomainList(data: any) {
+
+    const access = (await this.getAccess(this.accessId)) as AliyunAccess;
+    const client = await this.getClient(access);
+
+    const res  = await this.doListCnameRequest(client,this.bucket)
+    let domains = res.data?.Cname
+    if (domains == null || domains.length === 0){
+      return []
+    }
+    if (!isArray(domains)){
+      domains = [domains]
     }
 
-    const xml = `
- <BucketCnameConfiguration>
-  <Cname>
-    <Domain>${this.domainName}</Domain>
-    <CertificateConfiguration>
-      ${certStr}
-      <Force>true</Force>
-    </CertificateConfiguration>
-  </Cname>
-</BucketCnameConfiguration>`;
-    params.content = xml;
+    const options = domains.map((item: any) => {
+      return {
+        value: item.Domain,
+        label: item.Domain,
+        domain: item.Domain,
+      };
+    });
+    return optionsUtils.buildGroupOptions(options, this.certDomains);
+  }
+
+
+  async doListCnameRequest(client: any,bucket:string) {
+    const params = client._bucketRequestParams('GET', this.bucket, {
+      cname: '',
+      bucket
+    });
     params.mime = 'xml';
     params.successStatuses = [200];
+    params.xmlResponse = true;
     const res = await client.request(params);
     this.checkRet(res);
     return res;
   }
 
+
+
   checkRet(ret: any) {
-    if (ret.Code != null) {
-      throw new Error('执行失败：' + ret.Message);
+    if (ret.Code != null || ret.status!==200) {
+      throw new Error('执行失败：' + ret.Message || ret.data);
     }
   }
 }

packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-slb/index.ts

@@ -207,7 +207,7 @@ export class AliyunDeployCertToSLB extends AbstractTaskPlugin {
   }
 
   getCLBClientV2(access: AliyunAccess) {
-    return access.getClient("slb.aliyuncs.com")
+    return access.getClient(`slb.${this.regionId}.aliyuncs.com`)
   }
 
   resolveListenerKey(listener: string) {
@@ -383,7 +383,7 @@ export class AliyunDeployCertToSLB extends AbstractTaskPlugin {
     access: AliyunAccess
   }) {
     const {loadBalancerId, listenerPort, listenerProtocol, access} = data;
-    const client = access.getClient("slb.aliyuncs.com")
+    const client = access.getClient(`slb.${this.regionId}.aliyuncs.com`)
 
     let queries = {
       RegionId: this.regionId,

packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/upload-to-aliyun/index.ts

@@ -15,7 +15,7 @@ import { CertApplyPluginNames, CertReader } from "@certd/plugin-cert";
 const regionDict = [
   { value: 'cn-hangzhou', endpoint: 'cas.aliyuncs.com', label: 'cn-hangzhou-中国大陆' },
   { value: 'eu-central-1', endpoint: 'cas.eu-central-1.aliyuncs.com', label: 'eu-central-1-德国（法兰克福）' },
-  { value: 'ap-southeast-1', endpoint: 'cas.ap-southeast-1.aliyuncs.com', label: 'ap-southeast-1-新加坡' },
+  { value: 'ap-southeast-1', endpoint: 'cas.ap-southeast-1.aliyuncs.com', label: 'ap-southeast-1-新加坡（国际版选这个）' },
   { value: 'ap-southeast-3', endpoint: 'cas.ap-southeast-3.aliyuncs.com', label: 'ap-southeast-3-马来西亚（吉隆坡）' },
   { value: 'ap-southeast-5', endpoint: 'cas.ap-southeast-5.aliyuncs.com', label: 'ap-southeast-5-印度尼西亚（雅加达）' },
   { value: 'cn-hongkong', endpoint: 'cas.cn-hongkong.aliyuncs.com', label: 'cn-hongkong-中国香港' },
@@ -82,7 +82,7 @@ export class UploadCertToAliyun extends AbstractTaskPlugin {
   async onInstance() {}
 
   async execute(): Promise<void> {
-    this.logger.info('开始部署证书到阿里云cdn');
+    this.logger.info('开始上传证书到阿里云证书管理CAS');
     const access: AliyunAccess = await this.getAccess(this.accessId);
 
     let endpoint = '';
@@ -97,7 +97,12 @@ export class UploadCertToAliyun extends AbstractTaskPlugin {
       logger: this.logger,
       endpoint,
     });
-    const certName = this.buildCertName(CertReader.getMainDomain(this.cert.crt))
+    let certName = ""
+    if (this.name){
+      certName = this.appendTimeSuffix(this.name)
+    }else{
+      certName = this.buildCertName(CertReader.getMainDomain(this.cert.crt))
+    }
     this.aliyunCertId = await client.uploadCert({
       name: certName,
       cert: this.cert,

packages/ui/certd-server/src/plugins/plugin-host/plugin/host-shell-execute/index.ts

@@ -7,6 +7,7 @@ import { SshClient } from '@certd/plugin-lib';
   group: pluginGroups.host.key,
   desc: '可以执行重启nginx等操作让证书生效',
   input: {},
+  showRunStrategy: true,
   default: {
     strategy: {
       runStrategy: RunStrategy.SkipWhenSucceed,

packages/ui/certd-server/src/plugins/plugin-notification/index.ts

@@ -12,3 +12,4 @@ export * from './bark/index.js';
 export * from './feishu/index.js';
 export * from './dingtalk/index.js';
 export * from './vocechat/index.js';
+export * from './onebot/index.js';

packages/ui/certd-server/src/plugins/plugin-notification/onebot/index.ts

@@ -0,0 +1,140 @@
+import { BaseNotification, IsNotification, NotificationBody, NotificationInput } from "@certd/pipeline";
+import axios from "axios";
+
+/**
+ * 文档: https://github.com/botuniverse/onebot-11
+ * 教程: https://ayakasuki.com/
+ */
+ 
+@IsNotification({
+  name: 'onebot',
+  title: 'OneBot V11 通知',
+  desc: '通过动态拼接URL发送 OneBot V11 协议消息',
+  needPlus: false,
+})
+export class OneBotNotification extends BaseNotification {
+  // 基础服务地址（不含路径）
+  @NotificationInput({
+    title: '服务地址',
+    component: {
+      placeholder: 'http://xxxx.xxxx.xxxx',
+    },
+    helper: 'OneBot 服务的基础地址（不包含action路径）',
+    required: true,
+    rules: [
+      { 
+        validator: (value) => /^https?:\/\/\S+$/.test(value), 
+        message: '请输入有效的HTTP/HTTPS地址' 
+      }
+    ]
+  })
+  baseUrl = '';
+
+  // 目标类型选择
+  @NotificationInput({
+    title: '目标类型',
+    component: {
+      name: 'a-select',
+      options: [
+        { value: 'group', label: '群聊' },
+        { value: 'private', label: '私聊' },
+      ],
+    },
+    required: true,
+    helper: '选择消息发送的目标类型',
+  })
+  targetType = 'group';
+
+  // 目标ID配置
+  @NotificationInput({
+    title: '目标ID',
+    component: {
+      placeholder: '123456789',
+    },
+    helper: '群聊ID或用户ID（纯数字）',
+    required: true,
+    rules: [
+      { 
+        validator: (value) => /^\d+$/.test(value), 
+        message: 'ID必须为纯数字' 
+      }
+    ]
+  })
+  targetId = '';
+
+  // 鉴权密钥（非必填）
+  @NotificationInput({
+    title: '鉴权密钥',
+    component: {
+      placeholder: 'xxxxxxxxxx',
+    },
+    helper: '(选填)访问API的授权令牌（无token时留空）',
+    required: false, // 关键修改点
+  })
+  accessToken = '';
+
+  // 构建完整请求URL（支持无token场景）
+  private buildFullUrl(): string {
+    const action = this.targetType === 'group' 
+      ? 'send_group_msg' 
+      : 'send_private_msg';
+    
+    let url = `${this.baseUrl}/${action}`;
+    
+    // 动态添加access_token参数（仅当存在时）
+    if (this.accessToken) {
+      url += `?access_token=${encodeURIComponent(this.accessToken)}`;
+    }
+    
+    return url;
+  }
+
+  // 构建消息内容
+  private buildMessage(body: NotificationBody): string {
+    return body.title 
+      ? `${body.title}\n${body.content}` 
+      : body.content;
+  }
+
+  // 构建请求体（动态字段）
+  private buildRequestBody(body: NotificationBody): object {
+    return {
+      [this.targetType === 'group' ? 'group_id' : 'user_id']: Number(this.targetId),
+      message: this.buildMessage(body),
+      auto_escape: false
+    };
+  }
+
+  // 发送通知主逻辑
+  async send(body: NotificationBody) {
+    const fullUrl = this.buildFullUrl();
+    const requestBody = this.buildRequestBody(body);
+
+    try {
+      console.debug("[ONEBOT] 最终请求URL:", fullUrl);
+      console.debug("[ONEBOT] 请求体:", JSON.stringify(requestBody));
+      console.debug("[ONEBOT] 使用Token:", !!this.accessToken); // 明确token使用状态
+
+      const response = await axios.post(fullUrl, requestBody, {
+        timeout: 5000,
+        headers: {
+          'Content-Type': 'application/json',
+          'User-Agent': 'Certd-Notification/1.0'
+        }
+      });
+
+      // 响应验证（保持不变）
+      if (response.data?.retcode !== 0) {
+        throw new Error(`[${response.data.retcode}] ${response.data.message}`);
+      }
+      return response.data;
+    } catch (error) {
+      console.error('[ONEBOT] 请求失败:', {
+        url: fullUrl,
+        tokenUsed: !!this.accessToken, // 记录token使用状态
+        error: error.response?.data || error.message
+      });
+      throw new Error(`OneBot通知发送失败: ${error.message}`);
+    }
+  }
+}

packages/ui/certd-server/src/plugins/plugin-other/plugins/index.ts

@@ -1,2 +1,3 @@
 export * from './plugin-wait.js';
 export * from './plugin-deploy-to-mail.js';
+export * from './plugin-webhook.js';