v1.37.5

# Conflicts:
#	packages/core/basic/src/utils/util.hash.ts

.github/FUNDING.yml

@@ -0,0 +1,5 @@
+# These are supported funding model platforms
+
+github: greper
+buy_me_a_coffee: greper
+custom: ['https://afdian.com/a/greper']

.github/workflows/build-image.yml

@@ -3,7 +3,7 @@ on:
   push:
     branches: ['v2-dev']
     paths:
-      - "build.trigger"
+      - "trigger/build.trigger"
 
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
@@ -68,7 +68,7 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-  
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
         with:
@@ -82,34 +82,4 @@ jobs:
           push: true
           context: ./packages/ui/
           tags: |
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
             registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}
-            greper/certd:latest
-            greper/certd:${{steps.get_certd_version.outputs.result}}
-            ghcr.io/${{ github.repository }}:latest
-            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}
-      - name: Build armv7
-        uses: docker/build-push-action@v6
-        with:
-          platforms: linux/arm/v7
-          push: true
-          context: ./packages/ui/
-          tags: |
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
-            greper/certd:armv7
-            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
-            ghcr.io/${{ github.repository }}:armv7
-            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}-armv7
-
-#      - name: Build agent
-#        uses: docker/build-push-action@v6
-#        with:
-#          platforms: linux/amd64,linux/arm64
-#          push: true
-#          context: ./packages/ui/agent/
-#          tags: |
-#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:latest
-#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
-#            greper/certd-agent:latest
-#            greper/certd-agent:${{steps.get_certd_version.outputs.result}}

.github/workflows/deploy-demo.yml

@@ -3,12 +3,13 @@ on:
   push:
     branches: ['v2-dev']
     paths:
-      - "deploy.trigger"
+      - "trigger/deploy.trigger"
   workflow_run:
     workflows: [ "build-image" ]
     types:
       - completed
 
+
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -54,14 +55,3 @@ jobs:
           retry-count: 3
           retry-delay: 5000
 
-      - name: deploy-certd-doc
-        uses: tyrrrz/action-http-request@master
-        with:
-          url: http://flow-openapi.aliyun.com/pipeline/webhook/IiSxLDp9aOhgDUxJPytv
-          method: POST
-          body: |
-            {}
-          headers: |
-            Content-Type: application/json
-          retry-count: 3
-          retry-delay: 5000

.github/workflows/release-image.yml

@@ -1,9 +1,13 @@
-name: build-image-for-test
+name: build-image-for-release
 on:
   push:
     branches: ['v2-dev']
     paths:
-      - "build-dev.trigger"
+      - "trigger/release.trigger"
+#  workflow_run:
+#    workflows: [ "deploy-demo" ]
+#    types:
+#      - completed
 
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
@@ -20,7 +24,7 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
-          ref: v2-dev
+          lfs: true
 
       - name: get_certd_version
         id: get_certd_version
@@ -75,17 +79,19 @@ jobs:
           username: ${{ secrets.dockerhub_username }}
           password: ${{ secrets.dockerhub_password }}
 
-#      - name: Build default platforms
-#        uses: docker/build-push-action@v6
-#        with:
-#          platforms: linux/amd64,linux/arm64
-#          push: true
-#          context: ./packages/ui/
-#          tags: |
-#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-dev:latest
-#            greper/certd-dev:latest
-#            ghcr.io/${{ github.repository }}:dev-latest
-
+      - name: Build default platforms
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/amd64,linux/arm64
+          push: true
+          context: ./packages/ui/
+          tags: |
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}
+            greper/certd:latest
+            greper/certd:${{steps.get_certd_version.outputs.result}}
+            ghcr.io/${{ github.repository }}:latest
+            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}
       - name: Build armv7
         uses: docker/build-push-action@v6
         with:
@@ -96,4 +102,30 @@ jobs:
             registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
             registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
             greper/certd:armv7
-            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
+            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
+            ghcr.io/${{ github.repository }}:armv7
+            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}-armv7
+
+#      - name: Build agent
+#        uses: docker/build-push-action@v6
+#        with:
+#          platforms: linux/amd64,linux/arm64
+#          push: true
+#          context: ./packages/ui/agent/
+#          tags: |
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:latest
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
+#            greper/certd-agent:latest
+#            greper/certd-agent:${{steps.get_certd_version.outputs.result}}
+
+      - name: deploy-certd-doc
+        uses: tyrrrz/action-http-request@master
+        with:
+          url: http://flow-openapi.aliyun.com/pipeline/webhook/IiSxLDp9aOhgDUxJPytv
+          method: POST
+          body: |
+            {}
+          headers: |
+            Content-Type: application/json
+          retry-count: 3
+          retry-delay: 5000

.gitignore

@@ -1,6 +1,5 @@
 ./packages/core/lego
 # IntelliJ project files
-.vscode/
 node_modules/
 npm-debug.log
 yarn-error.log
@@ -30,5 +29,5 @@ test/**/*.js
 /packages/ui/certd-server/data/db.sqlite
 /packages/ui/certd-server/data/keys.yaml
 /packages/pro/
-
-test.js
+test.js
+.history

.npmrc

@@ -1,2 +1,6 @@
 link-workspace-packages=deep
 prefer-workspace-packages=true
+better_sqlite3_binary_host=https://registry.npmmirror.com/-/binary/better-sqlite3
+better_sqlite3_binary_host_mirror=https://registry.npmmirror.com/-/binary/better-sqlite3
+better-sqlite3_binary_host=https://registry.npmmirror.com/-/binary/better-sqlite3
+better-sqlite3_binary_host_mirror=https://registry.npmmirror.com/-/binary/better-sqlite3

.vscode/launch.json

@@ -0,0 +1,73 @@
+{
+    // 使用 IntelliSense 了解相关属性。 
+    // 悬停以查看现有属性的描述。
+    // 欲了解更多信息，请访问: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+
+        {
+            "name": "client",
+            "type": "node",
+            "request": "launch",
+            "cwd": "${workspaceFolder}/packages/ui/certd-client",
+            "runtimeExecutable": "pnpm",
+            "runtimeArgs": ["dev"],
+            "console": "integratedTerminal",
+            "internalConsoleOptions": "neverOpen"
+        },
+        {
+            "name": "server",
+            "type": "node",
+            "request": "launch",
+            "cwd": "${workspaceFolder}/packages/ui/certd-server",
+            "runtimeExecutable": "pnpm",
+            "runtimeArgs": ["dev"],
+            "console": "integratedTerminal",
+            "internalConsoleOptions": "neverOpen"
+        },
+         {
+            "name": "server-mysql",
+            "type": "node",
+            "request": "launch",
+            "cwd": "${workspaceFolder}/packages/ui/certd-server",
+            "runtimeExecutable": "pnpm",
+            "runtimeArgs": ["dev-mysql"],
+            "console": "integratedTerminal",
+            "internalConsoleOptions": "neverOpen"
+        },
+         {
+            "name": "server-pg",
+            "type": "node",
+            "request": "launch",
+            "cwd": "${workspaceFolder}/packages/ui/certd-server",
+            "runtimeExecutable": "pnpm",
+            "runtimeArgs": ["dev-pg"],
+            "console": "integratedTerminal",
+            "internalConsoleOptions": "neverOpen"
+        },
+        {
+            "name": "server-common",
+            "type": "node",
+            "request": "launch",
+            "cwd": "${workspaceFolder}/packages/ui/certd-server",
+            "runtimeExecutable": "pnpm",
+            "runtimeArgs": ["dev-commpro"],
+            "console": "integratedTerminal",
+            "internalConsoleOptions": "neverOpen"
+        },
+        {
+            "name": "server-local-plus",
+            "type": "node",
+            "request": "launch",
+            "cwd": "${workspaceFolder}/packages/ui/certd-server",
+            "runtimeExecutable": "npm",
+            "runtimeArgs": ["run", "dev-localplus"],
+            "console": "integratedTerminal",
+            "internalConsoleOptions": "neverOpen",
+            "env": {
+                "plus_use_prod": "false",
+                "PLUS_SERVER_BASE_URL": "http://127.0.0.1:11007"
+            }
+        }
+    ]
+}

.vscode/settings.json

@@ -0,0 +1,8 @@
+{
+    "eslint.debug": false,
+    "eslint.format.enable": true,
+    "typescript.tsc.autoDetect": "watch",
+    "git.scanRepositories": [
+        "./packages/pro"
+    ]
+}

.vscode/tasks.json

@@ -0,0 +1,52 @@
+{
+    "version": "2.0.0",
+    "tasks": [
+        {
+            "label": "启动Client",
+            "type": "shell",
+            "command": "npm",
+            "args": ["run", "dev"],
+            "options": {
+                "cwd": "${workspaceFolder}/packages/ui/certd-client"
+            },
+            "group": {
+                "kind": "build",
+                "isDefault": true
+            },
+            "presentation": {
+                "echo": true,
+                "reveal": "always",
+                "focus": false,
+                "panel": "shared"
+            }
+        },
+        {
+            "label": "启动Server",
+            "type": "shell",
+            "command": "npm",
+            "args": ["run", "dev"],
+            "options": {
+                "cwd": "${workspaceFolder}/packages/ui/certd-server"
+            },
+            "group": {
+                "kind": "build",
+                "isDefault": true
+            },
+            "presentation": {
+                "echo": true,
+                "reveal": "always",
+                "focus": false,
+                "panel": "shared"
+            }
+        },
+        {
+            "label": "同时启动Client和Server",
+            "dependsOn": ["启动Client", "启动Server"],
+            "group": {
+                "kind": "build",
+                "isDefault": true
+            },
+            "problemMatcher": []
+        }
+    ]
+}

CHANGELOG.md

@@ -3,6 +3,215 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+### Bug Fixes
+
+* 修复某些情况下编辑流水线，没有立即展示变更效果的bug ([65e5309](https://github.com/certd/certd/commit/65e53092e8d677eb34b7d04d68c6f738165f5de2))
+* 修复批量修改定时没有立即显示生效的bug ([c166602](https://github.com/certd/certd/commit/c16660254b8d637bd3ca100695934b343875fcbf))
+* 修复新部署的无法保存公共eab配置的bug ([6b7631e](https://github.com/certd/certd/commit/6b7631ed5e920582d8e2162ec788b9429238ac29))
+* 修复在苹果手机下输入框被放大的问题 ([5ff7e6e](https://github.com/certd/certd/commit/5ff7e6ef0eaa6bc111d0dd3c5713e1658f9113ad))
+
+### Performance Improvements
+
+*  支持记忆字段排序 ([d46b9c5](https://github.com/certd/certd/commit/d46b9c54b14ec5c892f4eed141fb549485941edd))
+* 优化任务参数配置界面在手机版下的展示效果 ([0203aa2](https://github.com/certd/certd/commit/0203aa2b6e86e58e5e66a1b9d0278d186aa92554))
+* 支持列表展示时固定证书最大天数，有助于列表进度条整齐展示 ([4a94eab](https://github.com/certd/certd/commit/4a94eab3935c89a63892661d9cf0d0891e54aa81))
+* 子域名托管说明 ([b5d8161](https://github.com/certd/certd/commit/b5d8161bc2e686e6c8b552de0c29117a5d405313))
+* cname方式hostRecord增加user校验 ([bc174f7](https://github.com/certd/certd/commit/bc174f70545e487bd549eff250f8ef69c6d343f3))
+* doge云插件支持选择CDN域名，以及支持同时部署多个域名 ([041954c](https://github.com/certd/certd/commit/041954c0674fabed54ed2cf5e727fecfb6943d19))
+* doge云支持删除过期证书 ([335cf93](https://github.com/certd/certd/commit/335cf9397080a5e09074d5a89d03f59bd051cda5))
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+### Bug Fixes
+
+* 修复站点证书监控复制按钮无效的bug ([efa26a0](https://github.com/certd/certd/commit/efa26a067f06402f30befc016d9934cadcd5a563))
+* 修复lego模式下 私钥加密类型错误的bug ([f7cf7c1](https://github.com/certd/certd/commit/f7cf7c198d7f77b222099770f81accc637bc6619))
+
+### Performance Improvements
+
+* 优化数据备份效率，流式写入文件 ([c38dbbb](https://github.com/certd/certd/commit/c38dbbb1d72bd00a92fe275b76aea82a791e7199))
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+### Bug Fixes
+
+* 修复并发情况下证书申请日志混乱的bug ([bb2714f](https://github.com/certd/certd/commit/bb2714ff241f9db4a71d805b23a1b0f9f2f6413a))
+* 修复网络测试，telnet的bug ([c03a70f](https://github.com/certd/certd/commit/c03a70fde23c8e840bd0fdb4fcbca8990f6c65eb))
+* 修复站点证书监控，证书已经更新到最新日期了，仍然发出警告通知的bug ([1f42f93](https://github.com/certd/certd/commit/1f42f933f07860b27aa3d016e40916ff2b063eac))
+
+### Performance Improvements
+
+*  注册页面增加手机注册tab页签 ([6b2f1fc](https://github.com/certd/certd/commit/6b2f1fcd3e058061b814c3331cda8ce1b2d80d73))
+* 流水线创建时支持添加到证书监控 ([59ba408](https://github.com/certd/certd/commit/59ba4080706548828ef1c0a9cd893c1c9a7d591f))
+* 流水线支持有效期设置 ([911e69e](https://github.com/certd/certd/commit/911e69e3bc0cdd48b62953b5d0981d640fc1f8ac))
+* 群辉增加请求超时时长设置 ([b381492](https://github.com/certd/certd/commit/b3814920bdcabc911f860a8e19b5b9b3a04709ac))
+* 通知支持meow ([c77645e](https://github.com/certd/certd/commit/c77645e1733670214aaca5544cf8759d7e4adda4))
+* 站点证书监控增加导出和分组功能 ([2ed12c4](https://github.com/certd/certd/commit/2ed12c429eb58274a4f9dd0ed3b66e160d283ded))
+* 证书监控增加批量删除 ([e578c52](https://github.com/certd/certd/commit/e578c52fdf2f838038062aa4209b655fbae461fb))
+* esa 自动删除过期证书提示 ([8bf1f82](https://github.com/certd/certd/commit/8bf1f828b9eaa9208f32e8ee7460b86420fed0c7))
+* ssh 增加禁止-i参数提示 ([3a8931f](https://github.com/certd/certd/commit/3a8931feeffd7157163ff7d46b693e5e1a434b9c))
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+### Bug Fixes
+
+* 修复飞牛证书部署后无法生效的bug ([bf156a1](https://github.com/certd/certd/commit/bf156a13bd443cdadb73c9dff79bbef7231b4401))
+* aliyunoss 选择证书接入点选择新加坡无法上传的bug ([e00733a](https://github.com/certd/certd/commit/e00733a34644c23ffe926486b15dc96bf2fa4b57))
+
+### Performance Improvements
+
+* 优化start.sh脚本，去掉删除非ui目录的操作及提示 ([7993a7c](https://github.com/certd/certd/commit/7993a7cdb01885535950c63187e3f67d67ba2f75))
+* 增加飞牛证书id选择的提示 ([5a4d812](https://github.com/certd/certd/commit/5a4d8121462b1afe921d028465687be8c9679814))
+* 证书监控支持设置证书即将过期天数 ([cd35568](https://github.com/certd/certd/commit/cd35568e042e6ab928685efad51cdbed823d2d4f))
+* 支持网络测试 ([2bef608](https://github.com/certd/certd/commit/2bef608e07ceb56d52007f290667e0afef401b22))
+* 支持新网代理方式 ([f612509](https://github.com/certd/certd/commit/f612509cac87b859e81a7a52fe94b2eaccad22f9))
+* dns支持新网互联 ([f415190](https://github.com/certd/certd/commit/f41519048326d971acd9e0a30462231f77a299a6))
+* start.sh脚本支持根据当前系统判断是否使用sudo ([567cb7d](https://github.com/certd/certd/commit/567cb7d737023e26ec58403c6f28f109e212d379))
+
+## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
+
+### Bug Fixes
+
+* 修复版本比较bug ([109696e](https://github.com/certd/certd/commit/109696e965d68c50c8627ffd40203edd1d2daea5))
+* 修复某些情况下cname申请证书报错主域名不一致的bug ([2671781](https://github.com/certd/certd/commit/2671781e1bb0838981728d85eacf0e1a25a0fa48))
+
+### Performance Improvements
+
+* cname主域名校验提示优化，显示不一致的两方便于排查问题 ([6ebb365](https://github.com/certd/certd/commit/6ebb3659f42155e4e8da600c493fb5227cd08137))
+* dns解析支持阿里esa ([9291fa6](https://github.com/certd/certd/commit/9291fa68aa7a88a05c2f888bf3048df36a8fbde3))
+
+# [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
+
+### Features
+
+* @certd/ui-server module import报错的问题 ([0c61d4c](https://github.com/certd/certd/commit/0c61d4c9788677c83c567db5381b9e257ec90bba))
+* dist打包前检查 ([8f6e5bd](https://github.com/certd/certd/commit/8f6e5bd24b3b65fbfcba36c08f532a3abad2d606))
+
+## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
+
+### Bug Fixes
+
+* 固定midwayjs版本，修复ui-server import 错误的bug ([eb4d125](https://github.com/certd/certd/commit/eb4d125eaf4a41e88c752d0c68993829589f8f27))
+
+## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
+
+### Bug Fixes
+
+* 修复 ui-server 加载失败问题 ([c2ccdbe](https://github.com/certd/certd/commit/c2ccdbec9dd08bca4688eeb2f34d0105eec43ba1))
+* 修复 ui-server 加载失败问题 ([063f5c3](https://github.com/certd/certd/commit/063f5c3b55e47df22543a64f02e039e84f92cd14))
+
+### Performance Improvements
+
+* 重置管理员密码同时会关闭验证码，防止验证码失效之后无法登录 ([03899d4](https://github.com/certd/certd/commit/03899d4d9c76fc2077dacc53ab88e2c9ca41af7c))
+
+## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
+
+### Bug Fixes
+
+* 授权页面，id列位置不在第一列的bug ([3f1722d](https://github.com/certd/certd/commit/3f1722d54debcb4849dc14521a2da0d9b304b69f))
+
+### Performance Improvements
+
+* 动态加载验证码script ([dcc396a](https://github.com/certd/certd/commit/dcc396afb7a23aeb8af57c01014b09af5f033e61))
+* 开启子域名托管之后cname记录支持重置 ([54c8d62](https://github.com/certd/certd/commit/54c8d622437761d350db0f17e07f7517f1911211))
+* 手动上传证书优化，增加到期前报错提醒 ([3d42bfd](https://github.com/certd/certd/commit/3d42bfd479eaacc4a49c401224815a6e2a0204b0))
+* 验证码支持测试，登录验证码需要测试通过后才能开启 ([83e6476](https://github.com/certd/certd/commit/83e6476408090b741fabb1b542fb458d9a8b4134))
+* 支持腾讯云验证码 ([03f317f](https://github.com/certd/certd/commit/03f317ffdb6595ce70e8a2302b05f390c52110c8))
+
+## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
+
+### Bug Fixes
+
+* 修复旧版本升级上来报错eab授权的bug ([b76f2e2](https://github.com/certd/certd/commit/b76f2e2008a7fefac4c91179c45c56c7a7a84b71))
+* 选择授权对话框编辑时，名称字段排在最后的bug ([31cfb09](https://github.com/certd/certd/commit/31cfb09468bda3272f5f63af65ff3e9272220b39))
+
+### Performance Improvements
+
+* 7001绑定::地址 ([7188997](https://github.com/certd/certd/commit/7188997dd1979f1c10fa29b30221015e0bd5fe9e))
+* 登录失败时清除验证码状态 ([1c15bea](https://github.com/certd/certd/commit/1c15beadc7fe8a7c6ec1903b7e722ca2f52e05b3))
+* 公共cname支持权限校验 ([9cc5f0f](https://github.com/certd/certd/commit/9cc5f0f889d4362ff36e7a1f0e448e02d32ecee7))
+* 优化连接失败的报错提示 ([71d8e7e](https://github.com/certd/certd/commit/71d8e7edd23ad63fdc01a92766b52ede5074fe7c))
+* 增加自签名证书提示 ([877c9c4](https://github.com/certd/certd/commit/877c9c4ff99f81d289f67afd96f440c0796b03ea))
+* add preferred chain for google trust service ([#539](https://github.com/certd/certd/issues/539)) @ZeroClover ([e31d26a](https://github.com/certd/certd/commit/e31d26a8871c6088d9f8c0f580746ff2a810ae0c))
+* dns支持新网域名解析 ([cf3a78e](https://github.com/certd/certd/commit/cf3a78e1145ff0505c87fbc485d9e731b1aa88a8))
+* gcore flush plugin ssl_id改为必填项 ([4b90972](https://github.com/certd/certd/commit/4b909723411c57505aa13b07d8699fb9ac77c937))
+
+## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
+
+### Bug Fixes
+
+* 修复导入插件对话框无法打开的bug，修复插件编辑页面打开多个代码编辑器消失的bug ([e5a080a](https://github.com/certd/certd/commit/e5a080aebe0d2f3e3c0f86bf863f75069c1bf7ab))
+* 修复ssl.com报EMAILADDRESS数量不对的bug ([c560cc5](https://github.com/certd/certd/commit/c560cc5adda6e15bf3a8865d874042550a6c2688))
+
+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+### Bug Fixes
+
+* 修复商业版退出登录后，丢失站点个性化设置的bug ([d75dd05](https://github.com/certd/certd/commit/d75dd058d65c85f80c49e1fa7a910e6c6f08e824))
+* 修复授权类型和名称字段排到最后的bug ([43b7977](https://github.com/certd/certd/commit/43b79778ea9034065f6a15af3296274315597c6b))
+* 修复证书监控某些情况下报 options.lookup不能为null的bug ([d2ecfe5](https://github.com/certd/certd/commit/d2ecfe5491b2639eb30b5cae293af6062d58bb9f))
+* 修复证书手动托管时新上传的证书无效的bug ([506385e](https://github.com/certd/certd/commit/506385e5a2600887fe30854e0713583caaa2e689))
+* 修复secret patch 类型多了type：的bug ([d04f383](https://github.com/certd/certd/commit/d04f3831611011a90ec0594724b9694490d5edd0))
+
+### Performance Improvements
+
+* 登录支持极验验证码 ([370db62](https://github.com/certd/certd/commit/370db62bf0aece241859244927beabba32d6a257))
+* 登录注册、找回密码都支持极验验证码和图片验证码 ([7bdde68](https://github.com/certd/certd/commit/7bdde68ecea29fe2c570fd3cb082139db6c93d93))
+* 优化加量包展示效果 ([3c65f37](https://github.com/certd/certd/commit/3c65f37d84177ba107d4a6462648af12d2fc4b7a))
+* 证书到期剩余天数进度条根据实际证书有效期计算 ([#528](https://github.com/certd/certd/issues/528)) nicheng-he ([2d4586b](https://github.com/certd/certd/commit/2d4586b1c42c39f97d2a95b9453cca4bc8bfbe61))
+* add preferred chain option ([#519](https://github.com/certd/certd/issues/519))  @ZeroClover  ([902359f](https://github.com/certd/certd/commit/902359f24ed12eee4f9b65178f1d6a60378351d2))
+* ssh配置增加脚本类型设置，bash还是sh ([ae41c60](https://github.com/certd/certd/commit/ae41c6038b27c9476e64a2402a8daf247c38a5b6))
+* start.sh增加sudo ([b7271d7](https://github.com/certd/certd/commit/b7271d7a464773a1bf87d7d1f24d933ba0f86915))
+
+## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)
+
+### Bug Fixes
+
+* 前置任务输出不存在时输出警告提示 ([b59052c](https://github.com/certd/certd/commit/b59052cc43b7b070fabd8b8e914e4c2a5e0ad61c))
+* 修复批量流水线执行时日志显示错乱的问题 ([4372adc](https://github.com/certd/certd/commit/4372adc703b9a4c785664054ab2a533626d815a8))
+* 修复远程数据选择无法过滤的bug ([6cbb073](https://github.com/certd/certd/commit/6cbb0739f8428d51b0712f718fe4d236cc087cf9))
+* 修复mysql下购买套餐加量包无效的bug ([c26ad4c](https://github.com/certd/certd/commit/c26ad4c8075f0606d45b8da13915737968d6191a))
+
+### Performance Improvements
+
+* 创建证书时支持选择通知时机 ([0e96bfd](https://github.com/certd/certd/commit/0e96bfdfa377824d204e72923d1176408ae6b300))
+* 创建k8s secret 时设置type为tls ([79ebabf](https://github.com/certd/certd/commit/79ebabfcfb9e5a534049c84f5f1a642b357fc856))
+* 去掉宝塔url后面的斜杠 ([8a0c2b9](https://github.com/certd/certd/commit/8a0c2b9b13628da750c25757e0cb8ed3038775ba))
+* 商业版隐藏文档相关链接 ([4443a1c](https://github.com/certd/certd/commit/4443a1c0308fa6b95a05efd73d15d24b65d641c9))
+* 商业版隐藏文档相关链接 ([db89561](https://github.com/certd/certd/commit/db8956148083bc4f988226ccf719940d08158a27))
+* 增加健康检查探针  /health/liveliness 和 /health/readiness ([44019e1](https://github.com/certd/certd/commit/44019e104289fedd32a867db00e9c6cb71b389cc))
+* 支持根据id更新证书（证书Id不变接口），不过该接口为白名单功能，普通腾讯云账户无法使用 ([fe9c4f3](https://github.com/certd/certd/commit/fe9c4f3391ff07c01dd9a252225f69a129c39050))
+* 支持godaddy ([b7980aa](https://github.com/certd/certd/commit/b7980aad5ab50f58662eaddf5d84aa82876a98eb))
+* 支持ssl.com证书颁发机构 ([27b6dfa](https://github.com/certd/certd/commit/27b6dfa4d2ab3bddd284c3a34511a72e1a513a4c))
+* 子域名托管说明 ([39a0223](https://github.com/certd/certd/commit/39a02235cf4416bb5bd1acd3831241efeaa2f602))
+* ssh 增加超时断开连接，默认10分钟超时 ([c24a040](https://github.com/certd/certd/commit/c24a040c19cacafc79228d7a7649af93837d94a1))
+
+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+### Bug Fixes
+
+* 更新我爱云CDN域名地址，和部分目录结构 [@tyjsjxh](https://github.com/tyjsjxh)  ([#514](https://github.com/certd/certd/issues/514)) ([78e7a81](https://github.com/certd/certd/commit/78e7a81638c2ee779f0ab6c3ba7e5c6f6e064151))
+* 修复cron选择组件星期显示错误的bug ([eb75e52](https://github.com/certd/certd/commit/eb75e52278f94a72643f7317e6740fb42666c68a))
+* 修复proxmox某些情况下执行卡住的bug ([ebd6917](https://github.com/certd/certd/commit/ebd6917a1d40ae4d94555c32b7e3c093d0599b94))
+
+### Performance Improvements
+
+* 部署到k8s支持自动创建secret ([c09c962](https://github.com/certd/certd/commit/c09c962cb676ca261610aa9f3e5105c9dae43f43))
+* 短信验证码支持腾讯云 ([9108459](https://github.com/certd/certd/commit/9108459ae42bcd95a59acba164a64e82e5f2cfe6))
+* 商业版支持自定义插件的参数配置 ([17f23f3](https://github.com/certd/certd/commit/17f23f37516af925d5049291d67d41e4271f81f8))
+* 腾讯云插件支持国际版 ([58e82d5](https://github.com/certd/certd/commit/58e82d5dbd4ebf089ef239578ef9b68454d17b30))
+* 腾讯云EO插件支持自动获取zoneid和域名列表 ([70fcdc9](https://github.com/certd/certd/commit/70fcdc9ebbfb7c883c0c8a2138f61a0776a9491b))
+* 支持部署到阿里云云原生API网关、AI网关 ([2ca20be](https://github.com/certd/certd/commit/2ca20be197720201fceabcce9d927f4dbc1cc872))
+* 支持部署到华为云obs ([9feb9d0](https://github.com/certd/certd/commit/9feb9d04b3c56ec95c06fcf4fd071eb0e88ffc6f))
+* 支持部署到dokploy ([7dbdeae](https://github.com/certd/certd/commit/7dbdeaebe0bfee7521a863fe5e6b4a712aec5876))
+* 支持删除宝塔证书夹中的过期证书 ([3575113](https://github.com/certd/certd/commit/3575113655be751d19f88c64491e98a89042d6a2))
+* 支持p7b证书格式 ([d9f4a57](https://github.com/certd/certd/commit/d9f4a5793d68a017a5d80ad5385cbda603c4e165))
+* lecdnv2支持api token ([e448934](https://github.com/certd/certd/commit/e4489343fee7754be07bcfc3323969dc3a30e90c))
+* openapi返回证书时挑选匹配范围最小的那一个；增加format参数，增加返回值p7b格式，增加detail返回 ([2085bcc](https://github.com/certd/certd/commit/2085bcceb61c3723c9bdfec4c4cc0917631ff5e5))
+* ssh 配置sudo免密提示 ([e1e7011](https://github.com/certd/certd/commit/e1e7011853ad0c5bd7b09c3690861d5aa34b2db4))
+
 ## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
 
 ### Bug Fixes

README.md

@@ -1,6 +1,6 @@
 # Certd
 
-[English](./README_en.md) | [中文](./README.md)
+中文 | [English](./README_en.md)
 
 Certd® 是一个免费的全自动证书管理系统，让你的网站证书永不过期。   
 后缀d取自linux守护进程的命名风格，意为证书守护进程
@@ -152,7 +152,7 @@ https://certd.handfree.work/
 
 ## 八、捐赠
 ************************
-支持开源，为爱发电，我已入驻爱发电   
+支持开源，为爱发电，我已入驻爱发电
 https://afdian.com/a/greper
 
 发电权益：
@@ -171,6 +171,7 @@ https://afdian.com/a/greper
 | 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件 | 群晖                             |
 | 通知      | 邮件通知、自定义webhook                       | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
 
+************************
 
 ************************
 

README_en.md

@@ -1,6 +1,6 @@
 # Certd
 
-[English](./README_en.md) | [中文](./README.md)
+[中文](./README.md) | English
 
 Certd® is a free, fully automated certificate management system that ensures your website certificates never expire. The suffix 'd' is inspired by the naming convention of Linux daemons, representing a certificate daemon.
 
@@ -134,6 +134,8 @@ You can also add the author as a friend.
 | QR Code | <img height="230" src="./docs/guide/contact/images/me.png"> |
 
 ## 8. Donation
+************************
+ [![Sponsor](https://img.shields.io/badge/Sponsor-%E2%9D%A4-red)](https://github.com/sponsors/greper)
 ************************
 Support open-source projects and contribute with love. I've joined Afdian.
 https://afdian.com/a/greper

build-dev.trigger

@@ -1 +0,0 @@
-2

build.trigger

@@ -1 +0,0 @@
-23:58

deploy.trigger

@@ -1 +0,0 @@
-5

docker/run/docker-compose.yaml

@@ -11,6 +11,7 @@ services:
       #   ↓↓↓↓↓ -------------------------------------------------------- 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下，【您需要定时备份此目录，以保障数据容灾】
       #                                                                  只要修改冒号前面的，冒号后面的/app/data不要动
       - /data/certd:/app/data
+      #- /volume1/docker/certd:/app/data:delegated  #群晖使用这个配置
       #   ↓↓↓↓↓ -------------------------------------------------------- 如果走时不准，考虑挂载localtime文件
       #- /etc/localtime:/etc/localtime
       #- /etc/timezone:/etc/timezone
@@ -47,6 +48,8 @@ services:
 #     配置规则： certd_ + 配置项, 点号用_代替
 #                                    #↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，docker compose up -d 重建容器之后，管理员密码将改成123456，然后请及时修改回false
       - certd_system_resetAdminPasswd=false
+                        # ↓↓↓ 要使用ipv6，将此配置修改为::
+      - certd_koa_hostname=0.0.0.0
 
 #     默认使用sqlite文件数据库，如果需要使用其他数据库，请设置以下环境变量
 #     注意： 选定使用一种数据库之后，不支持更换数据库。

docs/.vitepress/config.ts

@@ -95,10 +95,10 @@ export default defineConfig({
                         },
                         {
                             text: "插件列表", items: [
-                                {text: "授权提供商", link: "/guide/plugins/access.md"},
                                 {text: "DNS提供商", link: "/guide/plugins/dns-provider.md"},
                                 {text: "任务插件", link: "/guide/plugins/deploy.md"},
                                 {text: "通知插件", link: "/guide/plugins/notification.md"},
+                                {text: "授权提供商", link: "/guide/plugins/access.md"},
                             ]
                         },
                     ]
@@ -107,7 +107,6 @@ export default defineConfig({
                     text: "常见问题",
                     items: [
                         {text: "QA", link: "/guide/qa/use.md"},
-                        {text: "常见报错处理", link: "/guide/qa/"},
                         {text: "群晖证书部署", link: "/guide/use/synology/"},
                         {text: "腾讯云密钥获取", link: "/guide/use/tencent/"},
                         {text: "连接windows主机", link: "/guide/use/host/windows.md"},
@@ -120,6 +119,8 @@ export default defineConfig({
                         {text: "邮箱配置", link: "/guide/use/email/index.md"},
                         {text: "IPv6支持", link: "/guide/use/setting/ipv6.md"},
                         {text: "ESXi", link: "/guide/use/ESXi/index.md"},
+                        {text: "宝塔动态IP白名单", link: "/guide/use/baota/white_list.md"},
+                        {text: "子域名托管", link: "/guide/use/cert/subdomain.md"},
                     ]
                 },
                 {

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,196 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+### Bug Fixes
+
+* 修复站点证书监控复制按钮无效的bug ([efa26a0](https://github.com/certd/certd/commit/efa26a067f06402f30befc016d9934cadcd5a563))
+* 修复lego模式下 私钥加密类型错误的bug ([f7cf7c1](https://github.com/certd/certd/commit/f7cf7c198d7f77b222099770f81accc637bc6619))
+
+### Performance Improvements
+
+* 优化数据备份效率，流式写入文件 ([c38dbbb](https://github.com/certd/certd/commit/c38dbbb1d72bd00a92fe275b76aea82a791e7199))
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+### Bug Fixes
+
+* 修复并发情况下证书申请日志混乱的bug ([bb2714f](https://github.com/certd/certd/commit/bb2714ff241f9db4a71d805b23a1b0f9f2f6413a))
+* 修复网络测试，telnet的bug ([c03a70f](https://github.com/certd/certd/commit/c03a70fde23c8e840bd0fdb4fcbca8990f6c65eb))
+* 修复站点证书监控，证书已经更新到最新日期了，仍然发出警告通知的bug ([1f42f93](https://github.com/certd/certd/commit/1f42f933f07860b27aa3d016e40916ff2b063eac))
+
+### Performance Improvements
+
+*  注册页面增加手机注册tab页签 ([6b2f1fc](https://github.com/certd/certd/commit/6b2f1fcd3e058061b814c3331cda8ce1b2d80d73))
+* 流水线创建时支持添加到证书监控 ([59ba408](https://github.com/certd/certd/commit/59ba4080706548828ef1c0a9cd893c1c9a7d591f))
+* 流水线支持有效期设置 ([911e69e](https://github.com/certd/certd/commit/911e69e3bc0cdd48b62953b5d0981d640fc1f8ac))
+* 群辉增加请求超时时长设置 ([b381492](https://github.com/certd/certd/commit/b3814920bdcabc911f860a8e19b5b9b3a04709ac))
+* 通知支持meow ([c77645e](https://github.com/certd/certd/commit/c77645e1733670214aaca5544cf8759d7e4adda4))
+* 站点证书监控增加导出和分组功能 ([2ed12c4](https://github.com/certd/certd/commit/2ed12c429eb58274a4f9dd0ed3b66e160d283ded))
+* 证书监控增加批量删除 ([e578c52](https://github.com/certd/certd/commit/e578c52fdf2f838038062aa4209b655fbae461fb))
+* esa 自动删除过期证书提示 ([8bf1f82](https://github.com/certd/certd/commit/8bf1f828b9eaa9208f32e8ee7460b86420fed0c7))
+* ssh 增加禁止-i参数提示 ([3a8931f](https://github.com/certd/certd/commit/3a8931feeffd7157163ff7d46b693e5e1a434b9c))
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+### Bug Fixes
+
+* 修复飞牛证书部署后无法生效的bug ([bf156a1](https://github.com/certd/certd/commit/bf156a13bd443cdadb73c9dff79bbef7231b4401))
+* aliyunoss 选择证书接入点选择新加坡无法上传的bug ([e00733a](https://github.com/certd/certd/commit/e00733a34644c23ffe926486b15dc96bf2fa4b57))
+
+### Performance Improvements
+
+* 优化start.sh脚本，去掉删除非ui目录的操作及提示 ([7993a7c](https://github.com/certd/certd/commit/7993a7cdb01885535950c63187e3f67d67ba2f75))
+* 增加飞牛证书id选择的提示 ([5a4d812](https://github.com/certd/certd/commit/5a4d8121462b1afe921d028465687be8c9679814))
+* 证书监控支持设置证书即将过期天数 ([cd35568](https://github.com/certd/certd/commit/cd35568e042e6ab928685efad51cdbed823d2d4f))
+* 支持网络测试 ([2bef608](https://github.com/certd/certd/commit/2bef608e07ceb56d52007f290667e0afef401b22))
+* 支持新网代理方式 ([f612509](https://github.com/certd/certd/commit/f612509cac87b859e81a7a52fe94b2eaccad22f9))
+* dns支持新网互联 ([f415190](https://github.com/certd/certd/commit/f41519048326d971acd9e0a30462231f77a299a6))
+* start.sh脚本支持根据当前系统判断是否使用sudo ([567cb7d](https://github.com/certd/certd/commit/567cb7d737023e26ec58403c6f28f109e212d379))
+
+## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
+
+### Bug Fixes
+
+* 修复版本比较bug ([109696e](https://github.com/certd/certd/commit/109696e965d68c50c8627ffd40203edd1d2daea5))
+* 修复某些情况下cname申请证书报错主域名不一致的bug ([2671781](https://github.com/certd/certd/commit/2671781e1bb0838981728d85eacf0e1a25a0fa48))
+
+### Performance Improvements
+
+* cname主域名校验提示优化，显示不一致的两方便于排查问题 ([6ebb365](https://github.com/certd/certd/commit/6ebb3659f42155e4e8da600c493fb5227cd08137))
+* dns解析支持阿里esa ([9291fa6](https://github.com/certd/certd/commit/9291fa68aa7a88a05c2f888bf3048df36a8fbde3))
+
+# [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
+
+### Features
+
+* @certd/ui-server module import报错的问题 ([0c61d4c](https://github.com/certd/certd/commit/0c61d4c9788677c83c567db5381b9e257ec90bba))
+* dist打包前检查 ([8f6e5bd](https://github.com/certd/certd/commit/8f6e5bd24b3b65fbfcba36c08f532a3abad2d606))
+
+## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
+
+### Bug Fixes
+
+* 固定midwayjs版本，修复ui-server import 错误的bug ([eb4d125](https://github.com/certd/certd/commit/eb4d125eaf4a41e88c752d0c68993829589f8f27))
+
+## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
+
+### Bug Fixes
+
+* 修复 ui-server 加载失败问题 ([c2ccdbe](https://github.com/certd/certd/commit/c2ccdbec9dd08bca4688eeb2f34d0105eec43ba1))
+* 修复 ui-server 加载失败问题 ([063f5c3](https://github.com/certd/certd/commit/063f5c3b55e47df22543a64f02e039e84f92cd14))
+
+### Performance Improvements
+
+* 重置管理员密码同时会关闭验证码，防止验证码失效之后无法登录 ([03899d4](https://github.com/certd/certd/commit/03899d4d9c76fc2077dacc53ab88e2c9ca41af7c))
+
+## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
+
+### Bug Fixes
+
+* 授权页面，id列位置不在第一列的bug ([3f1722d](https://github.com/certd/certd/commit/3f1722d54debcb4849dc14521a2da0d9b304b69f))
+
+### Performance Improvements
+
+* 动态加载验证码script ([dcc396a](https://github.com/certd/certd/commit/dcc396afb7a23aeb8af57c01014b09af5f033e61))
+* 开启子域名托管之后cname记录支持重置 ([54c8d62](https://github.com/certd/certd/commit/54c8d622437761d350db0f17e07f7517f1911211))
+* 手动上传证书优化，增加到期前报错提醒 ([3d42bfd](https://github.com/certd/certd/commit/3d42bfd479eaacc4a49c401224815a6e2a0204b0))
+* 验证码支持测试，登录验证码需要测试通过后才能开启 ([83e6476](https://github.com/certd/certd/commit/83e6476408090b741fabb1b542fb458d9a8b4134))
+* 支持腾讯云验证码 ([03f317f](https://github.com/certd/certd/commit/03f317ffdb6595ce70e8a2302b05f390c52110c8))
+
+## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
+
+### Bug Fixes
+
+* 修复旧版本升级上来报错eab授权的bug ([b76f2e2](https://github.com/certd/certd/commit/b76f2e2008a7fefac4c91179c45c56c7a7a84b71))
+* 选择授权对话框编辑时，名称字段排在最后的bug ([31cfb09](https://github.com/certd/certd/commit/31cfb09468bda3272f5f63af65ff3e9272220b39))
+
+### Performance Improvements
+
+* 7001绑定::地址 ([7188997](https://github.com/certd/certd/commit/7188997dd1979f1c10fa29b30221015e0bd5fe9e))
+* 登录失败时清除验证码状态 ([1c15bea](https://github.com/certd/certd/commit/1c15beadc7fe8a7c6ec1903b7e722ca2f52e05b3))
+* 公共cname支持权限校验 ([9cc5f0f](https://github.com/certd/certd/commit/9cc5f0f889d4362ff36e7a1f0e448e02d32ecee7))
+* 优化连接失败的报错提示 ([71d8e7e](https://github.com/certd/certd/commit/71d8e7edd23ad63fdc01a92766b52ede5074fe7c))
+* 增加自签名证书提示 ([877c9c4](https://github.com/certd/certd/commit/877c9c4ff99f81d289f67afd96f440c0796b03ea))
+* add preferred chain for google trust service ([#539](https://github.com/certd/certd/issues/539)) @ZeroClover ([e31d26a](https://github.com/certd/certd/commit/e31d26a8871c6088d9f8c0f580746ff2a810ae0c))
+* dns支持新网域名解析 ([cf3a78e](https://github.com/certd/certd/commit/cf3a78e1145ff0505c87fbc485d9e731b1aa88a8))
+* gcore flush plugin ssl_id改为必填项 ([4b90972](https://github.com/certd/certd/commit/4b909723411c57505aa13b07d8699fb9ac77c937))
+
+## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
+
+### Bug Fixes
+
+* 修复导入插件对话框无法打开的bug，修复插件编辑页面打开多个代码编辑器消失的bug ([e5a080a](https://github.com/certd/certd/commit/e5a080aebe0d2f3e3c0f86bf863f75069c1bf7ab))
+* 修复ssl.com报EMAILADDRESS数量不对的bug ([c560cc5](https://github.com/certd/certd/commit/c560cc5adda6e15bf3a8865d874042550a6c2688))
+
+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+### Bug Fixes
+
+* 修复商业版退出登录后，丢失站点个性化设置的bug ([d75dd05](https://github.com/certd/certd/commit/d75dd058d65c85f80c49e1fa7a910e6c6f08e824))
+* 修复授权类型和名称字段排到最后的bug ([43b7977](https://github.com/certd/certd/commit/43b79778ea9034065f6a15af3296274315597c6b))
+* 修复证书监控某些情况下报 options.lookup不能为null的bug ([d2ecfe5](https://github.com/certd/certd/commit/d2ecfe5491b2639eb30b5cae293af6062d58bb9f))
+* 修复证书手动托管时新上传的证书无效的bug ([506385e](https://github.com/certd/certd/commit/506385e5a2600887fe30854e0713583caaa2e689))
+* 修复secret patch 类型多了type：的bug ([d04f383](https://github.com/certd/certd/commit/d04f3831611011a90ec0594724b9694490d5edd0))
+
+### Performance Improvements
+
+* 登录支持极验验证码 ([370db62](https://github.com/certd/certd/commit/370db62bf0aece241859244927beabba32d6a257))
+* 登录注册、找回密码都支持极验验证码和图片验证码 ([7bdde68](https://github.com/certd/certd/commit/7bdde68ecea29fe2c570fd3cb082139db6c93d93))
+* 优化加量包展示效果 ([3c65f37](https://github.com/certd/certd/commit/3c65f37d84177ba107d4a6462648af12d2fc4b7a))
+* 证书到期剩余天数进度条根据实际证书有效期计算 ([#528](https://github.com/certd/certd/issues/528)) nicheng-he ([2d4586b](https://github.com/certd/certd/commit/2d4586b1c42c39f97d2a95b9453cca4bc8bfbe61))
+* add preferred chain option ([#519](https://github.com/certd/certd/issues/519))  @ZeroClover  ([902359f](https://github.com/certd/certd/commit/902359f24ed12eee4f9b65178f1d6a60378351d2))
+* ssh配置增加脚本类型设置，bash还是sh ([ae41c60](https://github.com/certd/certd/commit/ae41c6038b27c9476e64a2402a8daf247c38a5b6))
+* start.sh增加sudo ([b7271d7](https://github.com/certd/certd/commit/b7271d7a464773a1bf87d7d1f24d933ba0f86915))
+
+## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)
+
+### Bug Fixes
+
+* 前置任务输出不存在时输出警告提示 ([b59052c](https://github.com/certd/certd/commit/b59052cc43b7b070fabd8b8e914e4c2a5e0ad61c))
+* 修复批量流水线执行时日志显示错乱的问题 ([4372adc](https://github.com/certd/certd/commit/4372adc703b9a4c785664054ab2a533626d815a8))
+* 修复远程数据选择无法过滤的bug ([6cbb073](https://github.com/certd/certd/commit/6cbb0739f8428d51b0712f718fe4d236cc087cf9))
+* 修复mysql下购买套餐加量包无效的bug ([c26ad4c](https://github.com/certd/certd/commit/c26ad4c8075f0606d45b8da13915737968d6191a))
+
+### Performance Improvements
+
+* 创建证书时支持选择通知时机 ([0e96bfd](https://github.com/certd/certd/commit/0e96bfdfa377824d204e72923d1176408ae6b300))
+* 创建k8s secret 时设置type为tls ([79ebabf](https://github.com/certd/certd/commit/79ebabfcfb9e5a534049c84f5f1a642b357fc856))
+* 去掉宝塔url后面的斜杠 ([8a0c2b9](https://github.com/certd/certd/commit/8a0c2b9b13628da750c25757e0cb8ed3038775ba))
+* 商业版隐藏文档相关链接 ([4443a1c](https://github.com/certd/certd/commit/4443a1c0308fa6b95a05efd73d15d24b65d641c9))
+* 商业版隐藏文档相关链接 ([db89561](https://github.com/certd/certd/commit/db8956148083bc4f988226ccf719940d08158a27))
+* 增加健康检查探针  /health/liveliness 和 /health/readiness ([44019e1](https://github.com/certd/certd/commit/44019e104289fedd32a867db00e9c6cb71b389cc))
+* 支持根据id更新证书（证书Id不变接口），不过该接口为白名单功能，普通腾讯云账户无法使用 ([fe9c4f3](https://github.com/certd/certd/commit/fe9c4f3391ff07c01dd9a252225f69a129c39050))
+* 支持godaddy ([b7980aa](https://github.com/certd/certd/commit/b7980aad5ab50f58662eaddf5d84aa82876a98eb))
+* 支持ssl.com证书颁发机构 ([27b6dfa](https://github.com/certd/certd/commit/27b6dfa4d2ab3bddd284c3a34511a72e1a513a4c))
+* 子域名托管说明 ([39a0223](https://github.com/certd/certd/commit/39a02235cf4416bb5bd1acd3831241efeaa2f602))
+* ssh 增加超时断开连接，默认10分钟超时 ([c24a040](https://github.com/certd/certd/commit/c24a040c19cacafc79228d7a7649af93837d94a1))
+
+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+### Bug Fixes
+
+* 更新我爱云CDN域名地址，和部分目录结构 [@tyjsjxh](https://github.com/tyjsjxh)  ([#514](https://github.com/certd/certd/issues/514)) ([78e7a81](https://github.com/certd/certd/commit/78e7a81638c2ee779f0ab6c3ba7e5c6f6e064151))
+* 修复cron选择组件星期显示错误的bug ([eb75e52](https://github.com/certd/certd/commit/eb75e52278f94a72643f7317e6740fb42666c68a))
+* 修复proxmox某些情况下执行卡住的bug ([ebd6917](https://github.com/certd/certd/commit/ebd6917a1d40ae4d94555c32b7e3c093d0599b94))
+
+### Performance Improvements
+
+* 部署到k8s支持自动创建secret ([c09c962](https://github.com/certd/certd/commit/c09c962cb676ca261610aa9f3e5105c9dae43f43))
+* 短信验证码支持腾讯云 ([9108459](https://github.com/certd/certd/commit/9108459ae42bcd95a59acba164a64e82e5f2cfe6))
+* 商业版支持自定义插件的参数配置 ([17f23f3](https://github.com/certd/certd/commit/17f23f37516af925d5049291d67d41e4271f81f8))
+* 腾讯云插件支持国际版 ([58e82d5](https://github.com/certd/certd/commit/58e82d5dbd4ebf089ef239578ef9b68454d17b30))
+* 腾讯云EO插件支持自动获取zoneid和域名列表 ([70fcdc9](https://github.com/certd/certd/commit/70fcdc9ebbfb7c883c0c8a2138f61a0776a9491b))
+* 支持部署到阿里云云原生API网关、AI网关 ([2ca20be](https://github.com/certd/certd/commit/2ca20be197720201fceabcce9d927f4dbc1cc872))
+* 支持部署到华为云obs ([9feb9d0](https://github.com/certd/certd/commit/9feb9d04b3c56ec95c06fcf4fd071eb0e88ffc6f))
+* 支持部署到dokploy ([7dbdeae](https://github.com/certd/certd/commit/7dbdeaebe0bfee7521a863fe5e6b4a712aec5876))
+* 支持删除宝塔证书夹中的过期证书 ([3575113](https://github.com/certd/certd/commit/3575113655be751d19f88c64491e98a89042d6a2))
+* 支持p7b证书格式 ([d9f4a57](https://github.com/certd/certd/commit/d9f4a5793d68a017a5d80ad5385cbda603c4e165))
+* lecdnv2支持api token ([e448934](https://github.com/certd/certd/commit/e4489343fee7754be07bcfc3323969dc3a30e90c))
+* openapi返回证书时挑选匹配范围最小的那一个；增加format参数，增加返回值p7b格式，增加detail返回 ([2085bcc](https://github.com/certd/certd/commit/2085bcceb61c3723c9bdfec4c4cc0917631ff5e5))
+* ssh 配置sudo免密提示 ([e1e7011](https://github.com/certd/certd/commit/e1e7011853ad0c5bd7b09c3690861d5aa34b2db4))
+
 ## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
 
 ### Bug Fixes

docs/guide/index.md

@@ -5,6 +5,9 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 
 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具
 
+
+![首页](../images/start/home.png)
+
 ## 1、关于证书续期
 >* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
 >* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
@@ -15,7 +18,7 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。
 
 * 全自动申请证书（支持所有注册商注册的域名，支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式）
-* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等70+部署插件）
+* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等100+部署插件）
 * 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
 * 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
 * 私有化部署，数据保存本地，安装升级非常简单快捷

docs/guide/install/baota/index.md

@@ -21,13 +21,13 @@
 
 #### 2.2 容器编排方式部署
 
-1. 打开`docker-compose.yaml`,整个内容复制下来    
+1. 打开`docker-compose.yaml`,整个内容复制下来
    https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
 
 
-然后到宝塔里面进到docker->容器编排->添加容器编排   
-![](./images/1.png)   
-点击确定，等待启动完成   
+然后到宝塔里面进到docker->容器编排->添加容器编排
+![](./images/1.png)
+点击确定，等待启动完成
 ![](./images/2.png)
 
 > certd默认使用sqlite数据库，另外支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
@@ -35,16 +35,16 @@
 
 ## 二、访问应用
 
-http://ip:7001    
-https://ip:7002     
-默认账号密码    
-admin/123456   
+http://ip:7001
+https://ip:7002
+默认账号密码
+admin/123456
 登录后请及时修改密码
 
 ## 三、如何升级
 宝塔升级certd非常简单
 
-打开容器页面： `docker`->`容器编排`->`左侧选择Certd`->`更新镜像`     
+打开容器页面： `docker`->`容器编排`->`左侧选择Certd`->`更新镜像`
 
 ![img.png](./images/upgrade.png)
 
@@ -80,5 +80,8 @@ admin/123456
 ### 1. 无法访问Certd
 1. 确认服务器的安全规则，是否放开了对应端口
 2. 确认宝塔防火墙是否放开对应端口
-3. 尝试将Certd容器加入宝塔的`bridge`网络 
-![](./images/network.png)
+3. 尝试将Certd容器加入宝塔的`bridge`网络
+![](./images/network.png)
+
+### 2. 动态IP无法加白名单问题
+[Nginx代理解决方案](../../use/baota/white_list.md)

docs/guide/install/source/index.md

@@ -11,8 +11,11 @@
 git clone https://github.com/certd/certd --depth=1
 # git checkout v1.x.x  # 当v2主干分支代码无法正常启动时，可以尝试此命令，1.x.x换成最新版本号
 cd certd
+
 # 启动服务
-./start.sh  
+./start.sh
+
+
 
 ```
 >如果是windows，请先安装`git for windows` ，然后右键，选择`open git bash here`打开终端，再执行`./start.sh`命令
@@ -21,9 +24,9 @@ cd certd
 
 ### 访问测试
 
-http://your_server_ip:7001  
-https://your_server_ip:7002   
-默认账号密码：admin/123456    
+http://your_server_ip:7001
+https://your_server_ip:7002
+默认账号密码：admin/123456
 记得修改密码
 
 
@@ -37,7 +40,7 @@ cp -rf ./packages/ui/certd-server/data ../certd-data-backup
 
 git pull
 # 如果提示pull失败，可以尝试强制更新
-# git checkout v2 -f && git pull 
+# git checkout v2 -f && git pull
 
 # 先停止旧的服务,7001是certd的默认端口
 kill -9 $(lsof -t -i:7001)
@@ -45,16 +48,31 @@ kill -9 $(lsof -t -i:7001)
 ./start.sh
 
 ```
-::: warning   
-升级certd版本前，切记切记先备份一下数据    
+::: warning
+升级certd版本前，切记切记先备份一下数据
 :::
 
 
 ## 三、数据备份
-> 数据默认保存在 `./packages/ui/certd-server/data` 目录下    
+> 数据默认保存在 `./packages/ui/certd-server/data` 目录下
 > 建议配置一条[数据库备份流水线](../../use/backup/)  自动备份
 
 
 ## 四、备份恢复
 
 将备份的`db.sqlite`及同目录下的其他文件覆盖到原来的位置，重启certd即可
+
+## 六、常见问题
+
+### 1. npm install better-sqlite3 时，提示node-gyp需要vscode环境编译
+
+1. 首先确保node版本为22以上
+2. 将下面两行加到  ~/.npmrc 里面
+3. 重新install
+> better_sqlite3_binary_host=https://registry.npmmirror.com/-/binary/better-sqlite3
+> better_sqlite3_binary_host_mirror=https://registry.npmmirror.com/-/binary/better-sqlite3
+
+
+
+
+

docs/guide/open/index.md

@@ -9,6 +9,7 @@
 
 https://apifox.com/apidoc/shared-2e76f8c4-7c58-413b-a32d-a1316529af44/254949529e0
 
+
 ## Token生成方法
 
 header中传入x-certd-token即可调用开放接口   
@@ -17,6 +18,12 @@ header中传入x-certd-token即可调用开放接口
 3、将content加上keySecret进行签名： sign = md5(content + keySecret)   
 4、然后将content和sign分别base64后用.号连接： x-certd-token = base64(content) +"."+base64(sign)   
 
+
+## 补充说明
+1.证书申请接口支持证书id和域名两种方式获取证书。
+2.autoApply=true将在没有证书时自动触发申请，申请过程中会提示`正在申请中`，可轮循获取状态，直到证书申请成功。
+
+
 ## SDK
 待开发
 

docs/guide/plugins/access.md

@@ -2,50 +2,69 @@
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **阿里云授权** |  | 
-| 2.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
-| 3.| **google cloud** | 谷歌云授权 | 
-| 4.| **主机登录授权** |  | 
-| 5.| **SFTP授权** |  | 
-| 6.| **阿里云OSS授权** | 包含地域和Bucket | 
-| 7.| **FTP授权** |  | 
-| 8.| **腾讯云** |  | 
-| 9.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
-| 10.| **七牛云授权** |  | 
-| 11.| **七牛OSS授权** |  | 
-| 12.| **天翼云授权** |  | 
-| 13.| **s3/minio授权** | S3/minio oss授权 | 
-| 14.| **baota授权** |  | 
-| 15.| **易盾DCDN授权** | https://user.yiduncdn.com | 
-| 16.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
-| 17.| **易发云短信** | sms.yfyidc.cn/ | 
-| 18.| **cdnfly授权** |  | 
-| 19.| **群晖登录授权** |  | 
-| 20.| **k8s授权** |  | 
-| 21.| **1panel授权** | 账号和密码 | 
-| 22.| **百度云授权** |  | 
-| 23.| **LeCDN授权** |  | 
-| 24.| **白山云授权** |  | 
-| 25.| **plesk授权** |  | 
-| 26.| **易支付** |  | 
-| 27.| **支付宝** |  | 
-| 28.| **微信支付** |  | 
-| 29.| **长亭雷池授权** |  | 
-| 30.| **lucky** |  | 
-| 31.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 32.| **uniCloud** | unicloud授权 | 
-| 33.| **华为云授权** |  | 
-| 34.| **西部数码授权** |  | 
-| 35.| **多吉云** |  | 
-| 36.| **我爱云授权** | 我爱云CDN | 
-| 37.| **CacheFly** | CacheFly | 
-| 38.| **Gcore** | Gcore | 
-| 39.| **亚马逊云aws授权** |  | 
-| 40.| **dns.la授权** |  | 
-| 41.| **又拍云** |  | 
-| 42.| **火山引擎** |  | 
-| 43.| **京东云** |  | 
-| 44.| **51dns授权** |  | 
+| 1.| **主机登录授权** |  | 
+| 2.| **阿里云授权** |  | 
+| 3.| **阿里云ESA授权** |  | 
+| 4.| **腾讯云** |  | 
+| 5.| **华为云授权** |  | 
+| 6.| **火山引擎** |  | 
+| 7.| **京东云** |  | 
+| 8.| **七牛云授权** |  | 
+| 9.| **天翼云授权** |  | 
+| 10.| **baota授权** |  | 
+| 11.| **百度云授权** |  | 
+| 12.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
+| 13.| **google cloud** | 谷歌云授权 | 
+| 14.| **SFTP授权** |  | 
+| 15.| **阿里云OSS授权** | 包含地域和Bucket | 
+| 16.| **FTP授权** |  | 
+| 17.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
+| 18.| **七牛OSS授权** |  | 
+| 19.| **s3/minio授权** | S3/minio oss授权 | 
+| 20.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
+| 21.| **易盾DCDN授权** | https://user.yiduncdn.com | 
+| 22.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 23.| **易发云短信** | sms.yfyidc.cn/ | 
+| 24.| **cdnfly授权** |  | 
+| 25.| **群晖登录授权** |  | 
+| 26.| **k8s授权** |  | 
+| 27.| **1panel授权** | 账号和密码 | 
+| 28.| **LeCDN授权** |  | 
+| 29.| **白山云授权** |  | 
+| 30.| **plesk授权** |  | 
+| 31.| **易支付** |  | 
+| 32.| **支付宝** |  | 
+| 33.| **微信支付** |  | 
+| 34.| **长亭雷池授权** |  | 
+| 35.| **lucky** |  | 
+| 36.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 37.| **uniCloud** | unicloud授权 | 
+| 38.| **猫云授权** |  | 
+| 39.| **西部数码授权** |  | 
+| 40.| **多吉云** |  | 
+| 41.| **我爱云授权** | 我爱云CDN | 
+| 42.| **CacheFly** | CacheFly | 
+| 43.| **Gcore** | Gcore | 
+| 44.| **亚马逊云aws授权** |  | 
+| 45.| **亚马逊云科技（国区）授权** |  | 
+| 46.| **dns.la授权** |  | 
+| 47.| **又拍云** |  | 
+| 48.| **51dns授权** |  | 
+| 49.| **FlexCDN授权** |  | 
+| 50.| **farcdn授权** |  | 
+| 51.| **cloudflare授权** |  | 
+| 52.| **Github授权** |  | 
+| 53.| **namesilo授权** |  | 
+| 54.| **proxmox** |  | 
+| 55.| **网宿授权** |  | 
+| 56.| **金山云授权** |  | 
+| 57.| **APISIX授权** |  | 
+| 58.| **Dokploy授权** |  | 
+| 59.| **godaddy授权** |  | 
+| 60.| **新网授权** |  | 
+| 61.| **新网授权（代理方式）** |  | 
+| 62.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
+| 63.| **雨云授权** | https://app.rainyun.com/ | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/deploy.md

@@ -1,5 +1,5 @@
 # 任务插件
-共 `70` 款任务插件    
+共 `102` 款任务插件    
 ## 1. 证书申请
 
 | 序号 | 名称 | 说明 |
@@ -15,6 +15,8 @@
 | 2.| **IIS-部署到IIS站点** |  | 
 | 3.| **主机-执行远程主机脚本命令** | 可以执行重启nginx等操作让证书生效 | 
 | 4.| **主机-部署证书到SSH主机** | SFTP上传证书到主机，然后SSH执行部署脚本命令 | 
+| 5.| **主机-复制到本机** | 【仅管理员使用】实际上是复制证书到docker容器内的某个路径，需要做目录映射到宿主机 | 
+| 6.| **上传证书到对象存储OSS** | 支持阿里云OSS、腾讯云COS、七牛云KODO、S3、MinIO、FTP、SFTP | 
 ## 3. CDN
 
 | 序号 | 名称 | 说明 |
@@ -22,33 +24,44 @@
 | 1.| **易盾-部署到易盾DCDN** | 主要是防御，http://user.yiduncdn.com/ | 
 | 2.| **易盾-部署到易盾RCDN** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
 | 3.| **cdnfly-部署证书到cdnfly** | cdnfly | 
-| 4.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
-| 5.| **LeCDN-更新证书** |  | 
-| 6.| **LeCDN-更新证书V2** | 支持新版本LeCDN | 
-| 7.| **白山云-更新证书** |  | 
-| 8.| **天翼云-部署证书到CDN** | 部署证书到天翼云CDN和全站加速 | 
-| 9.| **括彩云-部署到括彩云CDN** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 10.| **多吉云-部署到多吉云CDN** |  | 
-| 11.| **我爱云-部署证书到我爱云CDN** | 部署证书到我爱云CDN | 
-| 12.| **CacheFly-部署证书到CacheFly** | 部署证书到 CacheFly | 
-| 13.| **Gcore-部署证书到Gcore** | 仅上传 并不会部署到cdn | 
-| 14.| **Gcore-刷新Gcore证书** | 刷新现有的证书 | 
-| 15.| **又拍云-部署证书到CDN/USS** | 支持又拍云CDN，又拍云云存储USS | 
+| 4.| **LeCDN-更新证书** |  | 
+| 5.| **LeCDN-更新证书V2** | 支持新版本LeCDN | 
+| 6.| **白山云-更新证书** |  | 
+| 7.| **天翼云-部署证书到CDN** | 部署证书到天翼云CDN和全站加速 | 
+| 8.| **括彩云-部署到括彩云CDN** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 9.| **多吉云-部署到多吉云CDN** |  | 
+| 10.| **我爱云-部署证书到我爱云CDN** | 部署证书到我爱云CDN | 
+| 11.| **CacheFly-部署证书到CacheFly** | 部署证书到 CacheFly | 
+| 12.| **Gcore-部署证书到Gcore** | 仅上传 并不会部署到cdn | 
+| 13.| **Gcore-刷新Gcore证书** | 刷新现有的证书 | 
+| 14.| **又拍云-部署证书到CDN/USS** | 支持又拍云CDN，又拍云云存储USS | 
+| 15.| **FlexCDN-更新证书** |  | 
+| 16.| **farcdn-更新证书** | www.farcdn.net | 
+| 17.| **雨云-更新证书** | app.rainyun.com | 
+| 18.| **网宿-更新证书** | 网宿证书自动更新 | 
+| 19.| **金山云-更新CDN证书** | 金山云自动更新CDN证书 | 
+| 20.| **APISIX-更新证书** | 自动更新APISIX证书 | 
 ## 4. 面板
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
-| 2.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持网站站点、docker站点等 | 
-| 3.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
-| 4.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
-| 5.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
-| 6.| **1Panel-部署证书到1Panel** | 更新1Panel的证书 | 
-| 7.| **Plesk-部署Plesk网站证书** |  | 
-| 8.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
-| 9.| **lucky-更新Lucky证书** |  | 
-| 10.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
-| 11.| **威联通-部署证书到威联通** | 部署证书到qnap | 
+| 2.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持宝塔网站站点、docker站点等。本插件也支持aaPanel。 | 
+| 3.| **宝塔-WAF证书部署** | 部署宝塔云WAF/aaWAF | 
+| 4.| **宝塔win-网站证书部署** | 部署到Windows版宝塔管理的站点的ssl证书 | 
+| 5.| **宝塔-删除过期证书** | 删除证书夹中过期证书 | 
+| 6.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
+| 7.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
+| 8.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
+| 9.| **1Panel-部署证书到1Panel** | 更新1Panel的证书 | 
+| 10.| **Plesk-部署Plesk网站证书** |  | 
+| 11.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
+| 12.| **lucky-更新Lucky证书** |  | 
+| 13.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
+| 14.| **威联通-部署证书到威联通** | 部署证书到qnap | 
+| 15.| **飞牛NAS-部署证书** |  | 
+| 16.| **Proxmox-上传证书到Proxmox** |  | 
+| 17.| **Dokploy-更新证书** | 自动更新Dokploy证书 | 
 ## 5. 阿里云
 
 | 序号 | 名称 | 说明 |
@@ -57,18 +70,24 @@
 | 2.| **阿里云-部署至任意云资源** | 【不建议使用】需要消耗阿里云自动部署次数，支持SLB、LIVE、webHosting、VOD、CR、DCDN、DDoS、CDN、ALB、APIGateway、FC、GA、MSE、NLB、OSS、SAE、WAF等云产品 | 
 | 3.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
 | 4.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
-| 5.| **阿里云-部署证书至OSS** | 自动部署域名证书至阿里云OSS | 
-| 6.| **阿里云-上传证书到阿里云** | 如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
+| 5.| **阿里云-部署证书至OSS** | 部署域名证书至阿里云OSS自定义域名，不是上传到阿里云oss | 
+| 6.| **阿里云-上传证书到阿里云CAS** | 上传证书到阿里云数字证书管理服务（CAS），注意：不会部署到任何应用上；如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
 | 7.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
 | 8.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
 | 9.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
-| 10.| **阿里云-部署至SLB(传统负载均衡)** | 部署证书到阿里云SLB(传统负载均衡) | 
-| 11.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0）,【注意】证书的加密算法必须选择【pkcs1旧版】 | 
+| 10.| **阿里云-部署至CLB(传统负载均衡)** | 部署证书到阿里云CLB(传统负载均衡) | 
+| 11.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0） | 
+| 12.| **阿里云-部署至ESA** | 部署证书到阿里云ESA(边缘安全加速)，自动删除过期证书 | 
+| 13.| **阿里云-部署至VOD** | 部署证书到阿里云视频点播（vod） | 
+| 14.| **阿里云-部署证书至API网关** | 自动部署域名证书至阿里云API网关（APIGateway） | 
+| 15.| **阿里云-部署至云原生API网关/AI网关** | 自动部署域名证书至云原生API网关、AI网关 | 
 ## 6. 华为云
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **华为云-部署证书至CDN** |  | 
+| 2.| **华为云-上传证书至CCM** | 上传证书到华为云云证书管理（CCM） | 
+| 3.| **华为云-部署证书至OBS** |  | 
 ## 7. 腾讯云
 
 | 序号 | 名称 | 说明 |
@@ -79,9 +98,15 @@
 | 4.| **腾讯云-部署到CDN-v2** | 推荐使用 | 
 | 5.| **腾讯云-上传证书到腾讯云** | 上传成功后输出：tencentCertId | 
 | 6.| **腾讯云-部署证书到COS** | 部署到腾讯云COS源站域名证书【注意：很不稳定，需要重试很多次偶尔才能成功一次】 | 
-| 7.| **腾讯云-部署到腾讯云EO** | 腾讯云边缘安全加速平台EO，必须配置上传证书到腾讯云任务 | 
+| 7.| **腾讯云-部署到腾讯云EO** | 腾讯云边缘安全加速平台EdgeOne(EO)，必须配置上传证书到腾讯云任务 | 
 | 8.| **腾讯云-删除即将过期证书** | 仅删除未使用的证书 | 
-| 9.| **腾讯云-部署到TKE-ingress** | serverless集群请使用K8S部署插件；Qcloud类型需要【上传到腾讯云】作为前置任务；ApiServer未开启外网访问则需要做域名的内网IP映射 | 
+| 9.| **腾讯云-部署到TKE** | 修改TKE集群密钥配置，支持Opaque和TLS证书类型。注意：
+1. serverless集群请使用K8S部署插件；
+2. Opaque类型需要【上传到腾讯云】作为前置任务；
+3. ApiServer需要开通公网访问（或者certd可访问），实际上底层仍然是通过KubeClient进行部署 | 
+| 10.| **腾讯云-部署到腾讯云直播** | https://console.cloud.tencent.com/live/ | 
+| 11.| **腾讯云-实例开关机** | 腾讯云实例开关机 | 
+| 12.| **腾讯云-更新证书(Id不变)** | 根据证书id一键更新腾讯云证书并自动部署（Id不变），注意该接口为腾讯云白名单功能，非白名单用户无法使用该功能 | 
 ## 8. 火山引擎
 
 | 序号 | 名称 | 说明 |
@@ -91,6 +116,8 @@
 | 3.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 | 
 | 4.| **火山引擎-部署证书至ALB** | 部署至火山引擎应用负载均衡 | 
 | 5.| **火山引擎-部署证书至Live** | 部署至火山引擎视频直播 | 
+| 6.| **火山引擎-部署证书至DCDN** | 部署至火山引擎全站加速 | 
+| 7.| **火山引擎-部署证书至VOD** | 部署至火山引擎视频点播(暂不可用) | 
 ## 9. 京东云
 
 | 序号 | 名称 | 说明 |
@@ -98,26 +125,43 @@
 | 1.| **京东云-部署证书至CDN** | 京东云内容分发网络 | 
 | 2.| **京东云-更新已有证书** | 更新SSL数字证书中的证书 | 
 | 3.| **京东云-上传新证书** | 上传证书到SSL数字证书中心 | 
-## 10. 七牛云
+## 10. 百度云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
+| 2.| **百度云-部署证书到负载均衡** | 部署到百度云负载均衡，包括BLB、APPBLB | 
+| 3.| **百度云-上传到证书托管** | 上传证书到百度云证书托管中心 | 
+## 11. 七牛云
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **七牛云-部署证书至OSS** | 自动部署域名证书至七牛云KODO，注意是自定义源站域名，不是CDN域名 | 
-| 2.| **七牛云-部署证书至CDN** | 自动部署域名证书至七牛云CDN | 
-## 11. 亚马逊云
+| 2.| **七牛云-部署证书至CDN/DCDN** | 自动部署域名证书至七牛云CDN、DCDN | 
+| 3.| **七牛云-上传证书到七牛云** | 上传到七牛云 | 
+## 12. 亚马逊云
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **AWS-部署证书到CloudFront** | 部署证书到 AWS CloudFront | 
-## 12. 其他
+| 2.| **AWS-上传证书到ACM** | 上传证书 AWS ACM | 
+| 3.| **AWS(国区)-部署证书到CloudFront** | 部署证书到 AWS CloudFront | 
+## 13. 其他
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **Demo-测试插件** |  | 
-| 2.| **重启 Certd** | 【仅管理员可用】 重启 certd的https服务，用于更新 Certd 的 ssl 证书 | 
-| 3.| **自定义js脚本** | 【仅管理员】运行自定义js脚本执行 | 
-| 4.| **等待** | 等待一段时间 | 
-| 5.| **数据库备份** | 仅支持备份SQLite数据库 | 
+| 2.| **等待** | 等待一段时间 | 
+| 3.| **邮件发送证书** | 通过邮件发送证书 | 
+| 4.| **webhook方式部署证书** | 调用webhook部署证书 | 
+| 5.| **Github-检查Release版本** | 检查最新Release版本并推送消息 | 
+## 14. 管理
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **重启 Certd** | 【仅管理员可用】 重启 certd的https服务，用于更新 Certd 的 ssl 证书 | 
+| 2.| **自定义js脚本** | 【仅管理员】运行自定义js脚本执行 | 
+| 3.| **数据库备份** | 【仅管理员可用】仅支持备份SQLite数据库 | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/dns-provider.md

@@ -3,13 +3,21 @@
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
 | 1.| **阿里云** | 阿里云DNS解析提供商 | 
-| 2.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
-| 3.| **华为云** | 华为云DNS解析提供商 | 
-| 4.| **西部数码** | west dns provider | 
-| 5.| **dns.la** | dns.la | 
-| 6.| **火山引擎** | 火山引擎DNS解析提供商 | 
-| 7.| **京东云** | 京东云DNS解析提供商 | 
-| 8.| **51dns** | 51DNS | 
+| 2.| **阿里ESA** | 阿里ESA DNS解析 | 
+| 3.| **火山引擎** | 火山引擎DNS解析提供商 | 
+| 4.| **京东云** | 京东云DNS解析提供商 | 
+| 5.| **新网** | 新网域名解析 | 
+| 6.| **新网(代理方式)** | 新网域名解析(代理方式) | 
+| 7.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
+| 8.| **华为云** | 华为云DNS解析提供商 | 
+| 9.| **西部数码** | west dns provider | 
+| 10.| **dns.la** | dns.la | 
+| 11.| **雨云** | 雨云DNS解析提供商 | 
+| 12.| **cloudflare** | cloudflare dns provider | 
+| 13.| **namesilo** | namesilo dns provider | 
+| 14.| **godaddy** | GoDaddy | 
+| 15.| **51dns** | 51DNS | 
+| 16.| **新网互联** | 新网互联 | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/notification.md

@@ -2,10 +2,10 @@
 
 | 序号 | 名称 | 说明 |
 |-----|-----|-----|
-| 1.| **企业微信通知** | 企业微信群聊机器人通知 | 
-| 2.| **电子邮件** | 电子邮件通知 | 
-| 3.| **爱语飞飞微信通知(iyuu)** | https://iyuu.cn/ | 
-| 4.| **自定义webhook** | 根据模版自定义http请求 | 
+| 1.| **电子邮件** | 电子邮件通知 | 
+| 2.| **自定义webhook** | 根据模版自定义http请求 | 
+| 3.| **企业微信通知** | 企业微信群聊机器人通知 | 
+| 4.| **爱语飞飞微信通知(iyuu)** | https://iyuu.cn/ | 
 | 5.| **Server酱ᵀ** | https://sct.ftqq.com/ | 
 | 6.| **Server酱³** | https://doc.sc3.ft07.com/serverchan3 | 
 | 7.| **AnPush** | https://anpush.com | 
@@ -14,6 +14,10 @@
 | 10.| **Slack通知** | Slack消息推送通知 | 
 | 11.| **Bark 通知** | Bark 推送通知插件 | 
 | 12.| **飞书通知** | 飞书群聊webhook通知 | 
+| 13.| **钉钉通知** | 钉钉群聊通知 | 
+| 14.| **VoceChat通知** | https://voce.chat | 
+| 15.| **OneBot V11 通知** | 通过动态拼接URL发送 OneBot V11 协议消息 | 
+| 16.| **MeoW通知** | https://api.chuckfang.com/ | 
 
 <style module>
 table th:first-of-type {

docs/guide/qa/index.md

@@ -1,81 +0,0 @@
-# 常见报错解决
-
-## 1. getaddrinfo ENOTFOUND错误
-如果出现`getaddrinfo ENOTFOUND`/`getaddrinfo EAI_AGAIN`错误，可以尝试在`docker-compose.yaml`中设置dns
-```yaml
-version: '3.3' # 兼容旧版docker-compose
-services:
-  certd:
-    #↓↓↓↓ ------------ # 如果出现getaddrinfo ENOTFOUND 或 EAI_AGAIN错误，可以尝试设置dns
-    dns:
-      - 223.5.5.5      # 阿里云公共dns
-      - 223.6.6.6
-#       # ↓↓↓↓ ------- # 如果你服务器在腾讯云，可以用这个替换上面阿里云的公共dns
-#      - 119.29.29.29  # 腾讯云公共dns
-#      - 182.254.116.116
-#       # ↓↓↓↓ ------- # 如果你服务器部署在国外，可以用这个替换上面阿里云的公共dns
-#      - 8.8.8.8       # 谷歌公共dns
-#      - 8.8.4.4
-```
-
-如果仍然有问题,按如下步骤检查是否能够ping通域名
-```shell
-docker exec -it certd /bin/sh
-ping www.baidu.com
-ping gg.px.certd.handfree.work
-ping app.handfree.work
-```
-
-如果您是宝塔部署的
-可以试试将容器网络加入brige网络，看是否解决问题
-![img.png](images/baota-net.png)
-
-如果还是不行，请联系我们
-
-
-## 2. 连接IPv6超时
-docker-compose 需要放开IPv6网络的配置
-```yaml
-services:
-  certd:
-    networks:
-      - ip6net
-#    ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络，还需要把上面networks的注释放开
-networks:
-  ip6net:
-    enable_ipv6: true
-    ipam:
-      config:
-        - subnet: 2001:db8::/64
-
-```
-
-## 3. SSL_CERT_NOT_MATCH_DOMAIN_ERROR
-部署证书任务报类似 `SSL_CERT_NOT_MATCH_DOMAIN_ERROR`错误
-这是由于当前流水线的证书域名与要部署的目标站点的域名不匹配导致的，在申请证书任务中，增加目标站点域名，重新运行流水线即可
-
-
-## 4. 没有服务器配置文件，请检查是否开启了外网映射！
-宝塔网站证书部署报错：`Error: 没有服务器配置文件，请检查是否开启了外网映射！`    
-解决方案：先手动在宝塔网站中设置一次证书    
-
-
-## 5. 如何查看容器日志
-```shell
-docker logs -f --tail 200 certd
-```
-
-## 6. 容器内走时不准，或者时区不对
-走时不准确，慢慢偏差越来越大    
-或者整个时区都不对    
-可以尝试挂载localtime文件
-```yaml
-    volumes:
-      #   ↓↓↓↓↓ -------------------- 如果走时不准，请尝试挂载localtime文件
-      - /etc/localtime:/etc/localtime
-      - /etc/timezone:/etc/timezone
-```
-
-
-
-

docs/guide/qa/use.md

@@ -1,4 +1,4 @@
-# 使用问题
+# 常见问题
 
 
 ## 1. 是否支持IP证书
@@ -7,8 +7,40 @@
 
 
 ## 2. 建议设置多长时间运行一次流水线
-建议每天运行一次，检查证书过期时间    
+建议每天运行一次，检查证书过期时间
 当证书没过期时，自动跳过部署
 当证书到期前35天（创建流水线时可以修改），将会自动重新申请证书，自动部署
 
 
+## 3. too many certificates 错误
+当出现如下报错时，说明相同的域名短时间内申请超过5次
+解决方案：可以加多一个子域名，重新执行就可以规避次错误
+```
+"detail": too many certificates (5) already issued for this exact set of idantifiers in the last 168hm0s
+```
+
+## 4. ssl.com报错  CAA record does not include ssl.com which is required to issue the certificate
+ssl.com申请证书要求必须设置CAA记录，表示允许ssl.com为该域名颁发证书
+请按如下格式添加CAA记录
+
+| 示例    | 类型  | 域名前缀 | flag      | tag    | 值                    |
+|-------|-----| -- |-----------|--------|----------------------|
+| 顶级域名  | CAA | @ | 0         | issue  |  "ssl.com"  （注意有双引号） |
+| 一级泛域名 | CAA | * | 0         | issue/issuewild | "ssl.com" |
+| 固定子域名 | CAA | sub |  0         | issue  |"ssl.com" |
+
+## 5. address family not supported
+启动时出现此错误，是由于您的服务器不支持绑定ipv6地址
+
+请配置环境变量 certd_koa_hostname=0.0.0.0
+
+在docker-compose.yml中添加如下配置
+
+```yaml
+service:
+  certd:
+    environment:
+      certd_koa_hostname: 0.0.0.0
+```
+
+

docs/guide/start.md

@@ -7,10 +7,16 @@
 
 https://certd.handsfree.work/
 
-> 注意数据将不定期清理，不定期停止定时任务，生产使用请自行部署    
+注册 -> 创建证书流水线 -> 添加部署任务 -> 测试运行
+
+> 注意demo的数据将不定期清理，生产使用请自行部署    
 > 包含敏感信息，务必自己本地部署进行生产使用
 
 
+![首页](../images/start/home-2.png)
+
+
+
 ## 二、私有化部署
 
 由于证书、授权信息等属于高度敏感数据，请务必私有化部署，保障数据安全

docs/guide/use/baota/white_list.md

@@ -0,0 +1,98 @@
+# 宝塔IP白名单与动态IP问题
+调用宝塔接口需要添加IP白名单，但当certd部署在动态IP环境下时，IP白名单就不好添加
+本章节提供两种解决方案：
+1. 小范围网段放开（简单）
+2. nginx代理
+
+## 一、放开小范围网段
+
+家庭网络IP虽然会变动，但是只会在小范围变的。
+
+你可以分析规律，将变动的部分，设置成网段即可
+
+> 比如出现过： 100.25.1.5 ， 100.25.1.8
+>
+> 那么你可以配置 100.25.1.1-100.25.1.255
+
+
+> 如果出现过： 100.25.1.5 ， 100.25.4.8
+>
+> 可以尝试配置 100.25.*.5
+
+## 二、nginx代理方案
+
+通过在宝塔中配置一个nginx反向代理，代理宝塔自己的地址
+
+然后在nginx中配置放开certd需要的接口，缩小影响范围
+
+让nginx来充当防火墙
+
+架构图如下：
+```
+                    只要将127.0.0.1加入白名单即可
+                                ↓
+certd --------> nginx -------> 宝塔
+                  ↑
+         拦截除更新证书之外的地址
+```
+
+### 1. 添加nginx反向代理
+![](./images/white-1.png)
+
+### 2. 域名和代理目标
+![](./images/white-2.png)
+
+### 3. 设置放开哪些接口
+![](./images/white-3.png)
+![img.png](images/white-4.png)
+将如下脚本填入上方文本域中，保存
+```nginx configuration
+set $allow_access false;
+
+    # 检查请求的URI是否在白名单中
+   if ($request_uri ~* "^/(site\?action=get_site_types)") {
+        # 允许测试
+        set $allow_access true;
+    }
+    if ($request_uri ~* "^/(config\?action=SavePanelSSL)") {
+        # 允许部署到宝塔面板本身证书
+        set $allow_access true;
+    }
+
+    if ($request_uri ~* "^/(mod/docker/com/set_ssl|site\?action=SetSSL|ssl\?action=GetSiteDomain|mod/docker/com/get_site_list)") {
+        # 允许部署宝塔网站证书
+        set $allow_access true;
+    }
+
+    if ($request_uri ~* "^/(ssl?action=remove_cloud_cert|ssl\?action=get_cert_list)") {
+        # 允许删除宝塔过期证书
+        set $allow_access true;
+    }
+
+    if ($request_uri ~* "^/(datalist/get_data_list|site/set_site_ssl)") {
+        set $allow_access true;
+    }
+
+    # 如果不在白名单，返回403禁止访问
+    if ($allow_access = false) {
+        return 405;
+    }
+
+```
+
+
+### 4. 接口IP白名单添加127.0.0.1
+   ![img.png](images/white-5.png)
+
+### 5. certd中宝塔授权配置改成新的这个域名地址
+
+![img.png](images/white-6.png)
+点击测试检查是否ok ，到这里就可以正常部署证书了
+
+### 6. 安全加强（将请求地址改成https）
+在宝塔中配置证书部署任务，选择刚才新建的这个网站，给他部署证书
+勾选强制https
+![img.png](images/white-safe-1.png)
+更换443端口【可选】
+![img.png](images/white-safe-2.png)
+禁止http访问

docs/guide/use/cert/subdomain.md

@@ -0,0 +1,10 @@
+# 二级子域名托管
+如果你的域名是免费的二级域名（比如：sub.handsfree.work），托管在CF或者阿里云上
+在使用DNS方式校验时需要设置子域名托管
+
+[阿里云子域名托管说明](https://help.aliyun.com/zh/dns/pubz-subdomain-management)
+
+
+![img.png](./images/subdomain1.png)
+
+![img_1.png](./images/subdomain2.png)

docs/guide/use/synology/index.md

@@ -18,6 +18,12 @@
 ### 3. 配置Certd项目
 
 ![](./images/3.png)
+建议加上 `:delegated` 提升性能
+```yaml
+  volumes:
+                                          ↓↓↓↓------加上这个提升性能
+    - /volume1/docker/certd:/app/data:delegated
+```
 
 ### 4. 外网访问设置
 

docs/index.md

@@ -24,13 +24,13 @@ features:
   - title: 全自动申请证书
     details: 支持所有注册商注册的域名
   - title: 全自动部署证书
-    details: 支持部署到主机、阿里云、腾讯云等，目前已支持60+部署插件
+    details: 支持部署到主机、阿里云、腾讯云等，目前已支持100+部署插件
   - title: 多域名、泛域名打到一个证书上
     details: 支持通配符域名/泛域名，支持多个域名打到一个证书上
   - title: 多证书格式支持
     details: 支持pem、pfx、der、jks等多种证书格式，支持Google、Letsencrypt、ZeroSSL证书颁发机构
-  - title: 支持私有化部署
-    details: 授权数据加密存储，保障数据安全
-  - title: 多数据库支持
-    details: 支持SQLite、Postgresql、MySQL数据库
+  - title: 私有化部署，数据安全
+    details: 授权数据加密存储，保障数据安全，支持SQLite、Postgresql、MySQL多种数据库
+  - title: 无痛升级
+    details: 有手就行，向下兼容，无需担心数据作废
 ---

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.36.17"
+  "version": "1.37.5"
 }

package.json

@@ -18,8 +18,9 @@
     "devb": "lerna run dev-build",
     "i-all": "lerna link && lerna exec npm install  ",
     "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
-    "afterpublishOnly": "npm run copylogs && time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
+    "afterpublishOnly": "npm run plugin-doc-gen && npm run copylogs && time /t >trigger/build.trigger && git add ./trigger/build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
     "transform-sql": "cd ./packages/ui/certd-server/db/ && node --experimental-json-modules transform.js",
+    "plugin-doc-gen": "cd ./packages/ui/certd-server/ && npm run export-md",
     "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
     "commitPro": "cd ./packages/pro/ && git add . && git commit -m \"build: publish\" && git push",
     "copylogs": "copyfiles \"CHANGELOG.md\"  ./docs/guide/changelogs/",
@@ -33,11 +34,12 @@
     "docs:dev": "vitepress dev docs",
     "docs:build": "npm run copylogs && vitepress build docs",
     "docs:preview": "vitepress preview docs",
-    "pub": "echo 1"
+    "pub": "echo 1",
+    "dev": "pnpm run -r --parallel  compile ",
+    "release": "time /t >trigger/release.trigger && git add trigger/release.trigger && git commit -m \"build: release\" && git push"
   },
   "license": "AGPL-3.0",
   "dependencies": {
-    "@certd/ui-server": "link:packages/ui/certd-server",
     "axios": "^1.7.7",
     "copyfiles": "^2.4.1",
     "lodash-es": "^4.17.21",

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,68 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.5](https://github.com/publishlab/node-acme-client/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.4](https://github.com/publishlab/node-acme-client/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.3](https://github.com/publishlab/node-acme-client/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+### Bug Fixes
+
+* 修复并发情况下证书申请日志混乱的bug ([bb2714f](https://github.com/publishlab/node-acme-client/commit/bb2714ff241f9db4a71d805b23a1b0f9f2f6413a))
+
+## [1.37.2](https://github.com/publishlab/node-acme-client/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+### Bug Fixes
+
+* aliyunoss 选择证书接入点选择新加坡无法上传的bug ([e00733a](https://github.com/publishlab/node-acme-client/commit/e00733a34644c23ffe926486b15dc96bf2fa4b57))
+
+## [1.37.1](https://github.com/publishlab/node-acme-client/compare/v1.37.0...v1.37.1) (2025-09-29)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.37.0](https://github.com/publishlab/node-acme-client/compare/v1.36.25...v1.37.0) (2025-09-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.25](https://github.com/publishlab/node-acme-client/compare/v1.36.24...v1.36.25) (2025-09-27)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.24](https://github.com/publishlab/node-acme-client/compare/v1.36.23...v1.36.24) (2025-09-27)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.23](https://github.com/publishlab/node-acme-client/compare/v1.36.22...v1.36.23) (2025-09-26)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.22](https://github.com/publishlab/node-acme-client/compare/v1.36.21...v1.36.22) (2025-09-23)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.21](https://github.com/publishlab/node-acme-client/compare/v1.36.20...v1.36.21) (2025-09-15)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.20](https://github.com/publishlab/node-acme-client/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.19](https://github.com/publishlab/node-acme-client/compare/v1.36.18...v1.36.19) (2025-09-05)
+
+### Performance Improvements
+
+* 支持ssl.com证书颁发机构 ([27b6dfa](https://github.com/publishlab/node-acme-client/commit/27b6dfa4d2ab3bddd284c3a34511a72e1a513a4c))
+
+## [1.36.18](https://github.com/publishlab/node-acme-client/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.36.17](https://github.com/publishlab/node-acme-client/compare/v1.36.16...v1.36.17) (2025-08-17)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.36.17",
+    "version": "1.37.5",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.36.17",
+        "@certd/basic": "^1.37.5",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
@@ -52,7 +52,8 @@
         "lint-types": "tsd",
         "prepublishOnly": "npm run build-docs",
         "test": "mocha -t 60000 \"test/setup.js\" \"test/**/*.spec.js\"",
-        "pub": "npm publish"
+        "pub": "npm publish",
+        "compile": "tsc --skipLibCheck --watch"
     },
     "repository": {
         "type": "git",
@@ -69,5 +70,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
+    "gitHead": "dbce75146439dac484597ce6494b935fd7ce75f7"
 }

packages/core/acme-client/src/api.js

@@ -28,7 +28,6 @@ class AcmeApi {
                 }
             }
         }
-        console.log(locationUrl, mapping);
         return locationUrl;
     }
 

packages/core/acme-client/src/auto.js

@@ -2,7 +2,6 @@
  * ACME auto helper
  */
 import { readCsrDomains } from "./crypto/index.js";
-import { log } from "./logger.js";
 import { wait } from "./wait.js";
 import { CancelError } from "./error.js";
 
@@ -45,6 +44,9 @@ export default async (client, userOpts) => {
         accountPayload.externalAccountBinding = opts.externalAccountBinding;
     }
 
+    const log = (...args)=>{
+        return client.logger.info(...args);
+    }
     /**
      * Register account
      */
@@ -255,7 +257,7 @@ export default async (client, userOpts) => {
                 await wait(waitDnsDiffuseTime * 1000)
             }
 
-            log("开始向提供商请求挑战验证");
+            log("开始向提供商请求检查验证");
             await runPromisePa(completeChallengeTasks, 1000);
         } catch (e) {
             log(`证书申请失败${e.message}`);

packages/core/acme-client/src/axios.js

@@ -3,9 +3,9 @@
  */
 import axios from 'axios';
 import { parseRetryAfterHeader } from './util.js';
-import { log } from './logger.js';
 const { AxiosError } = axios;
 import {getGlobalAgents, HttpError} from '@certd/basic'
+import { log } from './logger.js';
 /**
  * Defaults
  */

packages/core/acme-client/src/client.js

@@ -5,7 +5,6 @@
  */
 import { createHash } from 'crypto';
 import  { getPemBodyAsB64u } from './crypto/index.js';
-import { log } from './logger.js';
 import HttpClient from './http.js';
 import AcmeApi from './api.js';
 import verify from './verify.js';
@@ -104,8 +103,13 @@ class AcmeClient {
             max: this.opts.backoffMax,
         };
 
-        this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding, this.opts.urlMapping);
+        this.http = new HttpClient(this.opts.directoryUrl, this.opts.accountKey, this.opts.externalAccountBinding, this.opts.urlMapping, opts.logger);
         this.api = new AcmeApi(this.http, this.opts.accountUrl);
+        this.logger = opts.logger;
+    }
+
+    log(...args) {
+        this.logger.info(...args);
     }
 
     /**
@@ -177,7 +181,7 @@ class AcmeClient {
             this.getAccountUrl();
 
             /* Account URL exists */
-            log('Account URL exists, returning updateAccount()');
+            this.log('Account URL exists, returning updateAccount()');
             return this.updateAccount(data);
         }
         catch (e) {
@@ -185,7 +189,7 @@ class AcmeClient {
 
             /* HTTP 200: Account exists */
             if (resp.status === 200) {
-                log('Account already exists (HTTP 200), returning updateAccount()');
+                this.log('Account already exists (HTTP 200), returning updateAccount()');
                 return this.updateAccount(data);
             }
 
@@ -214,7 +218,7 @@ class AcmeClient {
             this.api.getAccountUrl();
         }
         catch (e) {
-            log('No account URL found, returning createAccount()');
+            this.log('No account URL found, returning createAccount()');
             return this.createAccount(data);
         }
 
@@ -502,7 +506,7 @@ class AcmeClient {
             await verify[challenge.type](authz, challenge, keyAuthorization);
         };
 
-        log('Waiting for ACME challenge verification（等待ACME挑战验证）', this.backoffOpts);
+        this.log('Waiting for ACME challenge verification（等待ACME检查验证）');
         return util.retry(verifyFn, this.backoffOpts);
     }
 
@@ -570,7 +574,7 @@ class AcmeClient {
             const resp = await this.api.apiRequest(item.url, null, [200]);
 
             /* Verify status */
-            log(`[${d}] Item has status（挑战状态）: ${resp.data.status}`);
+            this.log(`[${d}] Item has status（检查状态）: ${resp.data.status}`);
 
             if (invalidStates.includes(resp.data.status)) {
                 abort();
@@ -586,7 +590,7 @@ class AcmeClient {
             throw new Error(`[${d}] Unexpected item status: ${resp.data.status}`);
         };
 
-        log(`[${d}] Waiting for valid status （等待valid状态）: ${item.url}`, this.backoffOpts);
+        this.log(`[${d}] Waiting for valid status （等待valid状态）: ${item.url}`, this.backoffOpts);
         return util.retry(verifyFn, this.backoffOpts);
     }
 

packages/core/acme-client/src/http.js

@@ -19,7 +19,7 @@ import { getJwk } from './crypto/index.js';
  */
 
 class HttpClient {
-    constructor(directoryUrl, accountKey, externalAccountBinding = {}, urlMapping = {}) {
+    constructor(directoryUrl, accountKey, externalAccountBinding = {}, urlMapping = {},logger) {
         this.directoryUrl = directoryUrl;
         this.accountKey = accountKey;
         this.externalAccountBinding = externalAccountBinding;
@@ -31,6 +31,7 @@ class HttpClient {
         this.directoryMaxAge = 86400;
         this.directoryTimestamp = 0;
         this.urlMapping = urlMapping;
+        this.log = logger? logger.info.bind(logger) : log;
     }
 
     /**
@@ -48,7 +49,7 @@ class HttpClient {
             for (const key in this.urlMapping.mappings) {
                 if (url.includes(key)) {
                     const newUrl = url.replace(key, this.urlMapping.mappings[key]);
-                    log(`use reverse proxy: ${newUrl}`);
+                    this.log(`use reverse proxy: ${newUrl}`);
                     url = newUrl;
                 }
             }
@@ -65,10 +66,10 @@ class HttpClient {
         opts.headers['Content-Type'] = 'application/jose+json';
 
         /* Request */
-        log(`HTTP request: ${method} ${url}`);
+        this.log(`HTTP request: ${method} ${url}`);
         const resp = await axios.request(opts);
 
-        log(`RESP ${resp.status} ${method} ${url}`);
+        this.log(`RESP ${resp.status} ${method} ${url}`);
         return resp;
     }
 
@@ -85,7 +86,7 @@ class HttpClient {
         const age = (now - this.directoryTimestamp);
 
         if (!this.directoryCache || (age > this.directoryMaxAge)) {
-            log(`Refreshing ACME directory, age: ${age}`);
+            this.log(`Refreshing ACME directory, age: ${age}`);
             const resp = await this.request(this.directoryUrl, 'get');
 
             if (resp.status >= 400) {
@@ -187,7 +188,7 @@ class HttpClient {
 
         /* Nonce */
         if (nonce) {
-            log(`Using nonce: ${nonce}`);
+            this.log(`Using nonce: ${nonce}`);
             header.nonce = nonce;
         }
 
@@ -314,7 +315,7 @@ class HttpClient {
             nonce = resp.headers['replay-nonce'] || null;
             attempts += 1;
 
-            log(`Caught invalid nonce error, retrying (${attempts}/${this.maxBadNonceRetries}) signed request to: ${url}`);
+            this.log(`Caught invalid nonce error, retrying (${attempts}/${this.maxBadNonceRetries}) signed request to: ${url}`);
             return this.signedRequest(url, payload, { kid, nonce, includeExternalAccountBinding }, attempts);
         }
 

packages/core/acme-client/src/index.js

@@ -25,6 +25,10 @@ export const directory = {
         staging: 'https://acme.zerossl.com/v2/DV90',
         production: 'https://acme.zerossl.com/v2/DV90',
     },
+    sslcom:{
+      staging: 'https://acme.ssl.com/sslcom-dv-rsa',
+      production: 'https://acme.ssl.com/sslcom-dv-rsa',
+    }
 };
 
 /**

packages/core/acme-client/types/index.d.ts

@@ -49,6 +49,7 @@ export interface ClientOptions {
     backoffMax?: number;
     urlMapping?: UrlMapping;
     signal?: AbortSignal;
+    logger?:any
 }
 
 export interface ClientExternalAccountBindingOptions {

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,74 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+### Performance Improvements
+
+* 支持网络测试 ([2bef608](https://github.com/certd/certd/commit/2bef608e07ceb56d52007f290667e0afef401b22))
+
+## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
+
+**Note:** Version bump only for package @certd/basic
+
+# [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
+
+### Performance Improvements
+
+* 优化连接失败的报错提示 ([71d8e7e](https://github.com/certd/certd/commit/71d8e7edd23ad63fdc01a92766b52ede5074fe7c))
+* 增加自签名证书提示 ([877c9c4](https://github.com/certd/certd/commit/877c9c4ff99f81d289f67afd96f440c0796b03ea))
+* dns支持新网域名解析 ([cf3a78e](https://github.com/certd/certd/commit/cf3a78e1145ff0505c87fbc485d9e731b1aa88a8))
+
+## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)
+
+### Bug Fixes
+
+* 修复批量流水线执行时日志显示错乱的问题 ([4372adc](https://github.com/certd/certd/commit/4372adc703b9a4c785664054ab2a533626d815a8))
+
+### Performance Improvements
+
+* 去掉宝塔url后面的斜杠 ([8a0c2b9](https://github.com/certd/certd/commit/8a0c2b9b13628da750c25757e0cb8ed3038775ba))
+
+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
 
 **Note:** Version bump only for package @certd/basic

packages/core/basic/build.md

@@ -1 +1 @@
-23:53
+05:00

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.36.17",
+  "version": "1.37.5",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -13,7 +13,8 @@
     "dev-build": "npm run build",
     "preview": "vite preview",
     "test": "mocha   --loader=ts-node/esm",
-    "pub": "npm publish"
+    "pub": "npm publish",
+    "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
     "axios": "^1.7.2",
@@ -45,5 +46,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
+  "gitHead": "dbce75146439dac484597ce6494b935fd7ce75f7"
 }

packages/core/basic/src/index.ts

@@ -1,2 +1 @@
-export * from './utils/index.js';
-export * from './utils/util.id.js';
+export * from "./utils/index.js";

packages/core/basic/src/utils/index.ts

@@ -22,12 +22,14 @@ import { sp } from "./util.sp.js";
 import { hashUtils } from "./util.hash.js";
 import { promises } from "./util.promise.js";
 import { fileUtils } from "./util.file.js";
-import * as _ from "lodash-es";
 import { cache } from "./util.cache.js";
 import dayjs from "dayjs";
 import { domainUtils } from "./util.domain.js";
+export * from "./util.domain.js";
 import { optionsUtils } from "./util.options.js";
+export * from "./util.options.js";
 import { amountUtils } from "./util.amount.js";
+export * from "./util.amount.js";
 import { nanoid } from "nanoid";
 import * as id from "./util.id.js";
 import { locker } from "./util.lock.js";
@@ -35,6 +37,9 @@ import { mitter } from "./util.mitter.js";
 
 import * as request from "./util.request.js";
 export * from "./util.cache.js";
+
+export * from "./util.id.js";
+
 export const utils = {
   sleep,
   http,
@@ -43,7 +48,6 @@ export const utils = {
   hash: hashUtils,
   promises,
   file: fileUtils,
-  _,
   mergeUtils,
   cache,
   nanoid,

packages/core/basic/src/utils/util.hash.ts

@@ -17,10 +17,26 @@ function base64(data: string) {
 function base64Decode(data: string) {
   return Buffer.from(data, "base64").toString("utf8");
 }
+
+function toHex(data: number | string) {
+  if (typeof data === "number") {
+    return data.toString(16);
+  }
+  return Buffer.from(data).toString("hex");
+}
+function hexToStr(data: string) {
+  return Buffer.from(data, "hex").toString("utf8");
+}
+function hexToNumber(data: string) {
+  return parseInt(data, 16);
+}
 export const hashUtils = {
   md5,
   sha256,
   base64,
   base64Decode,
   hmacSha256,
+  toHex,
+  hexToStr,
+  hexToNumber,
 };

packages/core/basic/src/utils/util.log.ts

@@ -1,22 +1,4 @@
-import log4js, { LoggingEvent, Logger } from "log4js";
-
-const OutputAppender = {
-  configure: (config: any, layouts: any, findAppender: any, levels: any) => {
-    let layout = layouts.basicLayout;
-    if (config.layout) {
-      layout = layouts.layout(config.layout.type, config.layout);
-    }
-    function customAppender(layout: any, timezoneOffset: any) {
-      return (loggingEvent: LoggingEvent) => {
-        if (loggingEvent.context.outputHandler?.write) {
-          const text = `${layout(loggingEvent, timezoneOffset)}\n`;
-          loggingEvent.context.outputHandler.write(text);
-        }
-      };
-    }
-    return customAppender(layout, config.timezoneOffset);
-  },
-};
+import log4js, { CallStack, Level } from "log4js";
 
 let logFilePath = "./logs/app.log";
 export function resetLogConfigure() {
@@ -24,7 +6,6 @@ export function resetLogConfigure() {
   log4js.configure({
     appenders: {
       std: { type: "stdout" },
-      output: { type: OutputAppender },
       file: {
         type: "dateFile",
         filename: logFilePath,
@@ -33,7 +14,7 @@ export function resetLogConfigure() {
         numBackups: 3,
       },
     },
-    categories: { default: { appenders: ["std", "file"], level: "info" }, pipeline: { appenders: ["std", "file", "output"], level: "info" } },
+    categories: { default: { appenders: ["std", "file"], level: "info" }, pipeline: { appenders: ["std", "file"], level: "info" } },
   });
 }
 resetLogConfigure();
@@ -44,15 +25,98 @@ export function resetLogFilePath(filePath: string) {
   resetLogConfigure();
 }
 export function buildLogger(write: (text: string) => void) {
-  const logger = log4js.getLogger("pipeline");
-  const _secrets: string[] = [];
-  //@ts-ignore
-  logger.addSecret = (secret: string) => {
-    _secrets.push(secret);
-  };
-  logger.addContext("outputHandler", {
-    write: (text: string) => {
-      for (const item of _secrets) {
+  return new PipelineLogger("pipeline", write);
+}
+
+export type ILogger = {
+  readonly category: string;
+  level: Level | string;
+  log(level: Level | string, ...args: any[]): void;
+
+  isLevelEnabled(level?: string): boolean;
+
+  isTraceEnabled(): boolean;
+  isDebugEnabled(): boolean;
+  isInfoEnabled(): boolean;
+  isWarnEnabled(): boolean;
+  isErrorEnabled(): boolean;
+  isFatalEnabled(): boolean;
+
+  _log(level: Level, data: any): void;
+
+  addContext(key: string, value: any): void;
+
+  removeContext(key: string): void;
+
+  clearContext(): void;
+
+  /**
+   * Replace the basic parse function with a new custom one
+   * - Note that linesToSkip will be based on the origin of the Error object in addition to the callStackLinesToSkip (at least 1)
+   * @param parseFunction the new parseFunction. Use `undefined` to reset to the base implementation
+   */
+  setParseCallStackFunction(parseFunction: (error: Error, linesToSkip: number) => CallStack | undefined): void;
+
+  /**
+   * Adjust the value of linesToSkip when the parseFunction is called.
+   *
+   * Cannot be less than 0.
+   */
+  callStackLinesToSkip: number;
+
+  trace(message: any, ...args: any[]): void;
+
+  debug(message: any, ...args: any[]): void;
+
+  info(message: any, ...args: any[]): void;
+
+  warn(message: any, ...args: any[]): void;
+
+  error(message: any, ...args: any[]): void;
+
+  fatal(message: any, ...args: any[]): void;
+
+  mark(message: any, ...args: any[]): void;
+};
+
+const locale = Intl.DateTimeFormat().resolvedOptions().locale;
+const formatter = new Intl.DateTimeFormat(locale, {
+  year: "numeric",
+  month: "2-digit",
+  day: "2-digit",
+  hour: "2-digit",
+  minute: "2-digit",
+  second: "2-digit",
+  hour12: false,
+});
+function formatDateIntl(date = new Date()) {
+  const milliseconds = date.getMilliseconds(); // 获取毫秒
+  const formattedMilliseconds = milliseconds.toString().padStart(3, "0");
+  return formatter.format(date) + "." + formattedMilliseconds;
+}
+
+// @ts-ignore
+export class PipelineLogger implements ILogger {
+  callStackLinesToSkip: number = 3;
+  readonly category: string = "pipeline";
+  level: Level | string = "info";
+  _secrets: string[] = [];
+  logger: ILogger;
+  customWriter!: (text: string) => void;
+
+  constructor(name: string, write: (text: string) => void) {
+    this.customWriter = write;
+    this.logger = log4js.getLogger(name);
+  }
+
+  addSecret(secret: string) {
+    this._secrets.push(secret);
+  }
+
+  _doLog(level: string, ...args: any[]) {
+    let text = args.join(" ");
+    if (this.customWriter) {
+      for (const item of this._secrets) {
         if (item == null) {
           continue;
         }
@@ -66,10 +130,88 @@ export function buildLogger(write: (text: string) => void) {
           text = text.replaceAll(item, "*".repeat(item.length));
         }
       }
-      write(text);
-    },
-  });
-  return logger;
-}
+      text = `[${formatDateIntl()}] [${level.toUpperCase()}] - ${text} \n`;
+      this.customWriter(text);
+    }
+    // @ts-ignore
+    this.logger[level](...args);
+  }
 
-export type ILogger = Logger;
+  _log(level: Level, data: any): void {}
+
+  addContext(key: string, value: any): void {}
+
+  clearContext(): void {}
+
+  debug(message: any, ...args: any[]): void {
+    if (this.isDebugEnabled()) {
+      this._doLog("debug", message, ...args);
+    }
+  }
+
+  error(message: any, ...args: any[]): void {
+    if (this.isErrorEnabled()) {
+      this._doLog("error", message, ...args);
+    }
+  }
+
+  fatal(message: any, ...args: any[]): void {
+    if (this.isFatalEnabled()) {
+      this._doLog("fatal", message, ...args);
+    }
+  }
+
+  info(message: any, ...args: any[]): void {
+    if (this.isInfoEnabled()) {
+      this._doLog("info", message, ...args);
+    }
+  }
+
+  trace(message: any, ...args: any[]): void {
+    if (this.isTraceEnabled()) {
+      this._doLog("trace", message, ...args);
+    }
+  }
+
+  warn(message: any, ...args: any[]): void {
+    if (this.isWarnEnabled()) {
+      this._doLog("warn", message, ...args);
+    }
+  }
+
+  isDebugEnabled(): boolean {
+    return logger.isDebugEnabled();
+  }
+
+  isErrorEnabled(): boolean {
+    return logger.isErrorEnabled();
+  }
+
+  isFatalEnabled(): boolean {
+    return logger.isFatalEnabled();
+  }
+
+  isInfoEnabled(): boolean {
+    return logger.isInfoEnabled();
+  }
+
+  isLevelEnabled(level?: string): boolean {
+    return logger.isLevelEnabled();
+  }
+
+  isTraceEnabled(): boolean {
+    return logger.isTraceEnabled();
+  }
+
+  isWarnEnabled(): boolean {
+    return logger.isWarnEnabled();
+  }
+
+  log(level: Level | string, ...args: any[]): void {}
+
+  mark(message: any, ...args: any[]): void {}
+
+  removeContext(key: string): void {}
+
+  setParseCallStackFunction(parseFunction: (error: Error, linesToSkip: number) => CallStack | undefined): void {}
+}

packages/core/basic/src/utils/util.request.ts

@@ -1,6 +1,5 @@
 import axios, { AxiosHeaders, AxiosRequestConfig } from "axios";
 import { ILogger, logger } from "./util.log.js";
-import { Logger } from "log4js";
 import { HttpProxyAgent } from "http-proxy-agent";
 import { HttpsProxyAgent } from "https-proxy-agent";
 import nodeHttp from "http";
@@ -8,6 +7,13 @@ import * as https from "node:https";
 import { merge } from "lodash-es";
 import { safePromise } from "./util.promise.js";
 import fs from "fs";
+
+const errorMap: Record<string, string> = {
+  "ssl3_get_record:wrong version number": "http协议错误，服务端要求http协议，请检查是否使用了https请求",
+  "getaddrinfo EAI_AGAIN": "无法解析域名，请检查网络连接或dns配置，更换docker-compose.yaml中dns配置",
+  "self-signed certificate": "目标站点为自签名证书，请勾选忽略证书校验",
+};
+
 export class HttpError extends Error {
   status?: number;
   statusText?: string;
@@ -22,11 +28,12 @@ export class HttpError extends Error {
     super(error.message || error.response?.statusText);
 
     const message = error?.message;
-    if (message && typeof message === "string") {
-      if (message.indexOf && message.indexOf("ssl3_get_record:wrong version number") >= 0) {
-        this.message = `${message}(http协议错误，服务端要求http协议，请检查是否使用了https请求)`;
-      } else if (message.indexOf("getaddrinfo EAI_AGAIN") >= 0) {
-        this.message = `${message}(无法解析域名，请检查网络连接或dns配置，更换docker-compose.yaml中dns配置)`;
+    if (message && typeof message === "string" && message.indexOf) {
+      for (const key in errorMap) {
+        if (message.indexOf(key) > -1) {
+          this.message = `${this.message}(${errorMap[key]})`;
+          break;
+        }
       }
     }
 
@@ -84,7 +91,7 @@ export function getGlobalAgents() {
 /**
  * @description 创建请求实例
  */
-export function createAxiosService({ logger }: { logger: Logger }) {
+export function createAxiosService({ logger }: { logger: ILogger }) {
   // 创建一个 axios 实例
   const service = axios.create();
 
@@ -200,10 +207,31 @@ export function createAxiosService({ logger }: { logger: Logger }) {
         case 505:
           error.message = "HTTP版本不受支持";
           break;
+        case 302:
+          //重定向
+          return Promise.resolve(error.response);
         default:
           break;
       }
-      logger.error(`请求出错：status:${error.response?.status},statusText:${error.response?.statusText},url:${error.config?.url},method:${error.config?.method}。`);
+
+      const errorCode = error.code;
+      let errorMessage = null;
+      if (errorCode === "ECONNABORTED") {
+        errorMessage = "请求连接终止";
+      } else if (errorCode === "ETIMEDOUT") {
+        errorMessage = "请求连接超时";
+      } else if (errorCode === "ECONNRESET") {
+        errorMessage = "请求连接被重置";
+      } else if (errorCode === "ECONNREFUSED") {
+        errorMessage = "请求连接被服务端拒绝";
+      } else if (errorCode === "ENOTFOUND") {
+        errorMessage = "请求地址不存在";
+      }
+      if (errorMessage) {
+        error.message = errorMessage + "," + error.message;
+      }
+
+      logger.error(`请求出错：status:${error.response?.status || error.code},statusText:${error.response?.statusText || error.code},url:${error.config?.url},method:${error.config?.method}。`);
       logger.error("返回数据:", JSON.stringify(error.response?.data));
       if (error.response?.data) {
         const message = error.response.data.message || error.response.data.msg || error.response.data.error;

packages/core/basic/src/utils/util.sp.ts

@@ -1,8 +1,10 @@
 //转换为import
-import childProcess from 'child_process';
-import { safePromise } from './util.promise.js';
-import { ILogger, logger } from './util.log.js';
-import iconv from 'iconv-lite';
+//@ts-ignore
+import childProcess from "child_process";
+import { safePromise } from "./util.promise.js";
+import { ILogger, logger } from "./util.log.js";
+//@ts-ignore
+import iconv from "iconv-lite";
 export type ExecOption = {
   cmd: string | string[];
   env: any;
@@ -11,12 +13,12 @@ export type ExecOption = {
 };
 
 async function exec(opts: ExecOption): Promise<string> {
-  let cmd = '';
+  let cmd = "";
   const log = opts.logger || logger;
   if (opts.cmd instanceof Array) {
     for (const item of opts.cmd) {
       if (cmd) {
-        cmd += ' && ' + item;
+        cmd += " && " + item;
       } else {
         cmd = item;
       }
@@ -28,17 +30,18 @@ async function exec(opts: ExecOption): Promise<string> {
       cmd,
       {
         env: {
+          //@ts-ignore
           ...process.env,
           ...opts.env,
         },
         ...opts.options,
       },
-      (error, stdout, stderr) => {
+      (error: any, stdout: { toString: (arg0: string) => any }, stderr: any) => {
         if (error) {
           log.error(`exec error: ${error}`);
           reject(error);
         } else {
-          const res = stdout.toString('utf-8');
+          const res = stdout.toString("utf-8");
           log.info(`stdout: ${res}`);
           resolve(res);
         }
@@ -57,11 +60,12 @@ export type SpawnOption = {
 };
 
 function isWindows() {
-  return process.platform === 'win32';
+  // @ts-ignore
+  return process.platform === "win32";
 }
 function convert(buffer: any) {
   if (isWindows()) {
-    const decoded = iconv.decode(buffer, 'GBK');
+    const decoded = iconv.decode(buffer, "GBK");
     // 检查是否有有效字符
     return decoded && decoded.trim().length > 0 ? decoded : buffer.toString();
   } else {
@@ -74,12 +78,12 @@ function convert(buffer: any) {
 // }
 
 async function spawn(opts: SpawnOption): Promise<string> {
-  let cmd = '';
+  let cmd = "";
   const log = opts.logger || logger;
   if (opts.cmd instanceof Array) {
     for (const item of opts.cmd) {
       if (cmd) {
-        cmd += ' && ' + item;
+        cmd += " && " + item;
       } else {
         cmd = item;
       }
@@ -88,37 +92,47 @@ async function spawn(opts: SpawnOption): Promise<string> {
     cmd = opts.cmd;
   }
   log.info(`执行命令: ${cmd}`);
-  let stdout = '';
-  let stderr = '';
+  let stdout = "";
+  let stderr = "";
   return safePromise((resolve, reject) => {
     const ls = childProcess.spawn(cmd, {
       shell: true,
       env: {
+        //@ts-ignore
         ...process.env,
         ...opts.env,
       },
       ...opts.options,
     });
-    ls.stdout.on('data', data => {
+    ls.stdout.on("data", (data: string) => {
       data = convert(data);
       log.info(`stdout: ${data}`);
       stdout += data;
     });
 
-    ls.stderr.on('data', data => {
+    ls.stderr.on("data", (data: string) => {
       data = convert(data);
       log.warn(`stderr: ${data}`);
       stderr += data;
     });
-    ls.on('error', error => {
+    ls.on("error", (error: any) => {
       log.error(`child process error: ${error}`);
+      //@ts-ignore
+      error.stderr = stderr;
+      //@ts-ignore
+      error.stdout = stdout;
       reject(error);
     });
 
-    ls.on('close', (code: number) => {
+    ls.on("close", (code: number) => {
       if (code !== 0) {
         log.error(`child process exited with code ${code}`);
-        reject(new Error(stderr));
+        const e = new Error(stderr || "return " + code);
+        //@ts-ignore
+        e.stderr = stderr;
+        //@ts-ignore
+        e.stdout = stdout;
+        reject(e);
       } else {
         resolve(stdout);
       }

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,71 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
+
+**Note:** Version bump only for package @certd/pipeline
+
+# [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
+
+### Performance Improvements
+
+* 手动上传证书优化，增加到期前报错提醒 ([3d42bfd](https://github.com/certd/certd/commit/3d42bfd479eaacc4a49c401224815a6e2a0204b0))
+
+## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)
+
+### Bug Fixes
+
+* 前置任务输出不存在时输出警告提示 ([b59052c](https://github.com/certd/certd/commit/b59052cc43b7b070fabd8b8e914e4c2a5e0ad61c))
+
+### Performance Improvements
+
+* 支持godaddy ([b7980aa](https://github.com/certd/certd/commit/b7980aad5ab50f58662eaddf5d84aa82876a98eb))
+* 支持ssl.com证书颁发机构 ([27b6dfa](https://github.com/certd/certd/commit/27b6dfa4d2ab3bddd284c3a34511a72e1a513a4c))
+
+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.36.17",
+  "version": "1.37.5",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -14,11 +14,12 @@
     "build3": "rollup -c",
     "preview": "vite preview",
     "test": "mocha   --loader=ts-node/esm",
-    "pub": "npm publish"
+    "pub": "npm publish",
+    "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.36.17",
-    "@certd/plus-core": "^1.36.17",
+    "@certd/basic": "^1.37.5",
+    "@certd/plus-core": "^1.37.5",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -44,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
+  "gitHead": "dbce75146439dac484597ce6494b935fd7ce75f7"
 }

packages/core/pipeline/src/context/index.ts

@@ -21,9 +21,9 @@ export type PageRes = {
 export class Pager {
   pageNo: number;
   pageSize: number;
-  constructor(req: PageSearch) {
-    this.pageNo = req.pageNo ?? 1;
-    this.pageSize = req.pageSize || 50;
+  constructor(req?: PageSearch) {
+    this.pageNo = req?.pageNo ?? 1;
+    this.pageSize = req?.pageSize || 50;
   }
 
   getOffset() {

packages/core/pipeline/src/core/executor.ts

@@ -314,7 +314,7 @@ export class Executor {
           const outputKey = arr[2];
           input[key] = this.currentStatusMap.get(id)?.status?.output[outputKey] ?? this.lastStatusMap.get(id)?.status?.output[outputKey];
           if (input[key] == null) {
-            this.logger.warn(`${item.title}的配置未找到对应的输出值，请确认对应的前置任务是否存在或者是否执行正确`);
+            currentLogger.warn(`${item.title}的配置未找到对应的输出值，请确认对应的前置任务是否存在或者是否执行正确`);
           }
         }
       }

packages/core/pipeline/src/core/run-history.ts

@@ -120,10 +120,9 @@ export class RunHistory {
     delete e.stack;
     delete e.cause;
     if (runnable.runnableType === "step") {
-      this._loggers[runnable.id].error(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> ：`, e, stack, cause);
-    } else {
-      this._loggers[runnable.id].error(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> ：`, e.message);
+      this._loggers[runnable.id].error(stack, cause);
     }
+    this._loggers[runnable.id].error(`[${runnable.runnableType}] [${runnable.title}]<id:${runnable.id}> ：`, e.message);
   }
 
   finally(runnable: Runnable) {

packages/core/pipeline/src/plugin/api.ts

@@ -253,9 +253,9 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
     return name + "_" + dayjs().format("YYYYMMDDHHmmssSSS");
   }
 
-  buildCertName(domain: string) {
+  buildCertName(domain: string, prefix = "") {
     domain = domain.replaceAll("*", "_").replaceAll(".", "_");
-    return `${domain}_${dayjs().format("YYYYMMDDHHmmssSSS")}`;
+    return `${prefix}_${domain}_${dayjs().format("YYYYMMDDHHmmssSSS")}`;
   }
 
   async onRequest(req: PluginRequestHandleReq<any>) {

packages/core/pipeline/src/registry/registry.ts

@@ -69,9 +69,15 @@ export class Registry<T = any> {
     return this.storage;
   }
 
-  getDefineList() {
+  getDefineList(prefix?: string) {
     let list = [];
+    if (prefix) {
+      prefix = prefix + ":";
+    }
     for (const key in this.storage) {
+      if (prefix && !key.startsWith(prefix)) {
+        continue;
+      }
       const define = this.getDefine(key);
       if (define) {
         if (define?.deprecated) {
@@ -90,7 +96,10 @@ export class Registry<T = any> {
     return list;
   }
 
-  getDefine(key: string) {
+  getDefine(key: string, prefix?: string) {
+    if (prefix) {
+      key = prefix + ":" + key;
+    }
     const item = this.storage[key];
     if (!item) {
       return;

packages/core/pipeline/src/service/cname.ts

@@ -17,6 +17,7 @@ export type CnameRecord = {
   cnameProvider: CnameProvider;
   status: string;
   commonDnsProvider?: any;
+  mainDomain?: string;
 };
 
 export type ICnameProxyService = {

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,62 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.36.17",
+  "version": "1.37.5",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
+  "gitHead": "dbce75146439dac484597ce6494b935fd7ce75f7"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,62 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.36.17",
+  "version": "1.37.5",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
+  "gitHead": "dbce75146439dac484597ce6494b935fd7ce75f7"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,62 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+# [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.36.17",
+  "version": "1.37.5",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
@@ -61,5 +61,5 @@
       "fetch"
     ]
   },
-  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
+  "gitHead": "dbce75146439dac484597ce6494b935fd7ce75f7"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,72 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+### Bug Fixes
+
+* 修复secret patch 类型多了type：的bug ([d04f383](https://github.com/certd/certd/commit/d04f3831611011a90ec0594724b9694490d5edd0))
+
+## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)
+
+### Bug Fixes
+
+* 修复远程数据选择无法过滤的bug ([6cbb073](https://github.com/certd/certd/commit/6cbb0739f8428d51b0712f718fe4d236cc087cf9))
+
+### Performance Improvements
+
+* 创建k8s secret 时设置type为tls ([79ebabf](https://github.com/certd/certd/commit/79ebabfcfb9e5a534049c84f5f1a642b357fc856))
+
+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+### Performance Improvements
+
+* 部署到k8s支持自动创建secret ([c09c962](https://github.com/certd/certd/commit/c09c962cb676ca261610aa9f3e5105c9dae43f43))
+
 ## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.36.17",
+  "version": "1.37.5",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,7 +17,7 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.36.17",
+    "@certd/basic": "^1.37.5",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -32,5 +32,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
+  "gitHead": "dbce75146439dac484597ce6494b935fd7ce75f7"
 }

packages/libs/lib-k8s/src/lib/k8s.client.ts

@@ -1,7 +1,7 @@
 import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret } from "@kubernetes/client-node";
 import dns from "dns";
 import { ILogger } from "@certd/basic";
-import _ from "lodash-es";
+import { merge } from "lodash-es";
 
 export type K8sClientOpts = {
   kubeConfigStr: string;
@@ -85,12 +85,11 @@ export class K8sClient {
   /**
    * 创建Secret
    * @param opts {namespace:default, body:yamlStr}
-   * @returns {Promise<*>}
    */
   async createSecret(opts: { namespace: string; body: V1Secret }) {
     const namespace = opts.namespace || "default";
     const created = await this.client.createNamespacedSecret(namespace, opts.body);
-    this.logger.info("new secrets:", opts.body);
+    this.logger.info("new secrets:", opts.body.metadata);
     return created.body;
   }
 
@@ -103,17 +102,39 @@ export class K8sClient {
   //   return await this.client.replaceNamespacedSecret(secretName, namespace, opts.body);
   // }
 
-  async patchSecret(opts: { namespace: string; secretName: string; body: V1Secret }) {
+  async patchSecret(opts: { namespace: string; secretName: string; body: V1Secret; createOnNotFound?: boolean }) {
     const namespace = opts.namespace || "default";
     const secretName = opts.secretName;
     if (secretName == null) {
       throw new Error("secretName 不能为空");
     }
     this.logger.info("patch secret:", secretName, namespace);
-    const oldSecret = await this.client.readNamespacedSecret(secretName, namespace);
-    const newSecret = _.merge(oldSecret.body, opts.body);
+    let oldSecret: any = null;
+    try {
+      oldSecret = await this.client.readNamespacedSecret(secretName, namespace);
+    } catch (e) {
+      //@ts-ignore
+      if (e.response?.body?.code === 404) {
+        this.logger.warn(`secret ${secretName} 不存在`);
+        if (opts.createOnNotFound) {
+          //没有找到，则创建
+          const body = merge(
+            {
+              type: "kubernetes.io/tls",
+            },
+            opts.body
+          );
+          const res = await this.createSecret({ namespace, body });
+          this.logger.info(`secret ${secretName} 已创建`);
+          return res;
+        }
+      }
+      throw e;
+    }
+
+    const newSecret = merge(oldSecret.body, opts.body);
     const res = await this.client.replaceNamespacedSecret(secretName, namespace, newSecret);
-    this.logger.info("secret updated");
+    this.logger.info(`secret ${secretName} 已更新`);
     return res.body;
   }
 
@@ -145,7 +166,7 @@ export class K8sClient {
     this.logger.info("patch ingress:", ingressName, namespace);
     const client = this.kubeconfig.makeApiClient(NetworkingV1Api);
     const oldIngress = await client.readNamespacedIngress(ingressName, namespace);
-    const newIngress = _.merge(oldIngress.body, opts.body);
+    const newIngress = merge(oldIngress.body, opts.body);
     const res = await client.replaceNamespacedIngress(ingressName, namespace, newIngress);
     this.logger.info("ingress patched", opts.body);
     return res;

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,75 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+### Performance Improvements
+
+* 支持列表展示时固定证书最大天数，有助于列表进度条整齐展示 ([4a94eab](https://github.com/certd/certd/commit/4a94eab3935c89a63892661d9cf0d0891e54aa81))
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
+
+**Note:** Version bump only for package @certd/lib-server
+
+# [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
+
+### Features
+
+* dist打包前检查 ([8f6e5bd](https://github.com/certd/certd/commit/8f6e5bd24b3b65fbfcba36c08f532a3abad2d606))
+
+## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
+
+### Bug Fixes
+
+* 固定midwayjs版本，修复ui-server import 错误的bug ([eb4d125](https://github.com/certd/certd/commit/eb4d125eaf4a41e88c752d0c68993829589f8f27))
+
+## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
+
+### Bug Fixes
+
+* 修复 ui-server 加载失败问题 ([c2ccdbe](https://github.com/certd/certd/commit/c2ccdbec9dd08bca4688eeb2f34d0105eec43ba1))
+
+## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
+
+### Performance Improvements
+
+* 支持腾讯云验证码 ([03f317f](https://github.com/certd/certd/commit/03f317ffdb6595ce70e8a2302b05f390c52110c8))
+
+## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+### Performance Improvements
+
+* 登录支持极验验证码 ([370db62](https://github.com/certd/certd/commit/370db62bf0aece241859244927beabba32d6a257))
+* 登录注册、找回密码都支持极验验证码和图片验证码 ([7bdde68](https://github.com/certd/certd/commit/7bdde68ecea29fe2c570fd3cb082139db6c93d93))
+
+## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
 
 **Note:** Version bump only for package @certd/lib-server

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.36.17",
+  "version": "1.37.5",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -17,7 +17,8 @@
     "lint": "mwts check",
     "lint:fix": "mwts fix",
     "prepublish": "npm run build",
-    "pub": "npm publish"
+    "pub": "npm publish",
+    "compile": "tsc --skipLibCheck --watch"
   },
   "keywords": [],
   "author": "greper",
@@ -27,18 +28,20 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.36.17",
-    "@certd/basic": "^1.36.17",
-    "@certd/pipeline": "^1.36.17",
-    "@certd/plus-core": "^1.36.17",
-    "@midwayjs/cache": "~3.14.0",
-    "@midwayjs/core": "~3.20.3",
-    "@midwayjs/i18n": "~3.20.3",
-    "@midwayjs/info": "~3.20.3",
-    "@midwayjs/koa": "~3.20.3",
-    "@midwayjs/logger": "~3.4.2",
-    "@midwayjs/typeorm": "~3.20.3",
-    "@midwayjs/upload": "^3.20.3",
+    "@certd/acme-client": "^1.37.5",
+    "@certd/basic": "^1.37.5",
+    "@certd/pipeline": "^1.37.5",
+    "@certd/plugin-lib": "^1.37.5",
+    "@certd/plus-core": "^1.37.5",
+    "@midwayjs/cache": "3.14.0",
+    "@midwayjs/core": "3.20.11",
+    "@midwayjs/i18n": "3.20.13",
+    "@midwayjs/info": "3.20.13",
+    "@midwayjs/koa": "3.20.13",
+    "@midwayjs/logger": "3.4.2",
+    "@midwayjs/typeorm": "3.20.11",
+    "@midwayjs/upload": "3.20.13",
+    "@midwayjs/validate": "3.20.13",
     "better-sqlite3": "^11.1.2",
     "cross-env": "^7.0.3",
     "dayjs": "^1.11.7",
@@ -61,5 +64,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
+  "gitHead": "dbce75146439dac484597ce6494b935fd7ce75f7"
 }

packages/libs/lib-server/src/basic/base-controller.ts

@@ -47,4 +47,12 @@ export abstract class BaseController {
     }
     return user;
   }
+
+  isAdmin() {
+    const roleIds: number[] = this.ctx?.user?.roles;
+    if (roleIds?.includes(1)) {
+      return true;
+    }
+  }
+
 }

packages/libs/lib-server/src/basic/exception/index.ts

@@ -8,3 +8,5 @@ export * from './common-exception.js';
 export * from './not-found-exception.js';
 export * from './param-exception.js';
 export * from './site-off-exception.js';
+export * from './login-error-exception.js'
+export * from './code-error-exception.js'

packages/libs/lib-server/src/index.ts

@@ -1,8 +1,9 @@
 import { SysSettingsEntity } from './system/index.js';
 import { AccessEntity } from './user/access/entity/access.js';
+import { AddonEntity } from "./user/index.js";
 export * from './basic/index.js';
 export * from './system/index.js';
 export * from './user/index.js';
 export { LibServerConfiguration as Configuration } from './configuration.js';
 
-export const libServerEntities = [SysSettingsEntity, AccessEntity];
+export const libServerEntities = [SysSettingsEntity, AccessEntity,AddonEntity];

packages/libs/lib-server/src/system/basic/index.ts

@@ -1,3 +1,4 @@
 export * from './service/plus-service.js';
 export * from './service/file-service.js';
 export * from './service/encryptor.js';
+export * from './service/ocr-service.js';

packages/libs/lib-server/src/system/basic/service/ocr-service.ts

@@ -0,0 +1,24 @@
+import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
+import { PlusService } from "./plus-service.js";
+import { IOcrService } from "@certd/plugin-lib";
+
+/**
+ */
+@Provide("ocrService")
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
+export class OcrService implements IOcrService {
+  @Inject()
+  plusService: PlusService;
+
+  async doOcrFromImage(opts: { image: string }): Promise<{ texts: string[] }> {
+    const res = await this.plusService.requestWithToken({
+      url: "/activation/certd/ocr",
+      method: "post",
+      data: {
+        image: opts.image
+      }
+    });
+    return res;
+  }
+
+}

packages/libs/lib-server/src/system/basic/service/plus-service.ts

@@ -3,8 +3,8 @@ import { AppKey, PlusRequestService } from '@certd/plus-core';
 import { cache, http, HttpRequestConfig, logger } from '@certd/basic';
 import { SysInstallInfo, SysLicenseInfo, SysSettingsService } from '../../settings/index.js';
 import { merge } from 'lodash-es';
-
-@Provide()
+import fs from 'fs';
+@Provide("plusService")
 @Scope(ScopeEnum.Request, { allowDowngrade: true })
 export class PlusService {
   @Inject()
@@ -85,12 +85,31 @@ export class PlusService {
 
   async sendEmail(email: any) {
     const plusRequestService = await this.getPlusRequestService();
+
+    let attachments = email.attachments || [];
+    if (attachments.length > 0) {
+      const newAttachments: any[] = [];
+      attachments.forEach((item: any) => {
+        const name = item.filename || item.path.split('/').pop();
+        const body = item.content || fs.readFileSync(item.path);
+        const bodyBase64 = Buffer.from(body).toString('base64');
+        item = {
+          name,
+          body: bodyBase64,
+        };
+        newAttachments.push(item);
+      });
+      attachments = newAttachments;
+    }
+
     await plusRequestService.request({
       url: '/activation/emailSend',
       data: {
         subject: email.subject,
-        text: email.content,
         to: email.receivers,
+        text: email.content,
+        html: email.html,
+        attachments,
       },
     });
   }
@@ -111,12 +130,15 @@ export class PlusService {
     return res.accessToken;
   }
 
-  async getVipTrial() {
+  async getVipTrial(vipType= "plus") {
     await this.register();
     const plusRequestService = await this.getPlusRequestService();
     const res = await plusRequestService.request({
       url: '/activation/subject/vip/trialGet',
       method: 'POST',
+      data:{
+        vipType
+      }
     });
     if (res.license) {
       await this.updateLicense(res.license);

packages/libs/lib-server/src/system/settings/service/models.ts

@@ -30,6 +30,25 @@ export class SysPublicSettings extends BaseSettings {
   mpsNo?: string;
   robots?: boolean = true;
   aiChatEnabled = true;
+
+
+  //验证码是否开启
+  captchaEnabled = false;
+  //验证码类型
+  captchaType?: string;
+  captchaAddonId?:number;
+
+
+
+  //流水线是否启用有效期
+  pipelineValidTimeEnabled?: boolean = false;
+
+  //证书域名添加到监控
+  certDomainAddToMonitorEnabled?: boolean = false;
+
+  // 固定证书有效期天数，0表示不固定
+  fixedCertExpireDays?: number;
+
 }
 
 export class SysPrivateSettings extends BaseSettings {
@@ -44,6 +63,8 @@ export class SysPrivateSettings extends BaseSettings {
   dnsResultOrder? = '';
   commonCnameEnabled?: boolean = true;
 
+  httpRequestTimeout?: number = 30;
+
   sms?: {
     type?: string;
     config?: any;

packages/libs/lib-server/src/user/addon/api/api.ts

@@ -0,0 +1,142 @@
+import { HttpClient, ILogger, utils } from "@certd/basic";
+import {upperFirst} from "lodash-es";
+import {
+  accessRegistry,
+  FormItemProps,
+  IAccessService,
+  IServiceGetter,
+  PluginRequestHandleReq,
+  Registrable
+} from "@certd/pipeline";
+
+
+export type AddonRequestHandleReqInput<T = any> = {
+  id?: number;
+  title?: string;
+  addon: T;
+};
+
+export type AddonRequestHandleReq<T = any> = {
+  addonType: string;
+} &PluginRequestHandleReq<AddonRequestHandleReqInput<T>>;
+
+export type AddonInputDefine = FormItemProps & {
+  title: string;
+  required?: boolean;
+};
+export type AddonDefine = Registrable & {
+  addonType: string;
+  needPlus?: boolean;
+  input?: {
+    [key: string]: AddonInputDefine;
+  };
+  showTest?: boolean;
+};
+
+export type AddonInstanceConfig = {
+  id: number;
+  addonType: string;
+  type: string;
+  name: string;
+  userId: number;
+  setting: {
+    [key: string]: any;
+  };
+};
+
+
+
+export interface IAddon {
+  ctx: AddonContext;
+  [key: string]: any;
+}
+
+export type AddonContext = {
+  http: HttpClient;
+  logger: ILogger;
+  utils: typeof utils;
+  serviceGetter: IServiceGetter;
+};
+
+export abstract class BaseAddon implements IAddon {
+  define!: AddonDefine;
+  ctx!: AddonContext;
+  http!: HttpClient;
+  logger!: ILogger;
+
+
+
+
+  // eslint-disable-next-line @typescript-eslint/no-empty-function
+  async onInstance() {}
+
+
+  async getAccess<T = any>(accessId: string | number, isCommon = false) {
+    if (accessId == null) {
+      throw new Error("您还没有配置授权");
+    }
+    const accessService = await this.ctx.serviceGetter.get<IAccessService>("accessService")
+    let res: any = null;
+    if (isCommon) {
+      res = await accessService.getCommonById(accessId);
+    } else {
+      res = await accessService.getById(accessId);
+    }
+    if (res == null) {
+      throw new Error("授权不存在，可能已被删除，请前往任务配置里面重新选择授权");
+    }
+    // @ts-ignore
+    if (this.logger?.addSecret) {
+      // 隐藏加密信息，不在日志中输出
+      const type = res._type;
+      const plugin = accessRegistry.get(type);
+      const define = plugin.define;
+      // @ts-ignore
+      const input = define.input;
+      for (const key in input) {
+        if (input[key].encrypt && res[key] != null) {
+          // @ts-ignore
+          this.logger.addSecret(res[key]);
+        }
+      }
+    }
+
+    return res as T;
+  }
+
+
+  setCtx(ctx: AddonContext) {
+    this.ctx = ctx;
+    this.http = ctx.http;
+    this.logger = ctx.logger;
+  }
+  setDefine = (define:AddonDefine) => {
+    this.define = define;
+  };
+
+  async onRequest(req:AddonRequestHandleReq) {
+    if (!req.action) {
+      throw new Error("action is required");
+    }
+
+    let methodName = req.action;
+    if (!req.action.startsWith("on")) {
+      methodName = `on${upperFirst(req.action)}`;
+    }
+
+    // @ts-ignore
+    const method = this[methodName];
+    if (method) {
+      // @ts-ignore
+      return await this[methodName](req.data);
+    }
+    throw new Error(`action ${req.action} not found`);
+  }
+
+}
+
+
+export interface IAddonGetter {
+  getById<T = any>(id: any): Promise<T>;
+  getCommonById<T = any>(id: any): Promise<T>;
+}

packages/libs/lib-server/src/user/addon/api/decorator.ts

@@ -0,0 +1,65 @@
+// src/decorator/memoryCache.decorator.ts
+import * as _ from "lodash-es";
+import { merge } from "lodash-es";
+import { addonRegistry } from "./registry.js";
+import { AddonContext, AddonDefine, AddonInputDefine } from "./api.js";
+import { Decorator } from "@certd/pipeline";
+
+// 提供一个唯一 key
+export const ADDON_CLASS_KEY = "pipeline:addon";
+export const ADDON_INPUT_KEY = "pipeline:addon:input";
+
+export function IsAddon(define: AddonDefine): ClassDecorator {
+  return (target: any) => {
+    target = Decorator.target(target);
+
+    const inputs: any = {};
+    const properties = Decorator.getClassProperties(target);
+    for (const property in properties) {
+      const input = Reflect.getMetadata(ADDON_INPUT_KEY, target, property);
+      if (input) {
+        inputs[property] = input;
+      }
+    }
+    _.merge(define, { input: inputs });
+    Reflect.defineMetadata(ADDON_CLASS_KEY, define, target);
+    target.define = define;
+    const key = `${define.addonType}:${define.name}`;
+    addonRegistry.register(key, {
+      define,
+      target: async () => {
+        return target;
+      },
+    });
+  };
+}
+
+export function AddonInput(input?: AddonInputDefine): PropertyDecorator {
+  return (target, propertyKey) => {
+    target = Decorator.target(target, propertyKey);
+    // const _type = Reflect.getMetadata("design:type", target, propertyKey);
+    Reflect.defineMetadata(ADDON_INPUT_KEY, input, target, propertyKey);
+  };
+}
+
+export async function newAddon(addonType:string,type: string, input: any, ctx: AddonContext) {
+ const key = `${addonType}:${type}`
+  const register = addonRegistry.get(key);
+  if (register == null) {
+    throw new Error(`${addonType} ${type} not found`);
+  }
+  // @ts-ignore
+  const pluginCls = await register.target();
+  // @ts-ignore
+  const plugin = new pluginCls();
+  merge(plugin, input);
+  if (!ctx) {
+    throw new Error("ctx is required");
+  }
+  plugin.setDefine(register.define);
+  plugin.setCtx(ctx);
+  await plugin.onInstance();
+  return plugin;
+}
+
+

packages/libs/lib-server/src/user/addon/api/index.ts

@@ -0,0 +1,3 @@
+export * from "./api.js";
+export * from "./registry.js";
+export * from "./decorator.js";

packages/libs/lib-server/src/user/addon/api/registry.ts

@@ -0,0 +1,3 @@
+import { createRegistry } from "@certd/pipeline";
+
+export const addonRegistry = createRegistry("addon");

packages/libs/lib-server/src/user/addon/entity/addon.ts

@@ -0,0 +1,44 @@
+import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
+
+/**
+ */
+@Entity('cd_addon')
+export class AddonEntity {
+  @PrimaryGeneratedColumn()
+  id: number;
+  @Column({ name: 'user_id', comment: '用户id' })
+  userId: number;
+  @Column({ comment: '名称', length: 100 })
+  name: string;
+
+
+  @Column({ name: 'addon_type', comment: 'addon类型', length: 100 })
+  addonType: string;
+
+
+  @Column({ comment: '类型', length: 100 })
+  type: string;
+
+  @Column({ name: 'setting', comment: '设置', length: 10240, nullable: true })
+  setting: string;
+
+  @Column({ name: 'is_system', comment: '是否系统级别',  nullable: false, default: false })
+  isSystem: boolean;
+
+  @Column({ name: 'is_default', comment: '是否默认',  nullable: false, default: false })
+  isDefault: boolean;
+
+
+  @Column({
+    name: 'create_time',
+    comment: '创建时间',
+    default: () => 'CURRENT_TIMESTAMP',
+  })
+  createTime: Date;
+  @Column({
+    name: 'update_time',
+    comment: '修改时间',
+    default: () => 'CURRENT_TIMESTAMP',
+  })
+  updateTime: Date;
+}

packages/libs/lib-server/src/user/addon/index.ts

@@ -0,0 +1,3 @@
+export * from './api/index.js'
+export * from './entity/addon.js'
+export * from './service/addon-service.js'

packages/libs/lib-server/src/user/addon/service/addon-service.ts

@@ -0,0 +1,190 @@
+import { Provide, Scope, ScopeEnum } from "@midwayjs/core";
+import { InjectEntityModel } from "@midwayjs/typeorm";
+import { In, Repository } from "typeorm";
+import { AddonDefine, BaseService, PageReq, ValidateException } from "../../../index.js";
+import { addonRegistry } from "../api/index.js";
+import { AddonEntity } from "../entity/addon.js";
+
+/**
+ * Addon
+ */
+@Provide()
+@Scope(ScopeEnum.Request, { allowDowngrade: true })
+export class AddonService extends BaseService<AddonEntity> {
+  @InjectEntityModel(AddonEntity)
+  repository: Repository<AddonEntity>;
+
+  //@ts-ignore
+  getRepository() {
+    return this.repository;
+  }
+
+  async page(pageReq: PageReq<AddonEntity>) {
+    const res = await super.page(pageReq);
+    res.records = res.records.map(item => {
+      return item;
+    });
+    return res;
+  }
+
+  async add(param) {
+    let oldEntity = null;
+    if (param._copyFrom) {
+      oldEntity = await this.info(param._copyFrom);
+      if (oldEntity == null) {
+        throw new ValidateException("该Addon配置不存在,请确认是否已被删除");
+      }
+      if (oldEntity.userId !== param.userId) {
+        throw new ValidateException("您无权查看该Addon配置");
+      }
+    }
+    if (!param.userId) {
+      param.isSystem = true;
+    } else {
+      param.isSystem = false;
+    }
+    delete param._copyFrom;
+    return await super.add(param);
+  }
+
+
+  /**
+   * 修改
+   * @param param 数据
+   */
+  async update(param) {
+    const oldEntity = await this.info(param.id);
+    if (oldEntity == null) {
+      throw new ValidateException("该Addon配置不存在,请确认是否已被删除");
+    }
+    return await super.update(param);
+  }
+
+  async getSimpleInfo(id: number) {
+    const entity = await this.info(id);
+    if (entity == null) {
+      throw new ValidateException("该Addon配置不存在,请确认是否已被删除");
+    }
+    return {
+      id: entity.id,
+      name: entity.name,
+      userId: entity.userId,
+      addonType: entity.addonType,
+      type: entity.type
+    };
+  }
+
+
+  getDefineList(addonType: string) {
+    return addonRegistry.getDefineList();
+  }
+
+  getDefineByType(type: string, prefix?: string) {
+    return addonRegistry.getDefine(type, prefix) as AddonDefine;
+  }
+
+
+  async getSimpleByIds(ids: number[], userId: any) {
+    if (ids.length === 0) {
+      return [];
+    }
+    if (!userId) {
+      return [];
+    }
+    return await this.repository.find({
+      where: {
+        id: In(ids),
+        userId
+      },
+      select: {
+        id: true,
+        name: true,
+        addonType: true,
+        type: true,
+        userId: true,
+        isSystem: true
+      }
+    });
+
+  }
+
+
+  async getDefault(userId: number, addonType: string): Promise<any> {
+    const res = await this.repository.findOne({
+      where: {
+        userId,
+        addonType
+      },
+      order: {
+        isDefault: "DESC"
+      }
+    });
+    if (!res) {
+      return null;
+    }
+    return this.buildAddonInstanceConfig(res);
+  }
+
+  private buildAddonInstanceConfig(res: AddonEntity) {
+    const setting = JSON.parse(res.setting);
+    return {
+      id: res.id,
+      addonType: res.addonType,
+      type: res.type,
+      name: res.name,
+      userId: res.userId,
+      setting
+    };
+  }
+
+  async setDefault(id: number, userId: number, addonType: string) {
+    if (!id) {
+      throw new ValidateException("id不能为空");
+    }
+    if (!userId) {
+      throw new ValidateException("userId不能为空");
+    }
+    await this.repository.update(
+      {
+        userId,
+        addonType
+      },
+      {
+        isDefault: false
+      }
+    );
+    await this.repository.update(
+      {
+        id,
+        userId,
+        addonType
+      },
+      {
+        isDefault: true
+      }
+    );
+  }
+
+  async getOrCreateDefault(opts: { addonType: string, type: string, inputs: any, userId: any }) {
+    const { addonType, type, inputs, userId } = opts;
+
+    const addonDefine = this.getDefineByType(type, addonType);
+
+    const defaultConfig = await this.getDefault(userId, addonType);
+    if (defaultConfig) {
+      return defaultConfig;
+    }
+    const setting = {
+      ...inputs
+    };
+    const res = await this.repository.save({
+      userId,
+      addonType,
+      type: type,
+      name: addonDefine.title,
+      setting: JSON.stringify(setting),
+      isDefault: true
+    });
+    return this.buildAddonInstanceConfig(res);
+  }
+}

packages/libs/lib-server/src/user/index.ts

@@ -1 +1,2 @@
 export * from './access/index.js';
+export * from './addon/index.js';

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,62 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.4](https://github.com/certd/certd/compare/v1.37.3...v1.37.4) (2025-10-28)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.3](https://github.com/certd/certd/compare/v1.37.2...v1.37.3) (2025-10-24)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.2](https://github.com/certd/certd/compare/v1.37.1...v1.37.2) (2025-10-14)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.1](https://github.com/certd/certd/compare/v1.37.0...v1.37.1) (2025-09-29)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+# [1.37.0](https://github.com/certd/certd/compare/v1.36.25...v1.37.0) (2025-09-28)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.25](https://github.com/certd/certd/compare/v1.36.24...v1.36.25) (2025-09-27)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.24](https://github.com/certd/certd/compare/v1.36.23...v1.36.24) (2025-09-27)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.23](https://github.com/certd/certd/compare/v1.36.22...v1.36.23) (2025-09-26)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.22](https://github.com/certd/certd/compare/v1.36.21...v1.36.22) (2025-09-23)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.21](https://github.com/certd/certd/compare/v1.36.20...v1.36.21) (2025-09-15)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
 
 **Note:** Version bump only for package @certd/midway-flyway-js