showRunStrategy: false default: strategy: runStrategy: 0 input: renewDays: 20 forceUpdate: false name: CertApplyLego icon: ph:certificate title: 证书申请(Lego) group: cert desc: 支持海量DNS解析提供商,推荐使用,一样的免费通配符域名证书申请,支持多个域名打到同一个证书上 input: domains: title: 证书域名 component: name: domain-selector vModel: value mode: tags placeholder: >- 请输入证书域名/IP,比如:foo.com , *.foo.com , *.sub.foo.com , *.bar.com , 123.123.123.123 tokenSeparators: - ',' - ' ' - , - 、 - '|' search: true pager: true rules: - type: domains required: true col: span: 24 order: -999 helper: |- 1、支持多个域名打到一个证书上,例如: foo.com,*.foo.com,*.bar.com 2、子域名被通配符包含的不要填写,例如:www.foo.com已经被*.foo.com包含,不要填写www.foo.com 3、泛域名只能通配*号那一级(*.foo.com的证书不能用于foo.com且不能用于xxx.yyy.foo.com) 4、输入一个,空格之后,再输入下一个 5、如果设置了子域托管解析(比如免费的二级域名托管在CF或者阿里云),请先[设置托管子域名](#/certd/pipeline/subDomain) email: title: 邮箱 component: name: email-selector vModel: value rules: - type: email message: 请输入正确的邮箱 required: true order: -1 helper: 请输入邮箱 dnsType: title: DNS类型 component: name: a-input vModel: value placeholder: alidns helper: 你的域名是通过哪家提供商进行解析的,具体应该配置什么请参考lego文档:https://go-acme.github.io/lego/dns/ required: true order: 0 environment: title: 环境变量 component: name: a-textarea vModel: value rows: 4 placeholder: |- ALICLOUD_ACCESS_KEY=abcdefghijklmnopqrstuvwx ALICLOUD_SECRET_KEY=your-secret-key required: true helper: 一行一条,例如 appKeyId=xxxxx,具体配置请参考lego文档:https://go-acme.github.io/lego/dns/ order: 0 legoEabAccessId: title: EAB授权 component: name: access-selector type: eab helper: 如果需要提供EAB授权 order: 0 customArgs: title: 自定义LEGO全局参数 component: name: a-input vModel: value placeholder: '--dns-timeout 30' helper: 额外的lego全局命令行参数,参考文档:https://go-acme.github.io/lego/usage/cli/options/ maybeNeed: true order: 0 customCommandOptions: title: 自定义LEGO签名参数 component: name: a-input vModel: value placeholder: '--no-bundle' helper: 额外的lego签名命令行参数,参考文档:https://go-acme.github.io/lego/usage/cli/options/ maybeNeed: true order: 0 privateKeyType: title: 加密算法 value: ec256 component: name: a-select vModel: value options: - value: rsa2048 label: RSA 2048 - value: rsa3072 label: RSA 3072 - value: rsa4096 label: RSA 4096 - value: rsa8192 label: RSA 8192 - value: ec256 label: EC 256 - value: ec384 label: EC 384 helper: 如无特殊需求,默认即可 required: true order: 0 pfxPassword: title: 证书加密密码 component: name: input-password vModel: value required: false order: 100 helper: |- 转换成PFX、jks格式证书是否需要加密 不传则pfx格式默认空密码,jks格式默认123456 pfxArgs: title: PFX证书转换参数 value: '-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES' component: name: a-auto-complete vModel: value options: - value: '' label: 兼容 Windows Server 最新 - value: '-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES' label: 兼容 Windows Server 2016 - value: '-nomac -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES' label: 兼容 Windows Server 2008 required: false order: 100 maybeNeed: true helper: 兼容Windows Server各个版本 renewDays: title: 更新天数 value: 20 component: name: a-input-number vModel: value required: true order: 100 helper: 到期前多少天后更新证书,注意:流水线默认不会自动运行,请设置定时器,每天定时运行本流水线 successNotify: title: 证书申请成功通知 value: false component: name: a-switch vModel: checked order: 100 maybeNeed: true helper: 证书申请成功后是否发送通知,优先使用默认通知渠道 output: cert: title: 域名证书 type: cert certZip: title: 域名证书压缩文件 type: certZip pluginType: deploy type: builtIn scriptFilePath: /plugins/plugin-cert/plugin/cert-plugin/lego/index.js