mirror of
https://github.com/woodchen-ink/certimate.git
synced 2025-07-18 09:21:56 +08:00
feat: support Profiles Extension
This commit is contained in:
parent
17be487958
commit
12ef573579
@ -64,6 +64,7 @@ func NewWithWorkflowNode(config ApplicantWithWorkflowNodeConfig) (Applicant, err
|
|||||||
CAProviderAccessConfig: make(map[string]any),
|
CAProviderAccessConfig: make(map[string]any),
|
||||||
CAProviderServiceConfig: nodeCfg.CAProviderConfig,
|
CAProviderServiceConfig: nodeCfg.CAProviderConfig,
|
||||||
KeyAlgorithm: nodeCfg.KeyAlgorithm,
|
KeyAlgorithm: nodeCfg.KeyAlgorithm,
|
||||||
|
ACMEProfile: nodeCfg.ACMEProfile,
|
||||||
Nameservers: xslices.Filter(strings.Split(nodeCfg.Nameservers, ";"), func(s string) bool { return s != "" }),
|
Nameservers: xslices.Filter(strings.Split(nodeCfg.Nameservers, ";"), func(s string) bool { return s != "" }),
|
||||||
DnsPropagationWait: nodeCfg.DnsPropagationWait,
|
DnsPropagationWait: nodeCfg.DnsPropagationWait,
|
||||||
DnsPropagationTimeout: nodeCfg.DnsPropagationTimeout,
|
DnsPropagationTimeout: nodeCfg.DnsPropagationTimeout,
|
||||||
@ -235,6 +236,7 @@ func applyUseLego(legoProvider challenge.Provider, options *applicantProviderOpt
|
|||||||
certRequest := certificate.ObtainRequest{
|
certRequest := certificate.ObtainRequest{
|
||||||
Domains: options.Domains,
|
Domains: options.Domains,
|
||||||
Bundle: true,
|
Bundle: true,
|
||||||
|
Profile: options.ACMEProfile,
|
||||||
}
|
}
|
||||||
if options.ARIReplaceAcct == user.Registration.URI {
|
if options.ARIReplaceAcct == user.Registration.URI {
|
||||||
certRequest.ReplacesCertID = options.ARIReplaceCert
|
certRequest.ReplacesCertID = options.ARIReplaceCert
|
||||||
|
@ -63,6 +63,7 @@ type applicantProviderOptions struct {
|
|||||||
DnsPropagationWait int32
|
DnsPropagationWait int32
|
||||||
DnsPropagationTimeout int32
|
DnsPropagationTimeout int32
|
||||||
DnsTTL int32
|
DnsTTL int32
|
||||||
|
ACMEProfile string
|
||||||
DisableFollowCNAME bool
|
DisableFollowCNAME bool
|
||||||
ARIReplaceAcct string
|
ARIReplaceAcct string
|
||||||
ARIReplaceCert string
|
ARIReplaceCert string
|
||||||
|
@ -75,6 +75,7 @@ type WorkflowNodeConfigForApply struct {
|
|||||||
CAProviderAccessId string `json:"caProviderAccessId,omitempty"` // CA 提供商授权记录 ID
|
CAProviderAccessId string `json:"caProviderAccessId,omitempty"` // CA 提供商授权记录 ID
|
||||||
CAProviderConfig map[string]any `json:"caProviderConfig,omitempty"` // CA 提供商额外配置
|
CAProviderConfig map[string]any `json:"caProviderConfig,omitempty"` // CA 提供商额外配置
|
||||||
KeyAlgorithm string `json:"keyAlgorithm"` // 证书算法
|
KeyAlgorithm string `json:"keyAlgorithm"` // 证书算法
|
||||||
|
ACMEProfile string `json:"acmeProfile,omitempty"` // ACME Profiles Extension
|
||||||
Nameservers string `json:"nameservers,omitempty"` // DNS 服务器列表,以半角分号分隔
|
Nameservers string `json:"nameservers,omitempty"` // DNS 服务器列表,以半角分号分隔
|
||||||
DnsPropagationWait int32 `json:"dnsPropagationWait,omitempty"` // DNS 传播等待时间,等同于 lego 的 `--dns-propagation-wait` 参数
|
DnsPropagationWait int32 `json:"dnsPropagationWait,omitempty"` // DNS 传播等待时间,等同于 lego 的 `--dns-propagation-wait` 参数
|
||||||
DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"` // DNS 传播检查超时时间(零值时使用提供商的默认值)
|
DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"` // DNS 传播检查超时时间(零值时使用提供商的默认值)
|
||||||
@ -130,6 +131,7 @@ func (n *WorkflowNode) GetConfigForApply() WorkflowNodeConfigForApply {
|
|||||||
CAProviderAccessId: xmaps.GetString(n.Config, "caProviderAccessId"),
|
CAProviderAccessId: xmaps.GetString(n.Config, "caProviderAccessId"),
|
||||||
CAProviderConfig: xmaps.GetKVMapAny(n.Config, "caProviderConfig"),
|
CAProviderConfig: xmaps.GetKVMapAny(n.Config, "caProviderConfig"),
|
||||||
KeyAlgorithm: xmaps.GetOrDefaultString(n.Config, "keyAlgorithm", string(CertificateKeyAlgorithmTypeRSA2048)),
|
KeyAlgorithm: xmaps.GetOrDefaultString(n.Config, "keyAlgorithm", string(CertificateKeyAlgorithmTypeRSA2048)),
|
||||||
|
ACMEProfile: xmaps.GetString(n.Config, "acmeProfile"),
|
||||||
Nameservers: xmaps.GetString(n.Config, "nameservers"),
|
Nameservers: xmaps.GetString(n.Config, "nameservers"),
|
||||||
DnsPropagationWait: xmaps.GetInt32(n.Config, "dnsPropagationWait"),
|
DnsPropagationWait: xmaps.GetInt32(n.Config, "dnsPropagationWait"),
|
||||||
DnsPropagationTimeout: xmaps.GetInt32(n.Config, "dnsPropagationTimeout"),
|
DnsPropagationTimeout: xmaps.GetInt32(n.Config, "dnsPropagationTimeout"),
|
||||||
|
@ -113,6 +113,7 @@ const ApplyNodeConfigForm = forwardRef<ApplyNodeConfigFormInstance, ApplyNodeCon
|
|||||||
(v) => (v == null || v === "" ? undefined : Number(v)),
|
(v) => (v == null || v === "" ? undefined : Number(v)),
|
||||||
z.number().int(t("workflow_node.apply.form.dns_ttl.placeholder")).gte(1, t("workflow_node.apply.form.dns_ttl.placeholder")).nullish()
|
z.number().int(t("workflow_node.apply.form.dns_ttl.placeholder")).gte(1, t("workflow_node.apply.form.dns_ttl.placeholder")).nullish()
|
||||||
),
|
),
|
||||||
|
acmeProfile: z.string().nullish(),
|
||||||
disableFollowCNAME: z.boolean().nullish(),
|
disableFollowCNAME: z.boolean().nullish(),
|
||||||
disableARI: z.boolean().nullish(),
|
disableARI: z.boolean().nullish(),
|
||||||
skipBeforeExpiryDays: z.preprocess(
|
skipBeforeExpiryDays: z.preprocess(
|
||||||
@ -454,6 +455,20 @@ const ApplyNodeConfigForm = forwardRef<ApplyNodeConfigFormInstance, ApplyNodeCon
|
|||||||
placeholder={t("workflow_node.apply.form.key_algorithm.placeholder")}
|
placeholder={t("workflow_node.apply.form.key_algorithm.placeholder")}
|
||||||
/>
|
/>
|
||||||
</Form.Item>
|
</Form.Item>
|
||||||
|
|
||||||
|
<Form.Item
|
||||||
|
name="acmeProfile"
|
||||||
|
label={t("workflow_node.apply.form.acme_profile.label")}
|
||||||
|
rules={[formRule]}
|
||||||
|
tooltip={<span dangerouslySetInnerHTML={{ __html: t("workflow_node.apply.form.acme_profile.tooltip") }}></span>}
|
||||||
|
>
|
||||||
|
<AutoComplete
|
||||||
|
allowClear
|
||||||
|
options={["classic", "tlsserver", "shortlived"].map((value) => ({ value }))}
|
||||||
|
placeholder={t("workflow_node.apply.form.acme_profile.placeholder")}
|
||||||
|
filterOption={(inputValue, option) => option!.value.toLowerCase().includes(inputValue.toLowerCase())}
|
||||||
|
/>
|
||||||
|
</Form.Item>
|
||||||
</Form>
|
</Form>
|
||||||
|
|
||||||
<Divider size="small">
|
<Divider size="small">
|
||||||
|
@ -151,6 +151,7 @@ export type WorkflowNodeConfigForApply = {
|
|||||||
caProviderAccessId?: string;
|
caProviderAccessId?: string;
|
||||||
caProviderConfig?: Record<string, unknown>;
|
caProviderConfig?: Record<string, unknown>;
|
||||||
keyAlgorithm: string;
|
keyAlgorithm: string;
|
||||||
|
acmeProfile?: string;
|
||||||
nameservers?: string;
|
nameservers?: string;
|
||||||
dnsPropagationTimeout?: number;
|
dnsPropagationTimeout?: number;
|
||||||
dnsTTL?: number;
|
dnsTTL?: number;
|
||||||
|
@ -71,6 +71,9 @@
|
|||||||
"workflow_node.apply.form.ca_provider_access.button": "Create",
|
"workflow_node.apply.form.ca_provider_access.button": "Create",
|
||||||
"workflow_node.apply.form.key_algorithm.label": "Certificate key algorithm",
|
"workflow_node.apply.form.key_algorithm.label": "Certificate key algorithm",
|
||||||
"workflow_node.apply.form.key_algorithm.placeholder": "Please select certificate key algorithm",
|
"workflow_node.apply.form.key_algorithm.placeholder": "Please select certificate key algorithm",
|
||||||
|
"workflow_node.apply.form.acme_profile.label": "ACME certificate profile (Optional)",
|
||||||
|
"workflow_node.apply.form.acme_profile.placeholder": "Please enter ACME certificate profile",
|
||||||
|
"workflow_node.apply.form.acme_profile.tooltip": "It determines the ACME profile which will be used to affect issuance of the certificate requested. If you don't understand this option, just keep it by default.<a href=\"https://letsencrypt.org/docs/profiles/\" target=\"_blank\">Learn more</a>.",
|
||||||
"workflow_node.apply.form.advanced_config.label": "Advanced settings",
|
"workflow_node.apply.form.advanced_config.label": "Advanced settings",
|
||||||
"workflow_node.apply.form.nameservers.label": "DNS recursive nameservers (Optional)",
|
"workflow_node.apply.form.nameservers.label": "DNS recursive nameservers (Optional)",
|
||||||
"workflow_node.apply.form.nameservers.placeholder": "Please enter DNS recursive nameservers (separated by semicolons)",
|
"workflow_node.apply.form.nameservers.placeholder": "Please enter DNS recursive nameservers (separated by semicolons)",
|
||||||
|
@ -70,6 +70,9 @@
|
|||||||
"workflow_node.apply.form.ca_provider_access.button": "新建",
|
"workflow_node.apply.form.ca_provider_access.button": "新建",
|
||||||
"workflow_node.apply.form.key_algorithm.label": "证书算法",
|
"workflow_node.apply.form.key_algorithm.label": "证书算法",
|
||||||
"workflow_node.apply.form.key_algorithm.placeholder": "请选择证书算法",
|
"workflow_node.apply.form.key_algorithm.placeholder": "请选择证书算法",
|
||||||
|
"workflow_node.apply.form.acme_profile.label": "ACME 证书配置(可选)",
|
||||||
|
"workflow_node.apply.form.acme_profile.placeholder": "请输入 ACME 证书配置",
|
||||||
|
"workflow_node.apply.form.acme_profile.tooltip": "表示证书颁发时使用的 ACME 证书配置。如果你不了解该选项的用途,保持默认即可。<a href=\"https://letsencrypt.org/zh-cn/docs/profiles/\" target=\"_blank\">点此了解更多</a>。",
|
||||||
"workflow_node.apply.form.advanced_config.label": "高级设置",
|
"workflow_node.apply.form.advanced_config.label": "高级设置",
|
||||||
"workflow_node.apply.form.nameservers.label": "DNS 递归服务器(可选)",
|
"workflow_node.apply.form.nameservers.label": "DNS 递归服务器(可选)",
|
||||||
"workflow_node.apply.form.nameservers.placeholder": "请输入 DNS 递归服务器(多个值请用半角分号隔开)",
|
"workflow_node.apply.form.nameservers.placeholder": "请输入 DNS 递归服务器(多个值请用半角分号隔开)",
|
||||||
|
Loading…
x
Reference in New Issue
Block a user