wood/certimate
1
0
Fork 0
mirror of https://github.com/woodchen-ink/certimate.git synced 2025-07-18 17:31:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/fudiwei/certimate

Browse Source
This commit is contained in:
Fu Diwei 2025-04-22 10:27:08 +08:00
commit e0fad9d9a9
53 changed files with 1791 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
go.mod
View File

@ -73,6 +73,8 @@ require (
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resourcegraph/armresourcegraph v0.9.0 // indirect
github.com/AzureAD/microsoft-authentication-library-for-go v1.3.3 // indirect
github.com/alibabacloud-go/alibabacloud-gateway-fc-util v0.0.7 // indirect
github.com/alibabacloud-go/apig-20240327/v3 v3.2.2 // indirect
github.com/alibabacloud-go/cloudapi-20160714/v5 v5.7.2 // indirect
github.com/alibabacloud-go/openplatform-20191219/v2 v2.0.1 // indirect
github.com/alibabacloud-go/tea-fileform v1.1.1 // indirect
github.com/alibabacloud-go/tea-oss-sdk v1.1.3 // indirect
@ -108,6 +110,7 @@ require (
github.com/mailru/easyjson v0.9.0 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04 // indirect
github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3 // indirect
github.com/nrdcg/desec v0.10.0 // indirect
github.com/nrdcg/mailinabox v0.2.0 // indirect
github.com/nrdcg/porkbun v0.4.0 // indirect

6
go.sum
View File

@ -95,10 +95,14 @@ github.com/alibabacloud-go/alibabacloud-gateway-pop v0.0.6/go.mod h1:4EUIoxs/do2
github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.4/go.mod h1:sCavSAvdzOjul4cEqeVtvlSaSScfNsTQ+46HwlTL1hc=
github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.5 h1:zE8vH9C7JiZLNJJQ5OwjU9mSi4T9ef9u3BURT6LCLC8=
github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.5/go.mod h1:tWnyE9AjF8J8qqLk645oUmVUnFybApTQWklQmi5tY6g=
github.com/alibabacloud-go/apig-20240327/v3 v3.2.2 h1:yH84ePgqtA2tF3ly7Tf3AA5ogl2SC8kqCNG4+zz4yo4=
github.com/alibabacloud-go/apig-20240327/v3 v3.2.2/go.mod h1:XLaCapbSH7olJTs42wisDO9JvX9BGy5acZk0bLNejDs=
github.com/alibabacloud-go/cas-20200407/v3 v3.0.4 h1:ngRlctbt135zoujwX0lXSv9m4h1/bmg/yalQS0z1EWc=
github.com/alibabacloud-go/cas-20200407/v3 v3.0.4/go.mod h1:6n9MZ9SH3HlSzfe2oKwjOqhJx3dxvW2gMDO+lq8t9U4=
github.com/alibabacloud-go/cdn-20180510/v5 v5.2.2 h1:+KJOPukTM+xMyiLOW5qBwYKG2df3Ar7coRsqc1juKO8=
github.com/alibabacloud-go/cdn-20180510/v5 v5.2.2/go.mod h1:GnPiPL3HlzCi8SGiLiVgKrAFkP1vTtcF4yGtjsl4wfo=
github.com/alibabacloud-go/cloudapi-20160714/v5 v5.7.2 h1:Ug50clztqiQAy5t0R9Vejibz2Xgxm1Tpw2Y6A9eAwRE=
github.com/alibabacloud-go/cloudapi-20160714/v5 v5.7.2/go.mod h1:l9Zd2FanDUO2UqHJSPnOv+cY9DVT+YXcr97zfpSHywo=
github.com/alibabacloud-go/darabonba-array v0.1.0 h1:vR8s7b1fWAQIjEjWnuF0JiKsCvclSRTfDzZHTYqfufY=
github.com/alibabacloud-go/darabonba-array v0.1.0/go.mod h1:BLKxr0brnggqOJPqT09DFJ8g3fsDshapUD3C3aOEFaI=
github.com/alibabacloud-go/darabonba-encode-util v0.0.2 h1:1uJGrbsGEVqWcWxrS9MyC2NG0Ax+GpOM5gtupki31XE=
@ -651,6 +655,8 @@ github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJm
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
github.com/nikoksr/notify v1.3.0 h1:UxzfxzAYGQD9a5JYLBTVx0lFMxeHCke3rPCkfWdPgLs=
github.com/nikoksr/notify v1.3.0/go.mod h1:Xor2hMmkvrCfkCKvXGbcrESez4brac2zQjhd6U2BbeM=
github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3 h1:ouZ2JWDl8IW5k1qugYbmpbmW8hn85Ig6buSMBRlz3KI=
github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3/go.mod h1:ZwadWt7mVhMHMbAQ1w8IhDqtWO3eWqWq72W7trnaiE8=
github.com/nrdcg/desec v0.10.0 h1:qrEDiqnsvNU9QE7lXIXi/tIHAfyaFXKxF2/8/52O8uM=
github.com/nrdcg/desec v0.10.0/go.mod h1:5+4vyhMRTs49V9CNoODF/HwT8Mwxv9DJ6j+7NekUnBs=
github.com/nrdcg/mailinabox v0.2.0 h1:IKq8mfKiVwNW2hQii/ng1dJ4yYMMv3HAP3fMFIq2CFk=

16
internal/applicant/providers.go
View File

@ -11,6 +11,7 @@ import (
pAWSRoute53 "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/aws-route53"
pAzureDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/azure-dns"
pBaiduCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/baiducloud"
pBunny "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/bunny"
pCloudflare "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudflare"
pClouDNS "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cloudns"
pCMCCCloud "github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/cmcccloud"
@ -128,6 +129,21 @@ func createApplicant(options *applicantOptions) (challenge.Provider, error) {
return applicant, err
}
case domain.ApplyDNSProviderTypeBunny:
{
access := domain.AccessConfigForBunny{}
if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err)
}
applicant, err := pBunny.NewChallengeProvider(&pBunny.ChallengeProviderConfig{
ApiKey: access.ApiKey,
DnsPropagationTimeout: options.DnsPropagationTimeout,
DnsTTL: options.DnsTTL,
})
return applicant, err
}
case domain.ApplyDNSProviderTypeCloudflare:
{
access := domain.AccessConfigForCloudflare{}

37
internal/deployer/providers.go
View File

@ -9,6 +9,7 @@ import (
p1PanelConsole "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/1panel-console"
p1PanelSite "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/1panel-site"
pAliyunALB "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-alb"
pAliyunAPIGW "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-apigw"
pAliyunCAS "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-cas"
pAliyunCASDeploy "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-cas-deploy"
pAliyunCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-cdn"
@ -31,6 +32,7 @@ import (
pBaishanCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baishan-cdn"
pBaotaPanelConsole "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotapanel-console"
pBaotaPanelSite "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/baotapanel-site"
pBunnyCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/bunny-cdn"
pBytePlusCDN "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/byteplus-cdn"
pCacheFly "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/cachefly"
pCdnfly "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/cdnfly"
@ -108,7 +110,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
ApiUrl: access.ApiUrl,
ApiKey: access.ApiKey,
AllowInsecureConnections: access.AllowInsecureConnections,
ResourceType: p1PanelSite.ResourceType(maputil.GetOrDefaultString(options.ProviderDeployConfig, "resourceType", string(p1PanelSite.RESOURCE_TYPE_WEBSITE))),
WebsiteId: maputil.GetInt64(options.ProviderDeployConfig, "websiteId"),
CertificateId: maputil.GetInt64(options.ProviderDeployConfig, "certificateId"),
})
return deployer, err
@ -117,7 +121,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
}
}
case domain.DeployProviderTypeAliyunALB, domain.DeployProviderTypeAliyunCAS, domain.DeployProviderTypeAliyunCASDeploy, domain.DeployProviderTypeAliyunCDN, domain.DeployProviderTypeAliyunCLB, domain.DeployProviderTypeAliyunDCDN, domain.DeployProviderTypeAliyunESA, domain.DeployProviderTypeAliyunFC, domain.DeployProviderTypeAliyunLive, domain.DeployProviderTypeAliyunNLB, domain.DeployProviderTypeAliyunOSS, domain.DeployProviderTypeAliyunVOD, domain.DeployProviderTypeAliyunWAF:
case domain.DeployProviderTypeAliyunALB, domain.DeployProviderTypeAliyunAPIGW, domain.DeployProviderTypeAliyunCAS, domain.DeployProviderTypeAliyunCASDeploy, domain.DeployProviderTypeAliyunCDN, domain.DeployProviderTypeAliyunCLB, domain.DeployProviderTypeAliyunDCDN, domain.DeployProviderTypeAliyunESA, domain.DeployProviderTypeAliyunFC, domain.DeployProviderTypeAliyunLive, domain.DeployProviderTypeAliyunNLB, domain.DeployProviderTypeAliyunOSS, domain.DeployProviderTypeAliyunVOD, domain.DeployProviderTypeAliyunWAF:
{
access := domain.AccessConfigForAliyun{}
if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
@ -137,6 +141,18 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
})
return deployer, err
case domain.DeployProviderTypeAliyunAPIGW:
deployer, err := pAliyunAPIGW.NewDeployer(&pAliyunAPIGW.DeployerConfig{
AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret,
Region: maputil.GetString(options.ProviderDeployConfig, "region"),
ServiceType: pAliyunAPIGW.ServiceType(maputil.GetString(options.ProviderDeployConfig, "serviceType")),
GatewayId: maputil.GetString(options.ProviderDeployConfig, "gatewayId"),
GroupId: maputil.GetString(options.ProviderDeployConfig, "groupId"),
Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
})
return deployer, err
case domain.DeployProviderTypeAliyunCAS:
deployer, err := pAliyunCAS.NewDeployer(&pAliyunCAS.DeployerConfig{
AccessKeyId: access.AccessKeyId,
@ -302,6 +318,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
ClientSecret: access.ClientSecret,
CloudName: access.CloudName,
KeyVaultName: maputil.GetString(options.ProviderDeployConfig, "keyvaultName"),
CertificateName: maputil.GetString(options.ProviderDeployConfig, "certificateName"),
})
return deployer, err
@ -416,6 +433,21 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
}
}
case domain.DeployProviderTypeBunnyCDN:
{
access := domain.AccessConfigForBunny{}
if err := maputil.Populate(options.ProviderAccessConfig, &access); err != nil {
return nil, fmt.Errorf("failed to populate provider access config: %w", err)
}
deployer, err := pBunnyCDN.NewDeployer(&pBunnyCDN.DeployerConfig{
ApiKey: access.ApiKey,
PullZoneId: maputil.GetString(options.ProviderDeployConfig, "pullZoneId"),
HostName: maputil.GetString(options.ProviderDeployConfig, "hostName"),
})
return deployer, err
}
case domain.DeployProviderTypeBytePlusCDN:
{
access := domain.AccessConfigForBytePlus{}
@ -461,7 +493,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
ApiUrl: access.ApiUrl,
ApiKey: access.ApiKey,
ApiSecret: access.ApiSecret,
ResourceType: pCdnfly.ResourceType(maputil.GetString(options.ProviderDeployConfig, "resourceType")),
ResourceType: pCdnfly.ResourceType(maputil.GetOrDefaultString(options.ProviderDeployConfig, "resourceType", string(pCdnfly.RESOURCE_TYPE_SITE))),
SiteId: maputil.GetString(options.ProviderDeployConfig, "siteId"),
CertificateId: maputil.GetString(options.ProviderDeployConfig, "certificateId"),
})
@ -1016,6 +1048,7 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
deployer, err := pWangsuCDNPro.NewDeployer(&pWangsuCDNPro.DeployerConfig{
AccessKeyId: access.AccessKeyId,
AccessKeySecret: access.AccessKeySecret,
ApiKey: access.ApiKey,
Environment: maputil.GetOrDefaultString(options.ProviderDeployConfig, "environment", "production"),
Domain: maputil.GetString(options.ProviderDeployConfig, "domain"),
CertificateId: maputil.GetString(options.ProviderDeployConfig, "certificateId"),

5
internal/domain/access.go
View File

@ -64,6 +64,10 @@ type AccessConfigForBytePlus struct {
SecretKey string `json:"secretKey"`
}
type AccessConfigForBunny struct {
ApiKey string `json:"apiKey"`
}
type AccessConfigForCacheFly struct {
ApiToken string `json:"apiToken"`
}
@ -231,6 +235,7 @@ type AccessConfigForVolcEngine struct {
type AccessConfigForWangsu struct {
AccessKeyId string `json:"accessKeyId"`
AccessKeySecret string `json:"accessKeySecret"`
ApiKey string `json:"apiKey"`
}
type AccessConfigForWebhook struct {

3
internal/domain/provider.go
View File

@ -104,6 +104,7 @@ const (
ApplyDNSProviderTypeAzureDNS = ApplyDNSProviderType("azure-dns")
ApplyDNSProviderTypeBaiduCloud = ApplyDNSProviderType("baiducloud") // 兼容旧值,等同于 [ApplyDNSProviderTypeBaiduCloudDNS]
ApplyDNSProviderTypeBaiduCloudDNS = ApplyDNSProviderType("baiducloud-dns")
ApplyDNSProviderTypeBunny = ApplyDNSProviderType("bunny")
ApplyDNSProviderTypeCloudflare = ApplyDNSProviderType("cloudflare")
ApplyDNSProviderTypeClouDNS = ApplyDNSProviderType("cloudns")
ApplyDNSProviderTypeCMCCCloud = ApplyDNSProviderType("cmcccloud")
@ -146,6 +147,7 @@ const (
DeployProviderType1PanelConsole = DeployProviderType("1panel-console")
DeployProviderType1PanelSite = DeployProviderType("1panel-site")
DeployProviderTypeAliyunALB = DeployProviderType("aliyun-alb")
DeployProviderTypeAliyunAPIGW = DeployProviderType("aliyun-apigw")
DeployProviderTypeAliyunCAS = DeployProviderType("aliyun-cas")
DeployProviderTypeAliyunCASDeploy = DeployProviderType("aliyun-casdeploy")
DeployProviderTypeAliyunCDN = DeployProviderType("aliyun-cdn")
@ -168,6 +170,7 @@ const (
DeployProviderTypeBaishanCDN = DeployProviderType("baishan-cdn")
DeployProviderTypeBaotaPanelConsole = DeployProviderType("baotapanel-console")
DeployProviderTypeBaotaPanelSite = DeployProviderType("baotapanel-site")
DeployProviderTypeBunnyCDN = DeployProviderType("bunny-cdn")
DeployProviderTypeBytePlusCDN = DeployProviderType("byteplus-cdn")
DeployProviderTypeCacheFly = DeployProviderType("cachefly")
DeployProviderTypeCdnfly = DeployProviderType("cdnfly")

36
internal/pkg/core/applicant/acme-dns-01/lego-providers/bunny/bunny.go Normal file
View File

@ -0,0 +1,36 @@
package bunny
import (
"time"
"github.com/go-acme/lego/v4/challenge"
"github.com/go-acme/lego/v4/providers/dns/bunny"
)
type ChallengeProviderConfig struct {
ApiKey string `json:"apiKey"`
DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"`
DnsTTL int32 `json:"dnsTTL,omitempty"`
}
func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) {
if config == nil {
panic("config is nil")
}
providerConfig := bunny.NewDefaultConfig()
providerConfig.APIKey = config.ApiKey
if config.DnsPropagationTimeout != 0 {
providerConfig.PropagationTimeout = time.Duration(config.DnsPropagationTimeout) * time.Second
}
if config.DnsTTL != 0 {
providerConfig.TTL = int(config.DnsTTL)
}
provider, err := bunny.NewDNSProviderConfig(providerConfig)
if err != nil {
return nil, err
}
return provider, nil
}

73
internal/pkg/core/deployer/providers/1panel-site/1panel_site.go
View File

@ -4,6 +4,7 @@ import (
"context"
"crypto/tls"
"errors"
"fmt"
"log/slog"
"net/url"
"strconv"
@ -23,8 +24,14 @@ type DeployerConfig struct {
ApiKey string `json:"apiKey"`
// 是否允许不安全的连接。
AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
// 部署资源类型。
ResourceType ResourceType `json:"resourceType"`
// 网站 ID。
WebsiteId int64 `json:"websiteId"`
// 部署资源类型为 [RESOURCE_TYPE_WEBSITE] 时必填。
WebsiteId int64 `json:"websiteId,omitempty"`
// 证书 ID。
// 部署资源类型为 [RESOURCE_TYPE_CERTIFICATE] 时必填。
CertificateId int64 `json:"certificateId,omitempty"`
}
type DeployerProvider struct {
@ -73,6 +80,30 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
}
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
// 根据部署资源类型决定部署方式
switch d.config.ResourceType {
case RESOURCE_TYPE_WEBSITE:
if err := d.deployToWebsite(ctx, certPem, privkeyPem); err != nil {
return nil, err
}
case RESOURCE_TYPE_CERTIFICATE:
if err := d.deployToCertificate(ctx, certPem, privkeyPem); err != nil {
return nil, err
}
default:
return nil, fmt.Errorf("unsupported resource type: %s", d.config.ResourceType)
}
return &deployer.DeployResult{}, nil
}
func (d *DeployerProvider) deployToWebsite(ctx context.Context, certPem string, privkeyPem string) error {
if d.config.WebsiteId == 0 {
return errors.New("config `websiteId` is required")
}
// 获取网站 HTTPS 配置
getHttpsConfReq := &opsdk.GetHttpsConfRequest{
WebsiteID: d.config.WebsiteId,
@ -80,13 +111,13 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
getHttpsConfResp, err := d.sdkClient.GetHttpsConf(getHttpsConfReq)
d.logger.Debug("sdk request '1panel.GetHttpsConf'", slog.Any("request", getHttpsConfReq), slog.Any("response", getHttpsConfResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request '1panel.GetHttpsConf'")
return xerrors.Wrap(err, "failed to execute sdk request '1panel.GetHttpsConf'")
}
// 上传证书到面板
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil {
return nil, xerrors.Wrap(err, "failed to upload certificate file")
return xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
}
@ -106,10 +137,42 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
updateHttpsConfResp, err := d.sdkClient.UpdateHttpsConf(updateHttpsConfReq)
d.logger.Debug("sdk request '1panel.UpdateHttpsConf'", slog.Any("request", updateHttpsConfReq), slog.Any("response", updateHttpsConfResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request '1panel.UpdateHttpsConf'")
return xerrors.Wrap(err, "failed to execute sdk request '1panel.UpdateHttpsConf'")
}
return &deployer.DeployResult{}, nil
return nil
}
func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem string, privkeyPem string) error {
if d.config.CertificateId == 0 {
return errors.New("config `certificateId` is required")
}
// 获取证书详情
getWebsiteSSLReq := &opsdk.GetWebsiteSSLRequest{
SSLID: d.config.CertificateId,
}
getWebsiteSSLResp, err := d.sdkClient.GetWebsiteSSL(getWebsiteSSLReq)
d.logger.Debug("sdk request '1panel.GetWebsiteSSL'", slog.Any("request", getWebsiteSSLReq), slog.Any("response", getWebsiteSSLResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request '1panel.GetWebsiteSSL'")
}
// 更新证书
uploadWebsiteSSLReq := &opsdk.UploadWebsiteSSLRequest{
Type: "paste",
SSLID: d.config.CertificateId,
Description: getWebsiteSSLResp.Data.Description,
Certificate: certPem,
PrivateKey: privkeyPem,
}
uploadWebsiteSSLResp, err := d.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq)
d.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request '1panel.UploadWebsiteSSL'")
}
return nil
}
func createSdkClient(apiUrl, apiKey string, allowInsecure bool) (*opsdk.Client, error) {

17
internal/pkg/core/deployer/providers/1panel-site/1panel_site_test.go
View File

@ -20,7 +20,7 @@ var (
)
func init() {
argsPrefix := "CERTIMATE_DEPLOYER_1PANELCONSOLE_"
argsPrefix := "CERTIMATE_DEPLOYER_1PANELSITE_"
flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "")
flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
@ -32,12 +32,12 @@ func init() {
/*
Shell command to run this test:
go test -v ./1panel_console_test.go -args \
--CERTIMATE_DEPLOYER_1PANELCONSOLE_INPUTCERTPATH="/path/to/your-input-cert.pem" \
--CERTIMATE_DEPLOYER_1PANELCONSOLE_INPUTKEYPATH="/path/to/your-input-key.pem" \
--CERTIMATE_DEPLOYER_1PANELCONSOLE_APIURL="http://127.0.0.1:20410" \
--CERTIMATE_DEPLOYER_1PANELCONSOLE_APIKEY="your-api-key" \
--CERTIMATE_DEPLOYER_1PANELCONSOLE_WEBSITEID="your-website-id"
go test -v ./1panel_site_test.go -args \
--CERTIMATE_DEPLOYER_1PANELSITE_INPUTCERTPATH="/path/to/your-input-cert.pem" \
--CERTIMATE_DEPLOYER_1PANELSITE_INPUTKEYPATH="/path/to/your-input-key.pem" \
--CERTIMATE_DEPLOYER_1PANELSITE_APIURL="http://127.0.0.1:20410" \
--CERTIMATE_DEPLOYER_1PANELSITE_APIKEY="your-api-key" \
--CERTIMATE_DEPLOYER_1PANELSITE_WEBSITEID="your-website-id"
*/
func TestDeploy(t *testing.T) {
flag.Parse()
@ -55,8 +55,9 @@ func TestDeploy(t *testing.T) {
deployer, err := provider.NewDeployer(&provider.DeployerConfig{
ApiUrl: fApiUrl,
ApiKey: fApiKey,
WebsiteId: fWebsiteId,
AllowInsecureConnections: true,
ResourceType: provider.RESOURCE_TYPE_WEBSITE,
WebsiteId: fWebsiteId,
})
if err != nil {
t.Errorf("err: %+v", err)

10
internal/pkg/core/deployer/providers/1panel-site/consts.go Normal file
View File

@ -0,0 +1,10 @@
package onepanelsite
type ResourceType string
const (
// 资源类型:替换指定网站的证书。
RESOURCE_TYPE_WEBSITE = ResourceType("website")
// 资源类型:替换指定证书。
RESOURCE_TYPE_CERTIFICATE = ResourceType("certificate")
)

269
internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw.go Normal file
View File

@ -0,0 +1,269 @@
package aliyunapigw
import (
"context"
"errors"
"fmt"
"log/slog"
"strings"
"time"
aliapig "github.com/alibabacloud-go/apig-20240327/v3/client"
alicloudapi "github.com/alibabacloud-go/cloudapi-20160714/v5/client"
aliopen "github.com/alibabacloud-go/darabonba-openapi/v2/client"
"github.com/alibabacloud-go/tea/tea"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/aliyun-cas"
)
type DeployerConfig struct {
// 阿里云 AccessKeyId。
AccessKeyId string `json:"accessKeyId"`
// 阿里云 AccessKeySecret。
AccessKeySecret string `json:"accessKeySecret"`
// 阿里云地域。
Region string `json:"region"`
// 服务类型。
ServiceType ServiceType `json:"serviceType"`
// API 网关 ID。
// 服务类型为 [SERVICE_TYPE_CLOUDNATIVE] 时必填。
GatewayId string `json:"gatewayId,omitempty"`
// API 分组 ID。
// 服务类型为 [SERVICE_TYPE_TRADITIONAL] 时必填。
GroupId string `json:"groupId,omitempty"`
// 自定义域名(支持泛域名)。
Domain string `json:"domain"`
}
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClients *wSdkClients
sslUploader uploader.Uploader
}
type wSdkClients struct {
CloudNativeAPIGateway *aliapig.Client
TraditionalAPIGateway *alicloudapi.Client
}
var _ deployer.Deployer = (*DeployerProvider)(nil)
func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
if config == nil {
panic("config is nil")
}
clients, err := createSdkClients(config.AccessKeyId, config.AccessKeySecret, config.Region)
if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk clients")
}
uploader, err := createSslUploader(config.AccessKeyId, config.AccessKeySecret, config.Region)
if err != nil {
return nil, xerrors.Wrap(err, "failed to create ssl uploader")
}
return &DeployerProvider{
config: config,
logger: slog.Default(),
sdkClients: clients,
sslUploader: uploader,
}, nil
}
func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d
}
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
switch d.config.ServiceType {
case SERVICE_TYPE_TRADITIONAL:
if err := d.deployToTraditional(ctx, certPem, privkeyPem); err != nil {
return nil, err
}
case SERVICE_TYPE_CLOUDNATIVE:
if err := d.deployToCloudNative(ctx, certPem, privkeyPem); err != nil {
return nil, err
}
default:
return nil, xerrors.Errorf("unsupported service type: %s", string(d.config.ServiceType))
}
return &deployer.DeployResult{}, nil
}
func (d *DeployerProvider) deployToTraditional(ctx context.Context, certPem string, privkeyPem string) error {
if d.config.GroupId == "" {
return errors.New("config `groupId` is required")
}
if d.config.Domain == "" {
return errors.New("config `domain` is required")
}
// 为自定义域名添加 SSL 证书
// REF: https://help.aliyun.com/zh/api-gateway/traditional-api-gateway/developer-reference/api-cloudapi-2016-07-14-setdomaincertificate
setDomainCertificateReq := &alicloudapi.SetDomainCertificateRequest{
GroupId: tea.String(d.config.GroupId),
DomainName: tea.String(d.config.Domain),
CertificateName: tea.String(fmt.Sprintf("certimate_%d", time.Now().UnixMilli())),
CertificateBody: tea.String(certPem),
CertificatePrivateKey: tea.String(privkeyPem),
}
setDomainCertificateResp, err := d.sdkClients.TraditionalAPIGateway.SetDomainCertificate(setDomainCertificateReq)
d.logger.Debug("sdk request 'apigateway.SetDomainCertificate'", slog.Any("request", setDomainCertificateReq), slog.Any("response", setDomainCertificateResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'apigateway.SetDomainCertificate'")
}
return nil
}
func (d *DeployerProvider) deployToCloudNative(ctx context.Context, certPem string, privkeyPem string) error {
if d.config.GatewayId == "" {
return errors.New("config `gatewayId` is required")
}
if d.config.Domain == "" {
return errors.New("config `domain` is required")
}
// 遍历查询域名列表,获取域名 ID
// REF: https://help.aliyun.com/zh/api-gateway/cloud-native-api-gateway/developer-reference/api-apig-2024-03-27-listdomains
var domainId string
listDomainsPageNumber := int32(1)
listDomainsPageSize := int32(10)
for {
listDomainsReq := &aliapig.ListDomainsRequest{
GatewayId: tea.String(d.config.GatewayId),
NameLike: tea.String(d.config.Domain),
PageNumber: tea.Int32(listDomainsPageNumber),
PageSize: tea.Int32(listDomainsPageSize),
}
listDomainsResp, err := d.sdkClients.CloudNativeAPIGateway.ListDomains(listDomainsReq)
d.logger.Debug("sdk request 'apig.ListDomains'", slog.Any("request", listDomainsReq), slog.Any("response", listDomainsResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'apig.ListDomains'")
}
if listDomainsResp.Body.Data.Items != nil {
for _, domainInfo := range listDomainsResp.Body.Data.Items {
if strings.EqualFold(tea.StringValue(domainInfo.Name), d.config.Domain) {
domainId = tea.StringValue(domainInfo.DomainId)
break
}
}
if domainId != "" {
break
}
}
if listDomainsResp.Body.Data.Items == nil || len(listDomainsResp.Body.Data.Items) < int(listDomainsPageSize) {
break
} else {
listDomainsPageNumber++
}
}
if domainId == "" {
return errors.New("domain not found")
}
// 查询域名
// REF: https://help.aliyun.com/zh/api-gateway/cloud-native-api-gateway/developer-reference/api-apig-2024-03-27-getdomain
getDomainReq := &aliapig.GetDomainRequest{}
getDomainResp, err := d.sdkClients.CloudNativeAPIGateway.GetDomain(tea.String(domainId), getDomainReq)
d.logger.Debug("sdk request 'apig.GetDomain'", slog.Any("domainId", domainId), slog.Any("request", getDomainReq), slog.Any("response", getDomainResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'apig.GetDomain'")
}
// 上传证书到 CAS
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil {
return xerrors.Wrap(err, "failed to upload certificate file")
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
}
// 更新域名
// REF: https://help.aliyun.com/zh/api-gateway/cloud-native-api-gateway/developer-reference/api-apig-2024-03-27-updatedomain
updateDomainReq := &aliapig.UpdateDomainRequest{
Protocol: tea.String("HTTPS"),
ForceHttps: getDomainResp.Body.Data.ForceHttps,
MTLSEnabled: getDomainResp.Body.Data.MTLSEnabled,
Http2Option: getDomainResp.Body.Data.Http2Option,
TlsMin: getDomainResp.Body.Data.TlsMin,
TlsMax: getDomainResp.Body.Data.TlsMax,
TlsCipherSuitesConfig: getDomainResp.Body.Data.TlsCipherSuitesConfig,
CertIdentifier: tea.String(upres.ExtendedData["certIdentifier"].(string)),
}
updateDomainResp, err := d.sdkClients.CloudNativeAPIGateway.UpdateDomain(tea.String(domainId), updateDomainReq)
d.logger.Debug("sdk request 'apig.UpdateDomain'", slog.Any("domainId", domainId), slog.Any("request", updateDomainReq), slog.Any("response", updateDomainResp))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'apig.UpdateDomain'")
}
return nil
}
func createSdkClients(accessKeyId, accessKeySecret, region string) (*wSdkClients, error) {
// 接入点一览 https://api.aliyun.com/product/APIG
cloudNativeAPIGEndpoint := fmt.Sprintf("apig.%s.aliyuncs.com", region)
cloudNativeAPIGConfig := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String(cloudNativeAPIGEndpoint),
}
cloudNativeAPIGClient, err := aliapig.NewClient(cloudNativeAPIGConfig)
if err != nil {
return nil, err
}
// 接入点一览 https://api.aliyun.com/product/CloudAPI
traditionalAPIGEndpoint := fmt.Sprintf("apigateway.%s.aliyuncs.com", region)
traditionalAPIGConfig := &aliopen.Config{
AccessKeyId: tea.String(accessKeyId),
AccessKeySecret: tea.String(accessKeySecret),
Endpoint: tea.String(traditionalAPIGEndpoint),
}
traditionalAPIGClient, err := alicloudapi.NewClient(traditionalAPIGConfig)
if err != nil {
return nil, err
}
return &wSdkClients{
CloudNativeAPIGateway: cloudNativeAPIGClient,
TraditionalAPIGateway: traditionalAPIGClient,
}, nil
}
func createSslUploader(accessKeyId, accessKeySecret, region string) (uploader.Uploader, error) {
casRegion := region
if casRegion != "" {
// 阿里云 CAS 服务接入点是独立于 APIGateway 服务的
// 国内版固定接入点:华东一杭州
// 国际版固定接入点:亚太东南一新加坡
if casRegion != "" && !strings.HasPrefix(casRegion, "cn-") {
casRegion = "ap-southeast-1"
} else {
casRegion = "cn-hangzhou"
}
}
uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
AccessKeyId: accessKeyId,
AccessKeySecret: accessKeySecret,
Region: casRegion,
})
return uploader, err
}

95
internal/pkg/core/deployer/providers/aliyun-apigw/aliyun_apigw_test.go Normal file
View File

@ -0,0 +1,95 @@
package aliyunapigw_test
import (
"context"
"flag"
"fmt"
"os"
"strings"
"testing"
provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/aliyun-apigw"
)
var (
fInputCertPath string
fInputKeyPath string
fAccessKeyId string
fAccessKeySecret string
fRegion string
fServiceType string
fGatewayId string
fGroupId string
fDomain string
)
func init() {
argsPrefix := "CERTIMATE_DEPLOYER_ALIYUNAPIGW_"
flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "")
flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "")
flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "")
flag.StringVar(&fRegion, argsPrefix+"REGION", "", "")
flag.StringVar(&fGatewayId, argsPrefix+"GATEWARYID", "", "")
flag.StringVar(&fGroupId, argsPrefix+"GROUPID", "", "")
flag.StringVar(&fServiceType, argsPrefix+"SERVICETYPE", "", "")
flag.StringVar(&fDomain, argsPrefix+"DOMAIN", "", "")
}
/*
Shell command to run this test:
go test -v ./aliyun_apigw_test.go -args \
--CERTIMATE_DEPLOYER_ALIYUNAPIGW_INPUTCERTPATH="/path/to/your-input-cert.pem" \
--CERTIMATE_DEPLOYER_ALIYUNAPIGW_INPUTKEYPATH="/path/to/your-input-key.pem" \
--CERTIMATE_DEPLOYER_ALIYUNAPIGW_ACCESSKEYID="your-access-key-id" \
--CERTIMATE_DEPLOYER_ALIYUNAPIGW_ACCESSKEYSECRET="your-access-key-secret" \
--CERTIMATE_DEPLOYER_ALIYUNAPIGW_REGION="cn-hangzhou" \
--CERTIMATE_DEPLOYER_ALIYUNAPIGW_GATEWAYID="your-api-gateway-id" \
--CERTIMATE_DEPLOYER_ALIYUNAPIGW_GROUPID="your-api-group-id" \
--CERTIMATE_DEPLOYER_ALIYUNAPIGW_SERVICETYPE="cloudnative" \
--CERTIMATE_DEPLOYER_ALIYUNAPIGW_DOMAIN="example.com"
*/
func TestDeploy(t *testing.T) {
flag.Parse()
t.Run("Deploy", func(t *testing.T) {
t.Log(strings.Join([]string{
"args:",
fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath),
fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath),
fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId),
fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret),
fmt.Sprintf("REGION: %v", fRegion),
fmt.Sprintf("GATEWAYID: %v", fGatewayId),
fmt.Sprintf("GROUPID: %v", fGroupId),
fmt.Sprintf("SERVICETYPE: %v", fServiceType),
fmt.Sprintf("DOMAIN: %v", fDomain),
}, "\n"))
deployer, err := provider.NewDeployer(&provider.DeployerConfig{
AccessKeyId: fAccessKeyId,
AccessKeySecret: fAccessKeySecret,
Region: fRegion,
ServiceType: provider.ServiceType(fServiceType),
GatewayId: fGatewayId,
GroupId: fGroupId,
Domain: fDomain,
})
if err != nil {
t.Errorf("err: %+v", err)
return
}
fInputCertData, _ := os.ReadFile(fInputCertPath)
fInputKeyData, _ := os.ReadFile(fInputKeyPath)
res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData))
if err != nil {
t.Errorf("err: %+v", err)
return
}
t.Logf("ok: %v", res)
})
}

10
internal/pkg/core/deployer/providers/aliyun-apigw/consts.go Normal file
View File

@ -0,0 +1,10 @@
package aliyunapigw
type ServiceType string
const (
// 服务类型:原 API 网关。
SERVICE_TYPE_TRADITIONAL = ServiceType("traditional")
// 服务类型:云原生 API 网关。
SERVICE_TYPE_CLOUDNATIVE = ServiceType("cloudnative")
)

100
internal/pkg/core/deployer/providers/azure-keyvault/azure_keyvault.go
View File

@ -2,13 +2,23 @@
import (
"context"
"crypto/x509"
"encoding/base64"
"errors"
"fmt"
"log/slog"
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/keyvault/azcertificates"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
uploadersp "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/azure-keyvault"
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
azcommon "github.com/usual2970/certimate/internal/pkg/vendors/azure-sdk/common"
)
type DeployerConfig struct {
@ -22,11 +32,15 @@ type DeployerConfig struct {
CloudName string `json:"cloudName,omitempty"`
// Key Vault 名称。
KeyVaultName string `json:"keyvaultName"`
// Key Vault 证书名称。
// 选填。
CertificateName string `json:"certificateName,omitempty"`
}
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *azcertificates.Client
sslUploader uploader.Uploader
}
@ -37,6 +51,11 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
panic("config is nil")
}
client, err := createSdkClient(config.TenantId, config.ClientId, config.ClientSecret, config.CloudName, config.KeyVaultName)
if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
uploader, err := uploadersp.NewUploader(&uploadersp.UploaderConfig{
TenantId: config.TenantId,
ClientId: config.ClientId,
@ -51,6 +70,7 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
return &DeployerProvider{
config: config,
logger: slog.Default(),
sdkClient: client,
sslUploader: uploader,
}, nil
}
@ -66,6 +86,19 @@ func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
}
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
// 解析证书内容
certX509, err := certutil.ParseCertificateFromPEM(certPem)
if err != nil {
return nil, err
}
// 转换证书格式
certPfx, err := certutil.TransformCertificateFromPEMToPFX(certPem, privkeyPem, "")
if err != nil {
return nil, xerrors.Wrap(err, "failed to transform certificate from PEM to PFX")
}
if d.config.CertificateName == "" {
// 上传证书到 KeyVault
upres, err := d.sslUploader.Upload(ctx, certPem, privkeyPem)
if err != nil {
@ -73,6 +106,73 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
} else {
d.logger.Info("ssl certificate uploaded", slog.Any("result", upres))
}
} else {
// 获取证书
// REF: https://learn.microsoft.com/en-us/rest/api/keyvault/certificates/get-certificate/get-certificate
getCertificateResp, err := d.sdkClient.GetCertificate(context.TODO(), d.config.CertificateName, "", nil)
d.logger.Debug("sdk request 'keyvault.GetCertificate'", slog.String("request.certificateName", d.config.CertificateName), slog.Any("response", getCertificateResp))
if err != nil {
var respErr *azcore.ResponseError
if !errors.As(err, &respErr) || (respErr.ErrorCode != "ResourceNotFound" && respErr.ErrorCode != "CertificateNotFound") {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'keyvault.GetCertificate'")
}
} else {
oldCertX509, err := x509.ParseCertificate(getCertificateResp.CER)
if err == nil {
if certutil.EqualCertificate(certX509, oldCertX509) {
return &deployer.DeployResult{}, nil
}
}
}
// 导入证书
// REF: https://learn.microsoft.com/en-us/rest/api/keyvault/certificates/import-certificate/import-certificate
importCertificateParams := azcertificates.ImportCertificateParameters{
Base64EncodedCertificate: to.Ptr(base64.StdEncoding.EncodeToString(certPfx)),
CertificatePolicy: &azcertificates.CertificatePolicy{
SecretProperties: &azcertificates.SecretProperties{
ContentType: to.Ptr("application/x-pkcs12"),
},
},
Tags: map[string]*string{
"certimate/cert-cn": to.Ptr(certX509.Subject.CommonName),
"certimate/cert-sn": to.Ptr(certX509.SerialNumber.Text(16)),
},
}
importCertificateResp, err := d.sdkClient.ImportCertificate(context.TODO(), d.config.CertificateName, importCertificateParams, nil)
d.logger.Debug("sdk request 'keyvault.ImportCertificate'", slog.String("request.certificateName", d.config.CertificateName), slog.Any("request.parameters", importCertificateParams), slog.Any("response", importCertificateResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'keyvault.ImportCertificate'")
}
}
return &deployer.DeployResult{}, nil
}
func createSdkClient(tenantId, clientId, clientSecret, cloudName, keyvaultName string) (*azcertificates.Client, error) {
env, err := azcommon.GetCloudEnvironmentConfiguration(cloudName)
if err != nil {
return nil, err
}
clientOptions := azcore.ClientOptions{Cloud: env}
credential, err := azidentity.NewClientSecretCredential(tenantId, clientId, clientSecret,
&azidentity.ClientSecretCredentialOptions{ClientOptions: clientOptions})
if err != nil {
return nil, err
}
endpoint := fmt.Sprintf("https://%s.vault.azure.net", keyvaultName)
if azcommon.IsEnvironmentGovernment(cloudName) {
endpoint = fmt.Sprintf("https://%s.vault.usgovcloudapi.net", keyvaultName)
} else if azcommon.IsEnvironmentChina(cloudName) {
endpoint = fmt.Sprintf("https://%s.vault.azure.cn", keyvaultName)
}
client, err := azcertificates.NewClient(endpoint, credential, nil)
if err != nil {
return nil, err
}
return client, nil
}

70
internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn.go Normal file
View File

@ -0,0 +1,70 @@
package bunnycdn
import (
"context"
"encoding/base64"
"log/slog"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/deployer"
bunnysdk "github.com/usual2970/certimate/internal/pkg/vendors/bunny-sdk"
)
type DeployerConfig struct {
// Bunny API Key
ApiKey string `json:"apiKey"`
// Bunny Pull Zone ID
PullZoneId string `json:"pullZoneId"`
// Bunny CDN Hostname支持泛域名
HostName string `json:"hostName"`
}
type DeployerProvider struct {
config *DeployerConfig
logger *slog.Logger
sdkClient *bunnysdk.Client
}
var _ deployer.Deployer = (*DeployerProvider)(nil)
func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
if config == nil {
panic("config is nil")
}
return &DeployerProvider{
config: config,
logger: slog.Default(),
sdkClient: bunnysdk.NewClient(config.ApiKey),
}, nil
}
func (d *DeployerProvider) WithLogger(logger *slog.Logger) deployer.Deployer {
if logger == nil {
d.logger = slog.Default()
} else {
d.logger = logger
}
return d
}
func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPem string) (*deployer.DeployResult, error) {
// Prepare
certPemBase64 := base64.StdEncoding.EncodeToString([]byte(certPem))
privkeyPemBase64 := base64.StdEncoding.EncodeToString([]byte(privkeyPem))
// 上传证书
createCertificateReq := &bunnysdk.AddCustomCertificateRequest{
Hostname: d.config.HostName,
PullZoneId: d.config.PullZoneId,
Certificate: certPemBase64,
CertificateKey: privkeyPemBase64,
}
createCertificateResp, err := d.sdkClient.AddCustomCertificate(createCertificateReq)
d.logger.Debug("sdk request 'bunny-cdn.AddCustomCertificate'", slog.Any("request", createCertificateReq), slog.Any("response", createCertificateResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'bunny-cdn.AddCustomCertificate'")
}
return &deployer.DeployResult{}, nil
}

75
internal/pkg/core/deployer/providers/bunny-cdn/bunny_cdn_test.go Normal file
View File

@ -0,0 +1,75 @@
package bunnycdn_test
import (
"context"
"flag"
"fmt"
"os"
"strings"
"testing"
provider "github.com/usual2970/certimate/internal/pkg/core/deployer/providers/bunny-cdn"
)
var (
fInputCertPath string
fInputKeyPath string
fApiKey string
fPullZoneId string
fHostName string
)
func init() {
argsPrefix := "CERTIMATE_DEPLOYER_BUNNYCDN_"
flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "")
flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
flag.StringVar(&fApiKey, argsPrefix+"APIKEY", "", "")
flag.StringVar(&fPullZoneId, argsPrefix+"PULLZONEID", "", "")
flag.StringVar(&fHostName, argsPrefix+"HOSTNAME", "", "")
}
/*
Shell command to run this test:
go test -v ./bunny_cdn_test.go -args \
--CERTIMATE_DEPLOYER_BUNNYCDN_INPUTCERTPATH="/path/to/your-input-cert.pem" \
--CERTIMATE_DEPLOYER_BUNNYCDN_INPUTKEYPATH="/path/to/your-input-key.pem" \
--CERTIMATE_DEPLOYER_BUNNYCDN_APITOKEN="your-api-token" \
--CERTIMATE_DEPLOYER_BUNNYCDN_PULLZONEID="your-pull-zone-id" \
--CERTIMATE_DEPLOYER_BUNNYCDN_HOSTNAME="example.com"
*/
func TestDeploy(t *testing.T) {
flag.Parse()
t.Run("Deploy", func(t *testing.T) {
t.Log(strings.Join([]string{
"args:",
fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath),
fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath),
fmt.Sprintf("APIKEY: %v", fApiKey),
fmt.Sprintf("PULLZONEID: %v", fPullZoneId),
fmt.Sprintf("HOSTNAME: %v", fHostName),
}, "\n"))
deployer, err := provider.NewDeployer(&provider.DeployerConfig{
ApiKey: fApiKey,
PullZoneId: fPullZoneId,
HostName: fHostName,
})
if err != nil {
t.Errorf("err: %+v", err)
return
}
fInputCertData, _ := os.ReadFile(fInputCertPath)
fInputKeyData, _ := os.ReadFile(fInputKeyPath)
res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData))
if err != nil {
t.Errorf("err: %+v", err)
return
}
t.Logf("ok: %v", res)
})
}

1
internal/pkg/core/deployer/providers/ssh/ssh.go
View File

@ -243,7 +243,6 @@ func writeFileWithSCP(sshCli *ssh.Client, path string, data []byte) error {
if err != nil {
return xerrors.Wrap(err, "failed to create scp client")
}
defer scpCli.Close()
reader := bytes.NewReader(data)
err = scpCli.CopyToRemote(reader, path, &scp.FileTransferOption{})

29
internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro.go
View File

@ -13,6 +13,7 @@ import (
"fmt"
"log/slog"
"regexp"
"strconv"
"time"
"github.com/alibabacloud-go/tea/tea"
@ -28,6 +29,8 @@ type DeployerConfig struct {
AccessKeyId string `json:"accessKeyId"`
// 网宿云 AccessKeySecret。
AccessKeySecret string `json:"accessKeySecret"`
// 网宿云 API Key。
ApiKey string `json:"apiKey"`
// 网宿云环境。
Environment string `json:"environment"`
// 加速域名(支持泛域名)。
@ -93,7 +96,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
}
// 生成网宿云证书参数
encryptedPrivateKey, err := encryptPrivateKey(privkeyPem, d.config.AccessKeySecret, time.Now().Unix())
encryptedPrivateKey, err := encryptPrivateKey(privkeyPem, d.config.ApiKey, time.Now().Unix())
if err != nil {
return nil, xerrors.Wrap(err, "failed to encrypt private key")
}
@ -111,7 +114,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// http://open.chinanetcenter.com/cdn/certificates/5dca2205f9e9cc0001df7b33
// http://open.chinanetcenter.com/cdn/certificates/329f12c1fe6708c23c31e91f/versions/5
var wangsuCertUrl string
var wangsuCertId, wangsuCertVer string
var wangsuCertId string
var wangsuCertVer int32
// 如果原证书 ID 为空,则创建证书;否则更新证书。
timestamp := time.Now().Unix()
@ -137,7 +141,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
wangsuCertId = wangsuCertIdMatches[1]
}
wangsuCertVer = "1"
wangsuCertVer = 1
} else {
// 更新证书
updateCertificateReq := &wangsucdn.UpdateCertificateRequest{
@ -162,7 +166,8 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
wangsuCertVerMatches := regexp.MustCompile(`/versions/(\d+)`).FindStringSubmatch(wangsuCertUrl)
if len(wangsuCertVerMatches) > 1 {
wangsuCertVer = wangsuCertVerMatches[1]
n, _ := strconv.ParseInt(wangsuCertVerMatches[1], 10, 32)
wangsuCertVer = int32(n)
}
}
@ -175,7 +180,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
{
Action: tea.String("deploy_cert"),
CertificateId: tea.String(wangsuCertId),
Version: tea.String(wangsuCertVer),
Version: tea.Int32(wangsuCertVer),
},
},
}
@ -191,7 +196,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
// 循环获取部署任务详细信息,等待任务状态变更
// REF: https://www.wangsu.com/document/api-doc/27038
var wangsuTaskId string
wangsuTaskMatches := regexp.MustCompile(`/deploymentTasks/([a-zA-Z0-9-]+)`).FindStringSubmatch(wangsuCertUrl)
wangsuTaskMatches := regexp.MustCompile(`/deploymentTasks/([a-zA-Z0-9-]+)`).FindStringSubmatch(createDeploymentTaskResp.DeploymentTaskUrl)
if len(wangsuTaskMatches) > 1 {
wangsuTaskId = wangsuTaskMatches[1]
}
@ -201,19 +206,19 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
}
getDeploymentTaskDetailResp, err := d.sdkClient.GetDeploymentTaskDetail(wangsuTaskId)
d.logger.Debug("sdk request 'cdn.GetDeploymentTaskDetail'", slog.Any("taskId", wangsuTaskId), slog.Any("response", getDeploymentTaskDetailResp))
d.logger.Info("sdk request 'cdn.GetDeploymentTaskDetail'", slog.Any("taskId", wangsuTaskId), slog.Any("response", getDeploymentTaskDetailResp))
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.GetDeploymentTaskDetail'")
}
if getDeploymentTaskDetailResp.Status == "failed" {
return nil, errors.New("unexpected deployment task status")
} else if getDeploymentTaskDetailResp.Status == "succeeded" {
} else if getDeploymentTaskDetailResp.Status == "succeeded" || getDeploymentTaskDetailResp.FinishTime != "" {
break
}
d.logger.Info("waiting for deployment task completion ...")
time.Sleep(time.Second * 15)
d.logger.Info(fmt.Sprintf("waiting for deployment task completion (current status: %s) ...", getDeploymentTaskDetailResp.Status))
time.Sleep(time.Second * 5)
}
return &deployer.DeployResult{}, nil
@ -231,11 +236,11 @@ func createSdkClient(accessKeyId, accessKeySecret string) (*wangsucdn.Client, er
return wangsucdn.NewClient(accessKeyId, accessKeySecret), nil
}
func encryptPrivateKey(privkeyPem string, secretKey string, timestamp int64) (string, error) {
func encryptPrivateKey(privkeyPem string, apiKey string, timestamp int64) (string, error) {
date := time.Unix(timestamp, 0).UTC()
dateStr := date.Format("Mon, 02 Jan 2006 15:04:05 GMT")
mac := hmac.New(sha256.New, []byte(secretKey))
mac := hmac.New(sha256.New, []byte(apiKey))
mac.Write([]byte(dateStr))
aesivkey := mac.Sum(nil)
aesivkeyHex := hex.EncodeToString(aesivkey)

5
internal/pkg/core/deployer/providers/wangsu-cdnpro/wangsu_cdnpro_test.go
View File

@ -16,6 +16,7 @@ var (
fInputKeyPath string
fAccessKeyId string
fAccessKeySecret string
fApiKey string
fEnvironment string
fDomain string
fCertificateId string
@ -29,6 +30,7 @@ func init() {
flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "")
flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "")
flag.StringVar(&fApiKey, argsPrefix+"APIKEY", "", "")
flag.StringVar(&fEnvironment, argsPrefix+"ENVIRONMENT", "production", "")
flag.StringVar(&fDomain, argsPrefix+"DOMAIN", "", "")
flag.StringVar(&fCertificateId, argsPrefix+"CERTIFICATEID", "", "")
@ -43,6 +45,7 @@ Shell command to run this test:
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_INPUTKEYPATH="/path/to/your-input-key.pem" \
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_ACCESSKEYID="your-access-key-id" \
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_ACCESSKEYSECRET="your-access-key-secret" \
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_APIKEY="your-api-key" \
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_ENVIRONMENT="production" \
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_DOMAIN="example.com" \
--CERTIMATE_DEPLOYER_WANGSUCDNPRO_CERTIFICATEID="your-certificate-id" \
@ -58,6 +61,7 @@ func TestDeploy(t *testing.T) {
fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath),
fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId),
fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret),
fmt.Sprintf("APIKEY: %v", fApiKey),
fmt.Sprintf("ENVIRONMENT: %v", fEnvironment),
fmt.Sprintf("DOMAIN: %v", fDomain),
fmt.Sprintf("CERTIFICATEID: %v", fCertificateId),
@ -67,6 +71,7 @@ func TestDeploy(t *testing.T) {
deployer, err := provider.NewDeployer(&provider.DeployerConfig{
AccessKeyId: fAccessKeyId,
AccessKeySecret: fAccessKeySecret,
ApiKey: fApiKey,
Environment: fEnvironment,
Domain: fDomain,
CertificateId: fCertificateId,

13
internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault.go
View File

@ -3,6 +3,7 @@
import (
"context"
"crypto/x509"
"encoding/base64"
"fmt"
"log/slog"
"time"
@ -141,13 +142,21 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
// 生成新证书名(需符合 Azure 命名规则)
certName := fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
// Azure Key Vault 不支持导入带有 Certificiate Chain 的 PEM 证书。
// Issue Link: https://github.com/Azure/azure-cli/issues/19017
// 暂时的解决方法是,将 PEM 证书转换成 PFX 格式,然后再导入。
certPfx, err := certutil.TransformCertificateFromPEMToPFX(certPem, privkeyPem, "")
if err != nil {
return nil, xerrors.Wrap(err, "failed to transform certificate from PEM to PFX")
}
// 导入证书
// REF: https://learn.microsoft.com/en-us/rest/api/keyvault/certificates/import-certificate/import-certificate
importCertificateParams := azcertificates.ImportCertificateParameters{
Base64EncodedCertificate: to.Ptr(certPem),
Base64EncodedCertificate: to.Ptr(base64.StdEncoding.EncodeToString(certPfx)),
CertificatePolicy: &azcertificates.CertificatePolicy{
SecretProperties: &azcertificates.SecretProperties{
ContentType: to.Ptr("application/x-pem-file"),
ContentType: to.Ptr("application/x-pkcs12"),
},
},
Tags: map[string]*string{

87
internal/pkg/core/uploader/providers/azure-keyvault/azure_keyvault_test.go Normal file
View File

@ -0,0 +1,87 @@
package azurekeyvault_test
import (
"context"
"encoding/json"
"flag"
"fmt"
"os"
"strings"
"testing"
provider "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/azure-keyvault"
)
var (
fInputCertPath string
fInputKeyPath string
fTenantId string
fClientId string
fClientSecret string
fCloudName string
fKeyVaultName string
)
func init() {
argsPrefix := "CERTIMATE_UPLOADER_AZUREKEYVAULT_"
flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "")
flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
flag.StringVar(&fTenantId, argsPrefix+"TENANTID", "", "")
flag.StringVar(&fClientId, argsPrefix+"CLIENTID", "", "")
flag.StringVar(&fClientSecret, argsPrefix+"CLIENTSECRET", "", "")
flag.StringVar(&fCloudName, argsPrefix+"CLOUDNAME", "", "")
flag.StringVar(&fKeyVaultName, argsPrefix+"KEYVAULTNAME", "", "")
}
/*
Shell command to run this test:
go test -v ./azure_keyvault_test.go -args \
--CERTIMATE_UPLOADER_AZUREKEYVAULT_INPUTCERTPATH="/path/to/your-input-cert.pem" \
--CERTIMATE_UPLOADER_AZUREKEYVAULT_INPUTKEYPATH="/path/to/your-input-key.pem" \
--CERTIMATE_UPLOADER_AZUREKEYVAULT_TENANTID="your-tenant-id" \
--CERTIMATE_UPLOADER_AZUREKEYVAULT_CLIENTID="your-app-registration-client-id" \
--CERTIMATE_UPLOADER_AZUREKEYVAULT_CLIENTSECRET="your-app-registration-client-secret" \
--CERTIMATE_UPLOADER_AZUREKEYVAULT_CLOUDNAME="china" \
--CERTIMATE_UPLOADER_AZUREKEYVAULT_KEYVAULTNAME="your-keyvault-name"
*/
func TestDeploy(t *testing.T) {
flag.Parse()
t.Run("Deploy", func(t *testing.T) {
t.Log(strings.Join([]string{
"args:",
fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath),
fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath),
fmt.Sprintf("TENANTID: %v", fTenantId),
fmt.Sprintf("CLIENTID: %v", fClientId),
fmt.Sprintf("CLIENTSECRET: %v", fClientSecret),
fmt.Sprintf("CLOUDNAME: %v", fCloudName),
fmt.Sprintf("KEYVAULTNAME: %v", fKeyVaultName),
}, "\n"))
uploader, err := provider.NewUploader(&provider.UploaderConfig{
TenantId: fTenantId,
ClientId: fClientId,
ClientSecret: fClientSecret,
CloudName: fCloudName,
KeyVaultName: fKeyVaultName,
})
if err != nil {
t.Errorf("err: %+v", err)
return
}
fInputCertData, _ := os.ReadFile(fInputCertPath)
fInputKeyData, _ := os.ReadFile(fInputKeyPath)
res, err := uploader.Upload(context.Background(), string(fInputCertData), string(fInputKeyData))
if err != nil {
t.Errorf("err: %+v", err)
return
}
sres, _ := json.Marshal(res)
t.Logf("ok: %s", string(sres))
})
}

9
internal/pkg/core/uploader/providers/volcengine-certcenter/volcengine_certcenter.go
View File

@ -72,12 +72,17 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
}
var certId string
if importCertificateResp.InstanceId != nil {
if importCertificateResp.InstanceId != nil && *importCertificateResp.InstanceId != "" {
certId = *importCertificateResp.InstanceId
}
if importCertificateResp.RepeatId != nil {
if importCertificateResp.RepeatId != nil && *importCertificateResp.RepeatId != "" {
certId = *importCertificateResp.RepeatId
}
if certId == "" {
return nil, xerrors.New("failed to get certificate id, both `InstanceId` and `RepeatId` are empty")
}
return &uploader.UploadResult{
CertId: certId,
}, nil

6
internal/pkg/vendors/1panel-sdk/api.go vendored
View File

@ -17,6 +17,12 @@ func (c *Client) SearchWebsiteSSL(req *SearchWebsiteSSLRequest) (*SearchWebsiteS
return resp, err
}
func (c *Client) GetWebsiteSSL(req *GetWebsiteSSLRequest) (*GetWebsiteSSLResponse, error) {
resp := &GetWebsiteSSLResponse{}
err := c.sendRequestWithResult(http.MethodGet, fmt.Sprintf("/websites/ssl/%d", req.SSLID), req, resp)
return resp, err
}
func (c *Client) UploadWebsiteSSL(req *UploadWebsiteSSLRequest) (*UploadWebsiteSSLResponse, error) {
resp := &UploadWebsiteSSLResponse{}
err := c.sendRequestWithResult(http.MethodPost, "/websites/ssl/upload", req, resp)

22
internal/pkg/vendors/1panel-sdk/models.go vendored
View File

@ -59,6 +59,28 @@ type SearchWebsiteSSLResponse struct {
} `json:"data,omitempty"`
}
type GetWebsiteSSLRequest struct {
SSLID int64 `json:"-"`
}
type GetWebsiteSSLResponse struct {
baseResponse
Data *struct {
ID int64 `json:"id"`
Provider string `json:"provider"`
Description string `json:"description"`
PrimaryDomain string `json:"primaryDomain"`
Domains string `json:"domains"`
Type string `json:"type"`
Organization string `json:"organization"`
Status string `json:"status"`
StartDate string `json:"startDate"`
ExpireDate string `json:"expireDate"`
CreatedAt string `json:"createdAt"`
UpdatedAt string `json:"updatedAt"`
} `json:"data,omitempty"`
}
type UploadWebsiteSSLRequest struct {
Type string `json:"type"`
SSLID int64 `json:"sslID"`

11
internal/pkg/vendors/bunny-sdk/api.go vendored Normal file
View File

@ -0,0 +1,11 @@
package bunnysdk
import (
"fmt"
"net/http"
)
func (c *Client) AddCustomCertificate(req *AddCustomCertificateRequest) ([]byte, error) {
resp, err := c.sendRequest(http.MethodPost, fmt.Sprintf("/pullzone/%s/addCertificate", req.PullZoneId), req)
return resp.Body(), err
}

66
internal/pkg/vendors/bunny-sdk/client.go vendored Normal file
View File

@ -0,0 +1,66 @@
package bunnysdk
import (
"encoding/json"
"fmt"
"net/http"
"strings"
"time"
"github.com/go-resty/resty/v2"
)
type Client struct {
apiToken string
client *resty.Client
}
func NewClient(apiToken string) *Client {
client := resty.New()
return &Client{
apiToken: apiToken,
client: client,
}
}
func (c *Client) WithTimeout(timeout time.Duration) *Client {
c.client.SetTimeout(timeout)
return c
}
func (c *Client) sendRequest(method string, path string, params interface{}) (*resty.Response, error) {
req := c.client.R()
req.Method = method
req.URL = "https://api.bunny.net" + path
req = req.SetHeader("AccessKey", c.apiToken)
if strings.EqualFold(method, http.MethodGet) {
qs := make(map[string]string)
if params != nil {
temp := make(map[string]any)
jsonb, _ := json.Marshal(params)
json.Unmarshal(jsonb, &temp)
for k, v := range temp {
if v != nil {
qs[k] = fmt.Sprintf("%v", v)
}
}
}
req = req.SetQueryParams(qs)
} else {
req = req.
SetHeader("Content-Type", "application/json").
SetBody(params)
}
resp, err := req.Send()
if err != nil {
return resp, fmt.Errorf("bunny api error: failed to send request: %w", err)
} else if resp.IsError() {
return resp, fmt.Errorf("bunny api error: unexpected status code: %d, %s", resp.StatusCode(), resp.Body())
}
return resp, nil
}

8
internal/pkg/vendors/bunny-sdk/models.go vendored Normal file
View File

@ -0,0 +1,8 @@
package bunnysdk
type AddCustomCertificateRequest struct {
Hostname string `json:"Hostname"`
PullZoneId string `json:"-"`
Certificate string `json:"Certificate"`
CertificateKey string `json:"CertificateKey"`
}

18
internal/pkg/vendors/cdnfly-sdk/models.go vendored
View File

@ -1,6 +1,6 @@
package cdnflysdk
import "encoding/json"
import "fmt"
type BaseResponse interface {
GetCode() string
@ -8,12 +8,24 @@ type BaseResponse interface {
}
type baseResponse struct {
Code json.Number `json:"code"`
Code any `json:"code"`
Message string `json:"msg"`
}
func (r *baseResponse) GetCode() string {
return r.Code.String()
if r.Code == nil {
return ""
}
if code, ok := r.Code.(int); ok {
return fmt.Sprintf("%d", code)
}
if code, ok := r.Code.(string); ok {
return code
}
return ""
}
func (r *baseResponse) GetMessage() string {

14
internal/pkg/vendors/wangsu-sdk/cdn/api.go vendored
View File

@ -22,6 +22,10 @@ func (c *Client) CreateCertificate(req *CreateCertificateRequest) (*CreateCertif
}
func (c *Client) UpdateCertificate(certificateId string, req *UpdateCertificateRequest) (*UpdateCertificateResponse, error) {
if certificateId == "" {
return nil, fmt.Errorf("invalid parameter: certificateId")
}
resp := &UpdateCertificateResponse{}
r, err := c.client.SendRequestWithResult(http.MethodPatch, fmt.Sprintf("/cdn/certificates/%s", url.PathEscape(certificateId)), req, resp, func(r *resty.Request) {
r.SetHeader("x-cnc-timestamp", fmt.Sprintf("%d", req.Timestamp))
@ -35,6 +39,10 @@ func (c *Client) UpdateCertificate(certificateId string, req *UpdateCertificateR
}
func (c *Client) GetHostnameDetail(hostname string) (*GetHostnameDetailResponse, error) {
if hostname == "" {
return nil, fmt.Errorf("invalid parameter: hostname")
}
resp := &GetHostnameDetailResponse{}
_, err := c.client.SendRequestWithResult(http.MethodGet, fmt.Sprintf("/cdn/hostnames/%s", url.PathEscape(hostname)), nil, resp)
return resp, err
@ -52,7 +60,11 @@ func (c *Client) CreateDeploymentTask(req *CreateDeploymentTaskRequest) (*Create
}
func (c *Client) GetDeploymentTaskDetail(deploymentTaskId string) (*GetDeploymentTaskDetailResponse, error) {
if deploymentTaskId == "" {
return nil, fmt.Errorf("invalid parameter: deploymentTaskId")
}
resp := &GetDeploymentTaskDetailResponse{}
_, err := c.client.SendRequestWithResult(http.MethodGet, fmt.Sprintf("/cdn/deploymentTasks/%s", deploymentTaskId), nil, resp)
_, err := c.client.SendRequestWithResult(http.MethodGet, fmt.Sprintf("/cdn/deploymentTasks/%s", url.PathEscape(deploymentTaskId)), nil, resp)
return resp, err
}

3
internal/pkg/vendors/wangsu-sdk/cdn/models.go vendored
View File

@ -80,7 +80,7 @@ type DeploymentTaskAction struct {
Action *string `json:"action,omitempty" required:"true"`
PropertyId *string `json:"propertyId,omitempty"`
CertificateId *string `json:"certificateId,omitempty"`
Version *string `json:"version,omitempty"`
Version *int32 `json:"version,omitempty"`
}
type CreateDeploymentTaskRequest struct {
@ -97,6 +97,7 @@ type CreateDeploymentTaskResponse struct {
type GetDeploymentTaskDetailResponse struct {
baseResponse
Name string `json:"name"`
Target string `json:"target"`
Actions []DeploymentTaskAction `json:"actions"`
Status string `json:"status"`

7
internal/pkg/vendors/wangsu-sdk/openapi/client.go vendored
View File

@ -111,7 +111,7 @@ func NewClient(accessKey, secretKey string) *Client {
signHex := strings.ToLower(hex.EncodeToString(sign))
// Step 9: Add headers to request
req.Header.Set("x-cnc-accessKey", accessKey)
req.Header.Set("x-cnc-accesskey", accessKey)
req.Header.Set("x-cnc-timestamp", timestampString)
req.Header.Set("x-cnc-auth-method", "AKSK")
req.Header.Set("Authorization", fmt.Sprintf("%s Credential=%s, SignedHeaders=%s, Signature=%s", SignAlgorithmHeader, accessKey, signedHeaders, signHex))
@ -178,9 +178,12 @@ func (c *Client) SendRequestWithResult(method string, path string, params interf
return resp, err
}
if err := json.Unmarshal(resp.Body(), &result); err != nil {
respBody := resp.Body()
if len(respBody) != 0 {
if err := json.Unmarshal(respBody, &result); err != nil {
return resp, fmt.Errorf("wangsu api error: failed to parse response: %w", err)
}
}
result.SetRequestId(resp.Header().Get("x-cnc-request-id"))
return resp, nil

98
migrations/1744459000_upgrade.go Normal file
View File

@ -0,0 +1,98 @@
package migrations
import (
"github.com/pocketbase/pocketbase/core"
m "github.com/pocketbase/pocketbase/migrations"
)
func init() {
m.Register(func(app core.App) error {
// update collection `access`
{
collection, err := app.FindCollectionByNameOrId("4yzbv8urny5ja1e")
if err != nil {
return err
}
// update field
if err := collection.Fields.AddMarshaledJSONAt(2, []byte(`{
"hidden": false,
"id": "hwy7m03o",
"maxSelect": 1,
"name": "provider",
"presentable": false,
"required": false,
"system": false,
"type": "select",
"values": [
"1panel",
"acmehttpreq",
"akamai",
"aliyun",
"aws",
"azure",
"baiducloud",
"baishan",
"baotapanel",
"bunny",
"byteplus",
"buypass",
"cachefly",
"cdnfly",
"cloudflare",
"cloudns",
"cmcccloud",
"ctcccloud",
"cucccloud",
"desec",
"dnsla",
"dogecloud",
"dynv6",
"edgio",
"fastly",
"gname",
"gcore",
"godaddy",
"goedge",
"googletrustservices",
"huaweicloud",
"jdcloud",
"k8s",
"letsencrypt",
"letsencryptstaging",
"local",
"namecheap",
"namedotcom",
"namesilo",
"ns1",
"porkbun",
"powerdns",
"qiniu",
"qingcloud",
"rainyun",
"safeline",
"ssh",
"sslcom",
"tencentcloud",
"ucloud",
"upyun",
"vercel",
"volcengine",
"webhook",
"westcn",
"zerossl"
]
}`)); err != nil {
return err
}
if err := app.Save(collection); err != nil {
return err
}
}
return nil
}, func(app core.App) error {
return nil
})
}

108
ui/public/imgs/providers/bunny.svg Normal file
View File

@ -0,0 +1,108 @@
<svg version="1.1" id="Layer_1" xmlns:x="ns_extend;" xmlns:i="ns_ai;" xmlns:graph="ns_graphs;" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 38.1 42.7" style="enable-background:new 0 0 38.1 42.7;" xml:space="preserve">
<style type="text/css">
.st0{fill-rule:evenodd;clip-rule:evenodd;fill:url(#SVGID_1_);}
.st1{fill-rule:evenodd;clip-rule:evenodd;fill:url(#SVGID_2_);}
.st2{fill-rule:evenodd;clip-rule:evenodd;fill:url(#SVGID_3_);}
.st3{fill-rule:evenodd;clip-rule:evenodd;fill:url(#SVGID_4_);}
.st4{fill-rule:evenodd;clip-rule:evenodd;fill:url(#SVGID_5_);}
.st5{fill-rule:evenodd;clip-rule:evenodd;fill:url(#SVGID_6_);}
.st6{fill-rule:evenodd;clip-rule:evenodd;fill:url(#SVGID_7_);}
.st7{fill-rule:evenodd;clip-rule:evenodd;fill:url(#SVGID_8_);}
.st8{fill-rule:evenodd;clip-rule:evenodd;fill:url(#SVGID_9_);}
</style>
<metadata>
<sfw xmlns="ns_sfw;">
<slices>
</slices>
<sliceSourceBounds bottomLeftOrigin="true" height="42.7" width="38.1" x="0" y="0">
</sliceSourceBounds>
</sfw>
</metadata>
<g id="Layer_2_1_">
<g id="Layer_1-2">
<linearGradient id="SVGID_1_" gradientUnits="userSpaceOnUse" x1="16.85" y1="37.895" x2="36.49" y2="37.895" gradientTransform="matrix(1 0 0 -1 4.903450e-08 44)">
<stop offset="0" style="stop-color:#FBAA19">
</stop>
<stop offset="1" style="stop-color:#EF3E23">
</stop>
</linearGradient>
<path class="st0" d="M21,6.8l9.9,5.4L21.8,0C20.3,2,20,4.6,21,6.8z">
</path>
<linearGradient id="SVGID_2_" gradientUnits="userSpaceOnUse" x1="15.7715" y1="12.9194" x2="17.3115" y2="17.1294" gradientTransform="matrix(1 0 0 -1 4.903450e-08 44)">
<stop offset="0" style="stop-color:#F78D1E">
</stop>
<stop offset="1" style="stop-color:#F37121">
</stop>
</linearGradient>
<path class="st1" d="M16.5,26.7c1.2,0,2.2,1,2.2,2.3c0,1.2-1,2.2-2.3,2.2c-1.2,0-2.2-1-2.2-2.2C14.3,27.8,15.3,26.7,16.5,26.7
C16.5,26.7,16.5,26.7,16.5,26.7z">
</path>
<linearGradient id="SVGID_3_" gradientUnits="userSpaceOnUse" x1="3.5604" y1="11.4696" x2="27.4904" y2="37.1196" gradientTransform="matrix(1 0 0 -1 4.903450e-08 44)">
<stop offset="0" style="stop-color:#FEBE2D">
</stop>
<stop offset="1" style="stop-color:#F04E23">
</stop>
</linearGradient>
<path class="st2" d="M9.7,1.8l27.6,15c0.7,0.3,0.9,1.1,0.6,1.8c-0.1,0.3-0.3,0.5-0.6,0.6c-2.1,1.3-4.4,2.2-6.8,2.6l-5.8,11.8
c0,0-1.8,4.1-6.8,2.5c2.1-2.1,4.6-4,4.6-7.2c0-3.4-2.7-6.1-6.1-6.1s-6.1,2.7-6.1,6.1l0,0c0,4.2,4.2,6,6.5,8.9
c1,1.5,0.9,3.5-0.3,4.8C13.7,39.8,8.2,35,5.9,31.9c-1.2-1.6-1.9-3.5-2-5.5c0.2-4.4,3.2-8.2,7.4-9.5c1.3-0.4,2.6-0.5,3.9-0.5
c1.8,0.1,3.6,0.7,5.2,1.6c2.5,1.4,3.6,1.1,5.3-0.4c1-0.8,2.1-3.5,0.4-4.1c-0.6-0.2-1.1-0.3-1.7-0.4c-3.1-0.6-8.6-1.2-10.6-2.3
C10.6,9,8.4,5.3,9.7,1.8z">
</path>
<linearGradient id="SVGID_4_" gradientUnits="userSpaceOnUse" x1="20.5027" y1="26.4387" x2="7.2627" y2="6.0587" gradientTransform="matrix(1 0 0 -1 4.903450e-08 44)">
<stop offset="0" style="stop-color:#EA4425">
</stop>
<stop offset="1" style="stop-color:#FDBB27">
</stop>
</linearGradient>
<path class="st3" d="M22.5,29.4L22.5,29.4z M22.5,29c1.3-6.7-5.5-13.1-10.8-12.2l0.4-0.1c-0.3,0.1-0.6,0.1-0.8,0.2
c-4.2,1.3-7.2,5.1-7.4,9.5c0,2,0.7,4,2,5.5c2.3,3.1,7.8,7.9,10.7,10.8c1.2-1.3,1.4-3.3,0.3-4.8c-2.4-2.9-6.5-4.7-6.5-8.9
c0-3.4,2.7-6.1,6.1-6.1C19.9,22.9,22.6,25.6,22.5,29L22.5,29z">
</path>
<linearGradient id="SVGID_5_" gradientUnits="userSpaceOnUse" x1="0.24" y1="33.4281" x2="42.04" y2="33.4281" gradientTransform="matrix(1 0 0 -1 4.903450e-08 44)">
<stop offset="0" style="stop-color:#F47920">
</stop>
<stop offset="1" style="stop-color:#E93825">
</stop>
</linearGradient>
<path class="st4" d="M9.7,1.8l21,11.4l0,0l0.6,0.3c0.5,0.4,1,1.2,0.4,2.6c-1,2.1-5,4.2-9.6,2.6c1.4,0.4,2.4-0.1,3.7-1.1
c1-0.8,2.1-3.5,0.4-4.1c-0.6-0.2-1.1-0.3-1.7-0.4c-3.1-0.6-8.6-1.2-10.6-2.3C10.6,9,8.4,5.3,9.7,1.8z">
</path>
<linearGradient id="SVGID_6_" gradientUnits="userSpaceOnUse" x1="-21.84" y1="36.21" x2="63.21" y2="36.21" gradientTransform="matrix(1 0 0 -1 4.903450e-08 44)">
<stop offset="0" style="stop-color:#FDCA0B">
</stop>
<stop offset="1" style="stop-color:#F5841F">
</stop>
</linearGradient>
<path class="st5" d="M9.7,1.8c2.2,8,15.4,8.7,22,12L9.7,1.8z">
</path>
<linearGradient id="SVGID_7_" gradientUnits="userSpaceOnUse" x1="8.5447" y1="25.9314" x2="17.3947" y2="-4.9386" gradientTransform="matrix(1 0 0 -1 4.903450e-08 44)">
<stop offset="0" style="stop-color:#E73C25">
</stop>
<stop offset="1" style="stop-color:#FAA21B">
</stop>
</linearGradient>
<path class="st6" d="M16.9,37.9c-2.3-2.9-6.5-4.7-6.5-8.9c0-3.1,2.3-5.6,5.3-6C10.9,23,7,26.9,7,31.8c0,0.6,0.1,1.2,0.2,1.8
c1.9,2.2,4.7,4.7,7,6.9c0.9,0.8,1.8,1.7,2.4,2.3c0.6-0.7,0.9-1.5,1-2.4l0,0C17.7,39.5,17.4,38.6,16.9,37.9z">
</path>
<linearGradient id="SVGID_8_" gradientUnits="userSpaceOnUse" x1="-51.37" y1="20.9197" x2="74.88" y2="20.9197" gradientTransform="matrix(1 0 0 -1 4.903450e-08 44)">
<stop offset="0" style="stop-color:#FDBA12">
</stop>
<stop offset="1" style="stop-color:#F7921E">
</stop>
</linearGradient>
<path class="st7" d="M22.5,29.7c0-0.2,0-0.5,0-0.7c1.3-6.7-5.6-13.1-10.8-12.2c1.1-0.3,2.3-0.4,3.4-0.3C22,16.7,24,24.1,22.5,29.7
z">
</path>
<linearGradient id="SVGID_9_" gradientUnits="userSpaceOnUse" x1="8.023048e-02" y1="27.2813" x2="4.8102" y2="26.4413" gradientTransform="matrix(1 0 0 -1 4.903450e-08 44)">
<stop offset="0" style="stop-color:#FEBE2D">
</stop>
<stop offset="1" style="stop-color:#F04E23">
</stop>
</linearGradient>
<path class="st8" d="M2.3,14.8L2.3,14.8c1.2,0,2.3,1,2.3,2.3v2.3H2.3c-1.2,0-2.3-1-2.3-2.3c0,0,0,0,0,0l0,0
C0,15.9,1,14.8,2.3,14.8z">
</path>
</g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 5.7 KiB

3
ui/src/components/access/AccessForm.tsx
View File

@ -17,6 +17,7 @@ import AccessFormAzureConfig from "./AccessFormAzureConfig";
import AccessFormBaiduCloudConfig from "./AccessFormBaiduCloudConfig";
import AccessFormBaishanConfig from "./AccessFormBaishanConfig";
import AccessFormBaotaPanelConfig from "./AccessFormBaotaPanelConfig";
import AccessFormBunnyConfig from "./AccessFormBunnyConfig";
import AccessFormBytePlusConfig from "./AccessFormBytePlusConfig";
import AccessFormCacheFlyConfig from "./AccessFormCacheFlyConfig";
import AccessFormCdnflyConfig from "./AccessFormCdnflyConfig";
@ -162,6 +163,8 @@ const AccessForm = forwardRef<AccessFormInstance, AccessFormProps>(({ className,
return <AccessFormBaishanConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.BAOTAPANEL:
return <AccessFormBaotaPanelConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.BUNNY:
return <AccessFormBunnyConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.BYTEPLUS:
return <AccessFormBytePlusConfig {...nestedFormProps} />;
case ACCESS_PROVIDERS.CACHEFLY:

62
ui/src/components/access/AccessFormBunnyConfig.tsx Normal file
View File

@ -0,0 +1,62 @@
import { useTranslation } from "react-i18next";
import { Form, type FormInstance, Input } from "antd";
import { createSchemaFieldRule } from "antd-zod";
import { z } from "zod";
import { type AccessConfigForBunny } from "@/domain/access";
type AccessFormBunnyConfigFieldValues = Nullish<AccessConfigForBunny>;
export type AccessFormBunnyConfigProps = {
form: FormInstance;
formName: string;
disabled?: boolean;
initialValues?: AccessFormBunnyConfigFieldValues;
onValuesChange?: (values: AccessFormBunnyConfigFieldValues) => void;
};
const initFormModel = (): AccessFormBunnyConfigFieldValues => {
return {
apiKey: "",
};
};
const AccessFormBunnyConfig = ({ form: formInst, formName, disabled, initialValues, onValuesChange }: AccessFormBunnyConfigProps) => {
const { t } = useTranslation();
const formSchema = z.object({
apiKey: z
.string()
.nonempty(t("access.form.bunny_api_key.placeholder"))
.trim(),
});
const formRule = createSchemaFieldRule(formSchema);
const handleFormChange = (_: unknown, values: z.infer<typeof formSchema>) => {
onValuesChange?.(values);
};
return (
<Form
form={formInst}
disabled={disabled}
initialValues={initialValues ?? initFormModel()}
layout="vertical"
name={formName}
onValuesChange={handleFormChange}
>
<Form.Item
name="apiKey"
label={t("access.form.bunny_api_key.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("access.form.bunny_api_key.tooltip") }}></span>}
>
<Input.Password autoComplete="new-password" placeholder={t("access.form.bunny_api_key.placeholder")} />
</Form.Item>
</Form>
);
};
export default AccessFormBunnyConfig;

15
ui/src/components/access/AccessFormWangsuConfig.tsx
View File

@ -19,6 +19,7 @@ const initFormModel = (): AccessFormWangsuConfigFieldValues => {
return {
accessKeyId: "",
accessKeySecret: "",
apiKey: "",
};
};
@ -36,6 +37,11 @@ const AccessFormWangsuConfig = ({ form: formInst, formName, disabled, initialVal
.min(1, t("access.form.wangsu_access_key_secret.placeholder"))
.max(64, t("common.errmsg.string_max", { max: 64 }))
.trim(),
apiKey: z
.string()
.min(1, t("access.form.wangsu_api_key.placeholder"))
.max(256, t("common.errmsg.string_max", { max: 256 }))
.trim(),
});
const formRule = createSchemaFieldRule(formSchema);
@ -69,6 +75,15 @@ const AccessFormWangsuConfig = ({ form: formInst, formName, disabled, initialVal
>
<Input.Password autoComplete="new-password" placeholder={t("access.form.wangsu_access_key_secret.placeholder")} />
</Form.Item>
<Form.Item
name="apiKey"
label={t("access.form.wangsu_api_key.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("access.form.wangsu_api_key.tooltip") }}></span>}
>
<Input.Password autoComplete="new-password" placeholder={t("access.form.wangsu_api_key.placeholder")} />
</Form.Item>
</Form>
);
};

6
ui/src/components/workflow/node/DeployNodeConfigForm.tsx
View File

@ -18,6 +18,7 @@ import { useWorkflowStore } from "@/stores/workflow";
import DeployNodeConfigForm1PanelConsoleConfig from "./DeployNodeConfigForm1PanelConsoleConfig";
import DeployNodeConfigForm1PanelSiteConfig from "./DeployNodeConfigForm1PanelSiteConfig";
import DeployNodeConfigFormAliyunALBConfig from "./DeployNodeConfigFormAliyunALBConfig";
import DeployNodeConfigFormAliyunAPIGWConfig from "./DeployNodeConfigFormAliyunAPIGWConfig";
import DeployNodeConfigFormAliyunCASConfig from "./DeployNodeConfigFormAliyunCASConfig";
import DeployNodeConfigFormAliyunCASDeployConfig from "./DeployNodeConfigFormAliyunCASDeployConfig";
import DeployNodeConfigFormAliyunCDNConfig from "./DeployNodeConfigFormAliyunCDNConfig";
@ -39,6 +40,7 @@ import DeployNodeConfigFormBaiduCloudCDNConfig from "./DeployNodeConfigFormBaidu
import DeployNodeConfigFormBaishanCDNConfig from "./DeployNodeConfigFormBaishanCDNConfig";
import DeployNodeConfigFormBaotaPanelConsoleConfig from "./DeployNodeConfigFormBaotaPanelConsoleConfig";
import DeployNodeConfigFormBaotaPanelSiteConfig from "./DeployNodeConfigFormBaotaPanelSiteConfig";
import DeployNodeConfigFormBunnyCDNConfig from "./DeployNodeConfigFormBunnyCDNConfig.tsx";
import DeployNodeConfigFormBytePlusCDNConfig from "./DeployNodeConfigFormBytePlusCDNConfig";
import DeployNodeConfigFormCdnflyConfig from "./DeployNodeConfigFormCdnflyConfig";
import DeployNodeConfigFormDogeCloudCDNConfig from "./DeployNodeConfigFormDogeCloudCDNConfig";
@ -177,6 +179,8 @@ const DeployNodeConfigForm = forwardRef<DeployNodeConfigFormInstance, DeployNode
return <DeployNodeConfigForm1PanelSiteConfig {...nestedFormProps} />;
case DEPLOY_PROVIDERS.ALIYUN_ALB:
return <DeployNodeConfigFormAliyunALBConfig {...nestedFormProps} />;
case DEPLOY_PROVIDERS.ALIYUN_APIGW:
return <DeployNodeConfigFormAliyunAPIGWConfig {...nestedFormProps} />;
case DEPLOY_PROVIDERS.ALIYUN_CAS:
return <DeployNodeConfigFormAliyunCASConfig {...nestedFormProps} />;
case DEPLOY_PROVIDERS.ALIYUN_CAS_DEPLOY:
@ -219,6 +223,8 @@ const DeployNodeConfigForm = forwardRef<DeployNodeConfigFormInstance, DeployNode
return <DeployNodeConfigFormBaotaPanelConsoleConfig {...nestedFormProps} />;
case DEPLOY_PROVIDERS.BAOTAPANEL_SITE:
return <DeployNodeConfigFormBaotaPanelSiteConfig {...nestedFormProps} />;
case DEPLOY_PROVIDERS.BUNNY_CDN:
return <DeployNodeConfigFormBunnyCDNConfig {...nestedFormProps} />;
case DEPLOY_PROVIDERS.BYTEPLUS_CDN:
return <DeployNodeConfigFormBytePlusCDNConfig {...nestedFormProps} />;
case DEPLOY_PROVIDERS.CDNFLY:

59
ui/src/components/workflow/node/DeployNodeConfigForm1PanelSiteConfig.tsx
View File

@ -1,10 +1,14 @@
import { useTranslation } from "react-i18next";
import { Form, type FormInstance, Input } from "antd";
import { Form, type FormInstance, Input, Select } from "antd";
import { createSchemaFieldRule } from "antd-zod";
import { z } from "zod";
import Show from "@/components/Show";
type DeployNodeConfigForm1PanelSiteConfigFieldValues = Nullish<{
websiteId: string | number;
resourceType: string;
websiteId?: string | number;
certificateId?: string | number;
}>;
export type DeployNodeConfigForm1PanelSiteConfigProps = {
@ -15,8 +19,13 @@ export type DeployNodeConfigForm1PanelSiteConfigProps = {
onValuesChange?: (values: DeployNodeConfigForm1PanelSiteConfigFieldValues) => void;
};
const RESOURCE_TYPE_WEBSITE = "website" as const;
const RESOURCE_TYPE_CERTIFICATE = "certificate" as const;
const initFormModel = (): DeployNodeConfigForm1PanelSiteConfigFieldValues => {
return {};
return {
resourceType: RESOURCE_TYPE_WEBSITE,
};
};
const DeployNodeConfigForm1PanelSiteConfig = ({
@ -29,12 +38,28 @@ const DeployNodeConfigForm1PanelSiteConfig = ({
const { t } = useTranslation();
const formSchema = z.object({
websiteId: z.union([z.string(), z.number()]).refine((v) => {
return /^\d+$/.test(v + "") && +v > 0;
resourceType: z.union([z.literal(RESOURCE_TYPE_WEBSITE), z.literal(RESOURCE_TYPE_CERTIFICATE)], {
message: t("workflow_node.deploy.form.1panel_site_resource_type.placeholder"),
}),
websiteId: z
.union([z.string(), z.number().int()])
.nullish()
.refine((v) => {
if (fieldResourceType !== RESOURCE_TYPE_WEBSITE) return true;
return /^\d+$/.test(v + "") && +v! > 0;
}, t("workflow_node.deploy.form.1panel_site_website_id.placeholder")),
certificateId: z
.union([z.string(), z.number().int()])
.nullish()
.refine((v) => {
if (fieldResourceType !== RESOURCE_TYPE_CERTIFICATE) return true;
return /^\d+$/.test(v + "") && +v! > 0;
}, t("workflow_node.deploy.form.1panel_site_certificate_id.placeholder")),
});
const formRule = createSchemaFieldRule(formSchema);
const fieldResourceType = Form.useWatch("resourceType", formInst);
const handleFormChange = (_: unknown, values: z.infer<typeof formSchema>) => {
onValuesChange?.(values);
};
@ -48,6 +73,18 @@ const DeployNodeConfigForm1PanelSiteConfig = ({
name={formName}
onValuesChange={handleFormChange}
>
<Form.Item name="resourceType" label={t("workflow_node.deploy.form.1panel_site_resource_type.label")} rules={[formRule]}>
<Select placeholder={t("workflow_node.deploy.form.1panel_site_resource_type.placeholder")}>
<Select.Option key={RESOURCE_TYPE_WEBSITE} value={RESOURCE_TYPE_WEBSITE}>
{t("workflow_node.deploy.form.1panel_site_resource_type.option.website.label")}
</Select.Option>
<Select.Option key={RESOURCE_TYPE_CERTIFICATE} value={RESOURCE_TYPE_CERTIFICATE}>
{t("workflow_node.deploy.form.1panel_site_resource_type.option.certificate.label")}
</Select.Option>
</Select>
</Form.Item>
<Show when={fieldResourceType === RESOURCE_TYPE_WEBSITE}>
<Form.Item
name="websiteId"
label={t("workflow_node.deploy.form.1panel_site_website_id.label")}
@ -56,6 +93,18 @@ const DeployNodeConfigForm1PanelSiteConfig = ({
>
<Input type="number" placeholder={t("workflow_node.deploy.form.1panel_site_website_id.placeholder")} />
</Form.Item>
</Show>
<Show when={fieldResourceType === RESOURCE_TYPE_CERTIFICATE}>
<Form.Item
name="certificateId"
label={t("workflow_node.deploy.form.1panel_site_certificate_id.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("workflow_node.deploy.form.1panel_site_certificate_id.tooltip") }}></span>}
>
<Input type="number" placeholder={t("workflow_node.deploy.form.1panel_site_certificate_id.placeholder")} />
</Form.Item>
</Show>
</Form>
);
};

133
ui/src/components/workflow/node/DeployNodeConfigFormAliyunAPIGWConfig.tsx Normal file
View File

@ -0,0 +1,133 @@
import { useTranslation } from "react-i18next";
import { Form, type FormInstance, Input, Select } from "antd";
import { createSchemaFieldRule } from "antd-zod";
import { z } from "zod";
import Show from "@/components/Show";
import { validDomainName } from "@/utils/validators";
type DeployNodeConfigFormAliyunAPIGWConfigFieldValues = Nullish<{
serviceType: string;
region: string;
gatewayId?: string;
groupId?: string;
domain?: string;
}>;
export type DeployNodeConfigFormAliyunAPIGWConfigProps = {
form: FormInstance;
formName: string;
disabled?: boolean;
initialValues?: DeployNodeConfigFormAliyunAPIGWConfigFieldValues;
onValuesChange?: (values: DeployNodeConfigFormAliyunAPIGWConfigFieldValues) => void;
};
const SERVICE_TYPE_CLOUDNATIVE = "cloudnative" as const;
const SERVICE_TYPE_TRADITIONAL = "traditional" as const;
const initFormModel = (): DeployNodeConfigFormAliyunAPIGWConfigFieldValues => {
return {};
};
const DeployNodeConfigFormAliyunAPIGWConfig = ({
form: formInst,
formName,
disabled,
initialValues,
onValuesChange,
}: DeployNodeConfigFormAliyunAPIGWConfigProps) => {
const { t } = useTranslation();
const formSchema = z.object({
serviceType: z.union([z.literal(SERVICE_TYPE_CLOUDNATIVE), z.literal(SERVICE_TYPE_TRADITIONAL)], {
message: t("workflow_node.deploy.form.aliyun_apigw_service_type.placeholder"),
}),
region: z
.string({ message: t("workflow_node.deploy.form.aliyun_apigw_region.placeholder") })
.nonempty(t("workflow_node.deploy.form.aliyun_apigw_region.placeholder"))
.trim(),
gatewayId: z
.string()
.nullish()
.refine((v) => fieldServiceType !== SERVICE_TYPE_CLOUDNATIVE || !!v?.trim(), t("workflow_node.deploy.form.aliyun_apigw_gateway_id.placeholder")),
groupId: z
.string()
.nullish()
.refine((v) => fieldServiceType !== SERVICE_TYPE_TRADITIONAL || !!v?.trim(), t("workflow_node.deploy.form.aliyun_apigw_group_id.placeholder")),
domain: z
.string()
.nonempty(t("workflow_node.deploy.form.aliyun_apigw_domain.placeholder"))
.refine((v) => validDomainName(v!, { allowWildcard: true }), t("common.errmsg.domain_invalid")),
});
const formRule = createSchemaFieldRule(formSchema);
const fieldServiceType = Form.useWatch("serviceType", formInst);
const handleFormChange = (_: unknown, values: z.infer<typeof formSchema>) => {
onValuesChange?.(values);
};
return (
<Form
form={formInst}
disabled={disabled}
initialValues={initialValues ?? initFormModel()}
layout="vertical"
name={formName}
onValuesChange={handleFormChange}
>
<Form.Item name="serviceType" label={t("workflow_node.deploy.form.aliyun_apigw_service_type.label")} rules={[formRule]}>
<Select placeholder={t("workflow_node.deploy.form.aliyun_apigw_service_type.placeholder")}>
<Select.Option key={SERVICE_TYPE_CLOUDNATIVE} value={SERVICE_TYPE_CLOUDNATIVE}>
{t("workflow_node.deploy.form.aliyun_apigw_service_type.option.cloudnative.label")}
</Select.Option>
<Select.Option key={SERVICE_TYPE_TRADITIONAL} value={SERVICE_TYPE_TRADITIONAL}>
{t("workflow_node.deploy.form.aliyun_apigw_service_type.option.traditional.label")}
</Select.Option>
</Select>
</Form.Item>
<Form.Item
name="region"
label={t("workflow_node.deploy.form.aliyun_apigw_region.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("workflow_node.deploy.form.aliyun_apigw_region.tooltip") }}></span>}
>
<Input placeholder={t("workflow_node.deploy.form.aliyun_apigw_region.placeholder")} />
</Form.Item>
<Show when={fieldServiceType === SERVICE_TYPE_CLOUDNATIVE}>
<Form.Item
name="gatewayId"
label={t("workflow_node.deploy.form.aliyun_apigw_gateway_id.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("workflow_node.deploy.form.aliyun_apigw_gateway_id.tooltip") }}></span>}
>
<Input placeholder={t("workflow_node.deploy.form.aliyun_apigw_gateway_id.placeholder")} />
</Form.Item>
</Show>
<Show when={fieldServiceType === SERVICE_TYPE_TRADITIONAL}>
<Form.Item
name="groupId"
label={t("workflow_node.deploy.form.aliyun_apigw_group_id.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("workflow_node.deploy.form.aliyun_apigw_group_id.tooltip") }}></span>}
>
<Input placeholder={t("workflow_node.deploy.form.aliyun_apigw_group_id.placeholder")} />
</Form.Item>
</Show>
<Form.Item
name="domain"
label={t("workflow_node.deploy.form.aliyun_apigw_domain.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("workflow_node.deploy.form.aliyun_apigw_domain.tooltip") }}></span>}
>
<Input placeholder={t("workflow_node.deploy.form.aliyun_apigw_domain.placeholder")} />
</Form.Item>
</Form>
);
};
export default DeployNodeConfigFormAliyunAPIGWConfig;

17
ui/src/components/workflow/node/DeployNodeConfigFormAzureKeyVaultConfig.tsx
View File

@ -5,6 +5,7 @@ import { z } from "zod";
type DeployNodeConfigFormAzureKeyVaultConfigFieldValues = Nullish<{
keyvaultName: string;
certificateName?: string;
}>;
export type DeployNodeConfigFormAzureKeyVaultConfigProps = {
@ -33,6 +34,13 @@ const DeployNodeConfigFormAzureKeyVaultConfig = ({
.string({ message: t("workflow_node.deploy.form.azure_keyvault_name.placeholder") })
.nonempty(t("workflow_node.deploy.form.azure_keyvault_name.placeholder"))
.trim(),
certificateName: z
.string({ message: t("workflow_node.deploy.form.azure_keyvault_certificate_name.placeholder") })
.nullish()
.refine((v) =>{
if (!v) return true;
return /^[a-zA-Z0-9-]{1,127}$/.test(v);
}, t("workflow_node.deploy.form.azure_keyvault_certificate_name.errmsg.invalid")),
});
const formRule = createSchemaFieldRule(formSchema);
@ -57,6 +65,15 @@ const DeployNodeConfigFormAzureKeyVaultConfig = ({
>
<Input placeholder={t("workflow_node.deploy.form.azure_keyvault_name.placeholder")} />
</Form.Item>
<Form.Item
name="certificateName"
label={t("workflow_node.deploy.form.azure_keyvault_certificate_name.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("workflow_node.deploy.form.azure_keyvault_certificate_name.tooltip") }}></span>}
>
<Input placeholder={t("workflow_node.deploy.form.azure_keyvault_certificate_name.placeholder")} />
</Form.Item>
</Form>
);
};

76
ui/src/components/workflow/node/DeployNodeConfigFormBunnyCDNConfig.tsx Normal file
View File

@ -0,0 +1,76 @@
import { useTranslation } from "react-i18next";
import { Form, type FormInstance, Input } from "antd";
import { createSchemaFieldRule } from "antd-zod";
import { z } from "zod";
import { validDomainName } from "@/utils/validators";
type DeployNodeConfigFormBunnyCDNConfigFieldValues = Nullish<{
pullZoneId: string | number;
hostName: string;
}>;
export type DeployNodeConfigFormBunnyCDNConfigProps = {
form: FormInstance;
formName: string;
disabled?: boolean;
initialValues?: DeployNodeConfigFormBunnyCDNConfigFieldValues;
onValuesChange?: (values: DeployNodeConfigFormBunnyCDNConfigFieldValues) => void;
};
const initFormModel = (): DeployNodeConfigFormBunnyCDNConfigFieldValues => {
return {};
};
const DeployNodeConfigFormBunnyCDNConfig = ({ form: formInst, formName, disabled, initialValues, onValuesChange }: DeployNodeConfigFormBunnyCDNConfigProps) => {
const { t } = useTranslation();
const formSchema = z.object({
pullZoneId: z
.union([z.string(), z.number().int()])
.refine((v) => {
return /^\d+$/.test(v + "") && +v! > 0;
}, t("workflow_node.deploy.form.bunny_cdn_pull_zone_id.placeholder")),
hostName: z
.string({ message: t("workflow_node.deploy.form.bunny_cdn_host_name.placeholder") })
.nonempty(t("workflow_node.deploy.form.bunny_cdn_host_name.placeholder"))
.refine((v) => {
return !v || validDomainName(v!, { allowWildcard: true });
}, t("common.errmsg.domain_invalid")),
});
const formRule = createSchemaFieldRule(formSchema);
const handleFormChange = (_: unknown, values: z.infer<typeof formSchema>) => {
onValuesChange?.(values);
};
return (
<Form
form={formInst}
disabled={disabled}
initialValues={initialValues ?? initFormModel()}
layout="vertical"
name={formName}
onValuesChange={handleFormChange}
>
<Form.Item
name="pullZoneId"
label={t("workflow_node.deploy.form.bunny_cdn_pull_zone_id.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("workflow_node.deploy.form.bunny_cdn_pull_zone_id.tooltip") }}></span>}
>
<Input placeholder={t("workflow_node.deploy.form.bunny_cdn_pull_zone_id.placeholder")} />
</Form.Item>
<Form.Item
name="hostName"
label={t("workflow_node.deploy.form.bunny_cdn_host_name.label")}
rules={[formRule]}
tooltip={<span dangerouslySetInnerHTML={{ __html: t("workflow_node.deploy.form.bunny_cdn_host_name.tooltip") }}></span>}
>
<Input placeholder={t("workflow_node.deploy.form.bunny_cdn_host_name.placeholder")} />
</Form.Item>
</Form>
);
};
export default DeployNodeConfigFormBunnyCDNConfig;

8
ui/src/components/workflow/node/DeployNodeConfigFormCdnflyConfig.tsx
View File

@ -7,6 +7,7 @@ import Show from "@/components/Show";
type DeployNodeConfigFormCdnflyConfigFieldValues = Nullish<{
resourceType: string;
siteId?: string | number;
certificateId?: string | number;
}>;
@ -34,9 +35,12 @@ const DeployNodeConfigFormCdnflyConfig = ({ form: formInst, formName, disabled,
resourceType: z.union([z.literal(RESOURCE_TYPE_SITE), z.literal(RESOURCE_TYPE_CERTIFICATE)], {
message: t("workflow_node.deploy.form.cdnfly_resource_type.placeholder"),
}),
siteId: z.union([z.string(), z.number().int()]).refine((v) => {
siteId: z
.union([z.string(), z.number().int()])
.nullish()
.refine((v) => {
if (fieldResourceType !== RESOURCE_TYPE_SITE) return true;
return /^\d+$/.test(v + "") && +v > 0;
return /^\d+$/.test(v + "") && +v! > 0;
}, t("workflow_node.deploy.form.cdnfly_site_id.placeholder")),
certificateId: z
.union([z.string(), z.number().int()])

4
ui/src/components/workflow/node/DeployNodeConfigFormLocalConfig.tsx
View File

@ -39,8 +39,8 @@ const SHELLENV_POWERSHELL = "powershell" as const;
const initFormModel = (): DeployNodeConfigFormLocalConfigFieldValues => {
return {
format: FORMAT_PEM,
certPath: "/etc/ssl/certs/cert.crt",
keyPath: "/etc/ssl/certs/cert.key",
certPath: "/etc/ssl/certimate/cert.crt",
keyPath: "/etc/ssl/certimate/cert.key",
shellEnv: SHELLENV_SH,
};
};

4
ui/src/components/workflow/node/DeployNodeConfigFormSSHConfig.tsx
View File

@ -35,8 +35,8 @@ const FORMAT_JKS = CERTIFICATE_FORMATS.JKS;
const initFormModel = (): DeployNodeConfigFormSSHConfigFieldValues => {
return {
format: FORMAT_PEM,
certPath: "/etc/ssl/certs/cert.crt",
keyPath: "/etc/ssl/certs/cert.key",
certPath: "/etc/ssl/certimate/cert.crt",
keyPath: "/etc/ssl/certimate/cert.key",
};
};

6
ui/src/domain/access.ts
View File

@ -14,6 +14,7 @@ export interface AccessModel extends BaseModel {
| AccessConfigForBaiduCloud
| AccessConfigForBaishan
| AccessConfigForBaotaPanel
| AccessConfigForBunny
| AccessConfigForBytePlus
| AccessConfigForCacheFly
| AccessConfigForCdnfly
@ -100,6 +101,10 @@ export type AccessConfigForBaotaPanel = {
allowInsecureConnections?: boolean;
};
export type AccessConfigForBunny = {
apiKey: string;
};
export type AccessConfigForBytePlus = {
accessKey: string;
secretKey: string;
@ -272,6 +277,7 @@ export type AccessConfigForVolcEngine = {
export type AccessConfigForWangsu = {
accessKeyId: string;
accessKeySecret: string;
apiKey: string;
};
export type AccessConfigForWebhook = {

8
ui/src/domain/provider.ts
View File

@ -12,6 +12,7 @@ export const ACCESS_PROVIDERS = Object.freeze({
BAIDUCLOUD: "baiducloud",
BAISHAN: "baishan",
BAOTAPANEL: "baotapanel",
BUNNY: "bunny",
BYTEPLUS: "byteplus",
BUYPASS: "buypass",
CACHEFLY: "cachefly",
@ -94,6 +95,7 @@ export const accessProvidersMap: Map<AccessProvider["type"] | string, AccessProv
[ACCESS_PROVIDERS.JDCLOUD, "provider.jdcloud", "/imgs/providers/jdcloud.svg", [ACCESS_USAGES.DNS, ACCESS_USAGES.HOSTING]],
[ACCESS_PROVIDERS.AWS, "provider.aws", "/imgs/providers/aws.svg", [ACCESS_USAGES.DNS, ACCESS_USAGES.HOSTING]],
[ACCESS_PROVIDERS.AZURE, "provider.azure", "/imgs/providers/azure.svg", [ACCESS_USAGES.DNS, ACCESS_USAGES.HOSTING]],
[ACCESS_PROVIDERS.BUNNY, "provider.bunny", "/imgs/providers/bunny.svg", [ACCESS_USAGES.DNS, ACCESS_USAGES.HOSTING]],
[ACCESS_PROVIDERS.GCORE, "provider.gcore", "/imgs/providers/gcore.png", [ACCESS_USAGES.DNS, ACCESS_USAGES.HOSTING]],
[ACCESS_PROVIDERS.RAINYUN, "provider.rainyun", "/imgs/providers/rainyun.svg", [ACCESS_USAGES.DNS, ACCESS_USAGES.HOSTING]],
@ -212,6 +214,7 @@ export const APPLY_DNS_PROVIDERS = Object.freeze({
AZURE_DNS: `${ACCESS_PROVIDERS.AZURE}-dns`,
BAIDUCLOUD: `${ACCESS_PROVIDERS.BAIDUCLOUD}`, // 兼容旧值,等同于 `BAIDUCLOUD_DNS`
BAIDUCLOUD_DNS: `${ACCESS_PROVIDERS.BAIDUCLOUD}-dns`,
BUNNY: `${ACCESS_PROVIDERS.BUNNY}`,
CLOUDFLARE: `${ACCESS_PROVIDERS.CLOUDFLARE}`,
CLOUDNS: `${ACCESS_PROVIDERS.CLOUDNS}`,
CMCCCLOUD: `${ACCESS_PROVIDERS.CMCCCLOUD}`,
@ -265,6 +268,7 @@ export const applyDNSProvidersMap: Map<ApplyDNSProvider["type"] | string, ApplyD
[APPLY_DNS_PROVIDERS.JDCLOUD_DNS, "provider.jdcloud.dns"],
[APPLY_DNS_PROVIDERS.AWS_ROUTE53, "provider.aws.route53"],
[APPLY_DNS_PROVIDERS.AZURE_DNS, "provider.azure.dns"],
[APPLY_DNS_PROVIDERS.BUNNY, "provider.bunny"],
[APPLY_DNS_PROVIDERS.CLOUDFLARE, "provider.cloudflare"],
[APPLY_DNS_PROVIDERS.CLOUDNS, "provider.cloudns"],
[APPLY_DNS_PROVIDERS.DESEC, "provider.desec"],
@ -305,6 +309,7 @@ export const DEPLOY_PROVIDERS = Object.freeze({
["1PANEL_CONSOLE"]: `${ACCESS_PROVIDERS["1PANEL"]}-console`,
["1PANEL_SITE"]: `${ACCESS_PROVIDERS["1PANEL"]}-site`,
ALIYUN_ALB: `${ACCESS_PROVIDERS.ALIYUN}-alb`,
ALIYUN_APIGW: `${ACCESS_PROVIDERS.ALIYUN}-apigw`,
ALIYUN_CAS: `${ACCESS_PROVIDERS.ALIYUN}-cas`,
ALIYUN_CAS_DEPLOY: `${ACCESS_PROVIDERS.ALIYUN}-casdeploy`,
ALIYUN_CDN: `${ACCESS_PROVIDERS.ALIYUN}-cdn`,
@ -327,6 +332,7 @@ export const DEPLOY_PROVIDERS = Object.freeze({
BAISHAN_CDN: `${ACCESS_PROVIDERS.BAISHAN}-cdn`,
BAOTAPANEL_CONSOLE: `${ACCESS_PROVIDERS.BAOTAPANEL}-console`,
BAOTAPANEL_SITE: `${ACCESS_PROVIDERS.BAOTAPANEL}-site`,
BUNNY_CDN: `${ACCESS_PROVIDERS.BUNNY}-cdn`,
BYTEPLUS_CDN: `${ACCESS_PROVIDERS.BYTEPLUS}-cdn`,
CACHEFLY: `${ACCESS_PROVIDERS.CACHEFLY}`,
CDNFLY: `${ACCESS_PROVIDERS.CDNFLY}`,
@ -422,6 +428,7 @@ export const deployProvidersMap: Map<DeployProvider["type"] | string, DeployProv
[DEPLOY_PROVIDERS.ALIYUN_LIVE, "provider.aliyun.live", DEPLOY_CATEGORIES.AV],
[DEPLOY_PROVIDERS.ALIYUN_VOD, "provider.aliyun.vod", DEPLOY_CATEGORIES.AV],
[DEPLOY_PROVIDERS.ALIYUN_FC, "provider.aliyun.fc", DEPLOY_CATEGORIES.SERVERLESS],
[DEPLOY_PROVIDERS.ALIYUN_APIGW, "provider.aliyun.apigw", DEPLOY_CATEGORIES.OTHER],
[DEPLOY_PROVIDERS.ALIYUN_CAS, "provider.aliyun.cas_upload", DEPLOY_CATEGORIES.OTHER],
[DEPLOY_PROVIDERS.ALIYUN_CAS_DEPLOY, "provider.aliyun.cas_deploy", DEPLOY_CATEGORIES.OTHER],
[DEPLOY_PROVIDERS.TENCENTCLOUD_COS, "provider.tencentcloud.cos", DEPLOY_CATEGORIES.STORAGE],
@ -470,6 +477,7 @@ export const deployProvidersMap: Map<DeployProvider["type"] | string, DeployProv
[DEPLOY_PROVIDERS.AWS_CLOUDFRONT, "provider.aws.cloudfront", DEPLOY_CATEGORIES.CDN],
[DEPLOY_PROVIDERS.AWS_ACM, "provider.aws.acm", DEPLOY_CATEGORIES.OTHER],
[DEPLOY_PROVIDERS.AZURE_KEYVAULT, "provider.azure.keyvault", DEPLOY_CATEGORIES.OTHER],
[DEPLOY_PROVIDERS.BUNNY_CDN, "provider.bunny.cdn", DEPLOY_CATEGORIES.CDN],
[DEPLOY_PROVIDERS.CACHEFLY, "provider.cachefly", DEPLOY_CATEGORIES.CDN],
[DEPLOY_PROVIDERS.CDNFLY, "provider.cdnfly", DEPLOY_CATEGORIES.CDN],
[DEPLOY_PROVIDERS.EDGIO_APPLICATIONS, "provider.edgio.applications", DEPLOY_CATEGORIES.WEBSITE],

2
ui/src/domain/version.ts
View File

@ -1 +1 @@
export const version = "v0.3.7";
export const version = "v0.3.9";

6
ui/src/i18n/locales/en/nls.access.json
View File

@ -85,6 +85,9 @@
"access.form.baiducloud_secret_access_key.label": "Baidu Cloud SecretAccessKey",
"access.form.baiducloud_secret_access_key.placeholder": "Please enter Baidu Cloud SecretAccessKey",
"access.form.baiducloud_secret_access_key.tooltip": "For more information, see <a href=\"https://intl.cloud.baidu.com/doc/Reference/s/jjwvz2e3p-en\" target=\"_blank\">https://intl.cloud.baidu.com/doc/Reference/s/jjwvz2e3p-en</a>",
"access.form.bunny_api_key.label": "Bunny API Key",
"access.form.bunny_api_key.placeholder": "Please enter Bunny API key",
"access.form.bunny_api_key.tooltip": "For more information, see <a href=\"https://docs.bunny.net/reference/bunnynet-api-overview\" target=\"_blank\">https://docs.bunny.net/reference/bunnynet-api-overview</a>",
"access.form.upyun_username.label": "UPYUN subaccount username",
"access.form.upyun_username.placeholder": "Please enter UPYUN subaccount username",
"access.form.upyun_username.tooltip": "For more information, see <a href=\"https://console.upyun.com/account/subaccount/\" target=\"_blank\">https://console.upyun.com/account/subaccount/</a>",
@ -304,6 +307,9 @@
"access.form.wangsu_access_key_secret.label": "Wangsu Cloud AccessKeySecret",
"access.form.wangsu_access_key_secret.placeholder": "Please enter Wangsu Cloud AccessKeySecret",
"access.form.wangsu_access_key_secret.tooltip": "For more information, see <a href=\"https://en.wangsu.com/document/account-manage/15775\" target=\"_blank\">https://en.wangsu.com/document/account-manage/15775</a>",
"access.form.wangsu_api_key.label": "Wangsu Cloud API key",
"access.form.wangsu_api_key.placeholder": "Please enter Wangsu Cloud API key",
"access.form.wangsu_api_key.tooltip": "For more information, see <a href=\"https://en.wangsu.com/document/account-manage/15776\" target=\"_blank\">https://en.wangsu.com/document/account-manage/15776</a>",
"access.form.webhook_url.label": "Webhook URL",
"access.form.webhook_url.placeholder": "Please enter Webhook URL",
"access.form.webhook_allow_insecure_conns.label": "Insecure SSL/TLS connections",

3
ui/src/i18n/locales/en/nls.provider.json
View File

@ -5,6 +5,7 @@
"provider.acmehttpreq": "Http Request (ACME Proxy)",
"provider.aliyun": "Alibaba Cloud",
"provider.aliyun.alb": "Alibaba Cloud - ALB (Application Load Balancer)",
"provider.aliyun.apigw": "Alibaba Cloud - API Gateway",
"provider.aliyun.cas_upload": "Alibaba Cloud - Upload to CAS (Certificate Management Service)",
"provider.aliyun.cas_deploy": "Alibaba Cloud - Deploy via CAS (Certificate Management Service)",
"provider.aliyun.cdn": "Alibaba Cloud - CDN (Content Delivery Network)",
@ -38,6 +39,8 @@
"provider.baotapanel": "aaPanel (aka BaoTaPanel)",
"provider.baotapanel.console": "aaPanel (aka BaoTaPanel) - Console",
"provider.baotapanel.site": "aaPanel (aka BaoTaPanel) - Website",
"provider.bunny": "Bunny",
"provider.bunny.cdn": "Bunny - CDN (Content Delivery Network)",
"provider.byteplus": "BytePlus",
"provider.byteplus.cdn": "BytePlus - CDN (Content Delivery Network)",
"provider.buypass": "Buypass AS",

33
ui/src/i18n/locales/en/nls.workflow.nodes.json
View File

@ -103,9 +103,16 @@
"workflow_node.deploy.form.certificate.tooltip": "The certificate to be deployed comes from the previous nodes of application or upload.",
"workflow_node.deploy.form.params_config.label": "Parameter settings",
"workflow_node.deploy.form.1panel_console_auto_restart.label": "Auto restart after deployment",
"workflow_node.deploy.form.1panel_site_resource_type.label": "Resource type",
"workflow_node.deploy.form.1panel_site_resource_type.placeholder": "Please select resource type",
"workflow_node.deploy.form.1panel_site_resource_type.option.website.label": "Website",
"workflow_node.deploy.form.1panel_site_resource_type.option.certificate.label": "Certificate",
"workflow_node.deploy.form.1panel_site_website_id.label": "1Panel website ID",
"workflow_node.deploy.form.1panel_site_website_id.placeholder": "Please enter 1Panel website ID",
"workflow_node.deploy.form.1panel_site_website_id.tooltip": "You can find it on 1Panel WebUI.",
"workflow_node.deploy.form.1panel_site_certificate_id.label": "1Panel certificate ID",
"workflow_node.deploy.form.1panel_site_certificate_id.placeholder": "Please enter 1Panel certificate ID",
"workflow_node.deploy.form.1panel_site_certificate_id.tooltip": "You can find it on 1Panel WebUI.",
"workflow_node.deploy.form.aliyun_alb_resource_type.label": "Resource type",
"workflow_node.deploy.form.aliyun_alb_resource_type.placeholder": "Please select resource type",
"workflow_node.deploy.form.aliyun_alb_resource_type.option.loadbalancer.label": "ALB load balancer",
@ -122,6 +129,22 @@
"workflow_node.deploy.form.aliyun_alb_snidomain.label": "Alibaba Cloud ALB SNI domain (Optional)",
"workflow_node.deploy.form.aliyun_alb_snidomain.placeholder": "Please enter Alibaba Cloud ALB SNI domain name",
"workflow_node.deploy.form.aliyun_alb_snidomain.tooltip": "For more information, see <a href=\"https://slb.console.aliyun.com/alb\" target=\"_blank\">https://slb.console.aliyun.com/alb</a>",
"workflow_node.deploy.form.aliyun_apigw_service_type.label": "Alibaba Cloud API gateway type",
"workflow_node.deploy.form.aliyun_apigw_service_type.placeholder": "Please select Alibaba Cloud API gateway type",
"workflow_node.deploy.form.aliyun_apigw_service_type.option.cloudnative.label": "Cloud-native API gateway",
"workflow_node.deploy.form.aliyun_apigw_service_type.option.traditional.label": "Traditional API gateway",
"workflow_node.deploy.form.aliyun_apigw_region.label": "Alibaba Cloud API gateway region",
"workflow_node.deploy.form.aliyun_apigw_region.placeholder": "Please enter Alibaba Cloud API gateway region (e.g. cn-hangzhou)",
"workflow_node.deploy.form.aliyun_apigw_region.tooltip": "For more information, see <a href=\"https://www.alibabacloud.com/help/en/api-gateway/cloud-native-api-gateway/product-overview/regions\" target=\"_blank\">https://www.alibabacloud.com/help/en/api-gateway/cloud-native-api-gateway/product-overview/regions</a>",
"workflow_node.deploy.form.aliyun_apigw_gateway_id.label": "Alibaba Cloud API gateway ID",
"workflow_node.deploy.form.aliyun_apigw_gateway_id.placeholder": "Please enter Alibaba Cloud API gateway ID",
"workflow_node.deploy.form.aliyun_apigw_gateway_id.tooltip": "For more information, see <a href=\"https://apigw.console.aliyun.com\" target=\"_blank\">https://apigw.console.aliyun.com</a>",
"workflow_node.deploy.form.aliyun_apigw_group_id.label": "Alibaba Cloud API group ID",
"workflow_node.deploy.form.aliyun_apigw_group_id.placeholder": "Please enter Alibaba Cloud API group ID",
"workflow_node.deploy.form.aliyun_apigw_group_id.tooltip": "For more information, see <a href=\"https://apigateway.console.aliyun.com\" target=\"_blank\">https://apigateway.console.aliyun.com</a>",
"workflow_node.deploy.form.aliyun_apigw_domain.label": "Alibaba Cloud API gateway domain",
"workflow_node.deploy.form.aliyun_apigw_domain.placeholder": "Please enter Alibaba Cloud API gateway domain",
"workflow_node.deploy.form.aliyun_apigw_domain.tooltip": "For more information, see <a href=\"https://apigw.console.aliyun.com\" target=\"_blank\">https://apigw.console.aliyun.com</a> or <a href=\"https://apigateway.console.aliyun.com\" target=\"_blank\">https://apigateway.console.aliyun.com</a>",
"workflow_node.deploy.form.aliyun_cas_region.label": "Alibaba Cloud CAS region",
"workflow_node.deploy.form.aliyun_cas_region.placeholder": "Please enter Alibaba Cloud CAS region (e.g. cn-hangzhou)",
"workflow_node.deploy.form.aliyun_cas_region.tooltip": "For more information, see <a href=\"https://www.alibabacloud.com/help/en/ssl-certificate/developer-reference/endpoints\" target=\"_blank\">https://www.alibabacloud.com/help/en/ssl-certificate/developer-reference/endpoints</a>",
@ -234,6 +257,10 @@
"workflow_node.deploy.form.azure_keyvault_name.label": "Azure KeyVault name",
"workflow_node.deploy.form.azure_keyvault_name.placeholder": "Please enter Azure KeyVault name",
"workflow_node.deploy.form.azure_keyvault_name.tooltip": "For more information, see <a href=\"https://learn.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates\" target=\"_blank\">https://learn.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates</a>",
"workflow_node.deploy.form.azure_keyvault_certificate_name.label": "Azure KeyVault certificate name (Optional)",
"workflow_node.deploy.form.azure_keyvault_certificate_name.placeholder": "Please enter Azure KeyVault certificate name",
"workflow_node.deploy.form.azure_keyvault_certificate_name.tooltip": "Leave it blank to use a default name generated by Certimate.",
"workflow_node.deploy.form.azure_keyvault_certificate_name.errmsg.invalid": "Certificate name can only contain letters, numbers, and hyphens (-), with a length limit of 1 to 127 characters",
"workflow_node.deploy.form.baiducloud_appblb_resource_type.label": "Resource type",
"workflow_node.deploy.form.baiducloud_appblb_resource_type.placeholder": "Please select resource type",
"workflow_node.deploy.form.baiducloud_appblb_resource_type.option.loadbalancer.label": "BLB load balancer",
@ -289,6 +316,12 @@
"workflow_node.deploy.form.baotapanel_site_names.tooltip": "Usually equal to the websites domain name.",
"workflow_node.deploy.form.baotapanel_site_names.multiple_input_modal.title": "Change aaPanel site names",
"workflow_node.deploy.form.baotapanel_site_names.multiple_input_modal.placeholder": "Please enter aaPanel site name",
"workflow_node.deploy.form.bunny_cdn_pull_zone_id.label": "Bunny CDN pull zone ID",
"workflow_node.deploy.form.bunny_cdn_pull_zone_id.placeholder": "Please enter Bunny CDN pull zone ID",
"workflow_node.deploy.form.bunny_cdn_pull_zone_id.tooltip": "What is this? See <a href=\"https://dash.bunny.net/cdn\" target=\"_blank\">https://dash.bunny.net/cdn</a>",
"workflow_node.deploy.form.bunny_cdn_host_name.label": "Bunny CDN hostname",
"workflow_node.deploy.form.bunny_cdn_host_name.placeholder": "Please enter Bunny CDN hostname",
"workflow_node.deploy.form.bunny_cdn_host_name.tooltip": "What is this? See <a href=\"https://dash.bunny.net/cdn\" target=\"_blank\">https://dash.bunny.net/cdn</a>",
"workflow_node.deploy.form.byteplus_cdn_domain.label": "BytePlus CDN domain",
"workflow_node.deploy.form.byteplus_cdn_domain.placeholder": "Please enter BytePlus CDN domain name",
"workflow_node.deploy.form.byteplus_cdn_domain.tooltip": "For more information, see <a href=\"https://console.byteplus.com/cdn\" target=\"_blank\">https://console.byteplus.com/cdn</a>",

12
ui/src/i18n/locales/zh/nls.access.json
View File

@ -97,6 +97,9 @@
"access.form.baotapanel_allow_insecure_conns.tooltip": "忽略 SSL/TLS 证书错误可能导致数据泄露或被篡改。建议仅在可信网络下启用。",
"access.form.baotapanel_allow_insecure_conns.switch.on": "允许",
"access.form.baotapanel_allow_insecure_conns.switch.off": "不允许",
"access.form.bunny_api_key.label": "Bunny API Key",
"access.form.bunny_api_key.placeholder": "请输入 Bunny API Key",
"access.form.bunny_api_key.tooltip": "这是什么?请参阅 <a href=\"https://docs.bunny.net/reference/bunnynet-api-overview\" target=\"_blank\">https://docs.bunny.net/reference/bunnynet-api-overview</a>",
"access.form.byteplus_access_key.label": "BytePlus AccessKey",
"access.form.byteplus_access_key.placeholder": "请输入 BytePlus AccessKey",
"access.form.byteplus_access_key.tooltip": "这是什么?请参阅 <a href=\"https://docs.byteplus.com/zh-CN/docs/byteplus-platform/docs-managing-keys\" target=\"_blank\">https://docs.byteplus.com/zh-CN/docs/byteplus-platform/docs-managing-keys</a>",
@ -299,11 +302,14 @@
"access.form.volcengine_secret_access_key.placeholder": "请输入火山引擎 SecretAccessKey",
"access.form.volcengine_secret_access_key.tooltip": "这是什么?请参阅 <a href=\"https://www.volcengine.com/docs/6291/216571\" target=\"_blank\">https://www.volcengine.com/docs/6291/216571</a>",
"access.form.wangsu_access_key_id.label": "网宿云 AccessKeyId",
"access.form.wangsu_access_key_id.placeholder": "请输入网宿科技 AccessKeyId",
"access.form.wangsu_access_key_id.placeholder": "请输入网宿 AccessKeyId",
"access.form.wangsu_access_key_id.tooltip": "这是什么?请参阅 <a href=\"https://www.wangsu.com/document/account-manage/15775\" target=\"_blank\">https://www.wangsu.com/document/account-manage/15775</a>",
"access.form.wangsu_access_key_secret.label": "网宿科技 AccessKeySecret",
"access.form.wangsu_access_key_secret.placeholder": "请输入网宿科技 AccessKeySecret",
"access.form.wangsu_access_key_secret.label": "网宿 AccessKeySecret",
"access.form.wangsu_access_key_secret.placeholder": "请输入网宿 AccessKeySecret",
"access.form.wangsu_access_key_secret.tooltip": "这是什么?请参阅 <a href=\"https://www.wangsu.com/document/account-manage/15775\" target=\"_blank\">https://www.wangsu.com/document/account-manage/15775</a>",
"access.form.wangsu_api_key.label": "网宿云 API 接口密码",
"access.form.wangsu_api_key.placeholder": "请输入网宿云 API 接口密码",
"access.form.wangsu_api_key.tooltip": "这是什么?请参阅 <a href=\"https://www.wangsu.com/document/account-manage/15776\" target=\"_blank\">https://www.wangsu.com/document/account-manage/15776</a>",
"access.form.webhook_url.label": "Webhook 回调地址",
"access.form.webhook_url.placeholder": "请输入 Webhook 回调地址",
"access.form.webhook_allow_insecure_conns.label": "忽略 SSL/TLS 证书错误",

3
ui/src/i18n/locales/zh/nls.provider.json
View File

@ -5,6 +5,7 @@
"provider.acmehttpreq": "Http Request (ACME Proxy)",
"provider.aliyun": "阿里云",
"provider.aliyun.alb": "阿里云 - 应用型负载均衡 ALB",
"provider.aliyun.apigw": "阿里云 - API 网关",
"provider.aliyun.cas_upload": "阿里云 - 上传到数字证书管理服务 CAS",
"provider.aliyun.cas_deploy": "阿里云 - 通过数字证书管理服务 CAS 创建部署任务",
"provider.aliyun.cdn": "阿里云 - 内容分发网络 CDN",
@ -38,6 +39,8 @@
"provider.baotapanel": "宝塔面板",
"provider.baotapanel.console": "宝塔面板 - 面板",
"provider.baotapanel.site": "宝塔面板 - 网站",
"provider.bunny": "Bunny",
"provider.bunny.cdn": "Bunny - 内容分发网络 CDN",
"provider.byteplus": "BytePlus",
"provider.byteplus.cdn": "BytePlus - 内容分发网络 CDN",
"provider.buypass": "Buypass AS",

33
ui/src/i18n/locales/zh/nls.workflow.nodes.json
View File

@ -102,9 +102,16 @@
"workflow_node.deploy.form.certificate.tooltip": "待部署证书来自之前的申请或上传节点。如果选项为空请先确保前序节点配置正确。",
"workflow_node.deploy.form.params_config.label": "参数设置",
"workflow_node.deploy.form.1panel_console_auto_restart.label": "部署后自动重启面板服务",
"workflow_node.deploy.form.1panel_site_resource_type.label": "证书替换方式",
"workflow_node.deploy.form.1panel_site_resource_type.placeholder": "请选择证书替换方式",
"workflow_node.deploy.form.1panel_site_resource_type.option.website.label": "替换指定网站的证书",
"workflow_node.deploy.form.1panel_site_resource_type.option.certificate.label": "替换指定证书",
"workflow_node.deploy.form.1panel_site_website_id.label": "1Panel 网站 ID",
"workflow_node.deploy.form.1panel_site_website_id.placeholder": "请输入 1Panel 网站 ID",
"workflow_node.deploy.form.1panel_site_website_id.tooltip": "请在 1Panel 管理面板查看。",
"workflow_node.deploy.form.1panel_site_certificate_id.label": "1Panel 证书 ID",
"workflow_node.deploy.form.1panel_site_certificate_id.placeholder": "请输入 1Panel 证书 ID",
"workflow_node.deploy.form.1panel_site_certificate_id.tooltip": "请在 1Panel 管理面板查看。",
"workflow_node.deploy.form.aliyun_alb_resource_type.label": "证书替换方式",
"workflow_node.deploy.form.aliyun_alb_resource_type.placeholder": "请选择证书替换方式",
"workflow_node.deploy.form.aliyun_alb_resource_type.option.loadbalancer.label": "替换指定负载均衡器下的全部 HTTPS/QUIC 监听的证书",
@ -121,6 +128,22 @@
"workflow_node.deploy.form.aliyun_alb_snidomain.label": "阿里云 ALB 扩展域名(可选)",
"workflow_node.deploy.form.aliyun_alb_snidomain.placeholder": "请输入阿里云 ALB 扩展域名(支持泛域名)",
"workflow_node.deploy.form.aliyun_alb_snidomain.tooltip": "这是什么?请参阅 <a href=\"https://slb.console.aliyun.com/alb\" target=\"_blank\">https://slb.console.aliyun.com/alb</a><br><br>不填写时,将替换监听器的默认证书;否则,将替换扩展域名证书。",
"workflow_node.deploy.form.aliyun_apigw_service_type.label": "阿里云 API 网关服务类型",
"workflow_node.deploy.form.aliyun_apigw_service_type.placeholder": "请选择阿里云 API 网关服务类型",
"workflow_node.deploy.form.aliyun_apigw_service_type.option.cloudnative.label": "云原生 API 网关",
"workflow_node.deploy.form.aliyun_apigw_service_type.option.traditional.label": "原 API 网关",
"workflow_node.deploy.form.aliyun_apigw_region.label": "阿里云 API 网关服务地域",
"workflow_node.deploy.form.aliyun_apigw_region.placeholder": "请输入阿里云 API 网关地域例如cn-hangzhou",
"workflow_node.deploy.form.aliyun_apigw_region.tooltip": "这是什么?请参阅 <a href=\"https://help.aliyun.com/zh/api-gateway/cloud-native-api-gateway/product-overview/regions\" target=\"_blank\">https://help.aliyun.com/zh/api-gateway/cloud-native-api-gateway/product-overview/regions</a>",
"workflow_node.deploy.form.aliyun_apigw_gateway_id.label": "阿里云 API 网关 ID",
"workflow_node.deploy.form.aliyun_apigw_gateway_id.placeholder": "请输入阿里云 API 网关 ID",
"workflow_node.deploy.form.aliyun_apigw_gateway_id.tooltip": "这是什么?请参阅 <a href=\"https://apigw.console.aliyun.com\" target=\"_blank\">https://apigw.console.aliyun.com</a>",
"workflow_node.deploy.form.aliyun_apigw_group_id.label": "阿里云 API 分组 ID",
"workflow_node.deploy.form.aliyun_apigw_group_id.placeholder": "请输入阿里云 API 分组 ID",
"workflow_node.deploy.form.aliyun_apigw_group_id.tooltip": "这是什么?请参阅 <a href=\"https://apigateway.console.aliyun.com\" target=\"_blank\">https://apigateway.console.aliyun.com</a>",
"workflow_node.deploy.form.aliyun_apigw_domain.label": "阿里云 API 网关自定义域名",
"workflow_node.deploy.form.aliyun_apigw_domain.placeholder": "请输入阿里云 API 网关自定义域名(支持泛域名)",
"workflow_node.deploy.form.aliyun_apigw_domain.tooltip": "这是什么?请参阅 <a href=\"https://apigw.console.aliyun.com\" target=\"_blank\">https://apigw.console.aliyun.com</a> 或 <a href=\"https://apigateway.console.aliyun.com\" target=\"_blank\">https://apigateway.console.aliyun.com</a>",
"workflow_node.deploy.form.aliyun_cas_region.label": "阿里云 CAS 服务地域",
"workflow_node.deploy.form.aliyun_cas_region.placeholder": "请输入阿里云 CAS 服务地域例如cn-hangzhou",
"workflow_node.deploy.form.aliyun_cas_region.tooltip": "这是什么?请参阅 <a href=\"https://help.aliyun.com/zh/ssl-certificate/developer-reference/endpoints\" target=\"_blank\">https://help.aliyun.com/zh/ssl-certificate/developer-reference/endpoints</a>",
@ -233,6 +256,10 @@
"workflow_node.deploy.form.azure_keyvault_name.label": "Azure KeyVault 名称",
"workflow_node.deploy.form.azure_keyvault_name.placeholder": "请输入 Azure KeyVault 名称",
"workflow_node.deploy.form.azure_keyvault_name.tooltip": "这是什么?请参阅 <a href=\"https://learn.microsoft.com/zh-cn/azure/key-vault/general/about-keys-secrets-certificates\" target=\"_blank\">https://learn.microsoft.com/zh-cn/azure/key-vault/general/about-keys-secrets-certificates</a>",
"workflow_node.deploy.form.azure_keyvault_certificate_name.label": "Azure KeyVault 证书名称(可选)",
"workflow_node.deploy.form.azure_keyvault_certificate_name.placeholder": "请输入 Azure KeyVault 证书名称",
"workflow_node.deploy.form.azure_keyvault_certificate_name.tooltip": "不填写时,将由 Certimate 自动生成证书名称。",
"workflow_node.deploy.form.azure_keyvault_certificate_name.errmsg.invalid": "证书名称只能包含字母、数字和连字符(-),长度限制为 1 到 127 个字符",
"workflow_node.deploy.form.baiducloud_appblb_resource_type.label": "证书替换方式",
"workflow_node.deploy.form.baiducloud_appblb_resource_type.placeholder": "请选择证书替换方式",
"workflow_node.deploy.form.baiducloud_appblb_resource_type.option.loadbalancer.label": "替换指定负载均衡器下的全部 HTTPS/SSL 监听的证书",
@ -288,6 +315,12 @@
"workflow_node.deploy.form.baotapanel_site_names.tooltip": "通常为网站域名。",
"workflow_node.deploy.form.baotapanel_site_names.multiple_input_modal.title": "修改宝塔面板网站名称",
"workflow_node.deploy.form.baotapanel_site_names.multiple_input_modal.placeholder": "请输入宝塔面板网站名称",
"workflow_node.deploy.form.bunny_cdn_pull_zone_id.label": "Bunny CDN 拉取区域 ID",
"workflow_node.deploy.form.bunny_cdn_pull_zone_id.placeholder": "请输入 Bunny CDN 拉取区域 ID",
"workflow_node.deploy.form.bunny_cdn_pull_zone_id.tooltip": "这是什么?请参阅 <a href=\"https://dash.bunny.net/cdn\" target=\"_blank\">https://dash.bunny.net/cdn</a>",
"workflow_node.deploy.form.bunny_cdn_host_name.label": "Bunny CDN 主机名",
"workflow_node.deploy.form.bunny_cdn_host_name.placeholder": "请输入 Bunny CDN 主机名",
"workflow_node.deploy.form.bunny_cdn_host_name.tooltip": "这是什么?请参阅 <a href=\"https://dash.bunny.net/cdn\" target=\"_blank\">https://dash.bunny.net/cdn</a>",
"workflow_node.deploy.form.byteplus_cdn_domain.label": "BytePlus CDN 域名",
"workflow_node.deploy.form.byteplus_cdn_domain.placeholder": "请输入 BytePlus CDN 域名(支持泛域名)",
"workflow_node.deploy.form.byteplus_cdn_domain.tooltip": "这是什么?请参阅 <a href=\"https://console.byteplus.com/cdn\" target=\"_blank\">https://console.byteplus.com/cdn</a>",