@certd/plugin-cert 1.21.1 → 1.22.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +13 -0
- package/dist/access/eab-access.d.ts +4 -0
- package/dist/access/eab-access.js +46 -0
- package/dist/access/index.d.ts +1 -0
- package/dist/access/index.js +2 -0
- package/dist/bundle.js +1 -1
- package/dist/d/plugin/cert-plugin/acme.d.ts +2 -0
- package/dist/d/plugin/cert-plugin/index.d.ts +1 -0
- package/dist/dns-provider/api.d.ts +27 -0
- package/dist/dns-provider/api.js +2 -0
- package/dist/dns-provider/base.d.ts +8 -0
- package/dist/dns-provider/base.js +7 -0
- package/dist/dns-provider/decorator.d.ts +3 -0
- package/dist/dns-provider/decorator.js +26 -0
- package/dist/dns-provider/index.d.ts +4 -0
- package/dist/dns-provider/index.js +5 -0
- package/dist/dns-provider/registry.d.ts +2 -0
- package/dist/dns-provider/registry.js +3 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.js +4 -0
- package/dist/plugin/cert-plugin/acme.d.ts +54 -0
- package/dist/plugin/cert-plugin/acme.js +203 -0
- package/dist/plugin/cert-plugin/base.d.ts +49 -0
- package/dist/plugin/cert-plugin/base.js +256 -0
- package/dist/plugin/cert-plugin/cert-reader.d.ts +16 -0
- package/dist/plugin/cert-plugin/cert-reader.js +45 -0
- package/dist/plugin/cert-plugin/index.d.ts +16 -0
- package/dist/plugin/cert-plugin/index.js +169 -0
- package/dist/plugin/cert-plugin/lego.d.ts +16 -0
- package/dist/plugin/cert-plugin/lego.js +145 -0
- package/dist/plugin/index.d.ts +2 -0
- package/dist/plugin/index.js +3 -0
- package/fix-esm-import-paths.js +96 -0
- package/package.json +10 -10
- package/rollup.config.js +1 -1
- package/tsconfig.json +33 -10
- package/vite.config.ts +1 -1
- package/LICENSE +0 -661
|
@@ -0,0 +1,256 @@
|
|
|
1
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
2
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
+
};
|
|
7
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
8
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
|
+
};
|
|
10
|
+
import { AbstractTaskPlugin, TaskInput, TaskOutput } from "@certd/pipeline";
|
|
11
|
+
import dayjs from "dayjs";
|
|
12
|
+
import { CertReader } from "./cert-reader.js";
|
|
13
|
+
import JSZip from "jszip";
|
|
14
|
+
export { CertReader };
|
|
15
|
+
export class CertApplyBasePlugin extends AbstractTaskPlugin {
|
|
16
|
+
domains;
|
|
17
|
+
email;
|
|
18
|
+
renewDays;
|
|
19
|
+
forceUpdate;
|
|
20
|
+
successNotify = true;
|
|
21
|
+
intro;
|
|
22
|
+
// @TaskInput({
|
|
23
|
+
// title: "CsrInfo",
|
|
24
|
+
// helper: "暂时没有用",
|
|
25
|
+
// })
|
|
26
|
+
csrInfo;
|
|
27
|
+
logger;
|
|
28
|
+
userContext;
|
|
29
|
+
accessService;
|
|
30
|
+
http;
|
|
31
|
+
lastStatus;
|
|
32
|
+
cert;
|
|
33
|
+
async onInstance() {
|
|
34
|
+
this.accessService = this.ctx.accessService;
|
|
35
|
+
this.logger = this.ctx.logger;
|
|
36
|
+
this.userContext = this.ctx.userContext;
|
|
37
|
+
this.http = this.ctx.http;
|
|
38
|
+
this.lastStatus = this.ctx.lastStatus;
|
|
39
|
+
await this.onInit();
|
|
40
|
+
}
|
|
41
|
+
async execute() {
|
|
42
|
+
const oldCert = await this.condition();
|
|
43
|
+
if (oldCert != null) {
|
|
44
|
+
return await this.output(oldCert, false);
|
|
45
|
+
}
|
|
46
|
+
const cert = await this.doCertApply();
|
|
47
|
+
if (cert != null) {
|
|
48
|
+
await this.output(cert, true);
|
|
49
|
+
//清空后续任务的状态,让后续任务能够重新执行
|
|
50
|
+
this.clearLastStatus();
|
|
51
|
+
if (this.successNotify) {
|
|
52
|
+
await this.sendSuccessEmail();
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
else {
|
|
56
|
+
throw new Error("申请证书失败");
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
async output(certReader, isNew) {
|
|
60
|
+
const cert = certReader.toCertInfo();
|
|
61
|
+
this.cert = cert;
|
|
62
|
+
if (isNew) {
|
|
63
|
+
const applyTime = dayjs(certReader.detail.validity.notBefore).format("YYYYMMDD_HHmmss");
|
|
64
|
+
await this.zipCert(cert, applyTime);
|
|
65
|
+
}
|
|
66
|
+
else {
|
|
67
|
+
this.extendsFiles();
|
|
68
|
+
}
|
|
69
|
+
// thi
|
|
70
|
+
// s.logger.info(JSON.stringify(certReader.detail));
|
|
71
|
+
}
|
|
72
|
+
async zipCert(cert, applyTime) {
|
|
73
|
+
const zip = new JSZip();
|
|
74
|
+
zip.file("cert.crt", cert.crt);
|
|
75
|
+
zip.file("cert.key", cert.key);
|
|
76
|
+
const domain_name = this.domains[0].replace(".", "_").replace("*", "_");
|
|
77
|
+
const filename = `cert_${domain_name}_${applyTime}.zip`;
|
|
78
|
+
const content = await zip.generateAsync({ type: "nodebuffer" });
|
|
79
|
+
this.saveFile(filename, content);
|
|
80
|
+
this.logger.info(`已保存文件:${filename}`);
|
|
81
|
+
}
|
|
82
|
+
/**
|
|
83
|
+
* 是否更新证书
|
|
84
|
+
*/
|
|
85
|
+
async condition() {
|
|
86
|
+
if (this.forceUpdate) {
|
|
87
|
+
return null;
|
|
88
|
+
}
|
|
89
|
+
let inputChanged = false;
|
|
90
|
+
const oldInput = JSON.stringify(this.lastStatus?.input?.domains);
|
|
91
|
+
const thisInput = JSON.stringify(this.domains);
|
|
92
|
+
if (oldInput !== thisInput) {
|
|
93
|
+
inputChanged = true;
|
|
94
|
+
}
|
|
95
|
+
let oldCert = undefined;
|
|
96
|
+
try {
|
|
97
|
+
oldCert = await this.readLastCert();
|
|
98
|
+
}
|
|
99
|
+
catch (e) {
|
|
100
|
+
this.logger.warn("读取cert失败:", e);
|
|
101
|
+
}
|
|
102
|
+
if (oldCert == null) {
|
|
103
|
+
this.logger.info("还未申请过,准备申请新证书");
|
|
104
|
+
return null;
|
|
105
|
+
}
|
|
106
|
+
if (inputChanged) {
|
|
107
|
+
this.logger.info("输入参数变更,申请新证书");
|
|
108
|
+
return null;
|
|
109
|
+
}
|
|
110
|
+
const ret = this.isWillExpire(oldCert.expires, this.renewDays);
|
|
111
|
+
if (!ret.isWillExpire) {
|
|
112
|
+
this.logger.info(`证书还未过期:过期时间${dayjs(oldCert.expires).format("YYYY-MM-DD HH:mm:ss")},剩余${ret.leftDays}天`);
|
|
113
|
+
return oldCert;
|
|
114
|
+
}
|
|
115
|
+
this.logger.info("即将过期,开始更新证书");
|
|
116
|
+
return null;
|
|
117
|
+
}
|
|
118
|
+
formatCert(pem) {
|
|
119
|
+
pem = pem.replace(/\r/g, "");
|
|
120
|
+
pem = pem.replace(/\n\n/g, "\n");
|
|
121
|
+
pem = pem.replace(/\n$/g, "");
|
|
122
|
+
return pem;
|
|
123
|
+
}
|
|
124
|
+
formatCerts(cert) {
|
|
125
|
+
const newCert = {
|
|
126
|
+
crt: this.formatCert(cert.crt),
|
|
127
|
+
key: this.formatCert(cert.key),
|
|
128
|
+
csr: this.formatCert(cert.csr),
|
|
129
|
+
};
|
|
130
|
+
return newCert;
|
|
131
|
+
}
|
|
132
|
+
async readLastCert() {
|
|
133
|
+
const cert = this.lastStatus?.status?.output?.cert;
|
|
134
|
+
if (cert == null) {
|
|
135
|
+
return undefined;
|
|
136
|
+
}
|
|
137
|
+
return new CertReader(cert);
|
|
138
|
+
}
|
|
139
|
+
/**
|
|
140
|
+
* 检查是否过期,默认提前20天
|
|
141
|
+
* @param expires
|
|
142
|
+
* @param maxDays
|
|
143
|
+
* @returns {boolean}
|
|
144
|
+
*/
|
|
145
|
+
isWillExpire(expires, maxDays = 20) {
|
|
146
|
+
if (expires == null) {
|
|
147
|
+
throw new Error("过期时间不能为空");
|
|
148
|
+
}
|
|
149
|
+
// 检查有效期
|
|
150
|
+
const leftDays = dayjs(expires).diff(dayjs(), "day");
|
|
151
|
+
return {
|
|
152
|
+
isWillExpire: leftDays < maxDays,
|
|
153
|
+
leftDays,
|
|
154
|
+
};
|
|
155
|
+
}
|
|
156
|
+
async sendSuccessEmail() {
|
|
157
|
+
try {
|
|
158
|
+
this.logger.info("发送成功邮件通知:" + this.email);
|
|
159
|
+
const subject = `【CertD】证书申请成功【${this.domains[0]}】`;
|
|
160
|
+
await this.ctx.emailService.send({
|
|
161
|
+
userId: this.ctx.pipeline.userId,
|
|
162
|
+
receivers: [this.email],
|
|
163
|
+
subject: subject,
|
|
164
|
+
content: `证书申请成功,域名:${this.domains.join(",")}`,
|
|
165
|
+
});
|
|
166
|
+
}
|
|
167
|
+
catch (e) {
|
|
168
|
+
this.logger.error("send email error", e);
|
|
169
|
+
}
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
__decorate([
|
|
173
|
+
TaskInput({
|
|
174
|
+
title: "域名",
|
|
175
|
+
component: {
|
|
176
|
+
name: "a-select",
|
|
177
|
+
vModel: "value",
|
|
178
|
+
mode: "tags",
|
|
179
|
+
open: false,
|
|
180
|
+
},
|
|
181
|
+
required: true,
|
|
182
|
+
col: {
|
|
183
|
+
span: 24,
|
|
184
|
+
},
|
|
185
|
+
helper: "1、支持通配符域名,例如: *.foo.com、foo.com、*.test.handsfree.work\n" +
|
|
186
|
+
"2、支持多个域名、多个子域名、多个通配符域名打到一个证书上(域名必须是在同一个DNS提供商解析)\n" +
|
|
187
|
+
"3、多级子域名要分成多个域名输入(*.foo.com的证书不能用于xxx.yyy.foo.com、foo.com)\n" +
|
|
188
|
+
"4、输入一个回车之后,再输入下一个",
|
|
189
|
+
}),
|
|
190
|
+
__metadata("design:type", Array)
|
|
191
|
+
], CertApplyBasePlugin.prototype, "domains", void 0);
|
|
192
|
+
__decorate([
|
|
193
|
+
TaskInput({
|
|
194
|
+
title: "邮箱",
|
|
195
|
+
component: {
|
|
196
|
+
name: "a-input",
|
|
197
|
+
vModel: "value",
|
|
198
|
+
},
|
|
199
|
+
required: true,
|
|
200
|
+
helper: "请输入邮箱",
|
|
201
|
+
}),
|
|
202
|
+
__metadata("design:type", String)
|
|
203
|
+
], CertApplyBasePlugin.prototype, "email", void 0);
|
|
204
|
+
__decorate([
|
|
205
|
+
TaskInput({
|
|
206
|
+
title: "更新天数",
|
|
207
|
+
component: {
|
|
208
|
+
name: "a-input-number",
|
|
209
|
+
vModel: "value",
|
|
210
|
+
},
|
|
211
|
+
required: true,
|
|
212
|
+
order: 100,
|
|
213
|
+
helper: "到期前多少天后更新证书,注意:流水线默认不会自动运行,请设置定时器,每天定时运行本流水线",
|
|
214
|
+
}),
|
|
215
|
+
__metadata("design:type", Number)
|
|
216
|
+
], CertApplyBasePlugin.prototype, "renewDays", void 0);
|
|
217
|
+
__decorate([
|
|
218
|
+
TaskInput({
|
|
219
|
+
title: "强制更新",
|
|
220
|
+
component: {
|
|
221
|
+
name: "a-switch",
|
|
222
|
+
vModel: "checked",
|
|
223
|
+
},
|
|
224
|
+
order: 100,
|
|
225
|
+
helper: "是否强制重新申请证书",
|
|
226
|
+
}),
|
|
227
|
+
__metadata("design:type", String)
|
|
228
|
+
], CertApplyBasePlugin.prototype, "forceUpdate", void 0);
|
|
229
|
+
__decorate([
|
|
230
|
+
TaskInput({
|
|
231
|
+
title: "成功后邮件通知",
|
|
232
|
+
value: true,
|
|
233
|
+
component: {
|
|
234
|
+
name: "a-switch",
|
|
235
|
+
vModel: "checked",
|
|
236
|
+
},
|
|
237
|
+
order: 100,
|
|
238
|
+
helper: "申请成功后是否发送邮件通知",
|
|
239
|
+
}),
|
|
240
|
+
__metadata("design:type", Object)
|
|
241
|
+
], CertApplyBasePlugin.prototype, "successNotify", void 0);
|
|
242
|
+
__decorate([
|
|
243
|
+
TaskInput({
|
|
244
|
+
title: "配置说明",
|
|
245
|
+
order: 9999,
|
|
246
|
+
helper: "运行策略请选择总是运行,其他证书部署任务请选择成功后跳过;当证书快到期前将会自动重新申请证书,然后会清空后续任务的成功状态,部署任务将会重新运行",
|
|
247
|
+
}),
|
|
248
|
+
__metadata("design:type", String)
|
|
249
|
+
], CertApplyBasePlugin.prototype, "intro", void 0);
|
|
250
|
+
__decorate([
|
|
251
|
+
TaskOutput({
|
|
252
|
+
title: "域名证书",
|
|
253
|
+
}),
|
|
254
|
+
__metadata("design:type", Object)
|
|
255
|
+
], CertApplyBasePlugin.prototype, "cert", void 0);
|
|
256
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYmFzZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9wbHVnaW4vY2VydC1wbHVnaW4vYmFzZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7Ozs7QUFBQSxPQUFPLEVBQUUsa0JBQWtCLEVBQThDLFNBQVMsRUFBRSxVQUFVLEVBQUUsTUFBTSxpQkFBaUIsQ0FBQztBQUN4SCxPQUFPLEtBQUssTUFBTSxPQUFPLENBQUM7QUFHMUIsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLGtCQUFrQixDQUFDO0FBQzlDLE9BQU8sS0FBSyxNQUFNLE9BQU8sQ0FBQztBQUUxQixPQUFPLEVBQUUsVUFBVSxFQUFFLENBQUM7QUFHdEIsTUFBTSxPQUFnQixtQkFBb0IsU0FBUSxrQkFBa0I7SUFtQmxFLE9BQU8sQ0FBWTtJQVduQixLQUFLLENBQVU7SUFZZixTQUFTLENBQVU7SUFXbkIsV0FBVyxDQUFVO0lBWXJCLGFBQWEsR0FBRyxJQUFJLENBQUM7SUFPckIsS0FBSyxDQUFVO0lBRWYsZUFBZTtJQUNmLHNCQUFzQjtJQUN0QixxQkFBcUI7SUFDckIsS0FBSztJQUNMLE9BQU8sQ0FBVTtJQUVqQixNQUFNLENBQVU7SUFDaEIsV0FBVyxDQUFZO0lBQ3ZCLGFBQWEsQ0FBa0I7SUFDL0IsSUFBSSxDQUFjO0lBQ2xCLFVBQVUsQ0FBUTtJQUtsQixJQUFJLENBQVk7SUFFaEIsS0FBSyxDQUFDLFVBQVU7UUFDZCxJQUFJLENBQUMsYUFBYSxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsYUFBYSxDQUFDO1FBQzVDLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUM7UUFDOUIsSUFBSSxDQUFDLFdBQVcsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLFdBQVcsQ0FBQztRQUN4QyxJQUFJLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDO1FBQzFCLElBQUksQ0FBQyxVQUFVLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxVQUFrQixDQUFDO1FBQzlDLE1BQU0sSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDO0lBQ3RCLENBQUM7SUFNRCxLQUFLLENBQUMsT0FBTztRQUNYLE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDO1FBQ3ZDLElBQUksT0FBTyxJQUFJLElBQUksRUFBRTtZQUNuQixPQUFPLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxPQUFPLEVBQUUsS0FBSyxDQUFDLENBQUM7U0FDMUM7UUFDRCxNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUN0QyxJQUFJLElBQUksSUFBSSxJQUFJLEVBQUU7WUFDaEIsTUFBTSxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksRUFBRSxJQUFJLENBQUMsQ0FBQztZQUM5Qix1QkFBdUI7WUFDdkIsSUFBSSxDQUFDLGVBQWUsRUFBRSxDQUFDO1lBRXZCLElBQUksSUFBSSxDQUFDLGFBQWEsRUFBRTtnQkFDdEIsTUFBTSxJQUFJLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQzthQUMvQjtTQUNGO2FBQU07WUFDTCxNQUFNLElBQUksS0FBSyxDQUFDLFFBQVEsQ0FBQyxDQUFDO1NBQzNCO0lBQ0gsQ0FBQztJQUVELEtBQUssQ0FBQyxNQUFNLENBQUMsVUFBc0IsRUFBRSxLQUFjO1FBQ2pELE1BQU0sSUFBSSxHQUFhLFVBQVUsQ0FBQyxVQUFVLEVBQUUsQ0FBQztRQUMvQyxJQUFJLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQztRQUVqQixJQUFJLEtBQUssRUFBRTtZQUNULE1BQU0sU0FBUyxHQUFHLEtBQUssQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxTQUFTLENBQUMsQ0FBQyxNQUFNLENBQUMsaUJBQWlCLENBQUMsQ0FBQztZQUN4RixNQUFNLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLFNBQVMsQ0FBQyxDQUFDO1NBQ3JDO2FBQU07WUFDTCxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUM7U0FDckI7UUFDRCxNQUFNO1FBQ04sb0RBQW9EO0lBQ3RELENBQUM7SUFFRCxLQUFLLENBQUMsT0FBTyxDQUFDLElBQWMsRUFBRSxTQUFpQjtRQUM3QyxNQUFNLEdBQUcsR0FBRyxJQUFJLEtBQUssRUFBRSxDQUFDO1FBQ3hCLEdBQUcsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUMvQixHQUFHLENBQUMsSUFBSSxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDL0IsTUFBTSxXQUFXLEdBQUcsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsR0FBRyxFQUFFLEdBQUcsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxHQUFHLEVBQUUsR0FBRyxDQUFDLENBQUM7UUFDeEUsTUFBTSxRQUFRLEdBQUcsUUFBUSxXQUFXLElBQUksU0FBUyxNQUFNLENBQUM7UUFDeEQsTUFBTSxPQUFPLEdBQUcsTUFBTSxHQUFHLENBQUMsYUFBYSxDQUFDLEVBQUUsSUFBSSxFQUFFLFlBQVksRUFBRSxDQUFDLENBQUM7UUFDaEUsSUFBSSxDQUFDLFFBQVEsQ0FBQyxRQUFRLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDakMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsU0FBUyxRQUFRLEVBQUUsQ0FBQyxDQUFDO0lBQ3hDLENBQUM7SUFFRDs7T0FFRztJQUNILEtBQUssQ0FBQyxTQUFTO1FBQ2IsSUFBSSxJQUFJLENBQUMsV0FBVyxFQUFFO1lBQ3BCLE9BQU8sSUFBSSxDQUFDO1NBQ2I7UUFFRCxJQUFJLFlBQVksR0FBRyxLQUFLLENBQUM7UUFDekIsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLEtBQUssRUFBRSxPQUFPLENBQUMsQ0FBQztRQUNqRSxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUMvQyxJQUFJLFFBQVEsS0FBSyxTQUFTLEVBQUU7WUFDMUIsWUFBWSxHQUFHLElBQUksQ0FBQztTQUNyQjtRQUVELElBQUksT0FBTyxHQUEyQixTQUFTLENBQUM7UUFDaEQsSUFBSTtZQUNGLE9BQU8sR0FBRyxNQUFNLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztTQUNyQztRQUFDLE9BQU8sQ0FBQyxFQUFFO1lBQ1YsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUMsQ0FBQyxDQUFDO1NBQ2xDO1FBQ0QsSUFBSSxPQUFPLElBQUksSUFBSSxFQUFFO1lBQ25CLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxDQUFDO1lBQ2xDLE9BQU8sSUFBSSxDQUFDO1NBQ2I7UUFFRCxJQUFJLFlBQVksRUFBRTtZQUNoQixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxjQUFjLENBQUMsQ0FBQztZQUNqQyxPQUFPLElBQUksQ0FBQztTQUNiO1FBRUQsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsQ0FBQztRQUMvRCxJQUFJLENBQUMsR0FBRyxDQUFDLFlBQVksRUFBRTtZQUNyQixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxjQUFjLEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUMsTUFBTSxDQUFDLHFCQUFxQixDQUFDLE1BQU0sR0FBRyxDQUFDLFFBQVEsR0FBRyxDQUFDLENBQUM7WUFDMUcsT0FBTyxPQUFPLENBQUM7U0FDaEI7UUFDRCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztRQUNoQyxPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFFRCxVQUFVLENBQUMsR0FBVztRQUNwQixHQUFHLEdBQUcsR0FBRyxDQUFDLE9BQU8sQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFDN0IsR0FBRyxHQUFHLEdBQUcsQ0FBQyxPQUFPLENBQUMsT0FBTyxFQUFFLElBQUksQ0FBQyxDQUFDO1FBQ2pDLEdBQUcsR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FBQztRQUM5QixPQUFPLEdBQUcsQ0FBQztJQUNiLENBQUM7SUFFRCxXQUFXLENBQUMsSUFBK0M7UUFDekQsTUFBTSxPQUFPLEdBQWE7WUFDeEIsR0FBRyxFQUFFLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQztZQUM5QixHQUFHLEVBQUUsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDO1lBQzlCLEdBQUcsRUFBRSxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUM7U0FDL0IsQ0FBQztRQUNGLE9BQU8sT0FBTyxDQUFDO0lBQ2pCLENBQUM7SUFFRCxLQUFLLENBQUMsWUFBWTtRQUNoQixNQUFNLElBQUksR0FBRyxJQUFJLENBQUMsVUFBVSxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsSUFBSSxDQUFDO1FBQ25ELElBQUksSUFBSSxJQUFJLElBQUksRUFBRTtZQUNoQixPQUFPLFNBQVMsQ0FBQztTQUNsQjtRQUNELE9BQU8sSUFBSSxVQUFVLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDOUIsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0gsWUFBWSxDQUFDLE9BQWUsRUFBRSxPQUFPLEdBQUcsRUFBRTtRQUN4QyxJQUFJLE9BQU8sSUFBSSxJQUFJLEVBQUU7WUFDbkIsTUFBTSxJQUFJLEtBQUssQ0FBQyxVQUFVLENBQUMsQ0FBQztTQUM3QjtRQUNELFFBQVE7UUFDUixNQUFNLFFBQVEsR0FBRyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsSUFBSSxDQUFDLEtBQUssRUFBRSxFQUFFLEtBQUssQ0FBQyxDQUFDO1FBQ3JELE9BQU87WUFDTCxZQUFZLEVBQUUsUUFBUSxHQUFHLE9BQU87WUFDaEMsUUFBUTtTQUNULENBQUM7SUFDSixDQUFDO0lBRU8sS0FBSyxDQUFDLGdCQUFnQjtRQUM1QixJQUFJO1lBQ0YsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsV0FBVyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQztZQUMzQyxNQUFNLE9BQU8sR0FBRyxpQkFBaUIsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsR0FBRyxDQUFDO1lBQ3BELE1BQU0sSUFBSSxDQUFDLEdBQUcsQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDO2dCQUMvQixNQUFNLEVBQUUsSUFBSSxDQUFDLEdBQUcsQ0FBQyxRQUFRLENBQUMsTUFBTTtnQkFDaEMsU0FBUyxFQUFFLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQztnQkFDdkIsT0FBTyxFQUFFLE9BQU87Z0JBQ2hCLE9BQU8sRUFBRSxhQUFhLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFO2FBQy9DLENBQUMsQ0FBQztTQUNKO1FBQUMsT0FBTyxDQUFDLEVBQUU7WUFDVixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxrQkFBa0IsRUFBRSxDQUFDLENBQUMsQ0FBQztTQUMxQztJQUNILENBQUM7Q0FDRjtBQW5QQztJQUFDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxJQUFJO1FBQ1gsU0FBUyxFQUFFO1lBQ1QsSUFBSSxFQUFFLFVBQVU7WUFDaEIsTUFBTSxFQUFFLE9BQU87WUFDZixJQUFJLEVBQUUsTUFBTTtZQUNaLElBQUksRUFBRSxLQUFLO1NBQ1o7UUFDRCxRQUFRLEVBQUUsSUFBSTtRQUNkLEdBQUcsRUFBRTtZQUNILElBQUksRUFBRSxFQUFFO1NBQ1Q7UUFDRCxNQUFNLEVBQ0oseURBQXlEO1lBQ3pELG9EQUFvRDtZQUNwRCw2REFBNkQ7WUFDN0QsbUJBQW1CO0tBQ3RCLENBQUM7O29EQUNpQjtBQUVuQjtJQUFDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxJQUFJO1FBQ1gsU0FBUyxFQUFFO1lBQ1QsSUFBSSxFQUFFLFNBQVM7WUFDZixNQUFNLEVBQUUsT0FBTztTQUNoQjtRQUNELFFBQVEsRUFBRSxJQUFJO1FBQ2QsTUFBTSxFQUFFLE9BQU87S0FDaEIsQ0FBQzs7a0RBQ2E7QUFFZjtJQUFDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxNQUFNO1FBQ2IsU0FBUyxFQUFFO1lBQ1QsSUFBSSxFQUFFLGdCQUFnQjtZQUN0QixNQUFNLEVBQUUsT0FBTztTQUNoQjtRQUNELFFBQVEsRUFBRSxJQUFJO1FBQ2QsS0FBSyxFQUFFLEdBQUc7UUFDVixNQUFNLEVBQUUsOENBQThDO0tBQ3ZELENBQUM7O3NEQUNpQjtBQUVuQjtJQUFDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxNQUFNO1FBQ2IsU0FBUyxFQUFFO1lBQ1QsSUFBSSxFQUFFLFVBQVU7WUFDaEIsTUFBTSxFQUFFLFNBQVM7U0FDbEI7UUFDRCxLQUFLLEVBQUUsR0FBRztRQUNWLE1BQU0sRUFBRSxZQUFZO0tBQ3JCLENBQUM7O3dEQUNtQjtBQUVyQjtJQUFDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxTQUFTO1FBQ2hCLEtBQUssRUFBRSxJQUFJO1FBQ1gsU0FBUyxFQUFFO1lBQ1QsSUFBSSxFQUFFLFVBQVU7WUFDaEIsTUFBTSxFQUFFLFNBQVM7U0FDbEI7UUFDRCxLQUFLLEVBQUUsR0FBRztRQUNWLE1BQU0sRUFBRSxlQUFlO0tBQ3hCLENBQUM7OzBEQUNtQjtBQUVyQjtJQUFDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxNQUFNO1FBQ2IsS0FBSyxFQUFFLElBQUk7UUFDWCxNQUFNLEVBQUUsMEVBQTBFO0tBQ25GLENBQUM7O2tEQUNhO0FBY2Y7SUFBQyxVQUFVLENBQUM7UUFDVixLQUFLLEVBQUUsTUFBTTtLQUNkLENBQUM7O2lEQUNjIn0=
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import { CertInfo } from "./acme.js";
|
|
2
|
+
import forge from "node-forge";
|
|
3
|
+
export declare class CertReader implements CertInfo {
|
|
4
|
+
crt: string;
|
|
5
|
+
key: string;
|
|
6
|
+
csr: string;
|
|
7
|
+
detail: any;
|
|
8
|
+
expires: number;
|
|
9
|
+
constructor(certInfo: CertInfo);
|
|
10
|
+
toCertInfo(): CertInfo;
|
|
11
|
+
getCrtDetail(crt: string): {
|
|
12
|
+
detail: forge.pki.Certificate;
|
|
13
|
+
expires: Date;
|
|
14
|
+
};
|
|
15
|
+
saveToFile(type: "crt" | "key", filepath?: string): string;
|
|
16
|
+
}
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
import fs from "fs";
|
|
2
|
+
import os from "os";
|
|
3
|
+
import forge from "node-forge";
|
|
4
|
+
import path from "path";
|
|
5
|
+
export class CertReader {
|
|
6
|
+
crt;
|
|
7
|
+
key;
|
|
8
|
+
csr;
|
|
9
|
+
detail;
|
|
10
|
+
expires;
|
|
11
|
+
constructor(certInfo) {
|
|
12
|
+
this.crt = certInfo.crt;
|
|
13
|
+
this.key = certInfo.key;
|
|
14
|
+
this.csr = certInfo.csr;
|
|
15
|
+
const { detail, expires } = this.getCrtDetail(this.crt);
|
|
16
|
+
this.detail = detail;
|
|
17
|
+
this.expires = expires.getTime();
|
|
18
|
+
}
|
|
19
|
+
toCertInfo() {
|
|
20
|
+
return {
|
|
21
|
+
crt: this.crt,
|
|
22
|
+
key: this.key,
|
|
23
|
+
csr: this.csr,
|
|
24
|
+
};
|
|
25
|
+
}
|
|
26
|
+
getCrtDetail(crt) {
|
|
27
|
+
const pki = forge.pki;
|
|
28
|
+
const detail = pki.certificateFromPem(crt.toString());
|
|
29
|
+
const expires = detail.validity.notAfter;
|
|
30
|
+
return { detail, expires };
|
|
31
|
+
}
|
|
32
|
+
saveToFile(type, filepath) {
|
|
33
|
+
if (filepath == null) {
|
|
34
|
+
//写入临时目录
|
|
35
|
+
filepath = path.join(os.tmpdir(), "/certd/tmp/", Math.floor(Math.random() * 1000000) + "", `cert.${type}`);
|
|
36
|
+
}
|
|
37
|
+
const dir = path.dirname(filepath);
|
|
38
|
+
if (!fs.existsSync(dir)) {
|
|
39
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
40
|
+
}
|
|
41
|
+
fs.writeFileSync(filepath, this[type]);
|
|
42
|
+
return filepath;
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydC1yZWFkZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcGx1Z2luL2NlcnQtcGx1Z2luL2NlcnQtcmVhZGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUNBLE9BQU8sRUFBRSxNQUFNLElBQUksQ0FBQztBQUNwQixPQUFPLEVBQUUsTUFBTSxJQUFJLENBQUM7QUFDcEIsT0FBTyxLQUFLLE1BQU0sWUFBWSxDQUFDO0FBQy9CLE9BQU8sSUFBSSxNQUFNLE1BQU0sQ0FBQztBQUN4QixNQUFNLE9BQU8sVUFBVTtJQUNyQixHQUFHLENBQVM7SUFDWixHQUFHLENBQVM7SUFDWixHQUFHLENBQVM7SUFFWixNQUFNLENBQU07SUFDWixPQUFPLENBQVM7SUFDaEIsWUFBWSxRQUFrQjtRQUM1QixJQUFJLENBQUMsR0FBRyxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUM7UUFDeEIsSUFBSSxDQUFDLEdBQUcsR0FBRyxRQUFRLENBQUMsR0FBRyxDQUFDO1FBQ3hCLElBQUksQ0FBQyxHQUFHLEdBQUcsUUFBUSxDQUFDLEdBQUcsQ0FBQztRQUV4QixNQUFNLEVBQUUsTUFBTSxFQUFFLE9BQU8sRUFBRSxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ3hELElBQUksQ0FBQyxNQUFNLEdBQUcsTUFBTSxDQUFDO1FBQ3JCLElBQUksQ0FBQyxPQUFPLEdBQUcsT0FBTyxDQUFDLE9BQU8sRUFBRSxDQUFDO0lBQ25DLENBQUM7SUFFRCxVQUFVO1FBQ1IsT0FBTztZQUNMLEdBQUcsRUFBRSxJQUFJLENBQUMsR0FBRztZQUNiLEdBQUcsRUFBRSxJQUFJLENBQUMsR0FBRztZQUNiLEdBQUcsRUFBRSxJQUFJLENBQUMsR0FBRztTQUNkLENBQUM7SUFDSixDQUFDO0lBRUQsWUFBWSxDQUFDLEdBQVc7UUFDdEIsTUFBTSxHQUFHLEdBQUcsS0FBSyxDQUFDLEdBQUcsQ0FBQztRQUN0QixNQUFNLE1BQU0sR0FBRyxHQUFHLENBQUMsa0JBQWtCLENBQUMsR0FBRyxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUM7UUFDdEQsTUFBTSxPQUFPLEdBQUcsTUFBTSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUM7UUFDekMsT0FBTyxFQUFFLE1BQU0sRUFBRSxPQUFPLEVBQUUsQ0FBQztJQUM3QixDQUFDO0lBRUQsVUFBVSxDQUFDLElBQW1CLEVBQUUsUUFBaUI7UUFDL0MsSUFBSSxRQUFRLElBQUksSUFBSSxFQUFFO1lBQ3BCLFFBQVE7WUFDUixRQUFRLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsTUFBTSxFQUFFLEVBQUUsYUFBYSxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxHQUFHLE9BQU8sQ0FBQyxHQUFHLEVBQUUsRUFBRSxRQUFRLElBQUksRUFBRSxDQUFDLENBQUM7U0FDNUc7UUFFRCxNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ25DLElBQUksQ0FBQyxFQUFFLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxFQUFFO1lBQ3ZCLEVBQUUsQ0FBQyxTQUFTLENBQUMsR0FBRyxFQUFFLEVBQUUsU0FBUyxFQUFFLElBQUksRUFBRSxDQUFDLENBQUM7U0FDeEM7UUFFRCxFQUFFLENBQUMsYUFBYSxDQUFDLFFBQVEsRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQztRQUN2QyxPQUFPLFFBQVEsQ0FBQztJQUNsQixDQUFDO0NBQ0YifQ==
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import type { CertInfo, SSLProvider } from "./acme.js";
|
|
2
|
+
import { AcmeService } from "./acme.js";
|
|
3
|
+
import { CertReader } from "./cert-reader.js";
|
|
4
|
+
import { CertApplyBasePlugin } from "./base.js";
|
|
5
|
+
export { CertReader };
|
|
6
|
+
export type { CertInfo };
|
|
7
|
+
export declare class CertApplyPlugin extends CertApplyBasePlugin {
|
|
8
|
+
sslProvider: SSLProvider;
|
|
9
|
+
eabAccessId: number;
|
|
10
|
+
dnsProviderType: string;
|
|
11
|
+
dnsProviderAccess: string;
|
|
12
|
+
skipLocalVerify: boolean;
|
|
13
|
+
acme: AcmeService;
|
|
14
|
+
onInit(): Promise<void>;
|
|
15
|
+
doCertApply(): Promise<CertReader>;
|
|
16
|
+
}
|
|
@@ -0,0 +1,169 @@
|
|
|
1
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
2
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
3
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
4
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
5
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
6
|
+
};
|
|
7
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
8
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
9
|
+
};
|
|
10
|
+
import { Decorator, IsTaskPlugin, RunStrategy, TaskInput } from "@certd/pipeline";
|
|
11
|
+
import { AcmeService } from "./acme.js";
|
|
12
|
+
import _ from "lodash-es";
|
|
13
|
+
import { dnsProviderRegistry } from "../../dns-provider/index.js";
|
|
14
|
+
import { CertReader } from "./cert-reader.js";
|
|
15
|
+
import { CertApplyBasePlugin } from "./base.js";
|
|
16
|
+
export { CertReader };
|
|
17
|
+
let CertApplyPlugin = class CertApplyPlugin extends CertApplyBasePlugin {
|
|
18
|
+
sslProvider;
|
|
19
|
+
eabAccessId;
|
|
20
|
+
dnsProviderType;
|
|
21
|
+
dnsProviderAccess;
|
|
22
|
+
skipLocalVerify = false;
|
|
23
|
+
acme;
|
|
24
|
+
async onInit() {
|
|
25
|
+
let eab = null;
|
|
26
|
+
if (this.eabAccessId) {
|
|
27
|
+
eab = await this.ctx.accessService.getById(this.eabAccessId);
|
|
28
|
+
}
|
|
29
|
+
this.acme = new AcmeService({
|
|
30
|
+
userContext: this.userContext,
|
|
31
|
+
logger: this.logger,
|
|
32
|
+
sslProvider: this.sslProvider,
|
|
33
|
+
eab,
|
|
34
|
+
skipLocalVerify: this.skipLocalVerify,
|
|
35
|
+
});
|
|
36
|
+
}
|
|
37
|
+
async doCertApply() {
|
|
38
|
+
const email = this["email"];
|
|
39
|
+
const domains = this["domains"];
|
|
40
|
+
const dnsProviderType = this["dnsProviderType"];
|
|
41
|
+
const dnsProviderAccessId = this["dnsProviderAccess"];
|
|
42
|
+
const csrInfo = _.merge({
|
|
43
|
+
country: "CN",
|
|
44
|
+
state: "GuangDong",
|
|
45
|
+
locality: "ShengZhen",
|
|
46
|
+
organization: "CertD Org.",
|
|
47
|
+
organizationUnit: "IT Department",
|
|
48
|
+
emailAddress: email,
|
|
49
|
+
}, this.csrInfo ? JSON.parse(this.csrInfo) : {});
|
|
50
|
+
this.logger.info("开始申请证书,", email, domains);
|
|
51
|
+
const dnsProviderPlugin = dnsProviderRegistry.get(dnsProviderType);
|
|
52
|
+
const DnsProviderClass = dnsProviderPlugin.target;
|
|
53
|
+
const dnsProviderDefine = dnsProviderPlugin.define;
|
|
54
|
+
const access = await this.accessService.getById(dnsProviderAccessId);
|
|
55
|
+
// @ts-ignore
|
|
56
|
+
const dnsProvider = new DnsProviderClass();
|
|
57
|
+
const context = { access, logger: this.logger, http: this.http };
|
|
58
|
+
Decorator.inject(dnsProviderDefine.autowire, dnsProvider, context);
|
|
59
|
+
dnsProvider.setCtx(context);
|
|
60
|
+
await dnsProvider.onInstance();
|
|
61
|
+
try {
|
|
62
|
+
const cert = await this.acme.order({
|
|
63
|
+
email,
|
|
64
|
+
domains,
|
|
65
|
+
dnsProvider,
|
|
66
|
+
csrInfo,
|
|
67
|
+
isTest: false,
|
|
68
|
+
});
|
|
69
|
+
const certInfo = this.formatCerts(cert);
|
|
70
|
+
return new CertReader(certInfo);
|
|
71
|
+
}
|
|
72
|
+
catch (e) {
|
|
73
|
+
const message = e.message;
|
|
74
|
+
if (message.indexOf("redundant with a wildcard domain in the same request") >= 0) {
|
|
75
|
+
this.logger.error(e);
|
|
76
|
+
throw new Error(`通配符域名已经包含了普通域名,请删除其中一个(${message})`);
|
|
77
|
+
}
|
|
78
|
+
throw e;
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
};
|
|
82
|
+
__decorate([
|
|
83
|
+
TaskInput({
|
|
84
|
+
title: "证书提供商",
|
|
85
|
+
default: "letsencrypt",
|
|
86
|
+
component: {
|
|
87
|
+
name: "a-select",
|
|
88
|
+
vModel: "value",
|
|
89
|
+
options: [
|
|
90
|
+
{ value: "letsencrypt", label: "Let's Encrypt" },
|
|
91
|
+
// { value: "buypass", label: "Buypass" },
|
|
92
|
+
{ value: "zerossl", label: "ZeroSSL" },
|
|
93
|
+
],
|
|
94
|
+
},
|
|
95
|
+
required: true,
|
|
96
|
+
}),
|
|
97
|
+
__metadata("design:type", String)
|
|
98
|
+
], CertApplyPlugin.prototype, "sslProvider", void 0);
|
|
99
|
+
__decorate([
|
|
100
|
+
TaskInput({
|
|
101
|
+
title: "EAB授权",
|
|
102
|
+
component: {
|
|
103
|
+
name: "pi-access-selector",
|
|
104
|
+
type: "eab",
|
|
105
|
+
},
|
|
106
|
+
helper: "如果使用ZeroSSL证书,需要提供EAB授权, 请前往 https://app.zerossl.com/developer 生成 'EAB Credentials for ACME Clients' ",
|
|
107
|
+
}),
|
|
108
|
+
__metadata("design:type", Number)
|
|
109
|
+
], CertApplyPlugin.prototype, "eabAccessId", void 0);
|
|
110
|
+
__decorate([
|
|
111
|
+
TaskInput({
|
|
112
|
+
title: "DNS提供商",
|
|
113
|
+
component: {
|
|
114
|
+
name: "pi-dns-provider-selector",
|
|
115
|
+
},
|
|
116
|
+
required: true,
|
|
117
|
+
helper: "请选择dns解析提供商",
|
|
118
|
+
}),
|
|
119
|
+
__metadata("design:type", String)
|
|
120
|
+
], CertApplyPlugin.prototype, "dnsProviderType", void 0);
|
|
121
|
+
__decorate([
|
|
122
|
+
TaskInput({
|
|
123
|
+
title: "DNS解析授权",
|
|
124
|
+
component: {
|
|
125
|
+
name: "pi-access-selector",
|
|
126
|
+
},
|
|
127
|
+
required: true,
|
|
128
|
+
helper: "请选择dns解析提供商授权",
|
|
129
|
+
reference: [
|
|
130
|
+
{
|
|
131
|
+
src: "form.dnsProviderType",
|
|
132
|
+
dest: "component.type",
|
|
133
|
+
type: "computed",
|
|
134
|
+
},
|
|
135
|
+
],
|
|
136
|
+
}),
|
|
137
|
+
__metadata("design:type", String)
|
|
138
|
+
], CertApplyPlugin.prototype, "dnsProviderAccess", void 0);
|
|
139
|
+
__decorate([
|
|
140
|
+
TaskInput({
|
|
141
|
+
title: "跳过本地校验DNS",
|
|
142
|
+
default: false,
|
|
143
|
+
component: {
|
|
144
|
+
name: "a-switch",
|
|
145
|
+
vModel: "checked",
|
|
146
|
+
},
|
|
147
|
+
helper: "如果重试多次出现Authorization not found TXT record,导致无法申请成功,请尝试开启此选项",
|
|
148
|
+
}),
|
|
149
|
+
__metadata("design:type", Object)
|
|
150
|
+
], CertApplyPlugin.prototype, "skipLocalVerify", void 0);
|
|
151
|
+
CertApplyPlugin = __decorate([
|
|
152
|
+
IsTaskPlugin({
|
|
153
|
+
name: "CertApply",
|
|
154
|
+
title: "证书申请",
|
|
155
|
+
desc: "免费通配符域名证书申请,支持多个域名打到同一个证书上",
|
|
156
|
+
default: {
|
|
157
|
+
input: {
|
|
158
|
+
renewDays: 20,
|
|
159
|
+
forceUpdate: false,
|
|
160
|
+
},
|
|
161
|
+
strategy: {
|
|
162
|
+
runStrategy: RunStrategy.AlwaysRun,
|
|
163
|
+
},
|
|
164
|
+
},
|
|
165
|
+
})
|
|
166
|
+
], CertApplyPlugin);
|
|
167
|
+
export { CertApplyPlugin };
|
|
168
|
+
new CertApplyPlugin();
|
|
169
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvcGx1Z2luL2NlcnQtcGx1Z2luL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7Ozs7OztBQUFBLE9BQU8sRUFBRSxTQUFTLEVBQUUsWUFBWSxFQUFFLFdBQVcsRUFBRSxTQUFTLEVBQUUsTUFBTSxpQkFBaUIsQ0FBQztBQUVsRixPQUFPLEVBQUUsV0FBVyxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBQ3hDLE9BQU8sQ0FBQyxNQUFNLFdBQVcsQ0FBQztBQUMxQixPQUFPLEVBQXlDLG1CQUFtQixFQUFFLE1BQU0sNkJBQTZCLENBQUM7QUFDekcsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLGtCQUFrQixDQUFDO0FBQzlDLE9BQU8sRUFBRSxtQkFBbUIsRUFBRSxNQUFNLFdBQVcsQ0FBQztBQUVoRCxPQUFPLEVBQUUsVUFBVSxFQUFFLENBQUM7QUFpQmYsSUFBTSxlQUFlLEdBQXJCLE1BQU0sZUFBZ0IsU0FBUSxtQkFBbUI7SUFldEQsV0FBVyxDQUFlO0lBVTFCLFdBQVcsQ0FBVTtJQVVyQixlQUFlLENBQVU7SUFpQnpCLGlCQUFpQixDQUFVO0lBVzNCLGVBQWUsR0FBRyxLQUFLLENBQUM7SUFFeEIsSUFBSSxDQUFlO0lBRW5CLEtBQUssQ0FBQyxNQUFNO1FBQ1YsSUFBSSxHQUFHLEdBQVEsSUFBSSxDQUFDO1FBQ3BCLElBQUksSUFBSSxDQUFDLFdBQVcsRUFBRTtZQUNwQixHQUFHLEdBQUcsTUFBTSxJQUFJLENBQUMsR0FBRyxDQUFDLGFBQWEsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDO1NBQzlEO1FBQ0QsSUFBSSxDQUFDLElBQUksR0FBRyxJQUFJLFdBQVcsQ0FBQztZQUMxQixXQUFXLEVBQUUsSUFBSSxDQUFDLFdBQVc7WUFDN0IsTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO1lBQ25CLFdBQVcsRUFBRSxJQUFJLENBQUMsV0FBVztZQUM3QixHQUFHO1lBQ0gsZUFBZSxFQUFFLElBQUksQ0FBQyxlQUFlO1NBQ3RDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRCxLQUFLLENBQUMsV0FBVztRQUNmLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUM1QixNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDaEMsTUFBTSxlQUFlLEdBQUcsSUFBSSxDQUFDLGlCQUFpQixDQUFDLENBQUM7UUFDaEQsTUFBTSxtQkFBbUIsR0FBRyxJQUFJLENBQUMsbUJBQW1CLENBQUMsQ0FBQztRQUN0RCxNQUFNLE9BQU8sR0FBRyxDQUFDLENBQUMsS0FBSyxDQUNyQjtZQUNFLE9BQU8sRUFBRSxJQUFJO1lBQ2IsS0FBSyxFQUFFLFdBQVc7WUFDbEIsUUFBUSxFQUFFLFdBQVc7WUFDckIsWUFBWSxFQUFFLFlBQVk7WUFDMUIsZ0JBQWdCLEVBQUUsZUFBZTtZQUNqQyxZQUFZLEVBQUUsS0FBSztTQUNwQixFQUNELElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQzdDLENBQUM7UUFDRixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsS0FBSyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBRTVDLE1BQU0saUJBQWlCLEdBQUcsbUJBQW1CLENBQUMsR0FBRyxDQUFDLGVBQWUsQ0FBQyxDQUFDO1FBQ25FLE1BQU0sZ0JBQWdCLEdBQUcsaUJBQWlCLENBQUMsTUFBTSxDQUFDO1FBQ2xELE1BQU0saUJBQWlCLEdBQUcsaUJBQWlCLENBQUMsTUFBMkIsQ0FBQztRQUN4RSxNQUFNLE1BQU0sR0FBRyxNQUFNLElBQUksQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDLG1CQUFtQixDQUFDLENBQUM7UUFFckUsYUFBYTtRQUNiLE1BQU0sV0FBVyxHQUFpQixJQUFJLGdCQUFnQixFQUFFLENBQUM7UUFDekQsTUFBTSxPQUFPLEdBQXVCLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxJQUFJLENBQUMsTUFBTSxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDckYsU0FBUyxDQUFDLE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxRQUFRLEVBQUUsV0FBVyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQ25FLFdBQVcsQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDNUIsTUFBTSxXQUFXLENBQUMsVUFBVSxFQUFFLENBQUM7UUFFL0IsSUFBSTtZQUNGLE1BQU0sSUFBSSxHQUFHLE1BQU0sSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUM7Z0JBQ2pDLEtBQUs7Z0JBQ0wsT0FBTztnQkFDUCxXQUFXO2dCQUNYLE9BQU87Z0JBQ1AsTUFBTSxFQUFFLEtBQUs7YUFDZCxDQUFDLENBQUM7WUFFSCxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ3hDLE9BQU8sSUFBSSxVQUFVLENBQUMsUUFBUSxDQUFDLENBQUM7U0FDakM7UUFBQyxPQUFPLENBQU0sRUFBRTtZQUNmLE1BQU0sT0FBTyxHQUFXLENBQUMsQ0FBQyxPQUFPLENBQUM7WUFDbEMsSUFBSSxPQUFPLENBQUMsT0FBTyxDQUFDLHNEQUFzRCxDQUFDLElBQUksQ0FBQyxFQUFFO2dCQUNoRixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQztnQkFDckIsTUFBTSxJQUFJLEtBQUssQ0FBQywwQkFBMEIsT0FBTyxHQUFHLENBQUMsQ0FBQzthQUN2RDtZQUNELE1BQU0sQ0FBQyxDQUFDO1NBQ1Q7SUFDSCxDQUFDO0NBQ0YsQ0FBQTtBQWxJQztJQUFDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxPQUFPO1FBQ2QsT0FBTyxFQUFFLGFBQWE7UUFDdEIsU0FBUyxFQUFFO1lBQ1QsSUFBSSxFQUFFLFVBQVU7WUFDaEIsTUFBTSxFQUFFLE9BQU87WUFDZixPQUFPLEVBQUU7Z0JBQ1AsRUFBRSxLQUFLLEVBQUUsYUFBYSxFQUFFLEtBQUssRUFBRSxlQUFlLEVBQUU7Z0JBQ2hELDBDQUEwQztnQkFDMUMsRUFBRSxLQUFLLEVBQUUsU0FBUyxFQUFFLEtBQUssRUFBRSxTQUFTLEVBQUU7YUFDdkM7U0FDRjtRQUNELFFBQVEsRUFBRSxJQUFJO0tBQ2YsQ0FBQzs7b0RBQ3dCO0FBRTFCO0lBQUMsU0FBUyxDQUFDO1FBQ1QsS0FBSyxFQUFFLE9BQU87UUFDZCxTQUFTLEVBQUU7WUFDVCxJQUFJLEVBQUUsb0JBQW9CO1lBQzFCLElBQUksRUFBRSxLQUFLO1NBQ1o7UUFDRCxNQUFNLEVBQUUsdUdBQXVHO0tBQ2hILENBQUM7O29EQUNtQjtBQUVyQjtJQUFDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxRQUFRO1FBQ2YsU0FBUyxFQUFFO1lBQ1QsSUFBSSxFQUFFLDBCQUEwQjtTQUNqQztRQUNELFFBQVEsRUFBRSxJQUFJO1FBQ2QsTUFBTSxFQUFFLGFBQWE7S0FDdEIsQ0FBQzs7d0RBQ3VCO0FBRXpCO0lBQUMsU0FBUyxDQUFDO1FBQ1QsS0FBSyxFQUFFLFNBQVM7UUFDaEIsU0FBUyxFQUFFO1lBQ1QsSUFBSSxFQUFFLG9CQUFvQjtTQUMzQjtRQUNELFFBQVEsRUFBRSxJQUFJO1FBQ2QsTUFBTSxFQUFFLGVBQWU7UUFDdkIsU0FBUyxFQUFFO1lBQ1Q7Z0JBQ0UsR0FBRyxFQUFFLHNCQUFzQjtnQkFDM0IsSUFBSSxFQUFFLGdCQUFnQjtnQkFDdEIsSUFBSSxFQUFFLFVBQVU7YUFDakI7U0FDRjtLQUNGLENBQUM7OzBEQUN5QjtBQUUzQjtJQUFDLFNBQVMsQ0FBQztRQUNULEtBQUssRUFBRSxXQUFXO1FBQ2xCLE9BQU8sRUFBRSxLQUFLO1FBQ2QsU0FBUyxFQUFFO1lBQ1QsSUFBSSxFQUFFLFVBQVU7WUFDaEIsTUFBTSxFQUFFLFNBQVM7U0FDbEI7UUFDRCxNQUFNLEVBQUUsOERBQThEO0tBQ3ZFLENBQUM7O3dEQUNzQjtBQS9EYixlQUFlO0lBZDNCLFlBQVksQ0FBQztRQUNaLElBQUksRUFBRSxXQUFXO1FBQ2pCLEtBQUssRUFBRSxNQUFNO1FBQ2IsSUFBSSxFQUFFLDRCQUE0QjtRQUNsQyxPQUFPLEVBQUU7WUFDUCxLQUFLLEVBQUU7Z0JBQ0wsU0FBUyxFQUFFLEVBQUU7Z0JBQ2IsV0FBVyxFQUFFLEtBQUs7YUFDbkI7WUFDRCxRQUFRLEVBQUU7Z0JBQ1IsV0FBVyxFQUFFLFdBQVcsQ0FBQyxTQUFTO2FBQ25DO1NBQ0Y7S0FDRixDQUFDO0dBQ1csZUFBZSxDQW1JM0I7U0FuSVksZUFBZTtBQXFJNUIsSUFBSSxlQUFlLEVBQUUsQ0FBQyJ9
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import type { CertInfo } from "./acme.js";
|
|
2
|
+
import { CertReader } from "./cert-reader.js";
|
|
3
|
+
import { CertApplyBasePlugin } from "./base.js";
|
|
4
|
+
import { EabAccess } from "../../access";
|
|
5
|
+
export { CertReader };
|
|
6
|
+
export type { CertInfo };
|
|
7
|
+
export declare class CertApplyLegoPlugin extends CertApplyBasePlugin {
|
|
8
|
+
dnsType: string;
|
|
9
|
+
environment: string;
|
|
10
|
+
eabAccessId: number;
|
|
11
|
+
customArgs: string;
|
|
12
|
+
eab?: EabAccess;
|
|
13
|
+
onInstance(): Promise<void>;
|
|
14
|
+
onInit(): Promise<void>;
|
|
15
|
+
doCertApply(): Promise<CertReader>;
|
|
16
|
+
}
|