feat: allow insecure connections on deployment to some self-hosted services

2025-10-04 21:44:54 +00:00 · 2025-03-07 21:04:32 +08:00
parent 29dda4ec66
commit 1e2e88e299
33 changed files with 250 additions and 81 deletions
--- a/internal/deployer/providers.go
+++ b/internal/deployer/providers.go
@@ -81,17 +81,19 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
 			switch options.Provider {
 			case domain.DeployProviderType1PanelConsole:
 				deployer, err := p1PanelConsole.NewDeployer(&p1PanelConsole.DeployerConfig{
-					ApiUrl:      access.ApiUrl,
-					ApiKey:      access.ApiKey,
-					AutoRestart: maps.GetValueAsBool(options.ProviderDeployConfig, "autoRestart"),
+					ApiUrl:                   access.ApiUrl,
+					ApiKey:                   access.ApiKey,
+					AllowInsecureConnections: access.AllowInsecureConnections,
+					AutoRestart:              maps.GetValueAsBool(options.ProviderDeployConfig, "autoRestart"),
 				})
 				return deployer, err

 			case domain.DeployProviderType1PanelSite:
 				deployer, err := p1PanelSite.NewDeployer(&p1PanelSite.DeployerConfig{
-					ApiUrl:    access.ApiUrl,
-					ApiKey:    access.ApiKey,
-					WebsiteId: maps.GetValueAsInt64(options.ProviderDeployConfig, "websiteId"),
+					ApiUrl:                   access.ApiUrl,
+					ApiKey:                   access.ApiKey,
+					AllowInsecureConnections: access.AllowInsecureConnections,
+					WebsiteId:                maps.GetValueAsInt64(options.ProviderDeployConfig, "websiteId"),
 				})
 				return deployer, err

@@ -293,19 +295,21 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
 			switch options.Provider {
 			case domain.DeployProviderTypeBaotaPanelConsole:
 				deployer, err := pBaotaPanelConsole.NewDeployer(&pBaotaPanelConsole.DeployerConfig{
-					ApiUrl:      access.ApiUrl,
-					ApiKey:      access.ApiKey,
-					AutoRestart: maps.GetValueAsBool(options.ProviderDeployConfig, "autoRestart"),
+					ApiUrl:                   access.ApiUrl,
+					ApiKey:                   access.ApiKey,
+					AllowInsecureConnections: access.AllowInsecureConnections,
+					AutoRestart:              maps.GetValueAsBool(options.ProviderDeployConfig, "autoRestart"),
 				})
 				return deployer, err

 			case domain.DeployProviderTypeBaotaPanelSite:
 				deployer, err := pBaotaPanelSite.NewDeployer(&pBaotaPanelSite.DeployerConfig{
-					ApiUrl:    access.ApiUrl,
-					ApiKey:    access.ApiKey,
-					SiteType:  maps.GetValueOrDefaultAsString(options.ProviderDeployConfig, "siteType", "other"),
-					SiteName:  maps.GetValueAsString(options.ProviderDeployConfig, "siteName"),
-					SiteNames: slices.Filter(strings.Split(maps.GetValueAsString(options.ProviderDeployConfig, "siteNames"), ";"), func(s string) bool { return s != "" }),
+					ApiUrl:                   access.ApiUrl,
+					ApiKey:                   access.ApiKey,
+					AllowInsecureConnections: access.AllowInsecureConnections,
+					SiteType:                 maps.GetValueOrDefaultAsString(options.ProviderDeployConfig, "siteType", "other"),
+					SiteName:                 maps.GetValueAsString(options.ProviderDeployConfig, "siteName"),
+					SiteNames:                slices.Filter(strings.Split(maps.GetValueAsString(options.ProviderDeployConfig, "siteNames"), ";"), func(s string) bool { return s != "" }),
 				})
 				return deployer, err

@@ -582,10 +586,11 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
 			}

 			deployer, err := pSafeLine.NewDeployer(&pSafeLine.DeployerConfig{
-				ApiUrl:        access.ApiUrl,
-				ApiToken:      access.ApiToken,
-				ResourceType:  pSafeLine.ResourceType(maps.GetValueAsString(options.ProviderDeployConfig, "resourceType")),
-				CertificateId: maps.GetValueAsInt32(options.ProviderDeployConfig, "certificateId"),
+				ApiUrl:                   access.ApiUrl,
+				ApiToken:                 access.ApiToken,
+				AllowInsecureConnections: access.AllowInsecureConnections,
+				ResourceType:             pSafeLine.ResourceType(maps.GetValueAsString(options.ProviderDeployConfig, "resourceType")),
+				CertificateId:            maps.GetValueAsInt32(options.ProviderDeployConfig, "certificateId"),
 			})
 			return deployer, err
 		}
@@ -823,8 +828,9 @@ func createDeployer(options *deployerOptions) (deployer.Deployer, error) {
 			}

 			deployer, err := pWebhook.NewDeployer(&pWebhook.DeployerConfig{
-				WebhookUrl:  access.Url,
-				WebhookData: maps.GetValueAsString(options.ProviderDeployConfig, "webhookData"),
+				WebhookUrl:               access.Url,
+				WebhookData:              maps.GetValueAsString(options.ProviderDeployConfig, "webhookData"),
+				AllowInsecureConnections: access.AllowInsecureConnections,
 			})
 			return deployer, err
 		}
--- a/internal/domain/access.go
+++ b/internal/domain/access.go
@@ -25,8 +25,9 @@ func (a *Access) UnmarshalConfigToMap() (map[string]any, error) {
 }

 type AccessConfigFor1Panel struct {
-	ApiUrl string `json:"apiUrl"`
-	ApiKey string `json:"apiKey"`
+	ApiUrl                   string `json:"apiUrl"`
+	ApiKey                   string `json:"apiKey"`
+	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
 }

 type AccessConfigForACMEHttpReq struct {
@@ -63,8 +64,9 @@ type AccessConfigForBaishan struct {
 }

 type AccessConfigForBaotaPanel struct {
-	ApiUrl string `json:"apiUrl"`
-	ApiKey string `json:"apiKey"`
+	ApiUrl                   string `json:"apiUrl"`
+	ApiKey                   string `json:"apiKey"`
+	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
 }

 type AccessConfigForBytePlus struct {
@@ -174,8 +176,9 @@ type AccessConfigForRainYun struct {
 }

 type AccessConfigForSafeLine struct {
-	ApiUrl   string `json:"apiUrl"`
-	ApiToken string `json:"apiToken"`
+	ApiUrl                   string `json:"apiUrl"`
+	ApiToken                 string `json:"apiToken"`
+	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
 }

 type AccessConfigForSSH struct {
@@ -204,7 +207,8 @@ type AccessConfigForVolcEngine struct {
 }

 type AccessConfigForWebhook struct {
-	Url string `json:"url"`
+	Url                      string `json:"url"`
+	AllowInsecureConnections bool   `json:"allowInsecureConnections,omitempty"`
 }

 type AccessConfigForWestcn struct {
--- a/internal/notify/providers.go
+++ b/internal/notify/providers.go
@@ -63,7 +63,8 @@ func createNotifier(channel domain.NotifyChannelType, channelConfig map[string]a

 	case domain.NotifyChannelTypeWebhook:
 		return pWebhook.NewNotifier(&pWebhook.NotifierConfig{
-			Url: maps.GetValueAsString(channelConfig, "url"),
+			Url:                      maps.GetValueAsString(channelConfig, "url"),
+			AllowInsecureConnections: maps.GetValueAsBool(channelConfig, "allowInsecureConnections"),
 		})

 	case domain.NotifyChannelTypeWeCom:
--- a/internal/pkg/core/deployer/providers/1panel-console/1panel_console.go
+++ b/internal/pkg/core/deployer/providers/1panel-console/1panel_console.go
@@ -2,6 +2,7 @@

 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"net/url"

@@ -17,6 +18,8 @@ type DeployerConfig struct {
 	ApiUrl string `json:"apiUrl"`
 	// 1Panel 接口密钥。
 	ApiKey string `json:"apiKey"`
+	// 是否允许不安全的连接。
+	AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
 	// 是否自动重启。
 	AutoRestart bool `json:"autoRestart"`
 }
@@ -34,7 +37,7 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
 		panic("config is nil")
 	}

-	client, err := createSdkClient(config.ApiUrl, config.ApiKey)
+	client, err := createSdkClient(config.ApiUrl, config.ApiKey, config.AllowInsecureConnections)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to create sdk client")
 	}
@@ -74,7 +77,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	return &deployer.DeployResult{}, nil
 }

-func createSdkClient(apiUrl, apiKey string) (*opsdk.Client, error) {
+func createSdkClient(apiUrl, apiKey string, allowInsecure bool) (*opsdk.Client, error) {
 	if _, err := url.Parse(apiUrl); err != nil {
 		return nil, errors.New("invalid 1panel api url")
 	}
@@ -84,5 +87,9 @@ func createSdkClient(apiUrl, apiKey string) (*opsdk.Client, error) {
 	}

 	client := opsdk.NewClient(apiUrl, apiKey)
+	if allowInsecure {
+		client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true})
+	}
+
 	return client, nil
 }
--- a/internal/pkg/core/deployer/providers/1panel-console/1panel_console_test.go
+++ b/internal/pkg/core/deployer/providers/1panel-console/1panel_console_test.go
@@ -49,9 +49,10 @@ func TestDeploy(t *testing.T) {
 		}, "\n"))

 		deployer, err := provider.NewDeployer(&provider.DeployerConfig{
-			ApiUrl:      fApiUrl,
-			ApiKey:      fApiKey,
-			AutoRestart: true,
+			ApiUrl:                   fApiUrl,
+			ApiKey:                   fApiKey,
+			AllowInsecureConnections: true,
+			AutoRestart:              true,
 		})
 		if err != nil {
 			t.Errorf("err: %+v", err)
--- a/internal/pkg/core/deployer/providers/1panel-site/1panel_site.go
+++ b/internal/pkg/core/deployer/providers/1panel-site/1panel_site.go
@@ -2,6 +2,7 @@

 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"net/url"
 	"strconv"
@@ -20,6 +21,8 @@ type DeployerConfig struct {
 	ApiUrl string `json:"apiUrl"`
 	// 1Panel 接口密钥。
 	ApiKey string `json:"apiKey"`
+	// 是否允许不安全的连接。
+	AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
 	// 网站 ID。
 	WebsiteId int64 `json:"websiteId"`
 }
@@ -38,7 +41,7 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
 		panic("config is nil")
 	}

-	client, err := createSdkClient(config.ApiUrl, config.ApiKey)
+	client, err := createSdkClient(config.ApiUrl, config.ApiKey, config.AllowInsecureConnections)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to create sdk client")
 	}
@@ -106,7 +109,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	return &deployer.DeployResult{}, nil
 }

-func createSdkClient(apiUrl, apiKey string) (*opsdk.Client, error) {
+func createSdkClient(apiUrl, apiKey string, allowInsecure bool) (*opsdk.Client, error) {
 	if _, err := url.Parse(apiUrl); err != nil {
 		return nil, errors.New("invalid 1panel api url")
 	}
@@ -116,5 +119,9 @@ func createSdkClient(apiUrl, apiKey string) (*opsdk.Client, error) {
 	}

 	client := opsdk.NewClient(apiUrl, apiKey)
+	if allowInsecure {
+		client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true})
+	}
+
 	return client, nil
 }
--- a/internal/pkg/core/deployer/providers/1panel-site/1panel_site_test.go
+++ b/internal/pkg/core/deployer/providers/1panel-site/1panel_site_test.go
@@ -53,9 +53,10 @@ func TestDeploy(t *testing.T) {
 		}, "\n"))

 		deployer, err := provider.NewDeployer(&provider.DeployerConfig{
-			ApiUrl:    fApiUrl,
-			ApiKey:    fApiKey,
-			WebsiteId: fWebsiteId,
+			ApiUrl:                   fApiUrl,
+			ApiKey:                   fApiKey,
+			WebsiteId:                fWebsiteId,
+			AllowInsecureConnections: true,
 		})
 		if err != nil {
 			t.Errorf("err: %+v", err)
--- a/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console.go
+++ b/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console.go
@@ -2,6 +2,7 @@

 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"net/url"

@@ -17,6 +18,8 @@ type DeployerConfig struct {
 	ApiUrl string `json:"apiUrl"`
 	// 宝塔面板接口密钥。
 	ApiKey string `json:"apiKey"`
+	// 是否允许不安全的连接。
+	AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
 	// 是否自动重启。
 	AutoRestart bool `json:"autoRestart"`
 }
@@ -34,7 +37,7 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
 		panic("config is nil")
 	}

-	client, err := createSdkClient(config.ApiUrl, config.ApiKey)
+	client, err := createSdkClient(config.ApiUrl, config.ApiKey, config.AllowInsecureConnections)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to create sdk client")
 	}
@@ -79,7 +82,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	return &deployer.DeployResult{}, nil
 }

-func createSdkClient(apiUrl, apiKey string) (*btsdk.Client, error) {
+func createSdkClient(apiUrl, apiKey string, allowInsecure bool) (*btsdk.Client, error) {
 	if _, err := url.Parse(apiUrl); err != nil {
 		return nil, errors.New("invalid baota api url")
 	}
@@ -89,5 +92,9 @@ func createSdkClient(apiUrl, apiKey string) (*btsdk.Client, error) {
 	}

 	client := btsdk.NewClient(apiUrl, apiKey)
+	if allowInsecure {
+		client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true})
+	}
+
 	return client, nil
 }
--- a/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console_test.go
+++ b/internal/pkg/core/deployer/providers/baotapanel-console/baotapanel_console_test.go
@@ -49,9 +49,10 @@ func TestDeploy(t *testing.T) {
 		}, "\n"))

 		deployer, err := provider.NewDeployer(&provider.DeployerConfig{
-			ApiUrl:      fApiUrl,
-			ApiKey:      fApiKey,
-			AutoRestart: true,
+			ApiUrl:                   fApiUrl,
+			ApiKey:                   fApiKey,
+			AllowInsecureConnections: true,
+			AutoRestart:              true,
 		})
 		if err != nil {
 			t.Errorf("err: %+v", err)
--- a/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site.go
+++ b/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site.go
@@ -2,6 +2,7 @@

 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"net/url"
@@ -19,6 +20,8 @@ type DeployerConfig struct {
 	ApiUrl string `json:"apiUrl"`
 	// 宝塔面板接口密钥。
 	ApiKey string `json:"apiKey"`
+	// 是否允许不安全的连接。
+	AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
 	// 站点类型。
 	SiteType string `json:"siteType"`
 	// 站点名称（单个）。
@@ -40,7 +43,7 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
 		panic("config is nil")
 	}

-	client, err := createSdkClient(config.ApiUrl, config.ApiKey)
+	client, err := createSdkClient(config.ApiUrl, config.ApiKey, config.AllowInsecureConnections)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to create sdk client")
 	}
@@ -122,7 +125,7 @@ func (d *DeployerProvider) Deploy(ctx context.Context, certPem string, privkeyPe
 	return &deployer.DeployResult{}, nil
 }

-func createSdkClient(apiUrl, apiKey string) (*btsdk.Client, error) {
+func createSdkClient(apiUrl, apiKey string, allowInsecure bool) (*btsdk.Client, error) {
 	if _, err := url.Parse(apiUrl); err != nil {
 		return nil, errors.New("invalid baota api url")
 	}
@@ -132,5 +135,9 @@ func createSdkClient(apiUrl, apiKey string) (*btsdk.Client, error) {
 	}

 	client := btsdk.NewClient(apiUrl, apiKey)
+	if allowInsecure {
+		client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true})
+	}
+
 	return client, nil
 }
--- a/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site_test.go
+++ b/internal/pkg/core/deployer/providers/baotapanel-site/baotapanel_site_test.go
@@ -57,11 +57,12 @@ func TestDeploy(t *testing.T) {
 		}, "\n"))

 		deployer, err := provider.NewDeployer(&provider.DeployerConfig{
-			ApiUrl:    fApiUrl,
-			ApiKey:    fApiKey,
-			SiteType:  fSiteType,
-			SiteName:  fSiteName,
-			SiteNames: []string{fSiteName},
+			ApiUrl:                   fApiUrl,
+			ApiKey:                   fApiKey,
+			AllowInsecureConnections: true,
+			SiteType:                 fSiteType,
+			SiteName:                 fSiteName,
+			SiteNames:                []string{fSiteName},
 		})
 		if err != nil {
 			t.Errorf("err: %+v", err)
--- a/internal/pkg/core/deployer/providers/safeline/safeline.go
+++ b/internal/pkg/core/deployer/providers/safeline/safeline.go
@@ -2,6 +2,7 @@

 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"net/url"
@@ -18,6 +19,8 @@ type DeployerConfig struct {
 	ApiUrl string `json:"apiUrl"`
 	// 雷池 API Token。
 	ApiToken string `json:"apiToken"`
+	// 是否允许不安全的连接。
+	AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
 	// 部署资源类型。
 	ResourceType ResourceType `json:"resourceType"`
 	// 证书 ID。
@@ -38,7 +41,7 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
 		panic("config is nil")
 	}

-	client, err := createSdkClient(config.ApiUrl, config.ApiToken)
+	client, err := createSdkClient(config.ApiUrl, config.ApiToken, config.AllowInsecureConnections)
 	if err != nil {
 		return nil, xerrors.Wrap(err, "failed to create sdk clients")
 	}
@@ -94,7 +97,7 @@ func (d *DeployerProvider) deployToCertificate(ctx context.Context, certPem stri
 	return nil
 }

-func createSdkClient(apiUrl, apiToken string) (*safelinesdk.Client, error) {
+func createSdkClient(apiUrl, apiToken string, allowInsecure bool) (*safelinesdk.Client, error) {
 	if _, err := url.Parse(apiUrl); err != nil {
 		return nil, errors.New("invalid safeline api url")
 	}
@@ -104,5 +107,9 @@ func createSdkClient(apiUrl, apiToken string) (*safelinesdk.Client, error) {
 	}

 	client := safelinesdk.NewClient(apiUrl, apiToken)
+	if allowInsecure {
+		client.WithTLSConfig(&tls.Config{InsecureSkipVerify: true})
+	}
+
 	return client, nil
 }
--- a/internal/pkg/core/deployer/providers/safeline/safeline_test.go
+++ b/internal/pkg/core/deployer/providers/safeline/safeline_test.go
@@ -53,10 +53,11 @@ func TestDeploy(t *testing.T) {
 		}, "\n"))

 		deployer, err := provider.NewDeployer(&provider.DeployerConfig{
-			ApiUrl:        fApiUrl,
-			ApiToken:      fApiToken,
-			ResourceType:  provider.ResourceType("certificate"),
-			CertificateId: fCertificateId,
+			ApiUrl:                   fApiUrl,
+			ApiToken:                 fApiToken,
+			AllowInsecureConnections: true,
+			ResourceType:             provider.ResourceType("certificate"),
+			CertificateId:            int32(fCertificateId),
 		})
 		if err != nil {
 			t.Errorf("err: %+v", err)
--- a/internal/pkg/core/deployer/providers/webhook/webhook.go
+++ b/internal/pkg/core/deployer/providers/webhook/webhook.go
@@ -2,6 +2,7 @@ package webhook

 import (
 	"context"
+	"crypto/tls"
 	"encoding/json"
 	"strings"
 	"time"
@@ -19,6 +20,8 @@ type DeployerConfig struct {
 	WebhookUrl string `json:"webhookUrl"`
 	// Webhook 回调数据（JSON 格式）。
 	WebhookData string `json:"webhookData,omitempty"`
+	// 是否允许不安全的连接。
+	AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
 }

 type DeployerProvider struct {
@@ -38,6 +41,9 @@ func NewDeployer(config *DeployerConfig) (*DeployerProvider, error) {
 		SetTimeout(30 * time.Second).
 		SetRetryCount(3).
 		SetRetryWaitTime(5 * time.Second)
+	if config.AllowInsecureConnections {
+		client.SetTLSClientConfig(&tls.Config{InsecureSkipVerify: true})
+	}

 	return &DeployerProvider{
 		config:     config,
--- a/internal/pkg/core/deployer/providers/webhook/webhook_test.go
+++ b/internal/pkg/core/deployer/providers/webhook/webhook_test.go
@@ -49,8 +49,9 @@ func TestDeploy(t *testing.T) {
 		}, "\n"))

 		deployer, err := provider.NewDeployer(&provider.DeployerConfig{
-			WebhookUrl:  fWebhookUrl,
-			WebhookData: fWebhookData,
+			WebhookUrl:               fWebhookUrl,
+			WebhookData:              fWebhookData,
+			AllowInsecureConnections: true,
 		})
 		if err != nil {
 			t.Errorf("err: %+v", err)
--- a/internal/pkg/core/notifier/providers/webhook/webhook.go
+++ b/internal/pkg/core/notifier/providers/webhook/webhook.go
@@ -2,8 +2,10 @@

 import (
 	"context"
+	"crypto/tls"
+	"net/http"

-	"github.com/nikoksr/notify/service/http"
+	webhook "github.com/nikoksr/notify/service/http"

 	"github.com/usual2970/certimate/internal/pkg/core/notifier"
 )
@@ -11,6 +13,8 @@ import (
 type NotifierConfig struct {
 	// Webhook URL。
 	Url string `json:"url"`
+	// 是否允许不安全的连接。
+	AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
 }

 type NotifierProvider struct {
@@ -30,10 +34,16 @@ func NewNotifier(config *NotifierConfig) (*NotifierProvider, error) {
 }

 func (n *NotifierProvider) Notify(ctx context.Context, subject string, message string) (res *notifier.NotifyResult, err error) {
-	srv := http.New()
-
+	srv := webhook.New()
 	srv.AddReceiversURLs(n.config.Url)

+	if n.config.AllowInsecureConnections {
+		tlsConfig := &tls.Config{InsecureSkipVerify: true}
+		transport := &http.Transport{TLSClientConfig: tlsConfig}
+		client := &http.Client{Transport: transport}
+		srv.WithClient(client)
+	}
+
 	err = srv.Send(ctx, subject, message)
 	if err != nil {
 		return nil, err
--- a/internal/pkg/core/notifier/providers/webhook/webhook_test.go
+++ b/internal/pkg/core/notifier/providers/webhook/webhook_test.go
@@ -39,7 +39,8 @@ func TestNotify(t *testing.T) {
 		}, "\n"))

 		notifier, err := provider.NewNotifier(&provider.NotifierConfig{
-			Url: fUrl,
+			Url:                      fUrl,
+			AllowInsecureConnections: true,
 		})
 		if err != nil {
 			t.Errorf("err: %+v", err)
--- a/internal/pkg/vendors/1panel-sdk/client.go
+++ b/internal/pkg/vendors/1panel-sdk/client.go
@@ -35,7 +35,7 @@ func (c *Client) WithTimeout(timeout time.Duration) *Client {
 	return c
 }

-func (c *Client) WithTlsConfig(config *tls.Config) *Client {
+func (c *Client) WithTLSConfig(config *tls.Config) *Client {
 	c.client.SetTLSClientConfig(config)
 	return c
 }
--- a/internal/pkg/vendors/btpanel-sdk/client.go
+++ b/internal/pkg/vendors/btpanel-sdk/client.go
@@ -2,6 +2,7 @@ package btpanelsdk

 import (
 	"crypto/md5"
+	"crypto/tls"
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
@@ -34,6 +35,11 @@ func (c *Client) WithTimeout(timeout time.Duration) *Client {
 	return c
 }

+func (c *Client) WithTLSConfig(config *tls.Config) *Client {
+	c.client.SetTLSClientConfig(config)
+	return c
+}
+
 func (c *Client) generateSignature(timestamp string) string {
 	keyMd5 := md5.Sum([]byte(c.apiKey))
 	keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:]))
--- a/internal/pkg/vendors/safeline-sdk/client.go
+++ b/internal/pkg/vendors/safeline-sdk/client.go
@@ -1,6 +1,7 @@
 package safelinesdk

 import (
+	"crypto/tls"
 	"encoding/json"
 	"fmt"
 	"strings"
@@ -31,6 +32,11 @@ func (c *Client) WithTimeout(timeout time.Duration) *Client {
 	return c
 }

+func (c *Client) WithTLSConfig(config *tls.Config) *Client {
+	c.client.SetTLSClientConfig(config)
+	return c
+}
+
 func (c *Client) sendRequest(path string, params interface{}) (*resty.Response, error) {
 	url := c.apiHost + path
 	req := c.client.R().