feat: add dogecloud cdn deployer

2025-10-05 22:14:53 +00:00 · 2024-11-04 10:34:05 +08:00
parent 8a78e49bf0
commit 1e41020728
12 changed files with 450 additions and 11 deletions
--- a/internal/pkg/core/uploader/providers/dogecloud/dogecloud.go
+++ b/internal/pkg/core/uploader/providers/dogecloud/dogecloud.go
@@ -0,0 +1,61 @@
+package dogecloud
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	xerrors "github.com/pkg/errors"
+
+	"github.com/usual2970/certimate/internal/pkg/core/uploader"
+	doge "github.com/usual2970/certimate/internal/pkg/vendors/dogecloud-sdk"
+)
+
+type DogeCloudUploaderConfig struct {
+	AccessKey string `json:"accessKey"`
+	SecretKey string `json:"secretKey"`
+}
+
+type DogeCloudUploader struct {
+	config    *DogeCloudUploaderConfig
+	sdkClient *doge.Client
+}
+
+func New(config *DogeCloudUploaderConfig) (*DogeCloudUploader, error) {
+	client, err := createSdkClient(
+		config.AccessKey,
+		config.SecretKey,
+	)
+	if err != nil {
+		return nil, xerrors.Wrap(err, "failed to create sdk client")
+	}
+
+	return &DogeCloudUploader{
+		config:    config,
+		sdkClient: client,
+	}, nil
+}
+
+func (u *DogeCloudUploader) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
+	// 生成新证书名（需符合多吉云命名规则）
+	var certId, certName string
+	certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
+
+	// 上传新证书
+	// REF: https://docs.dogecloud.com/cdn/api-cert-upload
+	uploadSslCertResp, err := u.sdkClient.UploadCdnCert(certName, certName, privkeyPem)
+	if err != nil {
+		return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.UploadCdnCert'")
+	}
+
+	certId = uploadSslCertResp.Data.Id
+	return &uploader.UploadResult{
+		CertId:   certId,
+		CertName: certName,
+	}, nil
+}
+
+func createSdkClient(accessKey, secretKey string) (*doge.Client, error) {
+	client := doge.NewClient(accessKey, secretKey)
+	return client, nil
+}
--- a/internal/pkg/vendors/dogecloud-sdk/client.go
+++ b/internal/pkg/vendors/dogecloud-sdk/client.go
@@ -0,0 +1,182 @@
+package dogecloudsdk
+
+import (
+	"crypto/hmac"
+	"crypto/sha1"
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+)
+
+const dogeHost = "https://api.dogecloud.com"
+
+type Client struct {
+	accessKey string
+	secretKey string
+}
+
+func NewClient(accessKey, secretKey string) *Client {
+	return &Client{accessKey: accessKey, secretKey: secretKey}
+}
+
+func (c *Client) UploadCdnCert(note, cert, private string) (*UploadCdnCertResponse, error) {
+	req := &UploadCdnCertRequest{
+		Note:        note,
+		Certificate: cert,
+		PrivateKey:  private,
+	}
+
+	reqBts, err := json.Marshal(req)
+	if err != nil {
+		return nil, err
+	}
+
+	reqMap := make(map[string]interface{})
+	err = json.Unmarshal(reqBts, &reqMap)
+	if err != nil {
+		return nil, err
+	}
+
+	respBts, err := c.sendReq(http.MethodPost, "cdn/cert/upload.json", reqMap, true)
+	if err != nil {
+		return nil, err
+	}
+
+	resp := &UploadCdnCertResponse{}
+	err = json.Unmarshal(respBts, resp)
+	if err != nil {
+		return nil, err
+	}
+	if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 {
+		return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message)
+	}
+
+	return resp, nil
+}
+
+func (c *Client) BindCdnCertWithDomain(certId string, domain string) (*BindCdnCertResponse, error) {
+	req := &BindCdnCertRequest{
+		CertId: certId,
+		Domain: &domain,
+	}
+
+	reqBts, err := json.Marshal(req)
+	if err != nil {
+		return nil, err
+	}
+
+	reqMap := make(map[string]interface{})
+	err = json.Unmarshal(reqBts, &reqMap)
+	if err != nil {
+		return nil, err
+	}
+
+	respBts, err := c.sendReq(http.MethodPost, "cdn/cert/bind.json", reqMap, true)
+	if err != nil {
+		return nil, err
+	}
+
+	resp := &BindCdnCertResponse{}
+	err = json.Unmarshal(respBts, resp)
+	if err != nil {
+		return nil, err
+	}
+	if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 {
+		return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message)
+	}
+
+	return resp, nil
+}
+
+func (c *Client) BindCdnCertWithDomainId(certId string, domainId int32) (*BindCdnCertResponse, error) {
+	req := &BindCdnCertRequest{
+		CertId:   certId,
+		DomainId: &domainId,
+	}
+
+	reqBts, err := json.Marshal(req)
+	if err != nil {
+		return nil, err
+	}
+
+	reqMap := make(map[string]interface{})
+	err = json.Unmarshal(reqBts, &reqMap)
+	if err != nil {
+		return nil, err
+	}
+
+	respBts, err := c.sendReq(http.MethodPost, "cdn/cert/bind.json", reqMap, true)
+	if err != nil {
+		return nil, err
+	}
+
+	resp := &BindCdnCertResponse{}
+	err = json.Unmarshal(respBts, resp)
+	if err != nil {
+		return nil, err
+	}
+	if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 {
+		return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message)
+	}
+
+	return resp, nil
+}
+
+// 调用多吉云的 API。
+// https://docs.dogecloud.com/cdn/api-access-token?id=go
+//
+// 入参：
+//   - method：GET 或 POST
+//   - path：是调用的 API 接口地址，包含 URL 请求参数 QueryString，例如：/console/vfetch/add.json?url=xxx&a=1&b=2
+//   - data：POST 的数据，对象，例如 {a: 1, b: 2}，传递此参数表示不是 GET 请求而是 POST 请求
+//   - jsonMode：数据 data 是否以 JSON 格式请求，默认为 false 则使用表单形式（a=1&b=2）
+func (c *Client) sendReq(method string, path string, data map[string]interface{}, jsonMode bool) ([]byte, error) {
+	body := ""
+	mime := ""
+	if jsonMode {
+		_body, err := json.Marshal(data)
+		if err != nil {
+			return nil, err
+		}
+		body = string(_body)
+		mime = "application/json"
+	} else {
+		values := url.Values{}
+		for k, v := range data {
+			values.Set(k, v.(string))
+		}
+		body = values.Encode()
+		mime = "application/x-www-form-urlencoded"
+	}
+
+	signStr := path + "\n" + body
+	hmacObj := hmac.New(sha1.New, []byte(c.secretKey))
+	hmacObj.Write([]byte(signStr))
+	sign := hex.EncodeToString(hmacObj.Sum(nil))
+	auth := fmt.Sprintf("TOKEN %s:%s", c.accessKey, sign)
+
+	req, err := http.NewRequest(method, fmt.Sprintf("%s/%s", dogeHost, path), strings.NewReader(body))
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Add("Content-Type", mime)
+	req.Header.Add("Authorization", auth)
+
+	client := http.Client{}
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	r, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	return r, nil
+}
--- a/internal/pkg/vendors/dogecloud-sdk/models.go
+++ b/internal/pkg/vendors/dogecloud-sdk/models.go
@@ -0,0 +1,31 @@
+package dogecloudsdk
+
+type BaseResponse struct {
+	Code    *int    `json:"code,omitempty"`
+	Message *string `json:"msg,omitempty"`
+}
+
+type UploadCdnCertRequest struct {
+	Note        string `json:"note"`
+	Certificate string `json:"cert"`
+	PrivateKey  string `json:"private"`
+}
+
+type UploadCdnCertResponseData struct {
+	Id string `json:"id"`
+}
+
+type UploadCdnCertResponse struct {
+	*BaseResponse
+	Data *UploadCdnCertResponseData `json:"data,omitempty"`
+}
+
+type BindCdnCertRequest struct {
+	CertId   string  `json:"id"`
+	DomainId *int32  `json:"did,omitempty"`
+	Domain   *string `json:"domain,omitempty"`
+}
+
+type BindCdnCertResponse struct {
+	*BaseResponse
+}
--- a/internal/pkg/vendors/qiniu-sdk/client.go
+++ b/internal/pkg/vendors/qiniu-sdk/client.go
@@ -12,7 +12,7 @@ import (
 	xhttp "github.com/usual2970/certimate/internal/utils/http"
 )

-const qiniuHost = "http://api.qiniu.com"
+const qiniuHost = "https://api.qiniu.com"

 type Client struct {
 	mac *auth.Credentials
@@ -129,7 +129,7 @@ func (c *Client) UploadSslCert(name, commonName, pri, ca string) (*UploadSslCert
 		return nil, err
 	}
 	if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 {
-		return nil, fmt.Errorf("code: %d, error: %s", *resp.Code, *resp.Error)
+		return nil, fmt.Errorf("qiniu api error, code: %d, error: %s", *resp.Code, *resp.Error)
 	}

 	return resp, nil
--- a/internal/pkg/vendors/qiniu-sdk/models.go
+++ b/internal/pkg/vendors/qiniu-sdk/models.go
@@ -1,5 +1,10 @@
 package qiniusdk

+type BaseResponse struct {
+	Code  *int    `json:"code,omitempty"`
+	Error *string `json:"error,omitempty"`
+}
+
 type UploadSslCertRequest struct {
 	Name       string `json:"name"`
 	CommonName string `json:"common_name"`
@@ -8,9 +13,8 @@ type UploadSslCertRequest struct {
 }

 type UploadSslCertResponse struct {
-	Code   *int    `json:"code,omitempty"`
-	Error  *string `json:"error,omitempty"`
-	CertID string  `json:"certID"`
+	*BaseResponse
+	CertID string `json:"certID"`
 }

 type DomainInfoHttpsData struct {
@@ -20,8 +24,7 @@ type DomainInfoHttpsData struct {
 }

 type GetDomainInfoResponse struct {
-	Code               *int                 `json:"code,omitempty"`
-	Error              *string              `json:"error,omitempty"`
+	*BaseResponse
 	Name               string               `json:"name"`
 	Type               string               `json:"type"`
 	CName              string               `json:"cname"`
@@ -39,8 +42,7 @@ type ModifyDomainHttpsConfRequest struct {
 }

 type ModifyDomainHttpsConfResponse struct {
-	Code  *int    `json:"code,omitempty"`
-	Error *string `json:"error,omitempty"`
+	*BaseResponse
 }

 type EnableDomainHttpsRequest struct {
@@ -48,6 +50,5 @@ type EnableDomainHttpsRequest struct {
 }

 type EnableDomainHttpsResponse struct {
-	Code  *int    `json:"code,omitempty"`
-	Error *string `json:"error,omitempty"`
+	*BaseResponse
 }