GuanM/certimate
1
0
Fork 0
mirror of https://github.com/usual2970/certimate.git synced 2025-06-08 13:39:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: add dogecloud cdn deployer

Browse Source
This commit is contained in:
Fu Diwei 2024-11-04 10:34:05 +08:00
parent 8a78e49bf0
commit 1e41020728
12 changed files with 450 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
internal/deployer/deployer.go
View File

@ -34,6 +34,7 @@ const (
targetHuaweiCloudCDN = "huaweicloud-cdn" targetHuaweiCloudCDN = "huaweicloud-cdn"
targetHuaweiCloudELB = "huaweicloud-elb" targetHuaweiCloudELB = "huaweicloud-elb"
targetQiniuCdn = "qiniu-cdn" targetQiniuCdn = "qiniu-cdn"
targetDogeCloudCdn = "dogecloud-cdn"
targetLocal = "local" targetLocal = "local"
targetSSH = "ssh" targetSSH = "ssh"
targetWebhook = "webhook" targetWebhook = "webhook"
@ -136,6 +137,8 @@ func getWithDeployConfig(record *models.Record, cert *applicant.Certificate, dep
return NewHuaweiCloudELBDeployer(option) return NewHuaweiCloudELBDeployer(option)
case targetQiniuCdn: case targetQiniuCdn:
return NewQiniuCDNDeployer(option) return NewQiniuCDNDeployer(option)
case targetDogeCloudCdn:
return NewDogeCloudCDNDeployer(option)
case targetLocal: case targetLocal:
return NewLocalDeployer(option) return NewLocalDeployer(option)
case targetSSH: case targetSSH:

86
internal/deployer/dogecloud_cdn.go Normal file
View File

@ -0,0 +1,86 @@
package deployer
import (
"context"
"encoding/json"
"fmt"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/domain"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
uploaderDoge "github.com/usual2970/certimate/internal/pkg/core/uploader/providers/dogecloud"
doge "github.com/usual2970/certimate/internal/pkg/vendors/dogecloud-sdk"
)
type DogeCloudCDNDeployer struct {
option *DeployerOption
infos []string
sdkClient *doge.Client
sslUploader uploader.Uploader
}
func NewDogeCloudCDNDeployer(option *DeployerOption) (Deployer, error) {
access := &domain.DogeCloudAccess{}
if err := json.Unmarshal([]byte(option.Access), access); err != nil {
return nil, xerrors.Wrap(err, "failed to get access")
}
client, err := (&DogeCloudCDNDeployer{}).createSdkClient(
access.AccessKey,
access.SecretKey,
)
if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
uploader, err := uploaderDoge.New(&uploaderDoge.DogeCloudUploaderConfig{
AccessKey: access.AccessKey,
SecretKey: access.SecretKey,
})
if err != nil {
return nil, xerrors.Wrap(err, "failed to create ssl uploader")
}
return &DogeCloudCDNDeployer{
option: option,
infos: make([]string, 0),
sdkClient: client,
sslUploader: uploader,
}, nil
}
func (d *DogeCloudCDNDeployer) GetID() string {
return fmt.Sprintf("%s-%s", d.option.AccessRecord.GetString("name"), d.option.AccessRecord.Id)
}
func (d *DogeCloudCDNDeployer) GetInfos() []string {
return d.infos
}
func (d *DogeCloudCDNDeployer) Deploy(ctx context.Context) error {
// 上传证书到 CDN
upres, err := d.sslUploader.Upload(ctx, d.option.Certificate.Certificate, d.option.Certificate.PrivateKey)
if err != nil {
return err
}
d.infos = append(d.infos, toStr("已上传证书", upres))
// 绑定证书
// REF: https://docs.dogecloud.com/cdn/api-cert-bind
bindCdnCertResp, err := d.sdkClient.BindCdnCertWithDomain(upres.CertId, d.option.DeployConfig.GetConfigAsString("domain"))
if err != nil {
return xerrors.Wrap(err, "failed to execute sdk request 'cdn.BindCdnCert'")
}
d.infos = append(d.infos, toStr("已绑定证书", bindCdnCertResp))
return nil
}
func (d *DogeCloudCDNDeployer) createSdkClient(accessKey, secretKey string) (*doge.Client, error) {
client := doge.NewClient(accessKey, secretKey)
return client, nil
}

61
internal/pkg/core/uploader/providers/dogecloud/dogecloud.go Normal file
View File

@ -0,0 +1,61 @@
package dogecloud
import (
"context"
"fmt"
"time"
xerrors "github.com/pkg/errors"
"github.com/usual2970/certimate/internal/pkg/core/uploader"
doge "github.com/usual2970/certimate/internal/pkg/vendors/dogecloud-sdk"
)
type DogeCloudUploaderConfig struct {
AccessKey string `json:"accessKey"`
SecretKey string `json:"secretKey"`
}
type DogeCloudUploader struct {
config *DogeCloudUploaderConfig
sdkClient *doge.Client
}
func New(config *DogeCloudUploaderConfig) (*DogeCloudUploader, error) {
client, err := createSdkClient(
config.AccessKey,
config.SecretKey,
)
if err != nil {
return nil, xerrors.Wrap(err, "failed to create sdk client")
}
return &DogeCloudUploader{
config: config,
sdkClient: client,
}, nil
}
func (u *DogeCloudUploader) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
// 生成新证书名(需符合多吉云命名规则)
var certId, certName string
certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
// 上传新证书
// REF: https://docs.dogecloud.com/cdn/api-cert-upload
uploadSslCertResp, err := u.sdkClient.UploadCdnCert(certName, certName, privkeyPem)
if err != nil {
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.UploadCdnCert'")
}
certId = uploadSslCertResp.Data.Id
return &uploader.UploadResult{
CertId: certId,
CertName: certName,
}, nil
}
func createSdkClient(accessKey, secretKey string) (*doge.Client, error) {
client := doge.NewClient(accessKey, secretKey)
return client, nil
}

182
internal/pkg/vendors/dogecloud-sdk/client.go vendored Normal file
View File

@ -0,0 +1,182 @@
package dogecloudsdk
import (
"crypto/hmac"
"crypto/sha1"
"encoding/hex"
"encoding/json"
"fmt"
"io"
"net/http"
"net/url"
"strings"
)
const dogeHost = "https://api.dogecloud.com"
type Client struct {
accessKey string
secretKey string
}
func NewClient(accessKey, secretKey string) *Client {
return &Client{accessKey: accessKey, secretKey: secretKey}
}
func (c *Client) UploadCdnCert(note, cert, private string) (*UploadCdnCertResponse, error) {
req := &UploadCdnCertRequest{
Note: note,
Certificate: cert,
PrivateKey: private,
}
reqBts, err := json.Marshal(req)
if err != nil {
return nil, err
}
reqMap := make(map[string]interface{})
err = json.Unmarshal(reqBts, &reqMap)
if err != nil {
return nil, err
}
respBts, err := c.sendReq(http.MethodPost, "cdn/cert/upload.json", reqMap, true)
if err != nil {
return nil, err
}
resp := &UploadCdnCertResponse{}
err = json.Unmarshal(respBts, resp)
if err != nil {
return nil, err
}
if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 {
return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message)
}
return resp, nil
}
func (c *Client) BindCdnCertWithDomain(certId string, domain string) (*BindCdnCertResponse, error) {
req := &BindCdnCertRequest{
CertId: certId,
Domain: &domain,
}
reqBts, err := json.Marshal(req)
if err != nil {
return nil, err
}
reqMap := make(map[string]interface{})
err = json.Unmarshal(reqBts, &reqMap)
if err != nil {
return nil, err
}
respBts, err := c.sendReq(http.MethodPost, "cdn/cert/bind.json", reqMap, true)
if err != nil {
return nil, err
}
resp := &BindCdnCertResponse{}
err = json.Unmarshal(respBts, resp)
if err != nil {
return nil, err
}
if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 {
return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message)
}
return resp, nil
}
func (c *Client) BindCdnCertWithDomainId(certId string, domainId int32) (*BindCdnCertResponse, error) {
req := &BindCdnCertRequest{
CertId: certId,
DomainId: &domainId,
}
reqBts, err := json.Marshal(req)
if err != nil {
return nil, err
}
reqMap := make(map[string]interface{})
err = json.Unmarshal(reqBts, &reqMap)
if err != nil {
return nil, err
}
respBts, err := c.sendReq(http.MethodPost, "cdn/cert/bind.json", reqMap, true)
if err != nil {
return nil, err
}
resp := &BindCdnCertResponse{}
err = json.Unmarshal(respBts, resp)
if err != nil {
return nil, err
}
if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 {
return nil, fmt.Errorf("dogecloud api error, code: %d, msg: %s", *resp.Code, *resp.Message)
}
return resp, nil
}
// 调用多吉云的 API。
// https://docs.dogecloud.com/cdn/api-access-token?id=go
//
// 入参:
// - methodGET 或 POST
// - path是调用的 API 接口地址,包含 URL 请求参数 QueryString例如/console/vfetch/add.json?url=xxx&a=1&b=2
// - dataPOST 的数据,对象,例如 {a: 1, b: 2},传递此参数表示不是 GET 请求而是 POST 请求
// - jsonMode数据 data 是否以 JSON 格式请求,默认为 false 则使用表单形式a=1&b=2
func (c *Client) sendReq(method string, path string, data map[string]interface{}, jsonMode bool) ([]byte, error) {
body := ""
mime := ""
if jsonMode {
_body, err := json.Marshal(data)
if err != nil {
return nil, err
}
body = string(_body)
mime = "application/json"
} else {
values := url.Values{}
for k, v := range data {
values.Set(k, v.(string))
}
body = values.Encode()
mime = "application/x-www-form-urlencoded"
}
signStr := path + "\n" + body
hmacObj := hmac.New(sha1.New, []byte(c.secretKey))
hmacObj.Write([]byte(signStr))
sign := hex.EncodeToString(hmacObj.Sum(nil))
auth := fmt.Sprintf("TOKEN %s:%s", c.accessKey, sign)
req, err := http.NewRequest(method, fmt.Sprintf("%s/%s", dogeHost, path), strings.NewReader(body))
if err != nil {
return nil, err
}
req.Header.Add("Content-Type", mime)
req.Header.Add("Authorization", auth)
client := http.Client{}
resp, err := client.Do(req)
if err != nil {
return nil, err
}
defer resp.Body.Close()
r, err := io.ReadAll(resp.Body)
if err != nil {
return nil, err
}
return r, nil
}

31
internal/pkg/vendors/dogecloud-sdk/models.go vendored Normal file
View File

@ -0,0 +1,31 @@
package dogecloudsdk
type BaseResponse struct {
Code *int `json:"code,omitempty"`
Message *string `json:"msg,omitempty"`
}
type UploadCdnCertRequest struct {
Note string `json:"note"`
Certificate string `json:"cert"`
PrivateKey string `json:"private"`
}
type UploadCdnCertResponseData struct {
Id string `json:"id"`
}
type UploadCdnCertResponse struct {
*BaseResponse
Data *UploadCdnCertResponseData `json:"data,omitempty"`
}
type BindCdnCertRequest struct {
CertId string `json:"id"`
DomainId *int32 `json:"did,omitempty"`
Domain *string `json:"domain,omitempty"`
}
type BindCdnCertResponse struct {
*BaseResponse
}

4
internal/pkg/vendors/qiniu-sdk/client.go vendored
View File

@ -12,7 +12,7 @@ import (
xhttp "github.com/usual2970/certimate/internal/utils/http" xhttp "github.com/usual2970/certimate/internal/utils/http"
) )
const qiniuHost = "http://api.qiniu.com" const qiniuHost = "https://api.qiniu.com"
type Client struct { type Client struct {
mac *auth.Credentials mac *auth.Credentials
@ -129,7 +129,7 @@ func (c *Client) UploadSslCert(name, commonName, pri, ca string) (*UploadSslCert
return nil, err return nil, err
} }
if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 { if resp.Code != nil && *resp.Code != 0 && *resp.Code != 200 {
return nil, fmt.Errorf("code: %d, error: %s", *resp.Code, *resp.Error) return nil, fmt.Errorf("qiniu api error, code: %d, error: %s", *resp.Code, *resp.Error)
} }
return resp, nil return resp, nil

17
internal/pkg/vendors/qiniu-sdk/models.go vendored
View File

@ -1,5 +1,10 @@
package qiniusdk package qiniusdk
type BaseResponse struct {
Code *int `json:"code,omitempty"`
Error *string `json:"error,omitempty"`
}
type UploadSslCertRequest struct { type UploadSslCertRequest struct {
Name string `json:"name"` Name string `json:"name"`
CommonName string `json:"common_name"` CommonName string `json:"common_name"`
@ -8,8 +13,7 @@ type UploadSslCertRequest struct {
} }
type UploadSslCertResponse struct { type UploadSslCertResponse struct {
Code *int `json:"code,omitempty"` *BaseResponse
Error *string `json:"error,omitempty"`
CertID string `json:"certID"` CertID string `json:"certID"`
} }
@ -20,8 +24,7 @@ type DomainInfoHttpsData struct {
} }
type GetDomainInfoResponse struct { type GetDomainInfoResponse struct {
Code *int `json:"code,omitempty"` *BaseResponse
Error *string `json:"error,omitempty"`
Name string `json:"name"` Name string `json:"name"`
Type string `json:"type"` Type string `json:"type"`
CName string `json:"cname"` CName string `json:"cname"`
@ -39,8 +42,7 @@ type ModifyDomainHttpsConfRequest struct {
} }
type ModifyDomainHttpsConfResponse struct { type ModifyDomainHttpsConfResponse struct {
Code *int `json:"code,omitempty"` *BaseResponse
Error *string `json:"error,omitempty"`
} }
type EnableDomainHttpsRequest struct { type EnableDomainHttpsRequest struct {
@ -48,6 +50,5 @@ type EnableDomainHttpsRequest struct {
} }
type EnableDomainHttpsResponse struct { type EnableDomainHttpsResponse struct {
Code *int `json:"code,omitempty"` *BaseResponse
Error *string `json:"error,omitempty"`
} }

4
ui/src/components/certimate/DeployEditDialog.tsx
View File

@ -21,6 +21,7 @@ import DeployToTencentTEO from "./DeployToTencentTEO";
import DeployToHuaweiCloudCDN from "./DeployToHuaweiCloudCDN"; import DeployToHuaweiCloudCDN from "./DeployToHuaweiCloudCDN";
import DeployToHuaweiCloudELB from "./DeployToHuaweiCloudELB"; import DeployToHuaweiCloudELB from "./DeployToHuaweiCloudELB";
import DeployToQiniuCDN from "./DeployToQiniuCDN"; import DeployToQiniuCDN from "./DeployToQiniuCDN";
import DeployToDogeCloudCDN from "./DeployToDogeCloudCDN";
import DeployToLocal from "./DeployToLocal"; import DeployToLocal from "./DeployToLocal";
import DeployToSSH from "./DeployToSSH"; import DeployToSSH from "./DeployToSSH";
import DeployToWebhook from "./DeployToWebhook"; import DeployToWebhook from "./DeployToWebhook";
@ -154,6 +155,9 @@ const DeployEditDialog = ({ trigger, deployConfig, onSave }: DeployEditDialogPro
case "qiniu-cdn": case "qiniu-cdn":
childComponent = <DeployToQiniuCDN />; childComponent = <DeployToQiniuCDN />;
break; break;
case "dogecloud-cdn":
childComponent = <DeployToDogeCloudCDN />;
break;
case "local": case "local":
childComponent = <DeployToLocal />; childComponent = <DeployToLocal />;
break; break;

68
ui/src/components/certimate/DeployToDogeCloudCDN.tsx Normal file
View File

@ -0,0 +1,68 @@
import { useEffect } from "react";
import { useTranslation } from "react-i18next";
import { z } from "zod";
import { produce } from "immer";
import { Input } from "@/components/ui/input";
import { Label } from "@/components/ui/label";
import { useDeployEditContext } from "./DeployEdit";
type DeployToDogeCloudCDNConfigParams = {
domain?: string;
};
const DeployToDogeCloudCDN = () => {
const { t } = useTranslation();
const { config, setConfig, errors, setErrors } = useDeployEditContext<DeployToDogeCloudCDNConfigParams>();
useEffect(() => {
if (!config.id) {
setConfig({
...config,
config: {},
});
}
}, []);
useEffect(() => {
setErrors({});
}, []);
const formSchema = z.object({
domain: z.string().regex(/^(?:\*\.)?([a-zA-Z0-9-]+\.)+[a-zA-Z]{2,}$/, {
message: t("common.errmsg.domain_invalid"),
}),
});
useEffect(() => {
const res = formSchema.safeParse(config.config);
setErrors({
...errors,
domain: res.error?.errors?.find((e) => e.path[0] === "domain")?.message,
});
}, [config]);
return (
<div className="flex flex-col space-y-8">
<div>
<Label>{t("domain.deployment.form.domain.label")}</Label>
<Input
placeholder={t("domain.deployment.form.domain.placeholder")}
className="w-full mt-1"
value={config?.config?.domain}
onChange={(e) => {
const nv = produce(config, (draft) => {
draft.config ??= {};
draft.config.domain = e.target.value?.trim();
});
setConfig(nv);
}}
/>
<div className="text-red-600 text-sm mt-1">{errors?.domain}</div>
</div>
</div>
);
};
export default DeployToDogeCloudCDN;

1
ui/src/domain/domain.ts
View File

@ -86,6 +86,7 @@ export const deployTargetsMap: Map<DeployTarget["type"], DeployTarget> = new Map
["huaweicloud-cdn", "common.provider.huaweicloud.cdn", "/imgs/providers/huaweicloud.svg"], ["huaweicloud-cdn", "common.provider.huaweicloud.cdn", "/imgs/providers/huaweicloud.svg"],
["huaweicloud-elb", "common.provider.huaweicloud.elb", "/imgs/providers/huaweicloud.svg"], ["huaweicloud-elb", "common.provider.huaweicloud.elb", "/imgs/providers/huaweicloud.svg"],
["qiniu-cdn", "common.provider.qiniu.cdn", "/imgs/providers/qiniu.svg"], ["qiniu-cdn", "common.provider.qiniu.cdn", "/imgs/providers/qiniu.svg"],
["dogecloud-cdn", "common.provider.dogecloud.cdn", "/imgs/providers/dogecloud.svg"],
["local", "common.provider.local", "/imgs/providers/local.svg"], ["local", "common.provider.local", "/imgs/providers/local.svg"],
["ssh", "common.provider.ssh", "/imgs/providers/ssh.svg"], ["ssh", "common.provider.ssh", "/imgs/providers/ssh.svg"],
["webhook", "common.provider.webhook", "/imgs/providers/webhook.svg"], ["webhook", "common.provider.webhook", "/imgs/providers/webhook.svg"],

1
ui/src/i18n/locales/en/nls.common.json
View File

@ -71,6 +71,7 @@
"common.provider.qiniu": "Qiniu Cloud", "common.provider.qiniu": "Qiniu Cloud",
"common.provider.qiniu.cdn": "Qiniu Cloud - CDN", "common.provider.qiniu.cdn": "Qiniu Cloud - CDN",
"common.provider.dogecloud": "Doge Cloud", "common.provider.dogecloud": "Doge Cloud",
"common.provider.dogecloud.cdn": "Doge Cloud - CDN",
"common.provider.aws": "AWS", "common.provider.aws": "AWS",
"common.provider.cloudflare": "Cloudflare", "common.provider.cloudflare": "Cloudflare",
"common.provider.namesilo": "Namesilo", "common.provider.namesilo": "Namesilo",

1
ui/src/i18n/locales/zh/nls.common.json
View File

@ -71,6 +71,7 @@
"common.provider.qiniu": "七牛云", "common.provider.qiniu": "七牛云",
"common.provider.qiniu.cdn": "七牛云 - 内容分发网络 CDN", "common.provider.qiniu.cdn": "七牛云 - 内容分发网络 CDN",
"common.provider.dogecloud": "多吉云", "common.provider.dogecloud": "多吉云",
"common.provider.dogecloud.cdn": "多吉云 - 内容分发网络 CDN",
"common.provider.aws": "AWS", "common.provider.aws": "AWS",
"common.provider.cloudflare": "Cloudflare", "common.provider.cloudflare": "Cloudflare",
"common.provider.namesilo": "Namesilo", "common.provider.namesilo": "Namesilo",