import { useTranslation } from "react-i18next"; import { DownOutlined as DownOutlinedIcon } from "@ant-design/icons"; import { Alert, Button, Dropdown, Form, type FormInstance, Input, Select } from "antd"; import { createSchemaFieldRule } from "antd-zod"; import { z } from "zod"; import CodeInput from "@/components/CodeInput"; import Show from "@/components/Show"; import { CERTIFICATE_FORMATS } from "@/domain/certificate"; type DeployNodeConfigFormLocalConfigFieldValues = Nullish<{ format: string; certPath: string; certPathForServerOnly?: string; certPathForIntermediaOnly?: string; keyPath?: string; pfxPassword?: string; jksAlias?: string; jksKeypass?: string; jksStorepass?: string; shellEnv?: string; preCommand?: string; postCommand?: string; }>; export type DeployNodeConfigFormLocalConfigProps = { form: FormInstance; formName: string; disabled?: boolean; initialValues?: DeployNodeConfigFormLocalConfigFieldValues; onValuesChange?: (values: DeployNodeConfigFormLocalConfigFieldValues) => void; }; const FORMAT_PEM = CERTIFICATE_FORMATS.PEM; const FORMAT_PFX = CERTIFICATE_FORMATS.PFX; const FORMAT_JKS = CERTIFICATE_FORMATS.JKS; const SHELLENV_SH = "sh" as const; const SHELLENV_CMD = "cmd" as const; const SHELLENV_POWERSHELL = "powershell" as const; const initFormModel = (): DeployNodeConfigFormLocalConfigFieldValues => { return { format: FORMAT_PEM, certPath: "/etc/ssl/certimate/cert.crt", keyPath: "/etc/ssl/certimate/cert.key", shellEnv: SHELLENV_SH, }; }; export const initPresetScript = ( key: "sh_backup_files" | "ps_backup_files" | "sh_reload_nginx" | "ps_binding_iis" | "ps_binding_netsh" | "ps_binding_rdp", params?: { certPath?: string; certPathForServerOnly?: string; certPathForIntermediaOnly?: string; keyPath?: string; pfxPassword?: string; jksAlias?: string; jksKeypass?: string; jksStorepass?: string; } ) => { switch (key) { case "sh_backup_files": return `# 请将以下路径替换为实际值 cp "${params?.certPath || ""}" "${params?.certPath || ""}.bak" 2>/dev/null || : cp "${params?.keyPath || ""}" "${params?.keyPath || ""}.bak" 2>/dev/null || : `.trim(); case "ps_backup_files": return `# 请将以下路径替换为实际值 if (Test-Path -Path "${params?.certPath || ""}" -PathType Leaf) { Copy-Item -Path "${params?.certPath || ""}" -Destination "${params?.certPath || ""}.bak" -Force } if (Test-Path -Path "${params?.keyPath || ""}" -PathType Leaf) { Copy-Item -Path "${params?.keyPath || ""}" -Destination "${params?.keyPath || ""}.bak" -Force } `.trim(); case "sh_reload_nginx": return `# *** 需要 root 权限 *** sudo service nginx reload `.trim(); case "ps_binding_iis": return `# *** 需要管理员权限 *** # 请将以下变量替换为实际值 $pfxPath = "${params?.certPath || ""}" # PFX 文件路径(与表单中保持一致) $pfxPassword = "${params?.pfxPassword || ""}" # PFX 密码(与表单中保持一致) $siteName = "" # IIS 网站名称 $domain = "" # 域名 $ipaddr = "" # 绑定 IP,“*”表示所有 IP 绑定 $port = "" # 绑定端口 # 导入证书到本地计算机的个人存储区 $cert = Import-PfxCertificate -FilePath "$pfxPath" -CertStoreLocation Cert:\\LocalMachine\\My -Password (ConvertTo-SecureString -String "$pfxPassword" -AsPlainText -Force) -Exportable # 获取 Thumbprint $thumbprint = $cert.Thumbprint # 导入 WebAdministration 模块 Import-Module WebAdministration # 检查是否已存在 HTTPS 绑定 $existingBinding = Get-WebBinding -Name "$siteName" -Protocol "https" -Port $port -HostHeader "$domain" -ErrorAction SilentlyContinue if (!$existingBinding) { # 添加新的 HTTPS 绑定 New-WebBinding -Name "$siteName" -Protocol "https" -Port $port -IPAddress "$ipaddr" -HostHeader "$domain" } # 获取绑定对象 $binding = Get-WebBinding -Name "$siteName" -Protocol "https" -Port $port -IPAddress "$ipaddr" -HostHeader "$domain" # 绑定 SSL 证书 $binding.AddSslCertificate($thumbprint, "My") # 删除目录下的证书文件 Remove-Item -Path "$pfxPath" -Force `.trim(); case "ps_binding_netsh": return `# *** 需要管理员权限 *** # 请将以下变量替换为实际值 $pfxPath = "${params?.certPath || ""}" # PFX 文件路径(与表单中保持一致) $pfxPassword = "${params?.pfxPassword || ""}" # PFX 密码(与表单中保持一致) $ipaddr = "" # 绑定 IP,“0.0.0.0”表示所有 IP 绑定,可填入域名 $port = "" # 绑定端口 # 导入证书到本地计算机的个人存储区 $addr = $ipaddr + ":" + $port $cert = Import-PfxCertificate -FilePath "$pfxPath" -CertStoreLocation Cert:\\LocalMachine\\My -Password (ConvertTo-SecureString -String "$pfxPassword" -AsPlainText -Force) -Exportable # 获取 Thumbprint $thumbprint = $cert.Thumbprint # 检测端口是否绑定证书,如绑定则删除绑定 $isExist = netsh http show sslcert ipport=$addr if ($isExist -like "*$addr*"){ netsh http delete sslcert ipport=$addr } # 绑定到端口 netsh http add sslcert ipport=$addr certhash=$thumbprint # 删除目录下的证书文件 Remove-Item -Path "$pfxPath" -Force `.trim(); case "ps_binding_rdp": return `# *** 需要管理员权限 *** # 请将以下变量替换为实际值 $pfxPath = "${params?.certPath || ""}" # PFX 文件路径(与表单中保持一致) $pfxPassword = "${params?.pfxPassword || ""}" # PFX 密码(与表单中保持一致) # 导入证书到本地计算机的个人存储区 $cert = Import-PfxCertificate -FilePath "$pfxPath" -CertStoreLocation Cert:\\LocalMachine\\My -Password (ConvertTo-SecureString -String "$pfxPassword" -AsPlainText -Force) -Exportable # 获取 Thumbprint $thumbprint = $cert.Thumbprint # 绑定到 RDP $rdpCertPath = "HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp" Set-ItemProperty -Path $rdpCertPath -Name "SSLCertificateSHA1Hash" -Value "$thumbprint" `.trim(); } }; const DeployNodeConfigFormLocalConfig = ({ form: formInst, formName, disabled, initialValues, onValuesChange }: DeployNodeConfigFormLocalConfigProps) => { const { t } = useTranslation(); const formSchema = z.object({ format: z.union([z.literal(FORMAT_PEM), z.literal(FORMAT_PFX), z.literal(FORMAT_JKS)], { message: t("workflow_node.deploy.form.local_format.placeholder"), }), certPath: z .string() .min(1, t("workflow_node.deploy.form.local_cert_path.tooltip")) .max(256, t("common.errmsg.string_max", { max: 256 })) .trim(), certPathForServerOnly: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) .trim() .nullish(), certPathForIntermediaOnly: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) .trim() .nullish(), keyPath: z .string() .max(256, t("common.errmsg.string_max", { max: 256 })) .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_PEM || !!v?.trim(), { message: t("workflow_node.deploy.form.local_key_path.tooltip") }), pfxPassword: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_PFX || !!v?.trim(), { message: t("workflow_node.deploy.form.local_pfx_password.tooltip") }), jksAlias: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.local_jks_alias.tooltip") }), jksKeypass: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.local_jks_keypass.tooltip") }), jksStorepass: z .string() .max(64, t("common.errmsg.string_max", { max: 256 })) .trim() .nullish() .refine((v) => fieldFormat !== FORMAT_JKS || !!v?.trim(), { message: t("workflow_node.deploy.form.local_jks_storepass.tooltip") }), shellEnv: z.union([z.literal(SHELLENV_SH), z.literal(SHELLENV_CMD), z.literal(SHELLENV_POWERSHELL)], { message: t("workflow_node.deploy.form.local_shell_env.placeholder"), }), preCommand: z .string() .max(20480, t("common.errmsg.string_max", { max: 20480 })) .nullish(), postCommand: z .string() .max(20480, t("common.errmsg.string_max", { max: 20480 })) .nullish(), }); const formRule = createSchemaFieldRule(formSchema); const fieldFormat = Form.useWatch("format", formInst); const fieldCertPath = Form.useWatch("certPath", formInst); const handleFormatSelect = (value: string) => { if (fieldFormat === value) return; switch (value) { case FORMAT_PEM: { if (/(.pfx|.jks)$/.test(fieldCertPath)) { formInst.setFieldValue("certPath", fieldCertPath.replace(/(.pfx|.jks)$/, ".crt")); } } break; case FORMAT_PFX: { if (/(.crt|.jks)$/.test(fieldCertPath)) { formInst.setFieldValue("certPath", fieldCertPath.replace(/(.crt|.jks)$/, ".pfx")); } } break; case FORMAT_JKS: { if (/(.crt|.pfx)$/.test(fieldCertPath)) { formInst.setFieldValue("certPath", fieldCertPath.replace(/(.crt|.pfx)$/, ".jks")); } } break; } }; const handlePresetPreScriptClick = (key: string) => { switch (key) { case "sh_backup_files": case "ps_backup_files": { const presetScriptParams = { certPath: formInst.getFieldValue("certPath"), keyPath: formInst.getFieldValue("keyPath"), }; formInst.setFieldValue("shellEnv", SHELLENV_SH); formInst.setFieldValue("preCommand", initPresetScript(key, presetScriptParams)); } break; } }; const handlePresetPostScriptClick = (key: string) => { switch (key) { case "sh_reload_nginx": { formInst.setFieldValue("shellEnv", SHELLENV_SH); formInst.setFieldValue("postCommand", initPresetScript(key)); } break; case "ps_binding_iis": case "ps_binding_netsh": case "ps_binding_rdp": { const presetScriptParams = { certPath: formInst.getFieldValue("certPath"), pfxPassword: formInst.getFieldValue("pfxPassword"), }; formInst.setFieldValue("shellEnv", SHELLENV_POWERSHELL); formInst.setFieldValue("postCommand", initPresetScript(key, presetScriptParams)); } break; } }; const handleFormChange = (_: unknown, values: z.infer) => { onValuesChange?.(values); }; return (
} /> } > } > } > } > } > } > } > } >
); }; export default DeployNodeConfigFormLocalConfig;