1Panel/backend/cron/job/ssl.go

package job

import (
	"github.com/1Panel-dev/1Panel/backend/app/dto/request"
	"github.com/1Panel-dev/1Panel/backend/app/repo"
	"github.com/1Panel-dev/1Panel/backend/app/service"
	"github.com/1Panel-dev/1Panel/backend/constant"
	"github.com/1Panel-dev/1Panel/backend/global"
	"github.com/1Panel-dev/1Panel/backend/utils/common"
	"github.com/1Panel-dev/1Panel/backend/utils/files"
	"path"
	"strconv"
	"strings"
	"time"
)

type ssl struct {
}

func NewSSLJob() *ssl {
	return &ssl{}
}

func getSystemSSL() (bool, uint) {
	settingRepo := repo.NewISettingRepo()
	sslSetting, err := settingRepo.Get(settingRepo.WithByKey("SSL"))
	if err != nil {
		global.LOG.Errorf("load service ssl from setting failed, err: %v", err)
		return false, 0
	}
	if sslSetting.Value == "enable" {
		sslID, _ := settingRepo.Get(settingRepo.WithByKey("SSLID"))
		idValue, _ := strconv.Atoi(sslID.Value)
		if idValue > 0 {
			return true, uint(idValue)
		}
	}
	return false, 0
}

func (ssl *ssl) Run() {
	systemSSLEnable, sslID := getSystemSSL()
	sslRepo := repo.NewISSLRepo()
	sslService := service.NewIWebsiteSSLService()
	sslList, _ := sslRepo.List()
	nyc, _ := time.LoadLocation(common.LoadTimeZone())
	global.LOG.Info("The scheduled certificate update task is currently in progress ...")
	now := time.Now().Add(10 * time.Second)
	for _, s := range sslList {
		if !s.AutoRenew || s.Provider == "manual" || s.Provider == "dnsManual" || s.Status == "applying" {
			continue
		}
		expireDate := s.ExpireDate.In(nyc)
		sub := expireDate.Sub(now)
		if sub.Hours() < 720 {
			global.LOG.Errorf("Update the SSL certificate for the [%s] domain", s.PrimaryDomain)
			if s.Provider == constant.SelfSigned {
				caService := service.NewIWebsiteCAService()
				if _, err := caService.ObtainSSL(request.WebsiteCAObtain{
					ID:    s.CaID,
					SSLID: s.ID,
					Renew: true,
					Unit:  "year",
					Time:  1,
				}); err != nil {
					global.LOG.Errorf("Failed to update the SSL certificate for the [%s] domain , err:%s", s.PrimaryDomain, err.Error())
					continue
				}
			} else {
				if err := sslService.ObtainSSL(request.WebsiteSSLApply{
					ID: s.ID,
				}); err != nil {
					global.LOG.Errorf("Failed to update the SSL certificate for the [%s] domain , err:%s", s.PrimaryDomain, err.Error())
					continue
				}
			}
			if systemSSLEnable && sslID == s.ID {
				websiteSSL, _ := sslRepo.GetFirst(repo.NewCommonRepo().WithByID(s.ID))
				fileOp := files.NewFileOp()
				secretDir := path.Join(global.CONF.System.BaseDir, "1panel/secret")
				if err := fileOp.WriteFile(path.Join(secretDir, "server.crt"), strings.NewReader(websiteSSL.Pem), 0600); err != nil {
					global.LOG.Errorf("Failed to update the SSL certificate File for 1Panel System domain [%s] , err:%s", s.PrimaryDomain, err.Error())
					continue
				}
				if err := fileOp.WriteFile(path.Join(secretDir, "server.key"), strings.NewReader(websiteSSL.PrivateKey), 0600); err != nil {
					global.LOG.Errorf("Failed to update the SSL certificate for 1Panel System domain [%s] , err:%s", s.PrimaryDomain, err.Error())
					continue
				}
			}
			global.LOG.Errorf("The SSL certificate for the [%s] domain has been successfully updated", s.PrimaryDomain)
		}
	}
	global.LOG.Info("The scheduled certificate update task has completed")
}
feat: 增加自动续签设置 2023-01-04 11:44:43 +08:00			`package job`

			`import (`
feat: 自签证书增加续签功能 (#3079) 2023-11-27 18:36:10 +08:00			`"github.com/1Panel-dev/1Panel/backend/app/dto/request"`
feat: 增加自动续签设置 2023-01-04 11:44:43 +08:00			`"github.com/1Panel-dev/1Panel/backend/app/repo"`
			`"github.com/1Panel-dev/1Panel/backend/app/service"`
feat: 自签证书增加续签功能 (#3079) 2023-11-27 18:36:10 +08:00			`"github.com/1Panel-dev/1Panel/backend/constant"`
feat: 增加自动续签设置 2023-01-04 11:44:43 +08:00			`"github.com/1Panel-dev/1Panel/backend/global"`
feat: 解决时区获取不到导致的网站自动停止的问题 (#921) 2023-05-08 13:01:39 +08:00			`"github.com/1Panel-dev/1Panel/backend/utils/common"`
fix: 解决证书面板过期问题 (#3102) 2023-11-29 22:04:08 +08:00			`"github.com/1Panel-dev/1Panel/backend/utils/files"`
			`"path"`
			`"strconv"`
			`"strings"`
feat: 增加自动续签设置 2023-01-04 11:44:43 +08:00			`"time"`
			`)`

			`type ssl struct {`
			`}`

			`func NewSSLJob() *ssl {`
			`return &ssl{}`
			`}`

fix: 解决证书面板过期问题 (#3102) 2023-11-29 22:04:08 +08:00			`func getSystemSSL() (bool, uint) {`
			`settingRepo := repo.NewISettingRepo()`
			`sslSetting, err := settingRepo.Get(settingRepo.WithByKey("SSL"))`
			`if err != nil {`
			`global.LOG.Errorf("load service ssl from setting failed, err: %v", err)`
			`return false, 0`
			`}`
			`if sslSetting.Value == "enable" {`
			`sslID, _ := settingRepo.Get(settingRepo.WithByKey("SSLID"))`
			`idValue, _ := strconv.Atoi(sslID.Value)`
			`if idValue > 0 {`
			`return true, uint(idValue)`
			`}`
			`}`
			`return false, 0`
			`}`

feat: 增加自动续签设置 2023-01-04 11:44:43 +08:00			`func (ssl *ssl) Run() {`
fix: 解决证书面板过期问题 (#3102) 2023-11-29 22:04:08 +08:00			`systemSSLEnable, sslID := getSystemSSL()`
feat: 增加自动续签设置 2023-01-04 11:44:43 +08:00			`sslRepo := repo.NewISSLRepo()`
			`sslService := service.NewIWebsiteSSLService()`
			`sslList, _ := sslRepo.List()`
feat: 解决时区获取不到导致的网站自动停止的问题 (#921) 2023-05-08 13:01:39 +08:00			`nyc, _ := time.LoadLocation(common.LoadTimeZone())`
fix: 解决证书定时任务错误执行的问题 (#605) 2023-04-13 08:24:32 +08:00			`global.LOG.Info("The scheduled certificate update task is currently in progress ...")`
fix: 解决网站定时任务没有执行的BUG (#333) 2023-03-21 13:10:27 +08:00			`now := time.Now().Add(10 * time.Second)`
feat: 增加自动续签设置 2023-01-04 11:44:43 +08:00			`for _, s := range sslList {`
feat: 证书增加申请日志 (#3002) 2023-11-20 16:16:20 +08:00			`if !s.AutoRenew \|\| s.Provider == "manual" \|\| s.Provider == "dnsManual" \|\| s.Status == "applying" {`
feat: 增加自动续签设置 2023-01-04 11:44:43 +08:00			`continue`
			`}`
feat: 解决时区获取不到导致的网站自动停止的问题 (#921) 2023-05-08 13:01:39 +08:00			`expireDate := s.ExpireDate.In(nyc)`
fix: 解决证书定时任务错误执行的问题 (#605) 2023-04-13 08:24:32 +08:00			`sub := expireDate.Sub(now)`
			`if sub.Hours() < 720 {`
			`global.LOG.Errorf("Update the SSL certificate for the [%s] domain", s.PrimaryDomain)`
feat: 自签证书增加续签功能 (#3079) 2023-11-27 18:36:10 +08:00			`if s.Provider == constant.SelfSigned {`
			`caService := service.NewIWebsiteCAService()`
fix: 解决证书面板过期问题 (#3102) 2023-11-29 22:04:08 +08:00			`if _, err := caService.ObtainSSL(request.WebsiteCAObtain{`
feat: 自签证书增加续签功能 (#3079) 2023-11-27 18:36:10 +08:00			`ID: s.CaID,`
			`SSLID: s.ID,`
			`Renew: true,`
			`Unit: "year",`
			`Time: 1,`
			`}); err != nil {`
			`global.LOG.Errorf("Failed to update the SSL certificate for the [%s] domain , err:%s", s.PrimaryDomain, err.Error())`
			`continue`
			`}`
			`} else {`
			`if err := sslService.ObtainSSL(request.WebsiteSSLApply{`
			`ID: s.ID,`
			`}); err != nil {`
			`global.LOG.Errorf("Failed to update the SSL certificate for the [%s] domain , err:%s", s.PrimaryDomain, err.Error())`
			`continue`
			`}`
feat: 增加自动续签设置 2023-01-04 11:44:43 +08:00			`}`
fix: 解决证书面板过期问题 (#3102) 2023-11-29 22:04:08 +08:00			`if systemSSLEnable && sslID == s.ID {`
			`websiteSSL, _ := sslRepo.GetFirst(repo.NewCommonRepo().WithByID(s.ID))`
			`fileOp := files.NewFileOp()`
			`secretDir := path.Join(global.CONF.System.BaseDir, "1panel/secret")`
			`if err := fileOp.WriteFile(path.Join(secretDir, "server.crt"), strings.NewReader(websiteSSL.Pem), 0600); err != nil {`
			`global.LOG.Errorf("Failed to update the SSL certificate File for 1Panel System domain [%s] , err:%s", s.PrimaryDomain, err.Error())`
			`continue`
			`}`
			`if err := fileOp.WriteFile(path.Join(secretDir, "server.key"), strings.NewReader(websiteSSL.PrivateKey), 0600); err != nil {`
			`global.LOG.Errorf("Failed to update the SSL certificate for 1Panel System domain [%s] , err:%s", s.PrimaryDomain, err.Error())`
			`continue`
			`}`
			`}`
fix: 解决证书定时任务错误执行的问题 (#605) 2023-04-13 08:24:32 +08:00			`global.LOG.Errorf("The SSL certificate for the [%s] domain has been successfully updated", s.PrimaryDomain)`
feat: 增加自动续签设置 2023-01-04 11:44:43 +08:00			`}`
			`}`
fix: 解决证书定时任务错误执行的问题 (#605) 2023-04-13 08:24:32 +08:00			`global.LOG.Info("The scheduled certificate update task has completed")`
feat: 增加自动续签设置 2023-01-04 11:44:43 +08:00			`}`