mirror of
				https://github.com/1Panel-dev/1Panel.git
				synced 2025-10-25 06:56:32 +08:00 
			
		
		
		
	
		
			
				
	
	
		
			78 lines
		
	
	
	
		
			2.8 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			78 lines
		
	
	
	
		
			2.8 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| package job
 | |
| 
 | |
| import (
 | |
| 	"path"
 | |
| 	"strings"
 | |
| 	"time"
 | |
| 
 | |
| 	"github.com/1Panel-dev/1Panel/backend/app/dto/request"
 | |
| 	"github.com/1Panel-dev/1Panel/backend/app/repo"
 | |
| 	"github.com/1Panel-dev/1Panel/backend/app/service"
 | |
| 	"github.com/1Panel-dev/1Panel/backend/constant"
 | |
| 	"github.com/1Panel-dev/1Panel/backend/global"
 | |
| 	"github.com/1Panel-dev/1Panel/backend/utils/common"
 | |
| 	"github.com/1Panel-dev/1Panel/backend/utils/files"
 | |
| )
 | |
| 
 | |
| type ssl struct {
 | |
| }
 | |
| 
 | |
| func NewSSLJob() *ssl {
 | |
| 	return &ssl{}
 | |
| }
 | |
| 
 | |
| func (ssl *ssl) Run() {
 | |
| 	systemSSLEnable, sslID := service.GetSystemSSL()
 | |
| 	sslRepo := repo.NewISSLRepo()
 | |
| 	sslService := service.NewIWebsiteSSLService()
 | |
| 	sslList, _ := sslRepo.List()
 | |
| 	nyc, _ := time.LoadLocation(common.LoadTimeZoneByCmd())
 | |
| 	global.LOG.Info("The scheduled certificate update task is currently in progress ...")
 | |
| 	now := time.Now().Add(10 * time.Second)
 | |
| 	for _, s := range sslList {
 | |
| 		if !s.AutoRenew || s.Provider == "manual" || s.Provider == "dnsManual" || s.Status == "applying" {
 | |
| 			continue
 | |
| 		}
 | |
| 		expireDate := s.ExpireDate.In(nyc)
 | |
| 		sub := expireDate.Sub(now)
 | |
| 		if sub.Hours() < 720 {
 | |
| 			global.LOG.Infof("Update the SSL certificate for the [%s] domain", s.PrimaryDomain)
 | |
| 			if s.Provider == constant.SelfSigned {
 | |
| 				caService := service.NewIWebsiteCAService()
 | |
| 				if _, err := caService.ObtainSSL(request.WebsiteCAObtain{
 | |
| 					ID:    s.CaID,
 | |
| 					SSLID: s.ID,
 | |
| 					Renew: true,
 | |
| 					Unit:  "year",
 | |
| 					Time:  10,
 | |
| 				}); err != nil {
 | |
| 					global.LOG.Errorf("Failed to update the SSL certificate for the [%s] domain , err:%s", s.PrimaryDomain, err.Error())
 | |
| 					continue
 | |
| 				}
 | |
| 			} else {
 | |
| 				if err := sslService.ObtainSSL(request.WebsiteSSLApply{
 | |
| 					ID:         s.ID,
 | |
| 					DisableLog: true,
 | |
| 				}); err != nil {
 | |
| 					global.LOG.Errorf("Failed to update the SSL certificate for the [%s] domain , err:%s", s.PrimaryDomain, err.Error())
 | |
| 					continue
 | |
| 				}
 | |
| 			}
 | |
| 			if systemSSLEnable && sslID == s.ID {
 | |
| 				websiteSSL, _ := sslRepo.GetFirst(repo.NewCommonRepo().WithByID(s.ID))
 | |
| 				fileOp := files.NewFileOp()
 | |
| 				secretDir := path.Join(global.CONF.System.BaseDir, "1panel/secret")
 | |
| 				if err := fileOp.WriteFile(path.Join(secretDir, "server.crt"), strings.NewReader(websiteSSL.Pem), 0600); err != nil {
 | |
| 					global.LOG.Errorf("Failed to update the SSL certificate File for 1Panel System domain [%s] , err:%s", s.PrimaryDomain, err.Error())
 | |
| 					continue
 | |
| 				}
 | |
| 				if err := fileOp.WriteFile(path.Join(secretDir, "server.key"), strings.NewReader(websiteSSL.PrivateKey), 0600); err != nil {
 | |
| 					global.LOG.Errorf("Failed to update the SSL certificate for 1Panel System domain [%s] , err:%s", s.PrimaryDomain, err.Error())
 | |
| 					continue
 | |
| 				}
 | |
| 			}
 | |
| 			global.LOG.Infof("The SSL certificate for the [%s] domain has been successfully updated", s.PrimaryDomain)
 | |
| 		}
 | |
| 	}
 | |
| 	global.LOG.Info("The scheduled certificate update task has completed")
 | |
| }
 |