修复1panel网站部署、申请证书兼容cf和华为云

backend/internal/cert/apply/apply.go

@@ -15,6 +15,9 @@ import (
 	"github.com/go-acme/lego/v4/challenge/dns01"
 	"github.com/go-acme/lego/v4/lego"
 	"github.com/go-acme/lego/v4/providers/dns/alidns"
+	"github.com/go-acme/lego/v4/providers/dns/baiducloud"
+	"github.com/go-acme/lego/v4/providers/dns/cloudflare"
+	"github.com/go-acme/lego/v4/providers/dns/huaweicloud"
 	"github.com/go-acme/lego/v4/providers/dns/tencentcloud"
 	"github.com/go-acme/lego/v4/registration"
 	"strconv"
@@ -39,17 +42,33 @@ func GetDNSProvider(providerName string, creds map[string]string) (challenge.Pro
 		config.SecretID = creds["secret_id"]
 		config.SecretKey = creds["secret_key"]
 		return tencentcloud.NewDNSProviderConfig(config)
-	
-	// case "cloudflare":
-	// 	config := cloudflare.NewDefaultConfig()
-	// 	config.AuthToken = creds["CLOUDFLARE_API_TOKEN"]
-	// 	return cloudflare.NewDNSProviderConfig(config)
-	
+	case "cloudflare":
+		config := cloudflare.NewDefaultConfig()
+		config.AuthEmail = creds["email"]
+		config.AuthKey = creds["api_key"]
+		return cloudflare.NewDNSProviderConfig(config)
 	case "aliyun":
 		config := alidns.NewDefaultConfig()
 		config.APIKey = creds["access_key"]
 		config.SecretKey = creds["access_secret"]
 		return alidns.NewDNSProviderConfig(config)
+	case "huaweicloud":
+		config := huaweicloud.NewDefaultConfig()
+		config.AccessKeyID = creds["access_key"]
+		config.SecretAccessKey = creds["secret_key"]
+		// 不传会报错
+		config.Region = "cn-north-1"
+		return huaweicloud.NewDNSProviderConfig(config)
+	case "baidu":
+		config := baiducloud.NewDefaultConfig()
+		config.AccessKeyID = creds["access_key"]
+		config.SecretAccessKey = creds["secret_key"]
+		return baiducloud.NewDNSProviderConfig(config)
+	// case "godaddy":
+	// 	config := godaddy.NewDefaultConfig()
+	// 	config.APIKey = creds["api_key"]
+	// 	config.APISecret = creds["api_secret"]
+	// 	return godaddy.NewDNSProviderConfig(config)
 	
 	default:
 		return nil, fmt.Errorf("不支持的 DNS Provider: %s", providerName)
@@ -221,7 +240,8 @@ func Apply(cfg map[string]any, logger *public.Logger) (map[string]any, error) {
 		dns01.AddRecursiveNameservers([]string{
 			"8.8.8.8:53",
 			"1.1.1.1:53",
-		}))
+		}),
+	)
 	if err != nil {
 		return nil, err
 	}

backend/internal/cert/deploy/1panel.go

@@ -40,12 +40,12 @@ func Request1panel(data *map[string]any, method, providerID, requestUrl string)
 	}
 	timestamp := fmt.Sprintf("%d", time.Now().Unix())
 	token := generateToken(timestamp, providerConfig["api_key"])
-
+	
 	// data, requestUrl, method := GetDeploy1PBody(cfg, Type)
 	if requestUrl == "" || data == nil {
 		return nil, fmt.Errorf("不支持的部署类型")
 	}
-
+	
 	// 编码为 JSON
 	jsonData, err := json.Marshal(data)
 	if err != nil {
@@ -61,12 +61,12 @@ func Request1panel(data *map[string]any, method, providerID, requestUrl string)
 		// fmt.Println(err)
 		return nil, err
 	}
-
+	
 	req.Header.Set("Content-Type", "application/json")
 	req.Header.Set("user-agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36")
 	req.Header.Set("1Panel-Timestamp", timestamp)
 	req.Header.Set("1Panel-Token", token)
-
+	
 	// 自定义 Transport，跳过 SSL 证书验证
 	ignoreSsl := false
 	if providerConfig["ignore_ssl"] == "1" {
@@ -75,7 +75,7 @@ func Request1panel(data *map[string]any, method, providerID, requestUrl string)
 	tr := &http.Transport{
 		TLSClientConfig: &tls.Config{InsecureSkipVerify: ignoreSsl},
 	}
-
+	
 	client := &http.Client{Transport: tr}
 	resp, err := client.Do(req)
 	if err != nil {
@@ -84,7 +84,7 @@ func Request1panel(data *map[string]any, method, providerID, requestUrl string)
 	}
 	body, _ := io.ReadAll(resp.Body)
 	defer resp.Body.Close()
-
+	
 	var res map[string]interface{}
 	err = json.Unmarshal(body, &res)
 	if err != nil {
@@ -102,7 +102,7 @@ func Request1panel(data *map[string]any, method, providerID, requestUrl string)
 		return nil, fmt.Errorf("证书部署失败: %s", msg)
 	}
 	return res, nil
-
+	
 }
 
 func Deploy1panel(cfg map[string]any) error {
@@ -128,7 +128,7 @@ func Deploy1panel(cfg map[string]any) error {
 	if !ok {
 		return fmt.Errorf("证书错误：cert")
 	}
-
+	
 	data := map[string]interface{}{
 		"cert":    certPem,
 		"key":     keyPem,
@@ -179,14 +179,14 @@ func Deploy1panelSite(cfg map[string]any) error {
 	if err != nil {
 		return fmt.Errorf("获取网站参数失败: %v", err)
 	}
-
+	
 	siteData, ok = siteData["data"].(map[string]any)
 	if !ok {
 		return fmt.Errorf("获取网站参数失败: data")
 	}
-	SSLProtocol, ok := siteData["ssl_protocol"].(string)
+	SSLProtocol, ok := siteData["SSLProtocol"].(string)
 	if !ok {
-		return fmt.Errorf("获取网站参数失败: data.ssl_protocol")
+		return fmt.Errorf("获取网站参数失败: data.SSLProtocol")
 	}
 	algorithm, ok := siteData["algorithm"].(string)
 	if !ok {
@@ -200,11 +200,11 @@ func Deploy1panelSite(cfg map[string]any) error {
 	if !ok {
 		return fmt.Errorf("获取网站参数失败: data.hsts")
 	}
-	httpConfig, ok := siteData["http_config"].(string)
+	httpConfig, ok := siteData["httpConfig"].(string)
 	if !ok {
-		return fmt.Errorf("获取网站参数失败: data.http_config")
+		return fmt.Errorf("获取网站参数失败: data.httpConfig")
 	}
-
+	
 	data := map[string]any{
 		"SSLProtocol": SSLProtocol,
 		// "acmeAccountId":   siteData["SSL"].(map[string]any)["acmeAccountId"].(float64),

backend/migrations/init.go

@@ -10,6 +10,24 @@ import (
 )
 
 func init() {
+	// 指定运行目录为当前目录
+	exePath, err := os.Executable()
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "获取可执行文件路径失败: %v\n", err)
+		os.Exit(1)
+	}
+	exePath, err = filepath.EvalSymlinks(exePath) // 解决 macOS/Linux 下软链接问题
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "解析软链接失败: %v\n", err)
+		os.Exit(1)
+	}
+	exeDir := filepath.Dir(exePath)
+	err = os.Chdir(exeDir)
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "切换目录失败: %v\n", err)
+		os.Exit(1)
+	}
+	
 	os.MkdirAll("data", os.ModePerm)
 	
 	dbPath := "data/data.db"
@@ -196,6 +214,12 @@ INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES
 INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ('port', '%d', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);`, uuidStr, uuidStr, randomStr, port)
 	
 	insertDefaultData(db, "settings", Isql)
+	
+	InsertIfNotExists(db, "access_type", map[string]any{"name": "cloudflare", "type": "host"}, []string{"name", "type"}, []any{"cloudflare", "host"})
+	InsertIfNotExists(db, "access_type", map[string]any{"name": "cloudflare", "type": "dns"}, []string{"name", "type"}, []any{"cloudflare", "dns"})
+	InsertIfNotExists(db, "access_type", map[string]any{"name": "huaweicloud", "type": "host"}, []string{"name", "type"}, []any{"huaweicloud", "host"})
+	InsertIfNotExists(db, "access_type", map[string]any{"name": "huaweicloud", "type": "dns"}, []string{"name", "type"}, []any{"huaweicloud", "dns"})
+	
 }
 
 func insertDefaultData(db *sql.DB, table, insertSQL string) {
@@ -220,3 +244,55 @@ func insertDefaultData(db *sql.DB, table, insertSQL string) {
 		// 	fmt.Println("表已有数据，跳过插入。")
 	}
 }
+
+func InsertIfNotExists(
+	db *sql.DB,
+	table string,
+	whereFields map[string]any, // 用于 WHERE 判断的字段和值
+	insertColumns []string,
+	insertValues []any,
+) error {
+	// 1. 构建 WHERE 子句
+	whereClause := ""
+	whereArgs := make([]any, 0, len(whereFields))
+	i := 0
+	for col, val := range whereFields {
+		if i > 0 {
+			whereClause += " AND "
+		}
+		whereClause += fmt.Sprintf("%s = ?", col)
+		whereArgs = append(whereArgs, val)
+		i++
+	}
+	
+	// 2. 判断是否存在
+	query := fmt.Sprintf("SELECT EXISTS(SELECT 1 FROM %s WHERE %s)", table, whereClause)
+	var exists bool
+	err := db.QueryRow(query, whereArgs...).Scan(&exists)
+	if err != nil {
+		return fmt.Errorf("check exists failed: %w", err)
+	}
+	if exists {
+		return nil // 已存在
+	}
+	
+	// 3. 构建 INSERT 语句
+	columnList := ""
+	placeholderList := ""
+	for i, col := range insertColumns {
+		if i > 0 {
+			columnList += ", "
+			placeholderList += ", "
+		}
+		columnList += col
+		placeholderList += "?"
+	}
+	insertSQL := fmt.Sprintf("INSERT INTO %s (%s) VALUES (%s)", table, columnList, placeholderList)
+	
+	_, err = db.Exec(insertSQL, insertValues...)
+	if err != nil {
+		return fmt.Errorf("insert failed: %w", err)
+	}
+	
+	return nil
+}