下载证书附带pfx

ssh部署兼容带密码的密钥登录 ssh部署日志新增标准和错误输出
2026-03-08 07:41:10 +08:00 · 2025-06-24 09:49:21 +08:00
parent f499afc060
commit 58e4c0ff11
5 changed files with 121 additions and 34 deletions
--- a/backend/internal/cert/deploy/deploy.go
+++ b/backend/internal/cert/deploy/deploy.go
@@ -53,7 +53,7 @@ func Deploy(cfg map[string]any, logger *public.Logger) error {
 		return Deploy1panelSite(cfg)
 	case "ssh":
 		logger.Debug("使用ssh部署到指定路径...")
-		return DeploySSH(cfg)
+		return DeploySSH(cfg, logger)
 	case "aliyun-cdn":
 		logger.Debug("部署到阿里云CDN...")
 		return DeployAliCdn(cfg)
--- a/backend/internal/cert/deploy/ssh.go
+++ b/backend/internal/cert/deploy/ssh.go
@@ -30,25 +30,34 @@ func buildAuthMethods(password, privateKey string) ([]ssh.AuthMethod, error) {
 	var methods []ssh.AuthMethod

 	if privateKey != "" {
-		signer, err := ssh.ParsePrivateKey([]byte(privateKey))
-		if err != nil {
-			return nil, fmt.Errorf("unable to parse private key: %v", err)
+		var signer ssh.Signer
+		var err error
+		if password != "" {
+			signer, err = ssh.ParsePrivateKeyWithPassphrase([]byte(privateKey), []byte(password))
+			if err != nil {
+				return nil, fmt.Errorf("无法解析带密码的私钥: %v", err)
+			}
+		} else {
+			signer, err = ssh.ParsePrivateKey([]byte(privateKey))
+			if err != nil {
+				return nil, fmt.Errorf("无法解析私钥: %v", err)
+			}
 		}
 		methods = append(methods, ssh.PublicKeys(signer))
 	}

-	if password != "" {
+	if password != "" && privateKey == "" {
 		methods = append(methods, ssh.Password(password))
 	}

 	if len(methods) == 0 {
-		return nil, fmt.Errorf("no authentication methods provided")
+		return nil, fmt.Errorf("未提供有效的认证方式")
 	}

 	return methods, nil
 }

-func writeMultipleFilesViaSSH(config SSHConfig, files []RemoteFile, preCmd, postCmd string) error {
+func writeMultipleFilesViaSSH(config SSHConfig, files []RemoteFile, preCmd, postCmd string, logger *public.Logger) error {
 	var port string
 	switch v := config.Port.(type) {
 	case float64:
@@ -91,8 +100,9 @@ func writeMultipleFilesViaSSH(config SSHConfig, files []RemoteFile, preCmd, post
 		return fmt.Errorf("会话创建失败: %v", err)
 	}
 	defer session.Close()
-
-	var script bytes.Buffer
+	var script, stdoutBuf, stderrBuf bytes.Buffer
+	session.Stdout = &stdoutBuf
+	session.Stderr = &stderrBuf

 	if preCmd != "" {
 		script.WriteString(preCmd + " && ")
@@ -115,14 +125,14 @@ func writeMultipleFilesViaSSH(config SSHConfig, files []RemoteFile, preCmd, post

 	cmd := script.String()

-	if err := session.Run(cmd); err != nil {
-		return fmt.Errorf("运行出错: %v", err)
-	}
+	err = session.Run(cmd)
+	logger.Debug("[STDOUT]", stdoutBuf.String())
+	logger.Debug("[STDERR]", stderrBuf.String())

-	return nil
+	return err
 }

-func DeploySSH(cfg map[string]any) error {
+func DeploySSH(cfg map[string]any, logger *public.Logger) error {
 	cert, ok := cfg["certificate"].(map[string]any)
 	if !ok {
 		return fmt.Errorf("证书不存在")
@@ -180,7 +190,7 @@ func DeploySSH(cfg map[string]any) error {
 		{Path: certPath, Content: certPem},
 		{Path: keyPath, Content: keyPem},
 	}
-	err = writeMultipleFilesViaSSH(providerConfig, files, beforeCmd, afterCmd)
+	err = writeMultipleFilesViaSSH(providerConfig, files, beforeCmd, afterCmd, logger)
 	if err != nil {
 		return fmt.Errorf("SSH 部署失败: %v", err)
 	}
--- a/backend/internal/report/workwx.go
+++ b/backend/internal/report/workwx.go
@@ -48,7 +48,7 @@ func NotifyWorkWx(params map[string]any) error {
 		return err
 	}
 	configStr := providerData["config"].(string)
-	fmt.Println(configStr)
+	//fmt.Println(configStr)
 	var config map[string]string
 	err = json.Unmarshal([]byte(configStr), &config)
 	if err != nil {