【修复】长期持有tcp连接未关闭

【新增】支持通过webhook调用自己的服务解析dns记录【新增】支持通过webhook推送证书和密钥【新增】导入导出工作流、通知、证书、api授权数据【新增】支持自定义插件目录
2026-03-08 07:41:10 +08:00 · 2025-08-14 16:41:29 +08:00
parent e939724f37
commit 6d0732fc31
16 changed files with 377 additions and 42 deletions
--- a/backend/internal/cert/deploy/1panel.go
+++ b/backend/internal/cert/deploy/1panel.go
@@ -91,7 +91,8 @@ func Request1panel(data *map[string]any, method, providerID, requestUrl string)
 		ignoreSsl = true
 	}
 	tr := &http.Transport{
-		TLSClientConfig: &tls.Config{InsecureSkipVerify: ignoreSsl},
+		TLSClientConfig:   &tls.Config{InsecureSkipVerify: ignoreSsl},
+		DisableKeepAlives: true,
 	}

 	client := &http.Client{Transport: tr}
@@ -269,7 +270,7 @@ func OnePanelSiteList(providerID string) ([]response.AccessSiteList, error) {
 	if err != nil {
 		return nil, fmt.Errorf("获取网站列表失败 %v", err)
 	}
-	
+
 	var result []response.AccessSiteList
 	sites, ok := siteList["data"].(map[string]any)["items"].([]any)
 	if !ok {
--- a/backend/internal/cert/deploy/btpanel.go
+++ b/backend/internal/cert/deploy/btpanel.go
@@ -65,7 +65,8 @@ func RequestBt(data *url.Values, method, providerID, requestUrl string) (map[str
 		ignoreSsl = true
 	}
 	tr := &http.Transport{
-		TLSClientConfig: &tls.Config{InsecureSkipVerify: ignoreSsl},
+		TLSClientConfig:   &tls.Config{InsecureSkipVerify: ignoreSsl},
+		DisableKeepAlives: true,
 	}

 	client := &http.Client{Transport: tr}
--- a/backend/internal/cert/deploy/btwaf.go
+++ b/backend/internal/cert/deploy/btwaf.go
@@ -65,7 +65,8 @@ func RequestBtWaf(data *map[string]any, method, providerID, requestUrl string) (
 		ignoreSsl = true
 	}
 	tr := &http.Transport{
-		TLSClientConfig: &tls.Config{InsecureSkipVerify: ignoreSsl},
+		TLSClientConfig:   &tls.Config{InsecureSkipVerify: ignoreSsl},
+		DisableKeepAlives: true,
 	}

 	client := &http.Client{Transport: tr}
@@ -207,4 +208,4 @@ func BtWafAPITest(providerID string) error {
 		return fmt.Errorf("测试请求失败: %v", err)
 	}
 	return nil
-}
+}
--- a/backend/internal/cert/deploy/deploy.go
+++ b/backend/internal/cert/deploy/deploy.go
@@ -5,6 +5,7 @@ import (
 	"ALLinSSL/backend/internal/cert/deploy/doge"
 	"ALLinSSL/backend/internal/cert/deploy/lecdn"
 	"ALLinSSL/backend/internal/cert/deploy/plugin"
+	"ALLinSSL/backend/internal/cert/deploy/webhook"
 	"ALLinSSL/backend/public"
 	"fmt"
 )
@@ -106,6 +107,9 @@ func Deploy(cfg map[string]any, logger *public.Logger) error {
 	case "plugin":
 		logger.Debug("使用插件部署...")
 		return plugin.Deploy(cfg, logger)
+	case "webhook":
+		logger.Debug("通过Webhook推送证书...")
+		return webhook.Deploy(cfg)
 	default:
 		return fmt.Errorf("不支持的部署: %s", providerName)
 	}
--- a/backend/internal/cert/deploy/lecdn/lecdn.go
+++ b/backend/internal/cert/deploy/lecdn/lecdn.go
@@ -53,7 +53,8 @@ func requestLecdn(url, method, token string, params map[string]any, ignoreSsl bo

 	client := &http.Client{
 		Transport: &http.Transport{
-			TLSClientConfig: &tls.Config{InsecureSkipVerify: ignoreSsl},
+			TLSClientConfig:   &tls.Config{InsecureSkipVerify: ignoreSsl},
+			DisableKeepAlives: true,
 		},
 	}

--- a/backend/internal/cert/deploy/safelinewaf.go
+++ b/backend/internal/cert/deploy/safelinewaf.go
@@ -50,7 +50,8 @@ func RequestSafeLineWaf(data *map[string]any, method, providerID, requestUrl str
 		ignoreSsl = true
 	}
 	tr := &http.Transport{
-		TLSClientConfig: &tls.Config{InsecureSkipVerify: ignoreSsl},
+		TLSClientConfig:   &tls.Config{InsecureSkipVerify: ignoreSsl},
+		DisableKeepAlives: true,
 	}

 	client := &http.Client{Transport: tr}
@@ -211,4 +212,4 @@ func SafeLineAPITest(providerID string) error {
 		return fmt.Errorf("测试请求失败: %v", err)
 	}
 	return nil
-}
+}
--- a/backend/internal/cert/deploy/webhook/deploy.go
+++ b/backend/internal/cert/deploy/webhook/deploy.go
@@ -0,0 +1,57 @@
+package webhook
+
+import (
+	"ALLinSSL/backend/internal/access"
+	"ALLinSSL/backend/public"
+	"encoding/json"
+	"fmt"
+	"strconv"
+)
+
+func Deploy(cfg map[string]any) error {
+	cert, ok := cfg["certificate"].(map[string]any)
+	if !ok {
+		return fmt.Errorf("证书不存在")
+	}
+	var providerID string
+	switch v := cfg["provider_id"].(type) {
+	case float64:
+		providerID = strconv.Itoa(int(v))
+	case string:
+		providerID = v
+	default:
+		return fmt.Errorf("参数错误：provider_id")
+	}
+	//
+	providerData, err := access.GetAccess(providerID)
+	if err != nil {
+		return err
+	}
+	providerConfigStr, ok := providerData["config"].(string)
+	if !ok {
+		return fmt.Errorf("api配置错误")
+	}
+	// 解析 JSON 配置
+	var providerConfig public.WebhookConfig
+	err = json.Unmarshal([]byte(providerConfigStr), &providerConfig)
+	if err != nil {
+		return err
+	}
+
+	certStr, ok := cert["cert"].(string)
+	if !ok || certStr == "" {
+		return fmt.Errorf("cert is required and must be a string")
+	}
+	keyStr, ok := cert["key"].(string)
+	if !ok || keyStr == "" {
+		return fmt.Errorf("key is required and must be a string")
+	}
+
+	data, err := public.ReplaceJSONPlaceholders(providerConfig.Data, map[string]interface{}{"key": keyStr, "cert": certStr})
+	if err != nil {
+		return fmt.Errorf("替换JSON占位符失败: %w", err)
+	}
+	providerConfig.Data = data
+
+	return providerConfig.Send()
+}