diff --git a/cmd/cli/wire_gen.go b/cmd/cli/wire_gen.go index fd22a918..c0e1f96e 100644 --- a/cmd/cli/wire_gen.go +++ b/cmd/cli/wire_gen.go @@ -64,8 +64,8 @@ func initCli() (*app.Cli, error) { databaseServerRepo := data.NewDatabaseServerRepo(db, logger) databaseUserRepo := data.NewDatabaseUserRepo(db, databaseServerRepo) databaseRepo := data.NewDatabaseRepo(db, databaseServerRepo, databaseUserRepo) - certRepo := data.NewCertRepo(db) - certAccountRepo := data.NewCertAccountRepo(db, userRepo) + certRepo := data.NewCertRepo(db, logger) + certAccountRepo := data.NewCertAccountRepo(db, userRepo, logger) websiteRepo := data.NewWebsiteRepo(db, cacheRepo, databaseRepo, databaseServerRepo, databaseUserRepo, certRepo, certAccountRepo) backupRepo := data.NewBackupRepo(db, settingRepo, websiteRepo) cliService := service.NewCliService(koanf, db, appRepo, cacheRepo, userRepo, settingRepo, backupRepo, websiteRepo, databaseServerRepo) diff --git a/cmd/web/wire_gen.go b/cmd/web/wire_gen.go index 7dec6558..71e85cc9 100644 --- a/cmd/web/wire_gen.go +++ b/cmd/web/wire_gen.go @@ -71,8 +71,8 @@ func initWeb() (*app.Web, error) { databaseServerRepo := data.NewDatabaseServerRepo(db, logger) databaseUserRepo := data.NewDatabaseUserRepo(db, databaseServerRepo) databaseRepo := data.NewDatabaseRepo(db, databaseServerRepo, databaseUserRepo) - certRepo := data.NewCertRepo(db) - certAccountRepo := data.NewCertAccountRepo(db, userRepo) + certRepo := data.NewCertRepo(db, logger) + certAccountRepo := data.NewCertAccountRepo(db, userRepo, logger) websiteRepo := data.NewWebsiteRepo(db, cacheRepo, databaseRepo, databaseServerRepo, databaseUserRepo, certRepo, certAccountRepo) settingRepo := data.NewSettingRepo(db, koanf, taskRepo) cronRepo := data.NewCronRepo(db) diff --git a/go.sum b/go.sum index c8e7b430..4b8be96b 100644 --- a/go.sum +++ b/go.sum @@ -50,6 +50,7 @@ github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/subcommands v1.2.0 h1:vWQspBTo2nEqTUFita5/KeEWlUL8kQObDFbub/EN9oE= github.com/google/subcommands v1.2.0/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk= github.com/google/wire v0.6.0 h1:HBkoIh4BdSxoyo9PveV8giw7ZsaBOvzWKfcg/6MrVwI= github.com/google/wire v0.6.0/go.mod h1:F4QhpQ9EDIdJ1Mbop/NZBRB+5yrR6qg3BnctaoUk6NA= @@ -159,6 +160,8 @@ golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.24.0 h1:ZfthKaKaT4NrhGVZHO1/WDTwGES4De8KtWO0SIbNJMU= +golang.org/x/mod v0.24.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= @@ -213,6 +216,8 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= +golang.org/x/tools v0.31.0 h1:0EedkvKDbh+qistFTd0Bcwe/YLh4vHwWEkiI0toFIBU= +golang.org/x/tools v0.31.0/go.mod h1:naFTU+Cev749tSJRXJlna0T3WxKvb1kWEx15xA4SdmQ= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= diff --git a/internal/data/cert.go b/internal/data/cert.go index 6d57d892..e63ccd6c 100644 --- a/internal/data/cert.go +++ b/internal/data/cert.go @@ -4,6 +4,7 @@ import ( "context" "errors" "fmt" + "log/slog" "os" "slices" "strings" @@ -24,12 +25,14 @@ import ( type certRepo struct { db *gorm.DB + log *slog.Logger client *acme.Client } -func NewCertRepo(db *gorm.DB) biz.CertRepo { +func NewCertRepo(db *gorm.DB, log *slog.Logger) biz.CertRepo { return &certRepo{ - db: db, + db: db, + log: log, } } @@ -414,5 +417,5 @@ func (r *certRepo) getClient(cert *biz.Cert) (*acme.Client, error) { eab = &acme.EAB{KeyID: cert.Account.Kid, MACKey: cert.Account.HmacEncoded} } - return acme.NewPrivateKeyAccount(cert.Account.Email, cert.Account.PrivateKey, ca, eab) + return acme.NewPrivateKeyAccount(cert.Account.Email, cert.Account.PrivateKey, ca, eab, r.log) } diff --git a/internal/data/cert_account.go b/internal/data/cert_account.go index 2cad7616..5156e22a 100644 --- a/internal/data/cert_account.go +++ b/internal/data/cert_account.go @@ -4,6 +4,7 @@ import ( "context" "errors" "fmt" + "log/slog" "time" "github.com/go-resty/resty/v2" @@ -17,12 +18,14 @@ import ( type certAccountRepo struct { db *gorm.DB + log *slog.Logger user biz.UserRepo } -func NewCertAccountRepo(db *gorm.DB, user biz.UserRepo) biz.CertAccountRepo { +func NewCertAccountRepo(db *gorm.DB, user biz.UserRepo, log *slog.Logger) biz.CertAccountRepo { return &certAccountRepo{ db: db, + log: log, user: user, } } @@ -78,13 +81,13 @@ func (r certAccountRepo) Create(req *request.CertAccountCreate) (*biz.CertAccoun } account.Kid = eab.KeyID account.HmacEncoded = eab.MACKey - client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CAGoogleCN, eab, acme.KeyType(account.KeyType)) + client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CAGoogleCN, eab, acme.KeyType(account.KeyType), r.log) case "google": - client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CAGoogle, &acme.EAB{KeyID: account.Kid, MACKey: account.HmacEncoded}, acme.KeyType(account.KeyType)) + client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CAGoogle, &acme.EAB{KeyID: account.Kid, MACKey: account.HmacEncoded}, acme.KeyType(account.KeyType), r.log) case "letsencrypt": - client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CALetsEncrypt, nil, acme.KeyType(account.KeyType)) + client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CALetsEncrypt, nil, acme.KeyType(account.KeyType), r.log) case "buypass": - client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CABuypass, nil, acme.KeyType(account.KeyType)) + client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CABuypass, nil, acme.KeyType(account.KeyType), r.log) case "zerossl": eab, eabErr := r.getZeroSSLEAB(account.Email) if eabErr != nil { @@ -92,9 +95,9 @@ func (r certAccountRepo) Create(req *request.CertAccountCreate) (*biz.CertAccoun } account.Kid = eab.KeyID account.HmacEncoded = eab.MACKey - client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CAZeroSSL, eab, acme.KeyType(account.KeyType)) + client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CAZeroSSL, eab, acme.KeyType(account.KeyType), r.log) case "sslcom": - client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CASSLcom, &acme.EAB{KeyID: account.Kid, MACKey: account.HmacEncoded}, acme.KeyType(account.KeyType)) + client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CASSLcom, &acme.EAB{KeyID: account.Kid, MACKey: account.HmacEncoded}, acme.KeyType(account.KeyType), r.log) default: return nil, errors.New("unsupported CA") } @@ -137,13 +140,13 @@ func (r certAccountRepo) Update(req *request.CertAccountUpdate) error { } account.Kid = eab.KeyID account.HmacEncoded = eab.MACKey - client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CAGoogleCN, eab, acme.KeyType(account.KeyType)) + client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CAGoogleCN, eab, acme.KeyType(account.KeyType), r.log) case "google": - client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CAGoogle, &acme.EAB{KeyID: account.Kid, MACKey: account.HmacEncoded}, acme.KeyType(account.KeyType)) + client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CAGoogle, &acme.EAB{KeyID: account.Kid, MACKey: account.HmacEncoded}, acme.KeyType(account.KeyType), r.log) case "letsencrypt": - client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CALetsEncrypt, nil, acme.KeyType(account.KeyType)) + client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CALetsEncrypt, nil, acme.KeyType(account.KeyType), r.log) case "buypass": - client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CABuypass, nil, acme.KeyType(account.KeyType)) + client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CABuypass, nil, acme.KeyType(account.KeyType), r.log) case "zerossl": eab, eabErr := r.getZeroSSLEAB(account.Email) if eabErr != nil { @@ -151,9 +154,9 @@ func (r certAccountRepo) Update(req *request.CertAccountUpdate) error { } account.Kid = eab.KeyID account.HmacEncoded = eab.MACKey - client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CAZeroSSL, eab, acme.KeyType(account.KeyType)) + client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CAZeroSSL, eab, acme.KeyType(account.KeyType), r.log) case "sslcom": - client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CASSLcom, &acme.EAB{KeyID: account.Kid, MACKey: account.HmacEncoded}, acme.KeyType(account.KeyType)) + client, err = acme.NewRegisterAccount(context.Background(), account.Email, acme.CASSLcom, &acme.EAB{KeyID: account.Kid, MACKey: account.HmacEncoded}, acme.KeyType(account.KeyType), r.log) default: return errors.New("unsupported CA") } diff --git a/pkg/acme/acme.go b/pkg/acme/acme.go index d61af751..92d1a4df 100644 --- a/pkg/acme/acme.go +++ b/pkg/acme/acme.go @@ -8,6 +8,7 @@ import ( "crypto/rand" "crypto/rsa" "errors" + "log/slog" "net/http" "github.com/mholt/acmez/v3" @@ -38,8 +39,8 @@ const ( type EAB = acme.EAB -func NewRegisterAccount(ctx context.Context, email, CA string, eab *EAB, keyType KeyType) (*Client, error) { - client, err := getClient(CA) +func NewRegisterAccount(ctx context.Context, email, CA string, eab *EAB, keyType KeyType, log *slog.Logger) (*Client, error) { + client, err := getClient(CA, log) if err != nil { return nil, err } @@ -68,8 +69,8 @@ func NewRegisterAccount(ctx context.Context, email, CA string, eab *EAB, keyType return &Client{Account: account, zClient: client}, nil } -func NewPrivateKeyAccount(email string, privateKey string, CA string, eab *EAB) (*Client, error) { - client, err := getClient(CA) +func NewPrivateKeyAccount(email string, privateKey string, CA string, eab *EAB, log *slog.Logger) (*Client, error) { + client, err := getClient(CA, log) if err != nil { return nil, err } @@ -116,11 +117,12 @@ func generatePrivateKey(keyType KeyType) (crypto.Signer, error) { return nil, errors.New("未知的密钥类型") } -func getClient(CA string) (acmez.Client, error) { +func getClient(CA string, log *slog.Logger) (acmez.Client, error) { client := acmez.Client{ Client: &acme.Client{ Directory: CA, HTTPClient: http.DefaultClient, + Logger: log, }, }