From 5269924ca453160d49140ab575b9ee5ed6c0c483 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=80=97=E5=AD=90?= Date: Fri, 23 Jan 2026 22:45:38 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E8=AF=81=E4=B9=A6=E6=B7=BB=E5=8A=A0?= =?UTF-8?q?=E8=B6=85=E6=97=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/data/cert.go | 24 +++++++++++++++++------- internal/job/cert_renew.go | 10 +++++----- internal/service/cli.go | 6 +++--- 3 files changed, 25 insertions(+), 15 deletions(-) diff --git a/internal/data/cert.go b/internal/data/cert.go index 1f69a81e..f7a035da 100644 --- a/internal/data/cert.go +++ b/internal/data/cert.go @@ -205,7 +205,9 @@ func (r *certRepo) ObtainAuto(id uint) (*acme.Certificate, error) { } } - ssl, err := client.ObtainCertificate(context.Background(), cert.Domains, acme.KeyType(cert.Type)) + ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute) + defer cancel() + ssl, err := client.ObtainCertificate(ctx, cert.Domains, acme.KeyType(cert.Type)) if err != nil { return nil, err } @@ -276,7 +278,9 @@ func (r *certRepo) ObtainPanel(account *biz.CertAccount, ips []string) ([]byte, } client.UsePanel(ips, confPath, webServer) - ssl, err := client.ObtainIPCertificate(context.Background(), ips, acme.KeyEC256) + ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute) + defer cancel() + ssl, err := client.ObtainIPCertificate(ctx, ips, acme.KeyEC256) if err != nil { return nil, nil, err } @@ -290,7 +294,7 @@ func (r *certRepo) ObtainSelfSigned(id uint) error { return err } - crt, key, err := pkgcert.GenerateSelfSignedRSA(cert.Domains) + crt, key, err := pkgcert.GenerateSelfSigned(cert.Domains) if err != nil { return err } @@ -345,10 +349,12 @@ func (r *certRepo) Renew(id uint) (*acme.Certificate, error) { } } - ssl, err := client.RenewCertificate(context.Background(), cert.CertURL, cert.Domains, acme.KeyType(cert.Type)) + ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute) + defer cancel() + ssl, err := client.RenewCertificate(ctx, cert.CertURL, cert.Domains, acme.KeyType(cert.Type)) if err != nil { // 续签失败,尝试重签 - ssl, err = client.ObtainCertificate(context.Background(), cert.Domains, acme.KeyType(cert.Type)) + ssl, err = client.ObtainCertificate(ctx, cert.Domains, acme.KeyType(cert.Type)) if err != nil { return nil, err } @@ -384,7 +390,9 @@ func (r *certRepo) RefreshRenewalInfo(id uint) (mholtacme.RenewalInfo, error) { return mholtacme.RenewalInfo{}, err } - renewInfo, err := client.GetRenewalInfo(context.Background(), crt) + ctx, cancel := context.WithTimeout(context.Background(), 1*time.Minute) + defer cancel() + renewInfo, err := client.GetRenewalInfo(ctx, crt) if err != nil { return mholtacme.RenewalInfo{}, err } @@ -409,7 +417,9 @@ func (r *certRepo) ManualDNS(id uint) ([]acme.DNSRecord, error) { } client.UseManualDns() - records, err := client.GetDNSRecords(context.Background(), cert.Domains, acme.KeyType(cert.Type)) + ctx, cancel := context.WithTimeout(context.Background(), 1*time.Minute) + defer cancel() + records, err := client.GetDNSRecords(ctx, cert.Domains, acme.KeyType(cert.Type)) if err != nil { return nil, err } diff --git a/internal/job/cert_renew.go b/internal/job/cert_renew.go index 4dafcdfe..bf68d898 100644 --- a/internal/job/cert_renew.go +++ b/internal/job/cert_renew.go @@ -67,7 +67,7 @@ func (r *CertRenew) Run() { // 到达建议时间,续签证书 if time.Now().After(cert.RenewalInfo.SelectedTime) { if _, err := r.certRepo.Renew(cert.ID); err != nil { - r.log.Warn("failed to renew cert", slog.String("type", biz.OperationTypeCert), slog.Uint64("operator_id", 0), slog.Any("err", err)) + r.log.Warn("failed to renew certificate", slog.String("type", biz.OperationTypeCert), slog.Uint64("operator_id", 0), slog.Any("err", err)) } } } @@ -76,7 +76,7 @@ func (r *CertRenew) Run() { if r.conf.HTTP.ACME { decode, err := pkgcert.ParseCert(filepath.Join(app.Root, "panel/storage/cert.pem")) if err != nil { - r.log.Warn("failed to parse panel cert", slog.String("type", biz.OperationTypeCert), slog.Uint64("operator_id", 0), slog.Any("err", err)) + r.log.Warn("failed to parse panel certificate", slog.String("type", biz.OperationTypeCert), slog.Uint64("operator_id", 0), slog.Any("err", err)) return } // 结束时间大于 2 天不续签 @@ -107,7 +107,7 @@ func (r *CertRenew) Run() { } crt, key, err := r.certRepo.ObtainPanel(account, ips) if err != nil { - r.log.Warn("failed to obtain ACME cert", slog.String("type", biz.OperationTypeCert), slog.Uint64("operator_id", 0), slog.Any("err", err)) + r.log.Warn("failed to obtain panel certificate via ACME", slog.String("type", biz.OperationTypeCert), slog.Uint64("operator_id", 0), slog.Any("err", err)) return } @@ -115,11 +115,11 @@ func (r *CertRenew) Run() { Cert: string(crt), Key: string(key), }); err != nil { - r.log.Warn("failed to update panel cert", slog.String("type", biz.OperationTypeCert), slog.Uint64("operator_id", 0), slog.Any("err", err)) + r.log.Warn("failed to update panel certificate", slog.String("type", biz.OperationTypeCert), slog.Uint64("operator_id", 0), slog.Any("err", err)) return } - r.log.Info("panel cert renewed successfully", slog.String("type", biz.OperationTypeCert), slog.Uint64("operator_id", 0)) + r.log.Info("panel certificate renewed successfully", slog.String("type", biz.OperationTypeCert), slog.Uint64("operator_id", 0)) tools.RestartPanel() } diff --git a/internal/service/cli.go b/internal/service/cli.go index 4b2e2eb1..c4077d96 100644 --- a/internal/service/cli.go +++ b/internal/service/cli.go @@ -384,14 +384,14 @@ func (s *CliService) HTTPSGenerate(ctx context.Context, cmd *cli.Command) error } crt, key, err = s.certRepo.ObtainPanel(account, ips) if err == nil { - fmt.Println(s.t.Get("Successfully obtained SSL certificate via ACME")) + fmt.Println(s.t.Get("Successfully obtained panel certificate via ACME")) } else { - fmt.Println(s.t.Get("Failed to obtain ACME certificate, using self-signed certificate")) + fmt.Println(s.t.Get("Failed to obtain panel certificate via ACME, using self-signed certificate")) } } if crt == nil || key == nil { - crt, key, err = cert.GenerateSelfSignedRSA(names) + crt, key, err = cert.GenerateSelfSigned(names) if err != nil { return err }