feat: store auto-cert log to db

2025-05-11 02:15:48 +02:00 · 2023-02-15 12:51:12 +08:00 · 2023-02-15 12:51:12 +08:00 · a9aacce0ad
commit a9aacce0ad
parent e9d26ded1c
8 changed files with 771 additions and 726 deletions
--- a/frontend/src/api/domain.ts
+++ b/frontend/src/api/domain.ts
@ -14,8 +14,8 @@ class Domain extends Curd {
        return http.get('template')
    }

-    add_auto_cert(domain: string) {
-        return http.post('auto_cert/' + domain)
+    add_auto_cert(domain: string, data: any) {
+        return http.post('auto_cert/' + domain, data)
    }

    remove_auto_cert(domain: string) {
--- a/frontend/src/views/cert/Cert.vue
+++ b/frontend/src/views/cert/Cert.vue
@ -2,15 +2,15 @@
 import {useGettext} from 'vue3-gettext'
 import {input} from '@/components/StdDataEntry'
 import {customRender, datetime} from '@/components/StdDataDisplay/StdTableTransformer'
-import {h} from 'vue'
 import {Badge} from 'ant-design-vue'
 import cert from '@/api/cert'
 import StdCurd from '@/components/StdDataDisplay/StdCurd.vue'
 import Template from '@/views/template/Template.vue'
 import CodeEditor from '@/components/CodeEditor/CodeEditor.vue'
 import CertInfo from '@/views/domain/cert/CertInfo.vue'
+import {h} from 'vue'

-const {$gettext} = useGettext()
+const {$gettext, interpolate} = useGettext()

 const columns = [{
    title: () => $gettext('Name'),
@ -81,11 +81,33 @@ const columns = [{
              row-key="name"
    >
        <template #beforeEdit="{data}">
-            <div v-if="data.auto_cert===1" style="margin-bottom: 15px">
+            <template v-if="data.auto_cert===1">
+                <div style="margin-bottom: 15px">
                    <a-alert
-                    :message="$gettext('Auto cert is enabled, please do not modify this certification.')" type="info"
+                        :message="$gettext('Auto cert is enabled, please do not modify this certification.')"
+                        type="info"
                        show-icon/>
                </div>
+                <div v-if="!data.filename" style="margin-bottom: 15px">
+                    <a-alert
+                        :message="$gettext('This auto-cert item is invalid, please remove it.')"
+                        type="error"
+                        show-icon/>
+                </div>
+                <div v-else-if="!data.domains" style="margin-bottom: 15px">
+                    <a-alert
+                        :message="interpolate($gettext('Domains list is empty, try to reopen auto-cert for %{config}'), {config: data.filename})"
+                        type="error"
+                        show-icon/>
+                </div>
+                <div v-if="data.log" style="margin-bottom: 15px">
+                    <a-form layout="vertical">
+                        <a-form-item :label="$gettext('Auto-Cert Log')">
+                            <p>{{ data.log }}</p>
+                        </a-form-item>
+                    </a-form>
+                </div>
+            </template>
            <a-form layout="vertical" v-if="data.certificate_info">
                <a-form-item :label="$gettext('Certificate Status')">
                    <cert-info :cert="data.certificate_info"/>
--- a/frontend/src/views/domain/cert/IssueCert.vue
+++ b/frontend/src/views/domain/cert/IssueCert.vue
@ -61,7 +61,7 @@ function callback(ssl_certificate: string, ssl_certificate_key: string) {

 function change_auto_cert(r: boolean) {
    if (r) {
-        domain.add_auto_cert(props.config_name).then(() => {
+        domain.add_auto_cert(props.config_name, {domains: name.value.trim().split(' ')}).then(() => {
            message.success(interpolate($gettext('Auto-renewal enabled for %{name}'), {name: name.value}))
        }).catch(e => {
            message.error(e.message ?? interpolate($gettext('Enable auto-renewal failed for %{name}'), {name: name.value}))
--- a/server/api/cert.go
+++ b/server/api/cert.go
@ -82,6 +82,12 @@ func IssueCert(c *gin.Context) {
        return
    }

+    certModel, err := model.FirstOrCreateCert(c.Param("name"))
+
+    if err != nil {
+        log.Println(err)
+    }
+
    logChan := make(chan string, 1)
    errChan := make(chan error, 1)

@ -89,9 +95,11 @@ func IssueCert(c *gin.Context) {

    go handleIssueCertLogChan(ws, logChan)

-	// block, unless errChan closed
+    // block, until errChan closes
    for err = range errChan {
-		log.Println("Error cert.IssueCert", err)
+        errLog := &cert.AutoCertErrorLog{}
+        errLog.SetCertModel(&certModel)
+        errLog.Exit("issue cert", err)

        err = ws.WriteJSON(IssueCertResponse{
            Status:  Error,
@ -106,18 +114,10 @@ func IssueCert(c *gin.Context) {
        return
    }

-	close(logChan)
-
    certDirName := strings.Join(buffer.ServerName, "_")
    sslCertificatePath := nginx.GetConfPath("ssl", certDirName, "fullchain.cer")
    sslCertificateKeyPath := nginx.GetConfPath("ssl", certDirName, "private.key")

-	certModel, err := model.FirstOrCreateCert(c.Param("name"))
-
-	if err != nil {
-		log.Println(err)
-	}
-
    err = certModel.Updates(&model.Cert{
        Domains:               buffer.ServerName,
        SSLCertificatePath:    sslCertificatePath,
@ -133,6 +133,8 @@ func IssueCert(c *gin.Context) {
        return
    }

+    certModel.ClearLog()
+
    err = ws.WriteJSON(IssueCertResponse{
        Status:            Success,
        Message:           "Issued certificate successfully",
@ -271,7 +273,6 @@ func ModifyCert(c *gin.Context) {

    var json struct {
        Name                  string `json:"name"`
-		Domain                string `json:"domain" binding:"required"`
        SSLCertificatePath    string `json:"ssl_certificate_path" binding:"required"`
        SSLCertificateKeyPath string `json:"ssl_certificate_key_path" binding:"required"`
        SSLCertification      string `json:"ssl_certification"`
--- a/server/api/domain.go
+++ b/server/api/domain.go
@ -356,6 +356,15 @@ func DeleteDomain(c *gin.Context) {

 func AddDomainToAutoCert(c *gin.Context) {
    name := c.Param("name")
+
+    var json struct {
+        Domains []string `json:"domains"`
+    }
+
+    if !BindAndValid(c, &json) {
+        return
+    }
+
    certModel, err := model.FirstOrCreateCert(name)

    if err != nil {
@ -365,6 +374,7 @@ func AddDomainToAutoCert(c *gin.Context) {

    err = certModel.Updates(&model.Cert{
        Name:     name,
+        Domains:  json.Domains,
        AutoCert: model.AutoCertEnabled,
    })

--- a/server/model/cert.go
+++ b/server/model/cert.go
@ -88,6 +88,10 @@ func (c *Cert) Updates(n *Cert) error {
 	return db.Model(&Cert{}).Where("id", c.ID).Updates(n).Error
 }

+func (c *Cert) ClearLog() {
+	db.Model(&Cert{}).Where("id", c.ID).Update("log", "")
+}
+
 func (c *Cert) Remove() error {
 	if c.Filename == "" {
 		return db.Delete(c).Error
--- a/server/pkg/cert/auto_cert.go
+++ b/server/pkg/cert/auto_cert.go
@ -106,10 +106,16 @@ func AutoObtain() {
        for err := range errChan {
            errLog.Push("issue cert", err)
        }
+
+        logStr := errLog.ToString()
+        if logStr != "" {
            // store error log to db
            _ = certModel.Updates(&model.Cert{
                Log: errLog.ToString(),
            })
+        } else {
+            certModel.ClearLog()
+        }

        close(logChan)
    }
--- a/server/pkg/cert/cert.go
+++ b/server/pkg/cert/cert.go
@ -92,7 +92,7 @@ func IssueCert(domain []string, logChan chan string, errChan chan error) {
    )

    if err != nil {
-        errChan <- errors.Wrap(err, "issue cert challenge fail")
+        errChan <- errors.Wrap(err, "fail to challenge")
        return
    }

@ -100,7 +100,7 @@ func IssueCert(domain []string, logChan chan string, errChan chan error) {
    logChan <- "Registering user"
    reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
    if err != nil {
-        errChan <- errors.Wrap(err, "issue cert register fail")
+        errChan <- errors.Wrap(err, "fail to register")
        return
    }
    myUser.Registration = reg
@ -113,7 +113,7 @@ func IssueCert(domain []string, logChan chan string, errChan chan error) {
    logChan <- "Obtaining certificate"
    certificates, err := client.Certificate.Obtain(request)
    if err != nil {
-        errChan <- errors.Wrap(err, "issue cert fail to obtain")
+        errChan <- errors.Wrap(err, "fail to obtain")
        return
    }
    name := strings.Join(domain, "_")
@ -121,7 +121,7 @@ func IssueCert(domain []string, logChan chan string, errChan chan error) {
    if _, err = os.Stat(saveDir); os.IsNotExist(err) {
        err = os.MkdirAll(saveDir, 0755)
        if err != nil {
-            errChan <- errors.Wrap(err, "issue cert fail to create")
+            errChan <- errors.Wrap(err, "fail to mkdir")
            return
        }
    }
@ -142,7 +142,7 @@ func IssueCert(domain []string, logChan chan string, errChan chan error) {
        certificates.PrivateKey, 0644)

    if err != nil {
-        errChan <- errors.Wrap(err, "error issue cert write key")
+        errChan <- errors.Wrap(err, "fail to write key")
        return
    }

@ -152,4 +152,6 @@ func IssueCert(domain []string, logChan chan string, errChan chan error) {
    nginx.Reload()

    logChan <- "Finished"
+
+    close(logChan)
 }