支持DNS账号部署

dromara · Jun 23, 2024 · 8089232 · 8089232
1 parent 26edb9a
commit 8089232
Show file tree

Hide file tree

Showing 5 changed files with 48 additions and 31 deletions.
diff --git a/domain_admin/api/dns_api.py b/domain_admin/api/dns_api.py
@@ -116,34 +116,3 @@ def get_dns_list():
         'total': total,
     }
 
-
-def add_dns_domain_record():
-    """
-    添加dns记录
-    :return:
-    """
-    dns_id = request.json['dns_id']
-    issue_certificate_id = request.json['issue_certificate_id']
-
-    dns_row = DnsModel.get_by_id(dns_id)
-
-    # 获取验证方式
-    challenge_list = issue_certificate_service.get_certificate_challenges(issue_certificate_id)
-
-    for challenge_row in challenge_list:
-        challenge_json = challenge_row['challenge'].to_json()
-        if challenge_json['type'] == ChallengeType.DNS01:
-
-            if challenge_row['sub_domain'] and challenge_row['sub_domain'] != 'www':
-                record_key = '_acme-challenge.' + challenge_row['sub_domain']
-            else:
-                record_key = '_acme-challenge'
-
-            aliyun_domain_api.add_domain_record(
-                access_key_id=dns_row.access_key,
-                access_key_secret=dns_row.secret_key,
-                domain_name=challenge_row['domain'],
-                record_type=RecordTypeEnum.TXT,
-                record_key=record_key,
-                record_value=challenge_row['validation']
-            )
diff --git a/domain_admin/api/issue_certificate_api.py b/domain_admin/api/issue_certificate_api.py
@@ -7,13 +7,16 @@
 from flask import g, request
 from playhouse.shortcuts import model_to_dict, chunked
 
+from domain_admin.model.dns_model import DnsModel
 from domain_admin.model.domain_model import DomainModel
 from domain_admin.model.host_model import HostModel
 from domain_admin.model.issue_certificate_model import IssueCertificateModel
 from domain_admin.service import issue_certificate_service
 from domain_admin.utils import ip_util, domain_util, fabric_util, datetime_util, validate_util
 from domain_admin.utils.acme_util.challenge_type import ChallengeType
 from domain_admin.utils.flask_ext.app_exception import AppException
+from domain_admin.utils.open_api import aliyun_domain_api
+from domain_admin.utils.open_api.aliyun_domain_api import RecordTypeEnum
 
 
 def issue_certificate():
@@ -349,3 +352,36 @@ def notify_web_hook():
         raise res.raise_for_status()
 
     return res.text
+
+
+def add_dns_domain_record():
+    """
+    添加dns记录
+    :return:
+    """
+    dns_id = request.json['dns_id']
+    issue_certificate_id = request.json['issue_certificate_id']
+    print(dns_id, ' ', issue_certificate_id)
+
+    dns_row = DnsModel.get_by_id(dns_id)
+
+    # 获取验证方式
+    challenge_list = issue_certificate_service.get_certificate_challenges(issue_certificate_id)
+
+    for challenge_row in challenge_list:
+        challenge_json = challenge_row['challenge'].to_json()
+        if challenge_json['type'] == ChallengeType.DNS01:
+
+            if challenge_row['sub_domain']:
+                record_key = '_acme-challenge.' + challenge_row['sub_domain']
+            else:
+                record_key = '_acme-challenge'
+
+            aliyun_domain_api.add_domain_record(
+                access_key_id=dns_row.access_key,
+                access_key_secret=dns_row.secret_key,
+                domain_name=challenge_row['root_domain'],
+                record_type=RecordTypeEnum.TXT,
+                record_key=record_key,
+                record_value=challenge_row['validation']
+            )
diff --git a/domain_admin/router/api_map.py b/domain_admin/router/api_map.py
@@ -178,6 +178,7 @@
     '/api/deleteCertificateByBatch': issue_certificate_api.delete_certificate_by_batch,
     '/api/getAllowCommands': issue_certificate_api.get_allow_commands,
     '/api/notifyWebHook': issue_certificate_api.notify_web_hook,
+    '/api/addDnsDomainRecord': issue_certificate_api.add_dns_domain_record,
 
     # 主机管理
     '/api/addHost': host_api.add_host,

diff --git a/domain_admin/service/issue_certificate_service.py b/domain_admin/service/issue_certificate_service.py
@@ -71,6 +71,7 @@ def get_certificate_challenges(issue_certificate_id):
             data = {
                 'domain': domain,
                 'sub_domain': domain_util.get_subdomain(domain),
+                'root_domain': domain_util.get_root_domain(domain),
                 'validation': validation,
                 'challenge': challenge
             }

diff --git a/domain_admin/utils/open_api/aliyun_domain_api.py b/domain_admin/utils/open_api/aliyun_domain_api.py
@@ -8,6 +8,8 @@
 from aliyunsdkcore.auth.credentials import AccessKeyCredential
 from aliyunsdkcore.client import AcsClient
 
+from domain_admin.log import logger
+
 
 class RecordTypeEnum:
     """
@@ -37,6 +39,14 @@ def add_domain_record(
     :param record_value: 记录值
     :return:
     """
+    logger.info("%s", {
+        'access_key_id': access_key_id,
+        'access_key_secret': access_key_secret,
+        'domain_name': domain_name,
+        'record_key': record_key,
+        'record_type': record_type,
+        'record_value': record_value,
+    })
 
     # Please ensure that the environment variables ALIBABA_CLOUD_ACCESS_KEY_ID and ALIBABA_CLOUD_ACCESS_KEY_SECRET are set.
     credentials = AccessKeyCredential(