From 3ea41c1c8bc579ec20a372ec77fc0e6330cccc9a Mon Sep 17 00:00:00 2001
From: Ripic Zhang <56013580+ylwind@users.noreply.github.com>
Date: Tue, 24 Feb 2026 11:09:03 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=20esa=20saas=20=E8=AF=81?=
=?UTF-8?q?=E4=B9=A6=E9=83=A8=E7=BD=B2=20(#404)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* 增加ESA SaaS配置
* 增加部署配置
* 合并
* 合并
---
app/lib/DeployHelper.php | 14 +++++++--
app/lib/deploy/aliyun.php | 64 ++++++++++++++++++++++++++++++++++++++-
2 files changed, 74 insertions(+), 4 deletions(-)
diff --git a/app/lib/DeployHelper.php b/app/lib/DeployHelper.php
index ba719cc..4b9e2c9 100644
--- a/app/lib/DeployHelper.php
+++ b/app/lib/DeployHelper.php
@@ -1152,6 +1152,7 @@ ctrl+x 保存退出
',
['value'=>'cdn', 'label'=>'内容分发CDN'],
['value'=>'dcdn', 'label'=>'全站加速DCDN'],
['value'=>'esa', 'label'=>'边缘安全加速ESA'],
+ ['value'=>'esa_saas', 'label'=>'边缘安全加速ESA SaaS'],
['value'=>'oss', 'label'=>'对象存储OSS'],
['value'=>'waf', 'label'=>'Web应用防火墙3.0'],
['value'=>'waf2', 'label'=>'Web应用防火墙2.0'],
@@ -1174,7 +1175,14 @@ ctrl+x 保存退出
',
'name' => 'ESA站点域名',
'type' => 'input',
'placeholder' => 'ESA添加的站点主域名',
- 'show' => 'product==\'esa\'',
+ 'show' => 'product==\'esa\' || product == \'esa_saas\'',
+ 'required' => true,
+ ],
+ 'esa_saas_sitename' => [
+ 'name' => 'ESA SAAS站点域名',
+ 'type' => 'input',
+ 'placeholder' => 'ESA SAAS站点域名',
+ 'show' => 'product == \'esa_saas\'',
'required' => true,
],
'oss_endpoint' => [
@@ -1199,7 +1207,7 @@ ctrl+x 保存退出
',
['value'=>'ap-southeast-1', 'label'=>'非中国内地'],
],
'value' => 'cn-hangzhou',
- 'show' => 'product==\'waf\'||product==\'waf2\'||product==\'ddoscoo\'||product==\'esa\'',
+ 'show' => 'product==\'waf\'||product==\'waf2\'||product==\'ddoscoo\'||product==\'esa\'||product==\'esa_saas\'',
'required' => true,
],
'regionid' => [
@@ -1292,7 +1300,7 @@ ctrl+x 保存退出
',
'name' => '绑定的域名',
'type' => 'input',
'placeholder' => '',
- 'show' => 'product!=\'esa\'&&product!=\'clb\'&&product!=\'alb\'&&product!=\'nlb\'&&product!=\'ga\'&&product!=\'upload\'',
+ 'show' => 'product!=\'esa\'&&product!=\'esa_saas\'&&product!=\'clb\'&&product!=\'alb\'&&product!=\'nlb\'&&product!=\'ga\'&&product!=\'upload\'',
'required' => true,
],
],
diff --git a/app/lib/deploy/aliyun.php b/app/lib/deploy/aliyun.php
index 115ae7a..901c2e9 100644
--- a/app/lib/deploy/aliyun.php
+++ b/app/lib/deploy/aliyun.php
@@ -66,9 +66,11 @@ class aliyun implements DeployInterface
$this->deploy_alb($cert_id, $config);
} elseif ($config['product'] == 'nlb') {
$this->deploy_nlb($cert_id, $config);
+ } elseif($config['product'] == 'esa_saas'){
+ $this->deploy_esa_saas($cert_id, $config);
} elseif ($config['product'] == 'ga') {
$this->deploy_ga($cert_id, $config);
- } elseif ($config['product'] == 'upload') {
+ }elseif ($config['product'] == 'upload') {
} else {
throw new Exception('未知的产品类型');
}
@@ -166,6 +168,66 @@ class aliyun implements DeployInterface
$this->log('DCDN域名 ' . $domain . ' 部署证书成功!');
}
+ private function deploy_esa_saas($cas_id, $config)
+ {
+ $sitename = $config['esa_sitename'];
+ $saas_sitename = $config['esa_saas_sitename'];
+ if (empty($sitename)) throw new Exception('ESA站点名称不能为空');
+ if (empty($saas_sitename)) throw new Exception('ESA SAAS域名不能为空');
+
+ if ($config['region'] == 'ap-southeast-1') {
+ $endpoint = 'esa.ap-southeast-1.aliyuncs.com';
+ } else {
+ $endpoint = 'esa.cn-hangzhou.aliyuncs.com';
+ }
+
+ $client = new AliyunClient($this->AccessKeyId, $this->AccessKeySecret, $endpoint, '2024-09-10');
+ $param = [
+ 'Action' => 'ListSites',
+ 'SiteName' => $sitename,
+ 'SiteSearchType' => 'exact',
+ ];
+ try {
+ $data = $client->request($param, 'GET');
+ } catch (Exception $e) {
+ throw new Exception('查询ESA站点列表失败:' . $e->getMessage());
+ }
+ if ($data['TotalCount'] == 0) throw new Exception('ESA站点 ' . $sitename . ' 不存在');
+ $this->log('成功查询到' . $data['TotalCount'] . '个ESA站点');
+ $site_id = $data['Sites'][0]['SiteId'];
+ // 查询对应的saas域名
+ $param =[
+ 'Action' => 'ListCustomHostnames',
+ 'SiteName' => $saas_sitename,
+ 'SiteId' => $site_id,
+ 'SiteSearchType' => 'exact',
+ ];
+ try {
+ $saas_data = $client->request($param, 'GET');
+ } catch (Exception $e) {
+ throw new Exception('查询ESA saas域名失败:' . $e->getMessage());
+ }
+ if ($saas_data['TotalCount'] == 0) throw new Exception('ESA saas站点 ' . $saas_sitename . ' 不存在');
+ $saas_hostname_id = $saas_data['Hostnames'][0]['HostnameId'];
+
+ $param = [
+ 'Action' => 'UpdateCustomHostname',
+ 'HostnameId'=> $saas_hostname_id,
+ 'SslFlag' => 'on',
+ 'CertType' => 'cas',
+ 'CasId' => $cas_id,
+ 'CasRegion' => $config['region'],
+ ];
+ $this->log('ESA SAAS站点部署参数 ' . json_encode($param));
+ try{
+ $saas_deploy_result = $client->request($param);
+ $this->log('ESA SAAS站点部署结果 ' . json_encode($saas_deploy_result));
+ }catch(Exception $e){
+ throw new Exception('部署失败:' . $e->getMessage());
+ }
+ $this->log('ESA SAAS站点 ' . $saas_sitename . ' 证书添加成功!');
+ }
+
private function deploy_esa($cas_id, $cert_name, $config)
{
$sitename = $config['esa_sitename'];