阿里云ESA超过免费配额之后,自动删除最旧的证书

This commit is contained in:
net909 2026-02-17 13:45:09 +08:00
parent 867785b774
commit c0e72908ab
4 changed files with 70 additions and 19 deletions

View File

@ -257,7 +257,7 @@ location / {
'wildcard' => false,
'max_domains' => 1,
'cname' => false,
'note' => '每个自然年有20张免费证书额度证书到期或吊销不释放额度。需要先进入阿里云控制台-<a href="https://yundun.console.aliyun.com/?p=cas#/certExtend/free/cn-hangzhou" target="_blank" rel="noreferrer">数字证书管理服务</a>,购买个人测试证书资源包。',
'note' => '每个自然年有20张免费证书额度证书到期或吊销不释放额度。需要先进入阿里云控制台-<a href="https://yundun.console.aliyun.com/?p=cas#/instance/TEST/cn-hangzhou" target="_blank" rel="noreferrer">数字证书管理服务</a>,购买个人测试证书资源包。',
'inputs' => [
'AccessKeyId' => [
'name' => 'AccessKeyId',

View File

@ -374,6 +374,12 @@ class DnsHelper
'placeholder' => '',
'required' => true,
],
'apikey' => [
'name' => 'API密钥/令牌',
'type' => 'input',
'placeholder' => '',
'required' => true,
],
'auth' => [
'name' => '认证方式',
'type' => 'radio',
@ -383,12 +389,6 @@ class DnsHelper
],
'value' => '0'
],
'apikey' => [
'name' => 'API密钥/令牌',
'type' => 'input',
'placeholder' => '',
'required' => true,
],
'proxy' => [
'name' => '使用代理服务器',
'type' => 'radio',

View File

@ -201,11 +201,11 @@ class aliyun implements DeployInterface
}
$this->log('ESA站点 ' . $sitename . ' 查询到' . $data['TotalCount'] . '个SSL证书');
$exist_cert_id = null;
$exist_cert_name = null;
$exist_cert_casid = null;
$exist_cert = null;
$oldest_cert = null;
if ($data['TotalCount'] > 0) {
foreach ($data['Result'] as $cert) {
if ($cert['Type'] == 'free') continue;
$domains = explode(',', $cert['SAN']);
$flag = true;
foreach ($domains as $domain) {
@ -215,11 +215,40 @@ class aliyun implements DeployInterface
}
}
if ($flag) {
$exist_cert_id = $cert['Id'];
$exist_cert_name = $cert['Name'];
$exist_cert_casid = isset($cert['CasId']) ? $cert['CasId'] : null;
$exist_cert = $cert;
break;
}
if (!$oldest_cert) {
$oldest_cert = $cert;
} elseif (strtotime($cert['CreateTime']) < strtotime($oldest_cert['CreateTime'])) {
$oldest_cert = $cert;
}
}
}
if (!$exist_cert) { //新增证书时,若配额已满,则删除最旧的证书
$param = [
'Action' => 'ListInstanceQuotasWithUsage',
'SiteId' => $site_id,
'QuotaNames' => 'customHttpCert',
];
try {
$data = $client->request($param, 'GET');
} catch (Exception $e) {
throw new Exception('查询ESA站点证书配额失败' . $e->getMessage());
}
if (!empty($data['Quotas']) && intval($data['Quotas'][0]['Usage']) >= intval($data['Quotas'][0]['QuotaValue']) && $oldest_cert) {
$param = [
'Action' => 'DeleteCertificate',
'SiteId' => $site_id,
'Id' => $oldest_cert['Id'],
];
try {
$client->request($param, 'GET');
$this->log('ESA站点 ' . $sitename . ' 删除证书 ' . $oldest_cert['Name'] . ' 成功');
} catch (Exception $e) {
throw new Exception('ESA站点 ' . $sitename . ' 删除证书' . $oldest_cert['Name'] . '失败:' . $e->getMessage());
}
}
}
@ -232,10 +261,10 @@ class aliyun implements DeployInterface
'Region' => $config['region'],
];
if ($exist_cert_id) {
$param['Id'] = $exist_cert_id;
if ($exist_cert) {
$param['Id'] = $exist_cert['Id'];
if ($exist_cert_casid == $cas_id) {
if (isset($exist_cert['CasId']) && $exist_cert['CasId'] == $cas_id) {
$this->log('ESA站点 ' . $sitename . ' 证书已配置,无需重复操作');
return;
}
@ -243,8 +272,8 @@ class aliyun implements DeployInterface
$client->request($param);
if ($exist_cert_name) {
$this->log('ESA站点 ' . $sitename . ' 证书 ' . $exist_cert_name . ' 更新成功');
if ($exist_cert) {
$this->log('ESA站点 ' . $sitename . ' 证书 ' . $exist_cert['Name'] . ' 更新成功');
} else {
$this->log('ESA站点 ' . $sitename . ' 证书添加成功!');
}

View File

@ -20,7 +20,7 @@
<label class="col-sm-3 control-label no-padding-right" is-required>账户类型</label>
<div class="col-sm-6">
<select name="type" class="form-control" v-model="set.type">
<option v-for="(item, key) in typeList" :value="key">{{item.name}}</option>
<option v-for="(item, key) in typeList" :value="key" :data-icon="item.icon">{{item.name}}</option>
</select>
</div>
</div>
@ -95,6 +95,8 @@
{block name="script"}
<script src="/static/js/vue-2.7.16.min.js"></script>
<script src="/static/js/layer/layer.js"></script>
<script src="/static/js/select2-4.0.13.min.js"></script>
<script src="/static/js/select2-i18n-zh-CN-4.0.13.min.js"></script>
<script src="/static/js/bootstrapValidator.min.js"></script>
<script>
var info = {$info|json_encode|raw};
@ -163,8 +165,28 @@ new Vue({
this.set.type = Object.keys(typeList)[0]
}
var that = this;
this.$nextTick(function () {
$('[data-toggle="tooltip"]').tooltip();
function formatType(option) {
if (!option.id) return option.text;
var icon = $(option.element).data('icon');
if (icon) {
return $('<span><img src="/static/images/' + icon + '" class="type-logo" />' + option.text + '</span>');
}
return option.text;
}
$('select[name=type]').select2({
templateResult: formatType,
templateSelection: formatType,
minimumResultsForSearch: Infinity,
width: '100%'
}).on('select2:select', function(e){
that.set.type = e.params.data.id;
});
if(that.action == 'edit'){
$('select[name=type]').val(that.set.type).trigger('change.select2');
}
})
},
methods: {