diff --git a/app/lib/CertHelper.php b/app/lib/CertHelper.php
index c599705..301786a 100644
--- a/app/lib/CertHelper.php
+++ b/app/lib/CertHelper.php
@@ -257,7 +257,7 @@ location / {
'wildcard' => false,
'max_domains' => 1,
'cname' => false,
- 'note' => '每个自然年有20张免费证书额度,证书到期或吊销不释放额度。需要先进入阿里云控制台-数字证书管理服务,购买个人测试证书资源包。',
+ 'note' => '每个自然年有20张免费证书额度,证书到期或吊销不释放额度。需要先进入阿里云控制台-数字证书管理服务,购买个人测试证书资源包。',
'inputs' => [
'AccessKeyId' => [
'name' => 'AccessKeyId',
diff --git a/app/lib/DnsHelper.php b/app/lib/DnsHelper.php
index d201eb5..f055f67 100644
--- a/app/lib/DnsHelper.php
+++ b/app/lib/DnsHelper.php
@@ -374,6 +374,12 @@ class DnsHelper
'placeholder' => '',
'required' => true,
],
+ 'apikey' => [
+ 'name' => 'API密钥/令牌',
+ 'type' => 'input',
+ 'placeholder' => '',
+ 'required' => true,
+ ],
'auth' => [
'name' => '认证方式',
'type' => 'radio',
@@ -383,12 +389,6 @@ class DnsHelper
],
'value' => '0'
],
- 'apikey' => [
- 'name' => 'API密钥/令牌',
- 'type' => 'input',
- 'placeholder' => '',
- 'required' => true,
- ],
'proxy' => [
'name' => '使用代理服务器',
'type' => 'radio',
diff --git a/app/lib/deploy/aliyun.php b/app/lib/deploy/aliyun.php
index a23d6d0..d8afbdd 100644
--- a/app/lib/deploy/aliyun.php
+++ b/app/lib/deploy/aliyun.php
@@ -201,11 +201,11 @@ class aliyun implements DeployInterface
}
$this->log('ESA站点 ' . $sitename . ' 查询到' . $data['TotalCount'] . '个SSL证书');
- $exist_cert_id = null;
- $exist_cert_name = null;
- $exist_cert_casid = null;
+ $exist_cert = null;
+ $oldest_cert = null;
if ($data['TotalCount'] > 0) {
foreach ($data['Result'] as $cert) {
+ if ($cert['Type'] == 'free') continue;
$domains = explode(',', $cert['SAN']);
$flag = true;
foreach ($domains as $domain) {
@@ -215,11 +215,40 @@ class aliyun implements DeployInterface
}
}
if ($flag) {
- $exist_cert_id = $cert['Id'];
- $exist_cert_name = $cert['Name'];
- $exist_cert_casid = isset($cert['CasId']) ? $cert['CasId'] : null;
+ $exist_cert = $cert;
break;
}
+ if (!$oldest_cert) {
+ $oldest_cert = $cert;
+ } elseif (strtotime($cert['CreateTime']) < strtotime($oldest_cert['CreateTime'])) {
+ $oldest_cert = $cert;
+ }
+ }
+ }
+
+ if (!$exist_cert) { //新增证书时,若配额已满,则删除最旧的证书
+ $param = [
+ 'Action' => 'ListInstanceQuotasWithUsage',
+ 'SiteId' => $site_id,
+ 'QuotaNames' => 'customHttpCert',
+ ];
+ try {
+ $data = $client->request($param, 'GET');
+ } catch (Exception $e) {
+ throw new Exception('查询ESA站点证书配额失败:' . $e->getMessage());
+ }
+ if (!empty($data['Quotas']) && intval($data['Quotas'][0]['Usage']) >= intval($data['Quotas'][0]['QuotaValue']) && $oldest_cert) {
+ $param = [
+ 'Action' => 'DeleteCertificate',
+ 'SiteId' => $site_id,
+ 'Id' => $oldest_cert['Id'],
+ ];
+ try {
+ $client->request($param, 'GET');
+ $this->log('ESA站点 ' . $sitename . ' 删除证书 ' . $oldest_cert['Name'] . ' 成功');
+ } catch (Exception $e) {
+ throw new Exception('ESA站点 ' . $sitename . ' 删除证书' . $oldest_cert['Name'] . '失败:' . $e->getMessage());
+ }
}
}
@@ -232,10 +261,10 @@ class aliyun implements DeployInterface
'Region' => $config['region'],
];
- if ($exist_cert_id) {
- $param['Id'] = $exist_cert_id;
+ if ($exist_cert) {
+ $param['Id'] = $exist_cert['Id'];
- if ($exist_cert_casid == $cas_id) {
+ if (isset($exist_cert['CasId']) && $exist_cert['CasId'] == $cas_id) {
$this->log('ESA站点 ' . $sitename . ' 证书已配置,无需重复操作');
return;
}
@@ -243,8 +272,8 @@ class aliyun implements DeployInterface
$client->request($param);
- if ($exist_cert_name) {
- $this->log('ESA站点 ' . $sitename . ' 证书 ' . $exist_cert_name . ' 更新成功');
+ if ($exist_cert) {
+ $this->log('ESA站点 ' . $sitename . ' 证书 ' . $exist_cert['Name'] . ' 更新成功');
} else {
$this->log('ESA站点 ' . $sitename . ' 证书添加成功!');
}
diff --git a/app/view/domain/account_add.html b/app/view/domain/account_add.html
index 9f7f6c9..ec842d1 100644
--- a/app/view/domain/account_add.html
+++ b/app/view/domain/account_add.html
@@ -20,7 +20,7 @@
@@ -95,6 +95,8 @@
{block name="script"}
+
+