[SSL证书]增加提前自动更新证书功能

internal/db/models/dns_domain_dao.go

@@ -76,9 +76,11 @@ func (this *DNSDomainDAO) FindDNSDomainName(id int64) (string, error) {
 }
 
 // 创建域名
-func (this *DNSDomainDAO) CreateDomain(providerId int64, name string) (int64, error) {
+func (this *DNSDomainDAO) CreateDomain(adminId int64, userId int64, providerId int64, name string) (int64, error) {
 	op := NewDNSDomainOperator()
 	op.ProviderId = providerId
+	op.AdminId = adminId
+	op.UserId = userId
 	op.Name = name
 	op.State = DNSDomainStateEnabled
 	op.IsOn = true

internal/db/models/message_dao.go

@@ -25,12 +25,15 @@ const (
 type MessageType = string
 
 const (
-	MessageTypeHealthCheckFailed    MessageType = "HealthCheckFailed"
-	MessageTypeHealthCheckNodeUp    MessageType = "HealthCheckNodeUp"
-	MessageTypeHealthCheckNodeDown  MessageType = "HealthCheckNodeDown"
-	MessageTypeNodeInactive         MessageType = "NodeInactive"
-	MessageTypeNodeActive           MessageType = "NodeActive"
-	MessageTypeClusterDNSSyncFailed MessageType = "ClusterDNSSyncFailed"
+	MessageTypeHealthCheckFailed      MessageType = "HealthCheckFailed"
+	MessageTypeHealthCheckNodeUp      MessageType = "HealthCheckNodeUp"
+	MessageTypeHealthCheckNodeDown    MessageType = "HealthCheckNodeDown"
+	MessageTypeNodeInactive           MessageType = "NodeInactive"
+	MessageTypeNodeActive             MessageType = "NodeActive"
+	MessageTypeClusterDNSSyncFailed   MessageType = "ClusterDNSSyncFailed"
+	MessageTypeSSLCertExpiring        MessageType = "SSLCertExpiring"        // SSL证书即将过期
+	MessageTypeSSLCertACMETaskFailed  MessageType = "SSLCertACMETaskFailed"  // SSL证书任务执行失败
+	MessageTypeSSLCertACMETaskSuccess MessageType = "SSLCertACMETaskSuccess" // SSL证书任务执行成功
 )
 
 type MessageDAO dbs.DAO
@@ -96,6 +99,30 @@ func (this *MessageDAO) CreateNodeMessage(clusterId int64, nodeId int64, message
 	return err
 }
 
+// 创建普通消息
+func (this *MessageDAO) CreateMessage(adminId int64, userId int64, messageType MessageType, level string, body string, paramsJSON []byte) error {
+	h := md5.New()
+	h.Write([]byte(body))
+	h.Write(paramsJSON)
+	hash := fmt.Sprintf("%x", h.Sum(nil))
+
+	op := NewMessageOperator()
+	op.AdminId = adminId
+	op.UserId = userId
+	op.Type = messageType
+	op.Level = level
+	op.Body = body
+	if len(paramsJSON) > 0 {
+		op.Params = paramsJSON
+	}
+	op.State = MessageStateEnabled
+	op.IsRead = false
+	op.Day = timeutil.Format("Ymd")
+	op.Hash = hash
+	_, err := this.Save(op)
+	return err
+}
+
 // 删除某天之前的消息
 func (this *MessageDAO) DeleteMessagesBeforeDay(dayTime time.Time) error {
 	day := timeutil.Format("Ymd", dayTime)

internal/db/models/node_cluster_dao.go

@@ -101,7 +101,7 @@ func (this *NodeClusterDAO) FindAllEnableClusters() (result []*NodeCluster, err
 }
 
 // 创建集群
-func (this *NodeClusterDAO) CreateCluster(name string, grantId int64, installDir string, dnsDomainId int64, dnsName string) (clusterId int64, err error) {
+func (this *NodeClusterDAO) CreateCluster(adminId int64, name string, grantId int64, installDir string, dnsDomainId int64, dnsName string) (clusterId int64, err error) {
 	uniqueId, err := this.genUniqueId()
 	if err != nil {
 		return 0, err
@@ -114,6 +114,7 @@ func (this *NodeClusterDAO) CreateCluster(name string, grantId int64, installDir
 	}
 
 	op := NewNodeClusterOperator()
+	op.AdminId = adminId
 	op.Name = name
 	op.GrantId = grantId
 	op.InstallDir = installDir
@@ -522,6 +523,14 @@ func (this *NodeClusterDAO) CheckClusterDNS(cluster *NodeCluster) (issues []*pb.
 	return
 }
 
+// 查找集群所属管理员
+func (this *NodeClusterDAO) FindClusterAdminId(clusterId int64) (int64, error) {
+	return this.Query().
+		Pk(clusterId).
+		Result("adminId").
+		FindInt64Col(0)
+}
+
 // 生成唯一ID
 func (this *NodeClusterDAO) genUniqueId() (string, error) {
 	for {

internal/db/models/node_dao.go

@@ -80,7 +80,7 @@ func (this *NodeDAO) FindNodeName(id uint32) (string, error) {
 }
 
 // 创建节点
-func (this *NodeDAO) CreateNode(name string, clusterId int64, groupId int64) (nodeId int64, err error) {
+func (this *NodeDAO) CreateNode(adminId int64, name string, clusterId int64, groupId int64) (nodeId int64, err error) {
 	uniqueId, err := this.genUniqueId()
 	if err != nil {
 		return 0, err
@@ -95,6 +95,7 @@ func (this *NodeDAO) CreateNode(name string, clusterId int64, groupId int64) (no
 	}
 
 	op := NewNodeOperator()
+	op.AdminId = adminId
 	op.Name = name
 	op.UniqueId = uniqueId
 	op.Secret = secret

internal/db/models/ssl_cert_dao.go

@@ -8,6 +8,7 @@ import (
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
 	"github.com/iwind/TeaGo/types"
+	timeutil "github.com/iwind/TeaGo/utils/time"
 	"time"
 )
 
@@ -283,3 +284,32 @@ func (this *SSLCertDAO) UpdateCertACME(certId int64, acmeTaskId int64) error {
 	_, err := this.Save(op)
 	return err
 }
+
+// 查找需要自动更新的任务
+// 这里我们只返回有限的字段以节省内存
+func (this *SSLCertDAO) FindAllExpiringCerts(days int) (result []*SSLCert, err error) {
+	if days < 0 {
+		days = 0
+	}
+
+	deltaSeconds := int64(days * 86400)
+	_, err = this.Query().
+		State(SSLCertStateEnabled).
+		Where("FROM_UNIXTIME(timeEndAt, '%Y-%m-%d')=:day AND FROM_UNIXTIME(notifiedAt, '%Y-%m-%d')!=:today").
+		Param("day", timeutil.FormatTime("Y-m-d", time.Now().Unix()+deltaSeconds)).
+		Param("today", timeutil.Format("Y-m-d")).
+		Result("id", "adminId", "userId", "timeEndAt", "name", "dnsNames", "notifiedAt", "acmeTaskId").
+		Slice(&result).
+		AscPk().
+		FindAll()
+	return
+}
+
+// 设置当前证书事件通知时间
+func (this *SSLCertDAO) UpdateCertNotifiedAt(certId int64) error {
+	_, err := this.Query().
+		Pk(certId).
+		Set("notifiedAt", time.Now().Unix()).
+		Update()
+	return err
+}

internal/db/models/ssl_cert_model.go

@@ -22,6 +22,7 @@ type SSLCert struct {
 	CommonNames string `field:"commonNames"` // 发行单位列表
 	IsACME      uint8  `field:"isACME"`      // 是否为ACME自动生成的
 	AcmeTaskId  uint64 `field:"acmeTaskId"`  // ACME任务ID
+	NotifiedAt  uint64 `field:"notifiedAt"`  // 最后通知时间
 }
 
 type SSLCertOperator struct {
@@ -45,6 +46,7 @@ type SSLCertOperator struct {
 	CommonNames interface{} // 发行单位列表
 	IsACME      interface{} // 是否为ACME自动生成的
 	AcmeTaskId  interface{} // ACME任务ID
+	NotifiedAt  interface{} // 最后通知时间
 }
 
 func NewSSLCertOperator() *SSLCertOperator {