feature : add ondepanel self signed certificate

.vscode/launch.json

@@ -6,7 +6,7 @@
             "type": "go",
             "debugAdapter": "dlv-dap",
             "request": "launch",
-            "port": 33903,
+            "port": 34353,
             "host": "127.0.0.1",
             "mode": "exec",
             "program": "${workspaceFolder}/dist/casaos-user-service-amd64_linux_amd64_v1/build/sysroot/usr/bin/casaos-user-service"

go.mod

@@ -2,8 +2,6 @@ module github.com/KaySar12/NextZen-UserService
 
 go 1.21
 
-toolchain go1.22.0
-
 require (
 	github.com/KaySar12/NextZen-Common v1.0.0-alpha6
 	github.com/coreos/go-oidc/v3 v3.11.0

route/v1/user.go

@@ -7,6 +7,7 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	json2 "encoding/json"
+	"errors"
 	"fmt"
 	"image"
 	"image/png"
@@ -46,15 +47,15 @@ import (
 )
 
 var (
-	authServer          = "http://accessmanager.local"
-	clientID            = "6KwKSxLCtaQ4r6HoAn3gdNMbNOAf75j3SejLIAx7"
-	clientSecret        = "PE05fcDP4qESUmyZ1TNYpZNBxRPq70VpFI81vehsoJ6WhGz5yPXMljrFrOdMRdRhrYmF03fHWTZHgO9ZdNENrLN13BzL8CAgtEkTsyjXfgx9GvISheIjYfpSfvo219fL"
-	authURL             = "http://accessmanager.local/application/o/nextzenos-oidc/"
-	callbackURL         = "http://nextzenos.local/v1/users/oidc/callback"
-	onePanelServer      = "http://nextweb.local"
-	onePanelName        = "nextzen"
-	onePanelPassword    = "Smartyourlife123@*"
-	authentik_api_token = "jidFioAIXpgl8awyk2O17K8W7vZzlXhOO0QXGxEhMDJdn9g747EQjmaI0i3e"
+	authServer       = "http://accessmanager.local"
+	clientID         = "6KwKSxLCtaQ4r6HoAn3gdNMbNOAf75j3SejLIAx7"
+	clientSecret     = "PE05fcDP4qESUmyZ1TNYpZNBxRPq70VpFI81vehsoJ6WhGz5yPXMljrFrOdMRdRhrYmF03fHWTZHgO9ZdNENrLN13BzL8CAgtEkTsyjXfgx9GvISheIjYfpSfvo219fL"
+	authURL          = "http://accessmanager.local/application/o/nextzenos-oidc/"
+	callbackURL      = "http://nextzenos.local/v1/users/oidc/callback"
+	onePanelServer   = "http://nextweb.local"
+	onePanelName     = "nextzen"
+	onePanelPassword = "Smartyourlife123@*"
+	//authentik_api_token = "jidFioAIXpgl8awyk2O17K8W7vZzlXhOO0QXGxEhMDJdn9g747EQjmaI0i3e"
 )
 
 type OIDCSetting struct {
@@ -176,38 +177,6 @@ func OnePanelLogin(c *gin.Context) error {
 	return nil
 }
 
-// func OnePanelLogin(c *gin.Context) {
-// 	var cred = model2.OnePanelCredentials{
-// 		Name:          onePanelName,
-// 		Password:      onePanelPassword,
-// 		IgnoreCaptcha: true,
-// 		Captcha:       "",
-// 		CaptchaID:     "",
-// 		AuthMethod:    "session",
-// 		Language:      "en",
-// 	}
-
-//		response, cookies, err := service.MyService.OnePanel().Login(cred, onePanelServer)
-//		if err != nil {
-//			c.JSON(common_err.SERVICE_ERROR,
-//				model.Result{
-//					Success: common_err.SERVICE_ERROR,
-//					Message: common_err.GetMsg(common_err.SERVICE_ERROR),
-//				})
-//		}
-//		session := sessions.Default(c)
-//		for _, cookie := range cookies {
-//			session.Set(cookie.Name, cookie.Value)
-//			c.SetCookie(cookie.Name, cookie.Value, 3600, "/", "", false, true)
-//		}
-//		session.Save()
-//		c.JSON(common_err.SUCCESS,
-//			model.Result{
-//				Success: common_err.SUCCESS,
-//				Message: common_err.GetMsg(common_err.SUCCESS),
-//				Data:    response,
-//			})
-//	}
 func OnePanelUpdateProxyWebsite(c *gin.Context) {
 	json := make(map[string]string)
 	c.ShouldBind(&json)
@@ -247,7 +216,7 @@ func OnePanelUpdateProxyWebsite(c *gin.Context) {
 					Message: common_err.GetMsg(common_err.SERVICE_ERROR),
 				})
 		}
-		var updateProxy model2.ProxyDetail
+		updateProxy := model2.ProxyDetail{}
 		updateProxy = proxyResult.Data[0]
 		updateProxy.Operate = "edit"
 		updateProxy.ProxyPass = protocol + "://" + hostname + ":" + port
@@ -280,20 +249,21 @@ func OnePanelCreateWebsite(c *gin.Context) {
 	port := json["port"]
 	protocol := json["protocol"]
 	hostname := json["hostname"]
+	sslProvider := json["sslProvider"]
 	var website model2.CreateWebsiteRequest
 	website.PrimaryDomain = domain
 	website.Type = "proxy"
 	website.Alias = domain
 	website.AppType = "installed"
 	website.WebSiteGroupID = 2
-	website.Proxy = protocol + "://" + hostname + ":" + port
+	website.Proxy = "http://" + hostname + ":" + port
 	portInt, err := strconv.ParseInt(port, 10, 64)
 	if err != nil {
 		log.Printf("Error converting port to integer: %v", err)
 
 	}
 	website.Port = portInt
-	website.ProxyProtocol = protocol
+	website.ProxyProtocol = "http"
 	website.ProxyAddress = hostname + ":" + port
 	website.RuntimeType = "php"
 	headers := make(map[string]string)
@@ -316,32 +286,6 @@ func OnePanelCreateWebsite(c *gin.Context) {
 			})
 	}
 	if search.Data.Total == 0 {
-		if protocol == "https" {
-			//TODO Apply Certificate and Enable HTTPS
-			var searchSSL model2.SearchSSLRequest
-			searchSSL.Page = 1
-			searchSSL.PageSize = 50
-			ssl, err := service.MyService.OnePanel().SearchWebsiteSSl(searchSSL, onePanelServer, headers)
-			if err != nil {
-				c.JSON(common_err.SERVICE_ERROR,
-					model.Result{
-						Success: common_err.SERVICE_ERROR,
-						Message: common_err.GetMsg(common_err.SERVICE_ERROR),
-					})
-			}
-			if ssl.Data.Total == 0 {
-				createSSL, err := OnePanelApplyWebsiteSSl(domain, search.Data.Items[0].ID, headers)
-				if err != nil {
-					c.JSON(common_err.SERVICE_ERROR,
-						model.Result{
-							Success: common_err.SERVICE_ERROR,
-							Message: common_err.GetMsg(common_err.SERVICE_ERROR),
-						})
-				}
-				fmt.Println(createSSL)
-			}
-
-		}
 		response, err := service.MyService.OnePanel().CreateWebsite(website, onePanelServer, headers)
 		if err != nil {
 			c.JSON(common_err.SERVICE_ERROR,
@@ -350,13 +294,113 @@ func OnePanelCreateWebsite(c *gin.Context) {
 					Message: common_err.GetMsg(common_err.SERVICE_ERROR),
 				})
 		}
-		c.JSON(common_err.SUCCESS,
-			model.Result{
-				Success: common_err.SUCCESS,
-				Message: common_err.GetMsg(common_err.SUCCESS),
-				Data:    response,
-			})
-		return
+		search, err := service.MyService.OnePanel().SearchWebsite(searchParam, onePanelServer, headers)
+		if err != nil {
+			c.JSON(common_err.SERVICE_ERROR,
+				model.Result{
+					Success: common_err.SERVICE_ERROR,
+					Message: common_err.GetMsg(common_err.SERVICE_ERROR),
+				})
+		}
+		if protocol == "https" {
+			//TODO Find SSL
+			var searchSSL model2.SearchSSLRequest
+			searchSSL.Page = 1
+			searchSSL.PageSize = 50
+			sslId := -1
+			ssl, err := service.MyService.OnePanel().SearchWebsiteSSl(searchSSL, onePanelServer, headers)
+			if err != nil {
+				c.JSON(common_err.SERVICE_ERROR,
+					model.Result{
+						Success: common_err.SERVICE_ERROR,
+						Message: common_err.GetMsg(common_err.SERVICE_ERROR),
+					})
+			}
+
+			for _, item := range ssl.Data.Items {
+				if item.PrimaryDomain == domain && item.Organization == sslProvider {
+					sslId = item.ID
+					break
+				}
+			}
+			if sslId < 0 {
+				if sslProvider == "http" {
+					sslId, err = OnePanelApplyWebsiteSSl(domain, search.Data.Items[0].ID, headers)
+					if err != nil {
+						c.JSON(common_err.SUCCESS,
+							model.Result{
+								Success: common_err.COMMAND_ERROR_INVALID_OPERATION,
+								Message: fmt.Sprintf("Fail to upgrade %s from http to https", domain),
+								Data:    false,
+							})
+						return
+					}
+				} else {
+					sslId, err = IssueSelfSignedCert(domain, search.Data.Items[0].ID, headers, 3)
+					if err != nil {
+						c.JSON(common_err.SUCCESS,
+							model.Result{
+								Success: common_err.COMMAND_ERROR_INVALID_OPERATION,
+								Message: fmt.Sprintf("Fail to upgrade %s from http to https", domain),
+								Data:    false,
+							})
+						return
+					}
+				}
+			}
+			// TODO Enable HTTPS
+			var searchAcme model2.AcmeSearchRequest
+			acmeId := 0
+			searchAcme.Page = 1
+			searchAcme.PageSize = 50
+			if sslProvider == "http" {
+				acme, err := service.MyService.OnePanel().AcmeAccountSearch(searchAcme, onePanelServer, headers)
+				if err != nil {
+					c.JSON(common_err.SERVICE_ERROR,
+						model.Result{
+							Success: common_err.SERVICE_ERROR,
+							Message: common_err.GetMsg(common_err.SERVICE_ERROR),
+						})
+					return
+				}
+				acmeId = acme.Data.Items[0].ID
+			}
+			search, err := service.MyService.OnePanel().SearchWebsite(searchParam, onePanelServer, headers)
+			if err != nil {
+				c.JSON(common_err.SERVICE_ERROR,
+					model.Result{
+						Success: common_err.SERVICE_ERROR,
+						Message: common_err.GetMsg(common_err.SERVICE_ERROR),
+					})
+			}
+			updateWebsite, err := EnableWebsiteHttps(acmeId, sslId, search.Data.Items[0].ID, headers)
+			if err != nil {
+				c.JSON(common_err.SERVICE_ERROR,
+					model.Result{
+						Success: common_err.SERVICE_ERROR,
+						Message: common_err.GetMsg(common_err.SERVICE_ERROR),
+					})
+				return
+			}
+			if updateWebsite.Code < 200 || updateWebsite.Code > 300 {
+				c.JSON(common_err.SUCCESS,
+					model.Result{
+						Success: common_err.COMMAND_ERROR_INVALID_OPERATION,
+						Message: fmt.Sprintf("Fail to upgrade %s from http to https", domain),
+						Data:    false,
+					})
+				return
+			}
+
+			c.JSON(common_err.SUCCESS,
+				model.Result{
+					Success: common_err.SUCCESS,
+					Message: common_err.GetMsg(common_err.SUCCESS),
+					Data:    response,
+				})
+			return
+		}
+
 	}
 	c.JSON(common_err.SUCCESS,
 		model.Result{
@@ -364,14 +408,77 @@ func OnePanelCreateWebsite(c *gin.Context) {
 			Message: common_err.GetMsg(common_err.SUCCESS),
 		})
 }
-
-func OnePanelApplyWebsiteSSl(domain string, websiteId int, headers map[string]string) (model2.CreateSSLResponse, error) {
+func IssueSelfSignedCert(domain string, websiteId int, headers map[string]string, maxAttempts int) (int, error) {
+	if maxAttempts <= 0 {
+		return 0, errors.New("maximum attempts reached")
+	}
+	var searchSelfSignedCert model2.SelfSignedCertSearchRequest
+	searchSelfSignedCert.Page = 1
+	searchSelfSignedCert.PageSize = 50
+	selfsignedCert, err := service.MyService.OnePanel().SelfSignedCertSearch(searchSelfSignedCert, onePanelServer, headers)
+	if err != nil {
+		return 0, err
+	}
+	if selfsignedCert.Data.Total == 0 {
+		var createParam model2.CreateSelfSignedCertRequest
+		createParam.Name = ""
+		createParam.KeyType = "P256"
+		createParam.CommonName = ""
+		createParam.Country = ""
+		createParam.Organization = ""
+		createParam.OrganizationUint = ""
+		createParam.Province = ""
+		createParam.City = ""
+		createNewSelfSignCert, err := service.MyService.OnePanel().CreateSelfSignedCert(createParam, onePanelServer, headers)
+		if err != nil {
+			return 0, err
+		}
+		fmt.Println(createNewSelfSignCert)
+		return IssueSelfSignedCert(domain, websiteId, headers, maxAttempts-1)
+	} else {
+		var issueSelfSignedCertReq model2.SelfSignedIssueRequest
+		issueSelfSignedCertReq.KeyType = "P256"
+		issueSelfSignedCertReq.Domains = domain
+		issueSelfSignedCertReq.ID = selfsignedCert.Data.Items[0].ID
+		issueSelfSignedCertReq.Time = 10
+		issueSelfSignedCertReq.Unit = "year"
+		issueSelfSignedCertReq.PushDir = false
+		issueSelfSignedCertReq.Dir = ""
+		issueSelfSignedCertReq.AutoRenew = true
+		issueSelfSignedCertReq.Description = ""
+		issueSelfSignedCertReq.ExecShell = false
+		issueSelfSignedCertReq.Shell = ""
+		issueSelfSignedCertRes, err := service.MyService.OnePanel().IssueSelfSignedCert(issueSelfSignedCertReq, onePanelServer, headers)
+		if err != nil {
+			return 0, err
+		}
+		fmt.Println(issueSelfSignedCertRes)
+		var searchSSL model2.SearchSSLRequest
+		searchSSL.Page = 1
+		searchSSL.PageSize = 50
+		ssl, err := service.MyService.OnePanel().SearchWebsiteSSl(searchSSL, onePanelServer, headers)
+		if err != nil {
+			return 0, err
+		}
+		for _, item := range ssl.Data.Items {
+			if item.Provider == "selfSigned" {
+				for _, website := range item.Websites {
+					if website.ID == websiteId {
+						return item.ID, nil
+					}
+				}
+			}
+		}
+		return 0, err
+	}
+}
+func OnePanelApplyWebsiteSSl(domain string, websiteId int, headers map[string]string) (int, error) {
 	var searchAcme model2.AcmeSearchRequest
 	searchAcme.Page = 1
 	searchAcme.PageSize = 50
 	acme, err := service.MyService.OnePanel().AcmeAccountSearch(searchAcme, onePanelServer, headers)
 	if err != nil {
-		return model2.CreateSSLResponse{}, err
+		return 0, err
 	}
 	if acme.Data.Total > 0 {
 		var createSSL model2.CreateSSLRequest
@@ -392,9 +499,30 @@ func OnePanelApplyWebsiteSSl(domain string, websiteId int, headers map[string]st
 		createSSL.ExecShell = false
 		createSSL.Shell = ""
 		createSSLRes, err := service.MyService.OnePanel().ApplyWebsiteSSl(createSSL, onePanelServer, headers)
-		return createSSLRes, err
+		return createSSLRes.Data.ID, err
 	}
-	return model2.CreateSSLResponse{}, err
+	return 0, err
+}
+func EnableWebsiteHttps(acmeAccountID int, websiteSSLID int, websiteId int, headers map[string]string) (model2.GenericResponse, error) {
+	var updateConfig model2.WebsiteHttpsConfigRequest
+	updateConfig.AcmeAccountID = acmeAccountID
+	updateConfig.Enable = true
+	updateConfig.WebsiteSSLID = websiteSSLID
+	updateConfig.WebsiteID = websiteId
+	updateConfig.Type = "existed"
+	updateConfig.ImportType = "paste"
+	updateConfig.PrivateKey = ""
+	updateConfig.Certificate = ""
+	updateConfig.PrivateKeyPath = ""
+	updateConfig.HTTPConfig = "HTTPToHTTPS"
+	updateConfig.Hsts = true
+	updateConfig.Algorithm = "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4:!3DES:!MD5:!PSK:!KRB5:!SRP:!CAMELLIA:!SEED"
+	updateConfig.SSLProtocol = append(updateConfig.SSLProtocol, "TLSv1.3", "TLSv1.2", "TLSv1.1", "TLSv1")
+	updateWebsite, err := service.MyService.OnePanel().UpdateWebsiteProtocol(updateConfig, onePanelServer, headers)
+	if err != nil {
+		return model2.GenericResponse{}, err
+	}
+	return updateWebsite, nil
 }
 func OnePanelDeleteWebsite(c *gin.Context) {
 	json := make(map[string]string)
@@ -739,14 +867,14 @@ func OIDCValidateToken(c *gin.Context) {
 	var validateToken model2.AuthentikToken
 	validateToken, err = service.MyService.Authentik().ValidateToken(clientID, clientSecret, accessToken, authServer)
 	if err != nil {
-		c.JSON(http.StatusUnauthorized, model.Result{Success: common_err.ERROR_AUTH_TOKEN, Message: common_err.GetMsg(common_err.ERROR_AUTH_TOKEN)})
+		c.JSON(common_err.SUCCESS, model.Result{Success: common_err.ERROR_AUTH_TOKEN, Message: common_err.GetMsg(common_err.ERROR_AUTH_TOKEN)})
 		return
 	}
 	if !validateToken.Active {
-		c.JSON(http.StatusUnauthorized, model.Result{Success: common_err.ERROR_AUTH_TOKEN, Message: common_err.GetMsg(common_err.ERROR_AUTH_TOKEN)})
+		c.JSON(common_err.SUCCESS, model.Result{Success: common_err.ERROR_AUTH_TOKEN, Message: common_err.GetMsg(common_err.ERROR_AUTH_TOKEN)})
 		return
 	}
-	c.JSON(http.StatusOK, model.Result{Success: common_err.ERROR_AUTH_TOKEN, Message: common_err.GetMsg(common_err.ERROR_AUTH_TOKEN)})
+	c.JSON(common_err.SUCCESS, model.Result{Success: common_err.ERROR_AUTH_TOKEN, Message: common_err.GetMsg(common_err.ERROR_AUTH_TOKEN)})
 }
 func OIDCLogout(c *gin.Context) {
 	json := make(map[string]string)

service/1panel.go

@@ -22,9 +22,12 @@ type OnePanelService interface {
 	GetProxyWebsite(m model2.ProxyWebsiteRequest, baseUrl string, headers map[string]string) (model2.ProxyWebsiteResponse, error)
 	UpdateProxyWebsite(m model2.ProxyDetail, baseUrl string, headers map[string]string) (model2.GenericResponse, error)
 	AcmeAccountSearch(m model2.AcmeSearchRequest, baseUrl string, headers map[string]string) (model2.AcmeSearchResponse, error)
+	SelfSignedCertSearch(m model2.SelfSignedCertSearchRequest, baseUrl string, headers map[string]string) (model2.SelfSignedCertSearchResponse, error)
+	IssueSelfSignedCert(m model2.SelfSignedIssueRequest, baseUrl string, headers map[string]string) (model2.GenericResponse, error)
+	CreateSelfSignedCert(m model2.CreateSelfSignedCertRequest, baseUrl string, headers map[string]string) (model2.CreateSelfSignedCertResponse, error)
 	ApplyWebsiteSSl(m model2.CreateSSLRequest, baseUrl string, headers map[string]string) (model2.CreateSSLResponse, error)
 	SearchWebsiteSSl(m model2.SearchSSLRequest, baseUrl string, headers map[string]string) (model2.SearchSSLResponse, error)
-	//UpdateWebsiteProtocol
+	UpdateWebsiteProtocol(m model2.WebsiteHttpsConfigRequest, baseUrl string, headers map[string]string) (model2.GenericResponse, error)
 }
 
 var (
@@ -35,6 +38,123 @@ type onePanelService struct {
 }
 
 // TODO A lot of redundant code need refactor
+
+func (o *onePanelService) UpdateWebsiteProtocol(m model2.WebsiteHttpsConfigRequest, baseUrl string, headers map[string]string) (model2.GenericResponse, error) {
+	path := baseUrl + fmt.Sprintf("/api/v1/websites/%d/https", m.WebsiteID)
+	reqBody, err := json.Marshal(m)
+	if err != nil {
+		return model2.GenericResponse{}, fmt.Errorf("error marshaling request body: %v", err)
+	}
+	req, err := http.NewRequest("POST", path, bytes.NewReader(reqBody))
+	if err != nil {
+		return model2.GenericResponse{}, fmt.Errorf("error creating request: %v", err)
+	}
+	// Add headers to the request
+	for key, value := range headers {
+		req.Header.Set(key, value)
+	}
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	if err != nil {
+		return model2.GenericResponse{}, fmt.Errorf("error making request: %v", err)
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode < 200 || resp.StatusCode >= 300 {
+		return model2.GenericResponse{}, fmt.Errorf("HTTP error: %s", resp.Status)
+	}
+	var result model2.GenericResponse
+	if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
+		return model2.GenericResponse{}, fmt.Errorf("error decoding response: %v", err)
+	}
+	return result, nil
+}
+func (o *onePanelService) SelfSignedCertSearch(m model2.SelfSignedCertSearchRequest, baseUrl string, headers map[string]string) (model2.SelfSignedCertSearchResponse, error) {
+	path := "/api/v1/websites/ca/search"
+	reqBody, err := json.Marshal(m)
+	if err != nil {
+		return model2.SelfSignedCertSearchResponse{}, fmt.Errorf("error marshaling request body: %v", err)
+	}
+	req, err := http.NewRequest("POST", path, bytes.NewReader(reqBody))
+	if err != nil {
+		return model2.SelfSignedCertSearchResponse{}, fmt.Errorf("error creating request: %v", err)
+	}
+	// Add headers to the request
+	for key, value := range headers {
+		req.Header.Set(key, value)
+	}
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	if err != nil {
+		return model2.SelfSignedCertSearchResponse{}, fmt.Errorf("error making request: %v", err)
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode < 200 || resp.StatusCode >= 300 {
+		return model2.SelfSignedCertSearchResponse{}, fmt.Errorf("HTTP error: %s", resp.Status)
+	}
+	var result model2.SelfSignedCertSearchResponse
+	if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
+		return model2.SelfSignedCertSearchResponse{}, fmt.Errorf("error decoding response: %v", err)
+	}
+	return result, nil
+}
+func (o *onePanelService) CreateSelfSignedCert(m model2.CreateSelfSignedCertRequest, baseUrl string, headers map[string]string) (model2.CreateSelfSignedCertResponse, error) {
+	path := baseUrl + "/api/v1/websites/ca"
+	reqBody, err := json.Marshal(m)
+	if err != nil {
+		return model2.CreateSelfSignedCertResponse{}, fmt.Errorf("error marshaling request body: %v", err)
+	}
+	req, err := http.NewRequest("POST", path, bytes.NewReader(reqBody))
+	if err != nil {
+		return model2.CreateSelfSignedCertResponse{}, fmt.Errorf("error creating request: %v", err)
+	}
+	// Add headers to the request
+	for key, value := range headers {
+		req.Header.Set(key, value)
+	}
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	if err != nil {
+		return model2.CreateSelfSignedCertResponse{}, fmt.Errorf("error making request: %v", err)
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode < 200 || resp.StatusCode >= 300 {
+		return model2.CreateSelfSignedCertResponse{}, fmt.Errorf("HTTP error: %s", resp.Status)
+	}
+	var result model2.CreateSelfSignedCertResponse
+	if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
+		return model2.CreateSelfSignedCertResponse{}, fmt.Errorf("error decoding response: %v", err)
+	}
+	return result, nil
+}
+func (o *onePanelService) IssueSelfSignedCert(m model2.SelfSignedIssueRequest, baseUrl string, headers map[string]string) (model2.GenericResponse, error) {
+	path := "/api/v1/websites/ca/obtain"
+	reqBody, err := json.Marshal(m)
+	if err != nil {
+		return model2.GenericResponse{}, fmt.Errorf("error marshaling request body: %v", err)
+	}
+	req, err := http.NewRequest("POST", path, bytes.NewReader(reqBody))
+	if err != nil {
+		return model2.GenericResponse{}, fmt.Errorf("error creating request: %v", err)
+	}
+	// Add headers to the request
+	for key, value := range headers {
+		req.Header.Set(key, value)
+	}
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	if err != nil {
+		return model2.GenericResponse{}, fmt.Errorf("error making request: %v", err)
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode < 200 || resp.StatusCode >= 300 {
+		return model2.GenericResponse{}, fmt.Errorf("HTTP error: %s", resp.Status)
+	}
+	var result model2.GenericResponse
+	if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
+		return model2.GenericResponse{}, fmt.Errorf("error decoding response: %v", err)
+	}
+	return result, nil
+}
 func (o *onePanelService) SearchWebsiteSSl(m model2.SearchSSLRequest, baseUrl string, headers map[string]string) (model2.SearchSSLResponse, error) {
 	path := baseUrl + "/api/v1/websites/ssl/search"
 	reqBody, err := json.Marshal(m)

service/model/dto_onepanel_ssl.go

@@ -46,12 +46,51 @@ type CreateSSLResponse struct {
 		Shell         string `json:"shell"`
 	} `json:"data"`
 }
-
+type CreateSelfSignedCertRequest struct {
+	Name             string `json:"name"`
+	KeyType          string `json:"keyType"`
+	CommonName       string `json:"commonName"`
+	Country          string `json:"country"`
+	Organization     string `json:"organization"`
+	OrganizationUint string `json:"organizationUint"`
+	Province         string `json:"province"`
+	City             string `json:"city"`
+}
+type CreateSelfSignedCertResponse struct {
+	Code    int    `json:"code"`
+	Message string `json:"message"`
+	Data    struct {
+		CommonName       string `json:"commonName"`
+		Country          string `json:"country"`
+		Organization     string `json:"organization"`
+		OrganizationUint string `json:"organizationUint"`
+		Name             string `json:"name"`
+		KeyType          string `json:"keyType"`
+		Province         string `json:"province"`
+		City             string `json:"city"`
+	} `json:"data"`
+}
+type SelfSignedIssueRequest struct {
+	KeyType     string `json:"keyType"`
+	Domains     string `json:"domains"`
+	ID          int    `json:"id"`
+	Time        int    `json:"time"`
+	Unit        string `json:"unit"`
+	PushDir     bool   `json:"pushDir"`
+	Dir         string `json:"dir"`
+	AutoRenew   bool   `json:"autoRenew"`
+	Description string `json:"description"`
+	ExecShell   bool   `json:"execShell"`
+	Shell       string `json:"shell"`
+}
 type AcmeSearchRequest struct {
 	Page     int `json:"page"`
 	PageSize int `json:"pageSize"`
 }
-
+type SelfSignedCertSearchRequest struct {
+	Page     int `json:"page"`
+	PageSize int `json:"pageSize"`
+}
 type SearchSSLRequest struct {
 	Page     int `json:"page"`
 	PageSize int `json:"pageSize"`
@@ -62,42 +101,58 @@ type SearchSSLResponse struct {
 	Data    struct {
 		Total int `json:"total"`
 		Items []struct {
-			ID            int           `json:"id"`
-			CreatedAt     time.Time     `json:"createdAt"`
-			UpdatedAt     time.Time     `json:"updatedAt"`
-			PrimaryDomain string        `json:"primaryDomain"`
-			PrivateKey    string        `json:"privateKey"`
-			Pem           string        `json:"pem"`
-			Domains       string        `json:"domains"`
-			CertURL       string        `json:"certURL"`
-			Type          string        `json:"type"`
-			Provider      string        `json:"provider"`
-			Organization  string        `json:"organization"`
-			DNSAccountID  int           `json:"dnsAccountId"`
-			AcmeAccountID int           `json:"acmeAccountId"`
-			CaID          int           `json:"caId"`
-			AutoRenew     bool          `json:"autoRenew"`
-			ExpireDate    time.Time     `json:"expireDate"`
-			StartDate     time.Time     `json:"startDate"`
-			Status        string        `json:"status"`
-			Message       string        `json:"message"`
-			KeyType       string        `json:"keyType"`
-			PushDir       bool          `json:"pushDir"`
-			Dir           string        `json:"dir"`
-			Description   string        `json:"description"`
-			SkipDNS       bool          `json:"skipDNS"`
-			Nameserver1   string        `json:"nameserver1"`
-			Nameserver2   string        `json:"nameserver2"`
-			DisableCNAME  bool          `json:"disableCNAME"`
-			ExecShell     bool          `json:"execShell"`
-			Shell         string        `json:"shell"`
-			AcmeAccount   AcmeAccount   `json:"acmeAccount"`
-			DNSAccount    DNSAccount    `json:"dnsAccount"`
-			Websites      []interface{} `json:"websites"`
-			LogPath       string        `json:"logPath"`
+			ID            int             `json:"id"`
+			CreatedAt     time.Time       `json:"createdAt"`
+			UpdatedAt     time.Time       `json:"updatedAt"`
+			PrimaryDomain string          `json:"primaryDomain"`
+			PrivateKey    string          `json:"privateKey"`
+			Pem           string          `json:"pem"`
+			Domains       string          `json:"domains"`
+			CertURL       string          `json:"certURL"`
+			Type          string          `json:"type"`
+			Provider      string          `json:"provider"`
+			Organization  string          `json:"organization"`
+			DNSAccountID  int             `json:"dnsAccountId"`
+			AcmeAccountID int             `json:"acmeAccountId"`
+			CaID          int             `json:"caId"`
+			AutoRenew     bool            `json:"autoRenew"`
+			ExpireDate    time.Time       `json:"expireDate"`
+			StartDate     time.Time       `json:"startDate"`
+			Status        string          `json:"status"`
+			Message       string          `json:"message"`
+			KeyType       string          `json:"keyType"`
+			PushDir       bool            `json:"pushDir"`
+			Dir           string          `json:"dir"`
+			Description   string          `json:"description"`
+			SkipDNS       bool            `json:"skipDNS"`
+			Nameserver1   string          `json:"nameserver1"`
+			Nameserver2   string          `json:"nameserver2"`
+			DisableCNAME  bool            `json:"disableCNAME"`
+			ExecShell     bool            `json:"execShell"`
+			Shell         string          `json:"shell"`
+			AcmeAccount   AcmeAccount     `json:"acmeAccount"`
+			DNSAccount    DNSAccount      `json:"dnsAccount"`
+			Websites      []WebsiteDetail `json:"websites"`
+			LogPath       string          `json:"logPath"`
 		} `json:"items"`
 	} `json:"data"`
 }
+type WebsiteHttpsConfigRequest struct {
+	AcmeAccountID   int      `json:"acmeAccountID"`
+	Enable          bool     `json:"enable"`
+	WebsiteID       int      `json:"websiteId"`
+	WebsiteSSLID    int      `json:"websiteSSLId"`
+	Type            string   `json:"type"`
+	ImportType      string   `json:"importType"`
+	PrivateKey      string   `json:"privateKey"`
+	Certificate     string   `json:"certificate"`
+	PrivateKeyPath  string   `json:"privateKeyPath"`
+	CertificatePath string   `json:"certificatePath"`
+	HTTPConfig      string   `json:"httpConfig"`
+	Hsts            bool     `json:"hsts"`
+	Algorithm       string   `json:"algorithm"`
+	SSLProtocol     []string `json:"SSLProtocol"`
+}
 type AcmeSearchResponse struct {
 	Code    int    `json:"code"`
 	Message string `json:"message"`
@@ -106,7 +161,92 @@ type AcmeSearchResponse struct {
 		Items []AcmeAccount `json:"items"`
 	} `json:"data"`
 }
-
+type SelfSignedCertSearchResponse struct {
+	Code    int    `json:"code"`
+	Message string `json:"message"`
+	Data    struct {
+		Total int `json:"total"`
+		Items []struct {
+			ID               int       `json:"id"`
+			CreatedAt        time.Time `json:"createdAt"`
+			UpdatedAt        time.Time `json:"updatedAt"`
+			Csr              string    `json:"csr"`
+			Name             string    `json:"name"`
+			PrivateKey       string    `json:"privateKey"`
+			KeyType          string    `json:"keyType"`
+			CommonName       string    `json:"commonName"`
+			Country          string    `json:"country"`
+			Organization     string    `json:"organization"`
+			OrganizationUint string    `json:"organizationUint"`
+			Province         string    `json:"province"`
+			City             string    `json:"city"`
+		} `json:"items"`
+	} `json:"data"`
+}
+type WebsiteDetail struct {
+	ID             int         `json:"id"`
+	CreatedAt      time.Time   `json:"createdAt"`
+	UpdatedAt      time.Time   `json:"updatedAt"`
+	Protocol       string      `json:"protocol"`
+	PrimaryDomain  string      `json:"primaryDomain"`
+	Type           string      `json:"type"`
+	Alias          string      `json:"alias"`
+	Remark         string      `json:"remark"`
+	Status         string      `json:"status"`
+	HTTPConfig     string      `json:"httpConfig"`
+	ExpireDate     time.Time   `json:"expireDate"`
+	Proxy          string      `json:"proxy"`
+	ProxyType      string      `json:"proxyType"`
+	SiteDir        string      `json:"siteDir"`
+	ErrorLog       bool        `json:"errorLog"`
+	AccessLog      bool        `json:"accessLog"`
+	DefaultServer  bool        `json:"defaultServer"`
+	IPV6           bool        `json:"IPV6"`
+	Rewrite        string      `json:"rewrite"`
+	WebSiteGroupID int         `json:"webSiteGroupId"`
+	WebSiteSSLID   int         `json:"webSiteSSLId"`
+	RuntimeID      int         `json:"runtimeID"`
+	AppInstallID   int         `json:"appInstallId"`
+	FtpID          int         `json:"ftpId"`
+	User           string      `json:"user"`
+	Group          string      `json:"group"`
+	Domains        interface{} `json:"domains"`
+	WebSiteSSL     WebsiteSSL  `json:"webSiteSSL"`
+}
+type WebsiteSSL struct {
+	ID            int         `json:"id"`
+	CreatedAt     time.Time   `json:"createdAt"`
+	UpdatedAt     time.Time   `json:"updatedAt"`
+	PrimaryDomain string      `json:"primaryDomain"`
+	PrivateKey    string      `json:"privateKey"`
+	Pem           string      `json:"pem"`
+	Domains       string      `json:"domains"`
+	CertURL       string      `json:"certURL"`
+	Type          string      `json:"type"`
+	Provider      string      `json:"provider"`
+	Organization  string      `json:"organization"`
+	DNSAccountID  int         `json:"dnsAccountId"`
+	AcmeAccountID int         `json:"acmeAccountId"`
+	CaID          int         `json:"caId"`
+	AutoRenew     bool        `json:"autoRenew"`
+	ExpireDate    time.Time   `json:"expireDate"`
+	StartDate     time.Time   `json:"startDate"`
+	Status        string      `json:"status"`
+	Message       string      `json:"message"`
+	KeyType       string      `json:"keyType"`
+	PushDir       bool        `json:"pushDir"`
+	Dir           string      `json:"dir"`
+	Description   string      `json:"description"`
+	SkipDNS       bool        `json:"skipDNS"`
+	Nameserver1   string      `json:"nameserver1"`
+	Nameserver2   string      `json:"nameserver2"`
+	DisableCNAME  bool        `json:"disableCNAME"`
+	ExecShell     bool        `json:"execShell"`
+	Shell         string      `json:"shell"`
+	AcmeAccount   AcmeAccount `json:"acmeAccount"`
+	DNSAccount    DNSAccount  `json:"dnsAccount"`
+	Websites      interface{} `json:"websites"`
+}
 type AcmeAccount struct {
 	ID         int       `json:"id"`
 	CreatedAt  time.Time `json:"createdAt"`