Merge pull request #36 from gregPerlinLi/dev

Dev

Author: SamuNatsu

Makefile

@@ -0,0 +1,92 @@
+# Makefile for CertVault build process
+
+# Variables
+FRONTEND_DIR = frontend
+BACKEND_DIR = server
+STATIC_DIR = $(BACKEND_DIR)/src/main/resources/static
+DIST_DIR = $(FRONTEND_DIR)/dist
+JAR_SOURCE = $(BACKEND_DIR)/target/*.jar
+JAR_DEST = ./certvault.jar
+INSTALL_DIR = /etc/certvault
+SERVICE_FILE = certvault.service
+SYSTEMD_DIR = /etc/systemd/system
+
+.PHONY: all clean install uninstall
+
+all: frontend-build copy-frontend backend-build move-jar
+
+frontend-build:
+	@echo "Building frontend..."
+	cd $(FRONTEND_DIR) && pnpm install && pnpm run build
+
+copy-frontend:
+	@echo "Copying frontend resources..."
+	mkdir -p $(STATIC_DIR)
+	cp -r $(DIST_DIR)/* $(STATIC_DIR)/
+
+backend-build:
+	@echo "Building backend..."
+	mvn clean package -f $(BACKEND_DIR)/pom.xml -DskipTests
+	chmod +x $(JAR_SOURCE)
+
+move-jar:
+	@echo "Moving JAR file..."
+	mv $(JAR_SOURCE) $(JAR_DEST)
+
+clean:
+	@echo "Cleaning up..."
+	rm -rf $(DIST_DIR)
+	rm -rf $(STATIC_DIR)
+	rm -f $(JAR_DEST)
+	mvn clean -f $(BACKEND_DIR)/pom.xml
+
+install:
+	@echo "Installing CertVault service..."
+	@# Create installation directory
+	sudo mkdir -p $(INSTALL_DIR)
+
+	@# Install application files
+	sudo install -m 644 $(JAR_DEST) $(INSTALL_DIR)/certvault.jar
+	sudo install -m 644 application.yml $(INSTALL_DIR)/application.yml
+
+	@# Create systemd service file
+	@echo "[Unit]\n\
+	Description=CertVault Certificate Management Service\n\
+	After=network.target\n\n\
+	[Service]\n\
+	User=root\n\
+	WorkingDirectory=$(INSTALL_DIR)\n\
+	ExecStart=/usr/bin/java -jar $(INSTALL_DIR)/certvault.jar \n\
+		-Xmx512m \n\
+		-Xms256m \n\
+		-XX:+UseZGC \n\
+		-XX:ZCollectionInterval=120 \n\
+		-XX:ZAllocationSpikeTolerance=4 \n\
+		-XX:-ZProactive \n\
+		-XX:+HeapDumpOnOutOfMemoryError \n\
+		-XX:HeapDumpPath=./errorDump.hprof \n\
+		--spring.profiles.active=prod \n\
+	SuccessExitStatus=143\n\
+	Restart=always\n\
+	RestartSec=30\n\
+	[Install]\n\
+	WantedBy=multi-user.target" | sudo tee $(SYSTEMD_DIR)/$(SERVICE_FILE) > /dev/null
+
+	@# Reload and enable service
+	sudo systemctl daemon-reload
+	sudo systemctl enable $(SERVICE_FILE)
+	sudo systemctl start $(SERVICE_FILE)
+	@echo "Installation completed. Service is now running."
+
+uninstall:
+	@echo "Uninstalling CertVault service..."
+	sudo systemctl stop $(SERVICE_FILE) || true
+	sudo systemctl disable $(SERVICE_FILE) || true
+	sudo rm -f $(SYSTEMD_DIR)/$(SERVICE_FILE)
+	sudo rm -rf $(INSTALL_DIR)
+	sudo systemctl daemon-reload
+	@echo "Uninstallation completed."
+
+# Shortcut targets
+build: all
+jar: backend-build move-jar

application.yml.example

@@ -0,0 +1,69 @@
+server:
+  port: 1888
+
+spring:
+  datasource:
+    driver-class-name: org.postgresql.Driver
+    url: jdbc:postgresql://127.0.0.1:5432/cert_vault?sslmode=disable
+    username: cert_vault
+    password: changeme
+  data:
+    redis:
+      host: 127.0.0.1
+      port: 5432
+      database: 8
+      password: changeme
+  sql:
+    init:
+      platform: postgresql
+  security:
+    oauth2:
+      client:
+        registration:
+          registration:
+            oidc:
+              client-id: cert-vault
+              client-secret: changeme
+              scope: openid,email,profile
+              redirect-uri: "${SERVER_BASE_URL:http://127.0.0.1:1888}/api/v1/auth/oauth/callback/oidc"
+              authorization-grant-type: authorization_code
+              client-authentication-method: client_secret_basic
+          provider:
+            oidc:
+              token-uri: "https://127.0.0.1:8443/realms/cert-vault/protocol/openid-connect/token"
+              authorization-uri: "https://127.0.0.1:8443/realms/cert-vault/protocol/openid-connect/auth"
+              user-info-uri: "https://127.0.0.1:8443/realms/cert-vault/protocol/openid-connect/userinfo"
+              jwk-set-uri: "https://127.0.0.1:8443/realms/cert-vault/protocol/openid-connect/certs"
+              user-name-attribute: "preferred_username"
+oidc:
+  enabled: true
+  providers:
+    oidc:
+      name: "OpenID Connect"
+      logo: "data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/PjwhRE9DVFlQRSBzdmcgIFBVQkxJQyAnLS8vVzNDLy9EVEQgU1ZHIDEuMS8vRU4nICAnaHR0cDovL3d3dy53My5vcmcvR3JhcGhpY3MvU1ZHLzEuMS9EVEQvc3ZnMTEuZHRkJz48c3ZnIGhlaWdodD0iNTEycHgiIHN0eWxlPSJlbmFibGUtYmFja2dyb3VuZDpuZXcgMCAwIDUxMiA1MTI7IiB2ZXJzaW9uPSIxLjEiIHZpZXdCb3g9IjAgMCA1MTIgNTEyIiB3aWR0aD0iNTEycHgiIHhtbDpzcGFjZT0icHJlc2VydmUiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiPjxnIGlkPSJfeDMyXzM5LW9wZW5pZCI+PGc+PHBhdGggZD0iTTIzNC44NDksNDE5djYuNjIzYy03OS4yNjgtOS45NTgtMTM5LjMzNC01My4zOTMtMTM5LjMzNC0xMDUuNzU3ICAgIGMwLTM5LjMxMywzMy44NzMtNzMuNTk1LDg0LjQ4NS05Mi41MTFMMTc4LjAyMywxODBDODguODkyLDIwMi40OTcsMjYuMDAxLDI1Ni42MDcsMjYuMDAxLDMxOS44NjYgICAgYzAsNzYuMjg4LDkwLjg3MSwxMzkuMTI4LDIwOC45NSwxNDkuNzA1bDAuMDE4LTAuMDA5VjQxOUgyMzQuODQ5eiIgc3R5bGU9ImZpbGw6I0IyQjJCMjsiLz48cG9seWdvbiBwb2ludHM9IjMwNC43NzIsNDM2LjcxMyAzMDQuNjcsNDM2LjcxMyAzMDQuNjcsMjIxLjY2NyAzMDQuNjcsMjEzLjY2NyAzMDQuNjcsNDIuNDI5ICAgICAyMzQuODQ5LDc4LjI1IDIzNC44NDksMjIxLjY2NyAyMzQuOTY5LDIyMS42NjcgMjM0Ljk2OSw0NjkuNTYzICAgIiBzdHlsZT0iZmlsbDojRjc5MzFFOyIvPjxwYXRoIGQ9Ik00ODUuOTk5LDI5MS45MzhsLTkuNDQ2LTEwMC4xMTRsLTM1LjkzOCwyMC4zMzFDNDE1LjA4NywxOTYuNjQ5LDM4Mi41LDE3Ny41LDM0MCwxNzcuMjYxICAgIGwwLjAwMiwzNi40MDZ2Ny40OThjMy41MDIsMC45NjgsNi45MjMsMi4wMjQsMTAuMzAxLDMuMTI1YzE0LjE0NSw0LjYxMSwyNy4xNzYsMTAuMzUyLDM4LjY2NiwxNy4xMjhsLTM3Ljc4NiwyMS4yNTQgICAgTDQ4NS45OTksMjkxLjkzOHoiIHN0eWxlPSJmaWxsOiNCMkIyQjI7Ii8+PC9nPjwvZz48ZyBpZD0iTGF5ZXJfMSIvPjwvc3ZnPg==}"
+
+geoip:
+  # mmdb or ip-api.com
+  type: ip-api.com
+  file-path: /path/to/GeoLite2-City.mmdb
+
+management:
+  server:
+    port: 1999
+
+springdoc:
+  api-docs:
+    enabled: true
+
+init:
+  superadmin:
+    username: superadmin
+    display-name: Default Superadmin
+    email: superadmin@certvault.example
+    password: changeme
+
+encrypt:
+  rsa:
+    key:
+      public-key: changeme
+      private-key: changeme

docker-compose/application.yml

@@ -1,3 +1,4 @@
+#OpenID Connect Configuration
 spring:
   security:
     oauth2:

frontend/TODO.md

@@ -1,6 +1,6 @@
 - [x] Import CA
 - [x] Support OAuth
-- [ ] Refactor certificate management
-- [ ] User management
+- [x] Refactor certificate management
 - [ ] Bind/Unbind CA/SSL to user
+- [ ] User management
 - [ ] Dashboard

frontend/package.json

@@ -15,7 +15,7 @@
     "nanoid": "^5.1.5",
     "primeicons": "^7.0.0",
     "primevue": "^4.3.3",
-    "tailwindcss": "^4.1.3",
+    "tailwindcss": "^4.1.4",
     "tailwindcss-primeui": "^0.5.1",
     "valibot": "^1.0.0",
     "vue": "^3.5.13",
@@ -24,14 +24,14 @@
   "devDependencies": {
     "@primeuix/themes": "^1.0.3",
     "@primevue/auto-import-resolver": "^4.3.3",
-    "@tailwindcss/vite": "^4.1.3",
+    "@tailwindcss/vite": "^4.1.4",
     "@vitejs/plugin-vue": "^5.2.3",
     "@vue/tsconfig": "^0.7.0",
     "prettier": "^3.5.3",
     "rollup-plugin-visualizer": "^5.14.0",
     "typescript": "~5.8.3",
     "unplugin-auto-import": "^19.1.2",
-    "unplugin-vue-components": "^28.4.1",
+    "unplugin-vue-components": "^28.5.0",
     "vite": "^6.2.6",
     "vite-tsconfig-paths": "^5.1.4",
     "vitest": "^3.1.1",