Merge pull request #635 from chaptergy/allow-more-dns-challenges

Allow DNS challenges not just for cloudflare
This commit is contained in:
jc21 2020-10-14 19:12:15 +10:00 committed by GitHub
commit 3c4ce839b9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
27 changed files with 1118 additions and 226 deletions

1
Jenkinsfile vendored
View File

@ -65,6 +65,7 @@ pipeline {
// See: https://github.com/yarnpkg/yarn/issues/3254 // See: https://github.com/yarnpkg/yarn/issues/3254
sh '''docker run --rm \\ sh '''docker run --rm \\
-v "$(pwd)/backend:/app" \\ -v "$(pwd)/backend:/app" \\
-v "$(pwd)/global:/app/global" \\
-w /app \\ -w /app \\
node:latest \\ node:latest \\
sh -c "yarn install && yarn eslint . && rm -rf node_modules" sh -c "yarn install && yarn eslint . && rm -rf node_modules"

View File

@ -66,7 +66,7 @@ app.use(function (err, req, res, next) {
} }
}; };
if (process.env.NODE_ENV === 'development') { if (process.env.NODE_ENV === 'development' || (req.baseUrl + req.path).includes('nginx/certificates')) {
payload.debug = { payload.debug = {
stack: typeof err.stack !== 'undefined' && err.stack ? err.stack.split('\n') : null, stack: typeof err.stack !== 'undefined' && err.stack ? err.stack.split('\n') : null,
previous: err.previous previous: err.previous

View File

@ -4,7 +4,7 @@
"knex": { "knex": {
"client": "sqlite3", "client": "sqlite3",
"connection": { "connection": {
"filename": "/app/backend/config/mydb.sqlite" "filename": "/app/config/mydb.sqlite"
}, },
"pool": { "pool": {
"min": 0, "min": 0,

View File

@ -13,6 +13,7 @@ const internalNginx = require('./nginx');
const internalHost = require('./host'); const internalHost = require('./host');
const certbot_command = '/usr/bin/certbot'; const certbot_command = '/usr/bin/certbot';
const le_config = '/etc/letsencrypt.ini'; const le_config = '/etc/letsencrypt.ini';
const dns_plugins = require('../global/certbot-dns-plugins');
function omissions() { function omissions() {
return ['is_deleted']; return ['is_deleted'];
@ -141,11 +142,11 @@ const internalCertificate = {
}); });
}) })
.then((in_use_result) => { .then((in_use_result) => {
// Is CloudFlare, no config needed, so skip 3 and 5. // With DNS challenge no config is needed, so skip 3 and 5.
if (data.meta.cloudflare_use) { if (certificate.meta.dns_challenge) {
return internalNginx.reload().then(() => { return internalNginx.reload().then(() => {
// 4. Request cert // 4. Request cert
return internalCertificate.requestLetsEncryptCloudFlareDnsSsl(certificate, data.meta.cloudflare_token); return internalCertificate.requestLetsEncryptSslWithDnsChallenge(certificate);
}) })
.then(internalNginx.reload) .then(internalNginx.reload)
.then(() => { .then(() => {
@ -772,35 +773,70 @@ const internalCertificate = {
}, },
/** /**
* @param {Object} certificate the certificate row * @param {Object} certificate the certificate row
* @param {String} apiToken the cloudflare api token * @param {String} dns_provider the dns provider name (key used in `certbot-dns-plugins.js`)
* @param {String | null} credentials the content of this providers credentials file
* @param {String} propagation_seconds the cloudflare api token
* @returns {Promise} * @returns {Promise}
*/ */
requestLetsEncryptCloudFlareDnsSsl: (certificate, apiToken) => { requestLetsEncryptSslWithDnsChallenge: (certificate) => {
logger.info('Requesting Let\'sEncrypt certificates via Cloudflare DNS for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', ')); const dns_plugin = dns_plugins[certificate.meta.dns_provider];
let tokenLoc = '~/cloudflare-token'; if (!dns_plugin) {
let storeKey = 'echo "dns_cloudflare_api_token = ' + apiToken + '" > ' + tokenLoc; throw Error(`Unknown DNS provider '${certificate.meta.dns_provider}'`);
}
let cmd = logger.info(`Requesting Let'sEncrypt certificates via ${dns_plugin.display_name} for Cert #${certificate.id}: ${certificate.domain_names.join(', ')}`);
storeKey + ' && ' +
const credentials_loc = '/etc/letsencrypt/credentials-' + certificate.id;
const credentials_cmd = 'echo \'' + certificate.meta.dns_provider_credentials.replace('\'', '\\\'') + '\' > \'' + credentials_loc + '\' && chmod 600 \'' + credentials_loc + '\'';
const prepare_cmd = 'pip3 install ' + dns_plugin.package_name + '==' + dns_plugin.package_version;
// Whether the plugin has a --<name>-credentials argument
const has_config_arg = certificate.meta.dns_provider !== 'route53';
let main_cmd =
certbot_command + ' certonly --non-interactive ' + certbot_command + ' certonly --non-interactive ' +
'--cert-name "npm-' + certificate.id + '" ' + '--cert-name "npm-' + certificate.id + '" ' +
'--agree-tos ' + '--agree-tos ' +
'--email "' + certificate.meta.letsencrypt_email + '" ' + '--email "' + certificate.meta.letsencrypt_email + '" ' +
'--domains "' + certificate.domain_names.join(',') + '" ' + '--domains "' + certificate.domain_names.join(',') + '" ' +
'--dns-cloudflare --dns-cloudflare-credentials ' + tokenLoc + '--authenticator ' + dns_plugin.full_plugin_name + ' ' +
(le_staging ? ' --staging' : '') (
+ ' && rm ' + tokenLoc; has_config_arg
? '--' + dns_plugin.full_plugin_name + '-credentials "' + credentials_loc + '"'
: ''
) +
(
certificate.meta.propagation_seconds !== undefined
? ' --' + dns_plugin.full_plugin_name + '-propagation-seconds ' + certificate.meta.propagation_seconds
: ''
) +
(le_staging ? ' --staging' : '');
// Prepend the path to the credentials file as an environment variable
if (certificate.meta.dns_provider === 'route53') {
main_cmd = 'AWS_CONFIG_FILE=\'' + credentials_loc + '\' ' + main_cmd;
}
const teardown_cmd = `rm '${credentials_loc}'`;
if (debug_mode) { if (debug_mode) {
logger.info('Command:', cmd); logger.info('Command:', `${credentials_cmd} && ${prepare_cmd} && ${main_cmd} && ${teardown_cmd}`);
} }
return utils.exec(cmd).then((result) => { return utils.exec(credentials_cmd)
logger.info(result); .then(() => {
return result; return utils.exec(prepare_cmd)
}); .then(() => {
return utils.exec(main_cmd)
.then(async (result) => {
await utils.exec(teardown_cmd);
logger.info(result);
return result;
});
});
});
}, },
@ -817,7 +853,7 @@ const internalCertificate = {
}) })
.then((certificate) => { .then((certificate) => {
if (certificate.provider === 'letsencrypt') { if (certificate.provider === 'letsencrypt') {
let renewMethod = certificate.meta.cloudflare_use ? internalCertificate.renewLetsEncryptCloudFlareSsl : internalCertificate.renewLetsEncryptSsl; let renewMethod = certificate.meta.dns_challenge ? internalCertificate.renewLetsEncryptSslWithDnsChallenge : internalCertificate.renewLetsEncryptSsl;
return renewMethod(certificate) return renewMethod(certificate)
.then(() => { .then(() => {
@ -877,22 +913,47 @@ const internalCertificate = {
* @param {Object} certificate the certificate row * @param {Object} certificate the certificate row
* @returns {Promise} * @returns {Promise}
*/ */
renewLetsEncryptCloudFlareSsl: (certificate) => { renewLetsEncryptSslWithDnsChallenge: (certificate) => {
logger.info('Renewing Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', ')); const dns_plugin = dns_plugins[certificate.meta.dns_provider];
let cmd = certbot_command + ' renew --non-interactive ' + if (!dns_plugin) {
'--cert-name "npm-' + certificate.id + '" ' + throw Error(`Unknown DNS provider '${certificate.meta.dns_provider}'`);
'--disable-hook-validation ' +
(le_staging ? '--staging' : '');
if (debug_mode) {
logger.info('Command:', cmd);
} }
return utils.exec(cmd) logger.info(`Renewing Let'sEncrypt certificates via ${dns_plugin.display_name} for Cert #${certificate.id}: ${certificate.domain_names.join(', ')}`);
.then((result) => {
logger.info(result); const credentials_loc = '/etc/letsencrypt/credentials-' + certificate.id;
return result; const credentials_cmd = 'echo \'' + certificate.meta.dns_provider_credentials.replace('\'', '\\\'') + '\' > \'' + credentials_loc + '\' && chmod 600 \'' + credentials_loc + '\'';
const prepare_cmd = 'pip3 install ' + dns_plugin.package_name + '==' + dns_plugin.package_version;
let main_cmd =
certbot_command + ' renew --non-interactive ' +
'--cert-name "npm-' + certificate.id + '" ' +
'--disable-hook-validation' +
(le_staging ? ' --staging' : '');
// Prepend the path to the credentials file as an environment variable
if (certificate.meta.dns_provider === 'route53') {
main_cmd = 'AWS_CONFIG_FILE=\'' + credentials_loc + '\' ' + main_cmd;
}
const teardown_cmd = `rm '${credentials_loc}'`;
if (debug_mode) {
logger.info('Command:', `${credentials_cmd} && ${prepare_cmd} && ${main_cmd} && ${teardown_cmd}`);
}
return utils.exec(credentials_cmd)
.then(() => {
return utils.exec(prepare_cmd)
.then(() => {
return utils.exec(main_cmd)
.then(async (result) => {
await utils.exec(teardown_cmd);
logger.info(result);
return result;
});
});
}); });
}, },

View File

@ -58,6 +58,7 @@ router
.post((req, res, next) => { .post((req, res, next) => {
apiValidator({$ref: 'endpoints/certificates#/links/1/schema'}, req.body) apiValidator({$ref: 'endpoints/certificates#/links/1/schema'}, req.body)
.then((payload) => { .then((payload) => {
req.setTimeout(900000); // 15 minutes timeout
return internalCertificate.create(res.locals.access, payload); return internalCertificate.create(res.locals.access, payload);
}) })
.then((result) => { .then((result) => {
@ -197,6 +198,7 @@ router
* Renew certificate * Renew certificate
*/ */
.post((req, res, next) => { .post((req, res, next) => {
req.setTimeout(900000); // 15 minutes timeout
internalCertificate.renew(res.locals.access, { internalCertificate.renew(res.locals.access, {
id: parseInt(req.params.certificate_id, 10) id: parseInt(req.params.certificate_id, 10)
}) })

View File

@ -42,11 +42,23 @@
"letsencrypt_agree": { "letsencrypt_agree": {
"type": "boolean" "type": "boolean"
}, },
"cloudflare_use": { "dns_challenge": {
"type": "boolean" "type": "boolean"
}, },
"cloudflare_token": { "dns_provider": {
"type": "string" "type": "string"
},
"dns_provider_credentials": {
"type": "string"
},
"propagation_seconds": {
"anyOf": [
{
"type": "integer",
"minimum": 0
}
]
} }
} }
} }

View File

@ -17,8 +17,8 @@ ENV NODE_ENV=production
RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
&& apk update \ && apk update \
&& apk add python2 py-pip certbot jq \ && apk add python3 certbot jq \
&& pip install certbot-dns-cloudflare \ && python3 -m ensurepip \
&& rm -rf /var/cache/apk/* && rm -rf /var/cache/apk/*
ENV NPM_BUILD_VERSION="${BUILD_VERSION}" NPM_BUILD_COMMIT="${BUILD_COMMIT}" NPM_BUILD_DATE="${BUILD_DATE}" ENV NPM_BUILD_VERSION="${BUILD_VERSION}" NPM_BUILD_COMMIT="${BUILD_COMMIT}" NPM_BUILD_DATE="${BUILD_DATE}"
@ -34,6 +34,7 @@ EXPOSE 443
COPY docker/rootfs / COPY docker/rootfs /
ADD backend /app ADD backend /app
ADD frontend/dist /app/frontend ADD frontend/dist /app/frontend
COPY global /app/global
WORKDIR /app WORKDIR /app
RUN yarn install RUN yarn install

View File

@ -7,8 +7,8 @@ ENV S6_FIX_ATTRS_HIDDEN=1
RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
&& apk update \ && apk update \
&& apk add python2 py-pip certbot jq \ && apk add python3 certbot jq \
&& pip install certbot-dns-cloudflare \ && python3 -m ensurepip \
&& rm -rf /var/cache/apk/* && rm -rf /var/cache/apk/*
# Task # Task

View File

@ -11,6 +11,8 @@ services:
- 3080:80 - 3080:80
- 3081:81 - 3081:81
- 3443:443 - 3443:443
networks:
- nginx_proxy_manager
environment: environment:
- NODE_ENV=development - NODE_ENV=development
- FORCE_COLOR=1 - FORCE_COLOR=1
@ -19,13 +21,17 @@ services:
volumes: volumes:
- npm_data:/data - npm_data:/data
- le_data:/etc/letsencrypt - le_data:/etc/letsencrypt
- ..:/app - ../backend:/app
- ../frontend:/app/frontend
- ../global:/app/global
depends_on: depends_on:
- db - db
working_dir: /app working_dir: /app
db: db:
image: jc21/mariadb-aria image: jc21/mariadb-aria
networks:
- nginx_proxy_manager
environment: environment:
MYSQL_ROOT_PASSWORD: "npm" MYSQL_ROOT_PASSWORD: "npm"
MYSQL_DATABASE: "npm" MYSQL_DATABASE: "npm"
@ -38,6 +44,8 @@ services:
image: 'swaggerapi/swagger-ui:latest' image: 'swaggerapi/swagger-ui:latest'
ports: ports:
- 3001:80 - 3001:80
networks:
- nginx_proxy_manager
environment: environment:
URL: "http://127.0.0.1:3081/api/schema" URL: "http://127.0.0.1:3081/api/schema"
PORT: '80' PORT: '80'
@ -48,3 +56,6 @@ volumes:
npm_data: npm_data:
le_data: le_data:
db_data: db_data:
networks:
nginx_proxy_manager:

View File

@ -17,6 +17,9 @@ server {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://127.0.0.1:3000/; proxy_pass http://127.0.0.1:3000/;
proxy_read_timeout 15m;
proxy_send_timeout 15m;
} }
location / { location / {

View File

@ -18,6 +18,9 @@ server {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://127.0.0.1:3000/; proxy_pass http://127.0.0.1:3000/;
proxy_read_timeout 15m;
proxy_send_timeout 15m;
} }
location / { location / {

View File

@ -5,7 +5,7 @@ mkdir -p /data/letsencrypt-acme-challenge
cd /app || echo cd /app || echo
if [ "$DEVELOPMENT" == "true" ]; then if [ "$DEVELOPMENT" == "true" ]; then
cd /app/backend || exit 1 cd /app || exit 1
yarn install yarn install
node --max_old_space_size=250 --abort_on_uncaught_exception node_modules/nodemon/bin/nodemon.js node --max_old_space_size=250 --abort_on_uncaught_exception node_modules/nodemon/bin/nodemon.js
else else

View File

@ -53,7 +53,7 @@ function fetch(verb, path, data, options) {
contentType: options.contentType || 'application/json; charset=UTF-8', contentType: options.contentType || 'application/json; charset=UTF-8',
processData: options.processData || true, processData: options.processData || true,
crossDomain: true, crossDomain: true,
timeout: options.timeout ? options.timeout : 30000, timeout: options.timeout ? options.timeout : 180000,
xhrFields: { xhrFields: {
withCredentials: true withCredentials: true
}, },
@ -587,7 +587,8 @@ module.exports = {
* @param {Object} data * @param {Object} data
*/ */
create: function (data) { create: function (data) {
return fetch('post', 'nginx/certificates', data); const timeout = 180000 + (data.meta.propagation_seconds ? Number(data.meta.propagation_seconds) * 1000 : 0);
return fetch('post', 'nginx/certificates', data, {timeout});
}, },
/** /**
@ -630,8 +631,8 @@ module.exports = {
* @param {Number} id * @param {Number} id
* @returns {Promise} * @returns {Promise}
*/ */
renew: function (id) { renew: function (id, timeout = 180000) {
return fetch('post', 'nginx/certificates/' + id + '/renew'); return fetch('post', 'nginx/certificates/' + id + '/renew', undefined, {timeout});
} }
} }
}, },

View File

@ -1,12 +1,20 @@
<div class="modal-content"> <div class="modal-content">
<div class="modal-header"> <div class="modal-header">
<h5 class="modal-title"><%- i18n('certificates', 'form-title', {provider: provider}) %></h5> <h5 class="modal-title"><%- i18n('certificates', 'form-title', {provider: provider}) %></h5>
<button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button> <button type="button" class="close cancel non-loader-content" aria-label="Close" data-dismiss="modal">&nbsp;</button>
</div> </div>
<div class="modal-body"> <div class="modal-body">
<form> <div class="text-center loader-content">
<div class="loader mx-auto my-6"></div>
<p><%- i18n('ssl', 'obtaining-certificate-info') %></p>
</div>
<form class="non-loader-content">
<div class="row"> <div class="row">
<% if (provider === 'letsencrypt') { %> <% if (provider === 'letsencrypt') { %>
<div class="col-sm-12 col-md-12">
<div class="alert alert-danger" id="le-error-info" role="alert"></div>
</div>
<div class="col-sm-12 col-md-12"> <div class="col-sm-12 col-md-12">
<div class="form-group"> <div class="form-group">
<label class="form-label"><%- i18n('all-hosts', 'domain-names') %> <span class="form-required">*</span></label> <label class="form-label"><%- i18n('all-hosts', 'domain-names') %> <span class="form-required">*</span></label>
@ -21,21 +29,96 @@
</div> </div>
</div> </div>
<!-- CloudFlare --> <!-- DNS challenge -->
<div class="col-sm-12 col-md-12"> <div class="col-sm-12 col-md-12">
<div class="form-group"> <div class="form-group">
<label class="custom-switch"> <label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="meta[cloudflare_use]" value="1"> <input
type="checkbox"
class="custom-switch-input"
name="meta[dns_challenge]"
value="1"
<%- getUseDnsChallenge() ? 'checked' : '' %>
>
<span class="custom-switch-indicator"></span> <span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%= i18n('ssl', 'use-cloudflare') %></span> <span class="custom-switch-description"><%= i18n('ssl', 'dns-challenge') %></span>
</label> </label>
</div> </div>
</div> </div>
<div class="col-sm-12 col-md-12 cloudflare"> <div class="col-sm-12 col-md-12">
<div class="form-group"> <fieldset class="form-fieldset dns-challenge">
<label class="form-label">CloudFlare DNS API Token <span class="form-required">*</span></label> <div class="text-red mb-4"><i class="fe fe-alert-triangle"></i> <%= i18n('ssl', 'certbot-warning') %></div>
<input type="text" name="meta[cloudflare_token]" class="form-control" id="cloudflare_token">
</div> <!-- Certbot DNS plugin selection -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'dns-provider') %> <span class="form-required">*</span></label>
<select
name="meta[dns_provider]"
id="dns_provider"
class="form-control custom-select"
>
<option
value=""
disabled
hidden
<%- getDnsProvider() === null ? 'selected' : '' %>
>Please Choose...</option>
<% _.each(dns_plugins, function(plugin_info, plugin_name){ %>
<option
value="<%- plugin_name %>"
<%- getDnsProvider() === plugin_name ? 'selected' : '' %>
><%- plugin_info.display_name %></option>
<% }); %>
</select>
</div>
</div>
</div>
<!-- Certbot credentials file content -->
<div class="row credentials-file-content">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'credentials-file-content') %> <span class="form-required">*</span></label>
<textarea
name="meta[dns_provider_credentials]"
class="form-control text-monospace"
id="dns_provider_credentials"
><%- getDnsProviderCredentials() %></textarea>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'credentials-file-content-info') %>
</div>
<div class="text-red small">
<i class="fe fe-alert-triangle"></i>
<%= i18n('ssl', 'stored-as-plaintext-info') %>
</div>
</div>
</div>
</div>
<!-- DNS propagation delay -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group mb-0">
<label class="form-label"><%- i18n('ssl', 'propagation-seconds') %></label>
<input
type="number"
min="0"
name="meta[propagation_seconds]"
class="form-control"
id="propagation_seconds"
value="<%- getPropagationSeconds() %>"
>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'propagation-seconds-info') %>
</div>
</div>
</div>
</div>
</fieldset>
</div> </div>
<div class="col-sm-12 col-md-12"> <div class="col-sm-12 col-md-12">
@ -87,7 +170,7 @@
</div> </div>
</form> </form>
</div> </div>
<div class="modal-footer"> <div class="modal-footer non-loader-content">
<button type="button" class="btn btn-secondary cancel" data-dismiss="modal"><%- i18n('str', 'cancel') %></button> <button type="button" class="btn btn-secondary cancel" data-dismiss="modal"><%- i18n('str', 'cancel') %></button>
<button type="button" class="btn btn-teal save"><%- i18n('str', 'save') %></button> <button type="button" class="btn btn-teal save"><%- i18n('str', 'save') %></button>
</div> </div>

View File

@ -3,6 +3,8 @@ const Mn = require('backbone.marionette');
const App = require('../../main'); const App = require('../../main');
const CertificateModel = require('../../../models/certificate'); const CertificateModel = require('../../../models/certificate');
const template = require('./form.ejs'); const template = require('./form.ejs');
const i18n = require('../../i18n');
const dns_providers = require('../../../../../global/certbot-dns-plugins');
require('jquery-serializejson'); require('jquery-serializejson');
require('selectize'); require('selectize');
@ -14,6 +16,9 @@ module.exports = Mn.View.extend({
ui: { ui: {
form: 'form', form: 'form',
loader_content: '.loader-content',
non_loader_content: '.non-loader-content',
le_error_info: '#le-error-info',
domain_names: 'input[name="domain_names"]', domain_names: 'input[name="domain_names"]',
buttons: '.modal-footer button', buttons: '.modal-footer button',
cancel: 'button.cancel', cancel: 'button.cancel',
@ -21,27 +26,49 @@ module.exports = Mn.View.extend({
other_certificate: '#other_certificate', other_certificate: '#other_certificate',
other_certificate_label: '#other_certificate_label', other_certificate_label: '#other_certificate_label',
other_certificate_key: '#other_certificate_key', other_certificate_key: '#other_certificate_key',
cloudflare_switch: 'input[name="meta[cloudflare_use]"]', dns_challenge_switch: 'input[name="meta[dns_challenge]"]',
cloudflare_token: 'input[name="meta[cloudflare_token]"', dns_challenge_content: '.dns-challenge',
cloudflare: '.cloudflare', dns_provider: 'select[name="meta[dns_provider]"]',
credentials_file_content: '.credentials-file-content',
dns_provider_credentials: 'textarea[name="meta[dns_provider_credentials]"]',
propagation_seconds: 'input[name="meta[propagation_seconds]"]',
other_certificate_key_label: '#other_certificate_key_label', other_certificate_key_label: '#other_certificate_key_label',
other_intermediate_certificate: '#other_intermediate_certificate', other_intermediate_certificate: '#other_intermediate_certificate',
other_intermediate_certificate_label: '#other_intermediate_certificate_label' other_intermediate_certificate_label: '#other_intermediate_certificate_label'
}, },
events: { events: {
'change @ui.cloudflare_switch': function() { 'change @ui.dns_challenge_switch': function () {
let checked = this.ui.cloudflare_switch.prop('checked'); const checked = this.ui.dns_challenge_switch.prop('checked');
if (checked) { if (checked) {
this.ui.cloudflare_token.prop('required', 'required'); this.ui.dns_provider.prop('required', 'required');
this.ui.cloudflare.show(); const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
} else { if(selected_provider != '' && dns_providers[selected_provider].credentials !== false){
this.ui.cloudflare_token.prop('required', false); this.ui.dns_provider_credentials.prop('required', 'required');
this.ui.cloudflare.hide(); }
this.ui.dns_challenge_content.show();
} else {
this.ui.dns_provider.prop('required', false);
this.ui.dns_provider_credentials.prop('required', false);
this.ui.dns_challenge_content.hide();
} }
}, },
'change @ui.dns_provider': function () {
const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
if (selected_provider != '' && dns_providers[selected_provider].credentials !== false) {
this.ui.dns_provider_credentials.prop('required', 'required');
this.ui.dns_provider_credentials[0].value = dns_providers[selected_provider].credentials;
this.ui.credentials_file_content.show();
} else {
this.ui.dns_provider_credentials.prop('required', false);
this.ui.credentials_file_content.hide();
}
},
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
this.ui.le_error_info.hide();
if (!this.ui.form[0].checkValidity()) { if (!this.ui.form[0].checkValidity()) {
$('<input type="submit">').hide().appendTo(this.ui.form).click().remove(); $('<input type="submit">').hide().appendTo(this.ui.form).click().remove();
@ -56,7 +83,7 @@ module.exports = Mn.View.extend({
let domain_err = false; let domain_err = false;
if (!data.meta.cloudflare_use) { if (!data.meta.dns_challenge) {
data.domain_names.split(',').map(function (name) { data.domain_names.split(',').map(function (name) {
if (name.match(/\*/im)) { if (name.match(/\*/im)) {
domain_err = true; domain_err = true;
@ -65,16 +92,21 @@ module.exports = Mn.View.extend({
} }
if (domain_err) { if (domain_err) {
alert('Cannot request Let\'s Encrypt Certificate for wildcard domains when not using CloudFlare DNS'); alert(i18n('ssl', 'no-wildcard-without-dns'));
return; return;
} }
// Manipulate // Manipulate
if (typeof data.meta !== 'undefined' && typeof data.meta.letsencrypt_agree !== 'undefined') { if (typeof data.meta === 'undefined') data.meta = {};
data.meta.letsencrypt_agree = !!data.meta.letsencrypt_agree; data.meta.letsencrypt_agree = data.meta.letsencrypt_agree == 1;
} data.meta.dns_challenge = data.meta.dns_challenge == 1;
if (typeof data.meta !== 'undefined' && typeof data.meta.cloudflare_use !== 'undefined') {
data.meta.cloudflare_use = !!data.meta.cloudflare_use; if(!data.meta.dns_challenge){
data.meta.dns_provider = undefined;
data.meta.dns_provider_credentials = undefined;
data.meta.propagation_seconds = undefined;
} else {
if(data.meta.propagation_seconds === '') data.meta.propagation_seconds = undefined;
} }
if (typeof data.domain_names === 'string' && data.domain_names) { if (typeof data.domain_names === 'string' && data.domain_names) {
@ -116,8 +148,8 @@ module.exports = Mn.View.extend({
} }
} }
this.ui.buttons.prop('disabled', true).addClass('btn-disabled'); this.ui.loader_content.show();
this.ui.save.addClass('btn-loading'); this.ui.non_loader_content.hide();
// compile file data // compile file data
let form_data = new FormData(); let form_data = new FormData();
@ -154,9 +186,17 @@ module.exports = Mn.View.extend({
}); });
}) })
.catch(err => { .catch(err => {
alert(err.message); let more_info = '';
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); if(err.code === 500 && err.debug){
this.ui.save.removeClass('btn-loading'); try{
more_info = JSON.parse(err.debug).debug.stack.join("\n");
} catch(e) {}
}
this.ui.le_error_info[0].innerHTML = `${err.message}${more_info !== '' ? `<pre class="mt-3">${more_info}</pre>`:''}`;
this.ui.le_error_info.show();
this.ui.le_error_info[0].scrollIntoView();
this.ui.loader_content.hide();
this.ui.non_loader_content.show();
}); });
}, },
'change @ui.other_certificate_key': function(e){ 'change @ui.other_certificate_key': function(e){
@ -176,14 +216,22 @@ module.exports = Mn.View.extend({
getLetsencryptEmail: function () { getLetsencryptEmail: function () {
return typeof this.meta.letsencrypt_email !== 'undefined' ? this.meta.letsencrypt_email : App.Cache.User.get('email'); return typeof this.meta.letsencrypt_email !== 'undefined' ? this.meta.letsencrypt_email : App.Cache.User.get('email');
}, },
getLetsencryptAgree: function () { getLetsencryptAgree: function () {
return typeof this.meta.letsencrypt_agree !== 'undefined' ? this.meta.letsencrypt_agree : false; return typeof this.meta.letsencrypt_agree !== 'undefined' ? this.meta.letsencrypt_agree : false;
}, },
getUseDnsChallenge: function () {
getCloudflareUse: function () { return typeof this.meta.dns_challenge !== 'undefined' ? this.meta.dns_challenge : false;
return typeof this.meta.cloudflare_use !== 'undefined' ? this.meta.cloudflare_use : false; },
} getDnsProvider: function () {
return typeof this.meta.dns_provider !== 'undefined' && this.meta.dns_provider != '' ? this.meta.dns_provider : null;
},
getDnsProviderCredentials: function () {
return typeof this.meta.dns_provider_credentials !== 'undefined' ? this.meta.dns_provider_credentials : '';
},
getPropagationSeconds: function () {
return typeof this.meta.propagation_seconds !== 'undefined' ? this.meta.propagation_seconds : '';
},
dns_plugins: dns_providers,
}, },
onRender: function () { onRender: function () {
@ -199,7 +247,10 @@ module.exports = Mn.View.extend({
}, },
createFilter: /^(?:[^.]+\.?)+[^.]$/ createFilter: /^(?:[^.]+\.?)+[^.]$/
}); });
this.ui.cloudflare.hide(); this.ui.dns_challenge_content.hide();
this.ui.credentials_file_content.hide();
this.ui.loader_content.hide();
this.ui.le_error_info.hide();
}, },
initialize: function (options) { initialize: function (options) {

View File

@ -28,7 +28,7 @@
</div> </div>
</td> </td>
<td> <td>
<%- i18n('ssl', provider) %><% if (meta.cloudflare_use) { %> - CloudFlare DNS<% } %> <%- i18n('ssl', provider) %><% if (meta.dns_provider) { %> - <%- dns_providers[meta.dns_provider].display_name %><% } %>
</td> </td>
<td class="<%- isExpired() ? 'text-danger' : '' %>"> <td class="<%- isExpired() ? 'text-danger' : '' %>">
<%- formatDbDate(expires_on, 'Do MMMM YYYY, h:mm a') %> <%- formatDbDate(expires_on, 'Do MMMM YYYY, h:mm a') %>

View File

@ -1,7 +1,8 @@
const Mn = require('backbone.marionette'); const Mn = require('backbone.marionette');
const moment = require('moment'); const moment = require('moment');
const App = require('../../../main'); const App = require('../../../main');
const template = require('./item.ejs'); const template = require('./item.ejs');
const dns_providers = require('../../../../../../global/certbot-dns-plugins')
module.exports = Mn.View.extend({ module.exports = Mn.View.extend({
template: template, template: template,
@ -35,7 +36,8 @@ module.exports = Mn.View.extend({
canManage: App.Cache.User.canManage('certificates'), canManage: App.Cache.User.canManage('certificates'),
isExpired: function () { isExpired: function () {
return moment(this.expires_on).isBefore(moment()); return moment(this.expires_on).isBefore(moment());
} },
dns_providers: dns_providers
}, },
initialize: function () { initialize: function () {

View File

@ -4,6 +4,7 @@
<button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button> <button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button>
</div> </div>
<div class="modal-body has-tabs"> <div class="modal-body has-tabs">
<div class="alert alert-danger mb-0 rounded-0" id="le-error-info" role="alert"></div>
<form> <form>
<ul class="nav nav-tabs" role="tablist"> <ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li> <li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li>
@ -73,21 +74,96 @@
</div> </div>
</div> </div>
<!-- CloudFlare --> <!-- DNS challenge -->
<div class="col-sm-12 col-md-12 letsencrypt"> <div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group"> <div class="form-group">
<label class="custom-switch"> <label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="meta[cloudflare_use]" value="1"> <input
type="checkbox"
class="custom-switch-input"
name="meta[dns_challenge]"
value="1"
<%- getUseDnsChallenge() ? 'checked' : '' %>
>
<span class="custom-switch-indicator"></span> <span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%= i18n('ssl', 'use-cloudflare') %></span> <span class="custom-switch-description"><%= i18n('ssl', 'dns-challenge') %></span>
</label> </label>
</div> </div>
</div> </div>
<div class="col-sm-12 col-md-12 cloudflare letsencrypt"> <div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group"> <fieldset class="form-fieldset dns-challenge">
<label class="form-label">CloudFlare DNS API Token <span class="form-required">*</span></label> <div class="text-red mb-4"><i class="fe fe-alert-triangle"></i> <%= i18n('ssl', 'certbot-warning') %></div>
<input type="text" name="meta[cloudflare_token]" class="form-control" id="cloudflare_token">
</div> <!-- Certbot DNS plugin selection -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'dns-provider') %> <span class="form-required">*</span></label>
<select
name="meta[dns_provider]"
id="dns_provider"
class="form-control custom-select"
>
<option
value=""
disabled
hidden
<%- getDnsProvider() === null ? 'selected' : '' %>
>Please Choose...</option>
<% _.each(dns_plugins, function(plugin_info, plugin_name){ %>
<option
value="<%- plugin_name %>"
<%- getDnsProvider() === plugin_name ? 'selected' : '' %>
><%- plugin_info.display_name %></option>
<% }); %>
</select>
</div>
</div>
</div>
<!-- Certbot credentials file content -->
<div class="row credentials-file-content">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'credentials-file-content') %> <span class="form-required">*</span></label>
<textarea
name="meta[dns_provider_credentials]"
class="form-control text-monospace"
id="dns_provider_credentials"
><%- getDnsProviderCredentials() %></textarea>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'credentials-file-content-info') %>
</div>
<div class="text-red small">
<i class="fe fe-alert-triangle"></i>
<%= i18n('ssl', 'stored-as-plaintext-info') %>
</div>
</div>
</div>
</div>
<!-- DNS propagation delay -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group mb-0">
<label class="form-label"><%- i18n('ssl', 'propagation-seconds') %></label>
<input
type="number"
min="0"
name="meta[propagation_seconds]"
class="form-control"
id="propagation_seconds"
value="<%- getPropagationSeconds() %>"
>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'propagation-seconds-info') %>
</div>
</div>
</div>
</div>
</fieldset>
</div> </div>
<!-- Lets encrypt --> <!-- Lets encrypt -->

View File

@ -4,6 +4,8 @@ const DeadHostModel = require('../../../models/dead-host');
const template = require('./form.ejs'); const template = require('./form.ejs');
const certListItemTemplate = require('../certificates-list-item.ejs'); const certListItemTemplate = require('../certificates-list-item.ejs');
const Helpers = require('../../../lib/helpers'); const Helpers = require('../../../lib/helpers');
const i18n = require('../../i18n');
const dns_providers = require('../../../../../global/certbot-dns-plugins');
require('jquery-serializejson'); require('jquery-serializejson');
require('selectize'); require('selectize');
@ -13,20 +15,24 @@ module.exports = Mn.View.extend({
className: 'modal-dialog', className: 'modal-dialog',
ui: { ui: {
form: 'form', form: 'form',
domain_names: 'input[name="domain_names"]', domain_names: 'input[name="domain_names"]',
buttons: '.modal-footer button', buttons: '.modal-footer button',
cancel: 'button.cancel', cancel: 'button.cancel',
save: 'button.save', save: 'button.save',
certificate_select: 'select[name="certificate_id"]', le_error_info: '#le-error-info',
ssl_forced: 'input[name="ssl_forced"]', certificate_select: 'select[name="certificate_id"]',
hsts_enabled: 'input[name="hsts_enabled"]', ssl_forced: 'input[name="ssl_forced"]',
hsts_subdomains: 'input[name="hsts_subdomains"]', hsts_enabled: 'input[name="hsts_enabled"]',
http2_support: 'input[name="http2_support"]', hsts_subdomains: 'input[name="hsts_subdomains"]',
cloudflare_switch: 'input[name="meta[cloudflare_use]"]', http2_support: 'input[name="http2_support"]',
cloudflare_token: 'input[name="meta[cloudflare_token]"', dns_challenge_switch: 'input[name="meta[dns_challenge]"]',
cloudflare: '.cloudflare', dns_challenge_content: '.dns-challenge',
letsencrypt: '.letsencrypt' dns_provider: 'select[name="meta[dns_provider]"]',
credentials_file_content: '.credentials-file-content',
dns_provider_credentials: 'textarea[name="meta[dns_provider_credentials]"]',
propagation_seconds: 'input[name="meta[propagation_seconds]"]',
letsencrypt: '.letsencrypt'
}, },
events: { events: {
@ -34,7 +40,7 @@ module.exports = Mn.View.extend({
let id = this.ui.certificate_select.val(); let id = this.ui.certificate_select.val();
if (id === 'new') { if (id === 'new') {
this.ui.letsencrypt.show().find('input').prop('disabled', false); this.ui.letsencrypt.show().find('input').prop('disabled', false);
this.ui.cloudflare.hide(); this.ui.dns_challenge_content.hide();
} else { } else {
this.ui.letsencrypt.hide().find('input').prop('disabled', true); this.ui.letsencrypt.hide().find('input').prop('disabled', true);
} }
@ -81,19 +87,37 @@ module.exports = Mn.View.extend({
} }
}, },
'change @ui.cloudflare_switch': function() { 'change @ui.dns_challenge_switch': function () {
let checked = this.ui.cloudflare_switch.prop('checked'); const checked = this.ui.dns_challenge_switch.prop('checked');
if (checked) { if (checked) {
this.ui.cloudflare_token.prop('required', 'required'); this.ui.dns_provider.prop('required', 'required');
this.ui.cloudflare.show(); const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
} else { if(selected_provider != '' && dns_providers[selected_provider].credentials !== false){
this.ui.cloudflare_token.prop('required', false); this.ui.dns_provider_credentials.prop('required', 'required');
this.ui.cloudflare.hide(); }
this.ui.dns_challenge_content.show();
} else {
this.ui.dns_provider.prop('required', false);
this.ui.dns_provider_credentials.prop('required', false);
this.ui.dns_challenge_content.hide();
}
},
'change @ui.dns_provider': function () {
const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
if (selected_provider != '' && dns_providers[selected_provider].credentials !== false) {
this.ui.dns_provider_credentials.prop('required', 'required');
this.ui.dns_provider_credentials[0].value = dns_providers[selected_provider].credentials;
this.ui.credentials_file_content.show();
} else {
this.ui.dns_provider_credentials.prop('required', false);
this.ui.credentials_file_content.hide();
} }
}, },
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
this.ui.le_error_info.hide();
if (!this.ui.form[0].checkValidity()) { if (!this.ui.form[0].checkValidity()) {
$('<input type="submit">').hide().appendTo(this.ui.form).click().remove(); $('<input type="submit">').hide().appendTo(this.ui.form).click().remove();
@ -104,10 +128,22 @@ module.exports = Mn.View.extend({
let data = this.ui.form.serializeJSON(); let data = this.ui.form.serializeJSON();
// Manipulate // Manipulate
data.hsts_enabled = !!data.hsts_enabled; data.hsts_enabled = !!data.hsts_enabled;
data.hsts_subdomains = !!data.hsts_subdomains; data.hsts_subdomains = !!data.hsts_subdomains;
data.http2_support = !!data.http2_support; data.http2_support = !!data.http2_support;
data.ssl_forced = !!data.ssl_forced; data.ssl_forced = !!data.ssl_forced;
if (typeof data.meta === 'undefined') data.meta = {};
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree == 1;
data.meta.dns_challenge = data.meta.dns_challenge == 1;
if(!data.meta.dns_challenge){
data.meta.dns_provider = undefined;
data.meta.dns_provider_credentials = undefined;
data.meta.propagation_seconds = undefined;
} else {
if(data.meta.propagation_seconds === '') data.meta.propagation_seconds = undefined;
}
if (typeof data.domain_names === 'string' && data.domain_names) { if (typeof data.domain_names === 'string' && data.domain_names) {
data.domain_names = data.domain_names.split(','); data.domain_names = data.domain_names.split(',');
@ -116,7 +152,7 @@ module.exports = Mn.View.extend({
// Check for any domain names containing wildcards, which are not allowed with letsencrypt // Check for any domain names containing wildcards, which are not allowed with letsencrypt
if (data.certificate_id === 'new') { if (data.certificate_id === 'new') {
let domain_err = false; let domain_err = false;
if (!data.meta.cloudflare_use) { if (!data.meta.dns_challenge) {
data.domain_names.map(function (name) { data.domain_names.map(function (name) {
if (name.match(/\*/im)) { if (name.match(/\*/im)) {
domain_err = true; domain_err = true;
@ -125,12 +161,9 @@ module.exports = Mn.View.extend({
} }
if (domain_err) { if (domain_err) {
alert('Cannot request Let\'s Encrypt Certificate for wildcard domains without CloudFlare DNS.'); alert(i18n('ssl', 'no-wildcard-without-dns'));
return; return;
} }
data.meta.cloudflare_use = data.meta.cloudflare_use === '1';
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1';
} else { } else {
data.certificate_id = parseInt(data.certificate_id, 10); data.certificate_id = parseInt(data.certificate_id, 10);
} }
@ -159,7 +192,15 @@ module.exports = Mn.View.extend({
}); });
}) })
.catch(err => { .catch(err => {
alert(err.message); let more_info = '';
if(err.code === 500 && err.debug){
try{
more_info = JSON.parse(err.debug).debug.stack.join("\n");
} catch(e) {}
}
this.ui.le_error_info[0].innerHTML = `${err.message}${more_info !== '' ? `<pre class="mt-3">${more_info}</pre>`:''}`;
this.ui.le_error_info.show();
this.ui.le_error_info[0].scrollIntoView();
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled');
this.ui.save.removeClass('btn-loading'); this.ui.save.removeClass('btn-loading');
}); });
@ -169,7 +210,20 @@ module.exports = Mn.View.extend({
templateContext: { templateContext: {
getLetsencryptEmail: function () { getLetsencryptEmail: function () {
return App.Cache.User.get('email'); return App.Cache.User.get('email');
} },
getUseDnsChallenge: function () {
return typeof this.meta.dns_challenge !== 'undefined' ? this.meta.dns_challenge : false;
},
getDnsProvider: function () {
return typeof this.meta.dns_provider !== 'undefined' && this.meta.dns_provider != '' ? this.meta.dns_provider : null;
},
getDnsProviderCredentials: function () {
return typeof this.meta.dns_provider_credentials !== 'undefined' ? this.meta.dns_provider_credentials : '';
},
getPropagationSeconds: function () {
return typeof this.meta.propagation_seconds !== 'undefined' ? this.meta.propagation_seconds : '';
},
dns_plugins: dns_providers,
}, },
onRender: function () { onRender: function () {
@ -190,6 +244,9 @@ module.exports = Mn.View.extend({
}); });
// Certificates // Certificates
this.ui.le_error_info.hide();
this.ui.dns_challenge_content.hide();
this.ui.credentials_file_content.hide();
this.ui.letsencrypt.hide(); this.ui.letsencrypt.hide();
this.ui.certificate_select.selectize({ this.ui.certificate_select.selectize({
valueField: 'id', valueField: 'id',

View File

@ -4,6 +4,7 @@
<button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button> <button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button>
</div> </div>
<div class="modal-body has-tabs"> <div class="modal-body has-tabs">
<div class="alert alert-danger mb-0 rounded-0" id="le-error-info" role="alert"></div>
<form> <form>
<ul class="nav nav-tabs" role="tablist"> <ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li> <li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li>
@ -141,21 +142,96 @@
</div> </div>
</div> </div>
<!-- CloudFlare --> <!-- DNS challenge -->
<div class="col-sm-12 col-md-12 letsencrypt"> <div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group"> <div class="form-group">
<label class="custom-switch"> <label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="meta[cloudflare_use]" value="1"> <input
type="checkbox"
class="custom-switch-input"
name="meta[dns_challenge]"
value="1"
<%- getUseDnsChallenge() ? 'checked' : '' %>
>
<span class="custom-switch-indicator"></span> <span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%= i18n('ssl', 'use-cloudflare') %></span> <span class="custom-switch-description"><%= i18n('ssl', 'dns-challenge') %></span>
</label> </label>
</div> </div>
</div> </div>
<div class="col-sm-12 col-md-12 cloudflare letsencrypt"> <div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group"> <fieldset class="form-fieldset dns-challenge">
<label class="form-label">CloudFlare DNS API Token <span class="form-required">*</span></label> <div class="text-red mb-4"><i class="fe fe-alert-triangle"></i> <%= i18n('ssl', 'certbot-warning') %></div>
<input type="text" name="meta[cloudflare_token]" class="form-control" id="cloudflare_token">
</div> <!-- Certbot DNS plugin selection -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'dns-provider') %> <span class="form-required">*</span></label>
<select
name="meta[dns_provider]"
id="dns_provider"
class="form-control custom-select"
>
<option
value=""
disabled
hidden
<%- getDnsProvider() === null ? 'selected' : '' %>
>Please Choose...</option>
<% _.each(dns_plugins, function(plugin_info, plugin_name){ %>
<option
value="<%- plugin_name %>"
<%- getDnsProvider() === plugin_name ? 'selected' : '' %>
><%- plugin_info.display_name %></option>
<% }); %>
</select>
</div>
</div>
</div>
<!-- Certbot credentials file content -->
<div class="row credentials-file-content">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'credentials-file-content') %> <span class="form-required">*</span></label>
<textarea
name="meta[dns_provider_credentials]"
class="form-control text-monospace"
id="dns_provider_credentials"
><%- getDnsProviderCredentials() %></textarea>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'credentials-file-content-info') %>
</div>
<div class="text-red small">
<i class="fe fe-alert-triangle"></i>
<%= i18n('ssl', 'stored-as-plaintext-info') %>
</div>
</div>
</div>
</div>
<!-- DNS propagation delay -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group mb-0">
<label class="form-label"><%- i18n('ssl', 'propagation-seconds') %></label>
<input
type="number"
min="0"
name="meta[propagation_seconds]"
class="form-control"
id="propagation_seconds"
value="<%- getPropagationSeconds() %>"
>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'propagation-seconds-info') %>
</div>
</div>
</div>
</div>
</fieldset>
</div> </div>
<!-- Lets encrypt --> <!-- Lets encrypt -->

View File

@ -7,6 +7,8 @@ const certListItemTemplate = require('../certificates-list-item.ejs');
const accessListItemTemplate = require('./access-list-item.ejs'); const accessListItemTemplate = require('./access-list-item.ejs');
const CustomLocation = require('./location'); const CustomLocation = require('./location');
const Helpers = require('../../../lib/helpers'); const Helpers = require('../../../lib/helpers');
const i18n = require('../../i18n');
const dns_providers = require('../../../../../global/certbot-dns-plugins');
require('jquery-serializejson'); require('jquery-serializejson');
@ -19,25 +21,29 @@ module.exports = Mn.View.extend({
locationsCollection: new ProxyLocationModel.Collection(), locationsCollection: new ProxyLocationModel.Collection(),
ui: { ui: {
form: 'form', form: 'form',
domain_names: 'input[name="domain_names"]', domain_names: 'input[name="domain_names"]',
forward_host: 'input[name="forward_host"]', forward_host: 'input[name="forward_host"]',
buttons: '.modal-footer button', buttons: '.modal-footer button',
cancel: 'button.cancel', cancel: 'button.cancel',
save: 'button.save', save: 'button.save',
add_location_btn: 'button.add_location', add_location_btn: 'button.add_location',
locations_container:'.locations_container', locations_container: '.locations_container',
certificate_select: 'select[name="certificate_id"]', le_error_info: '#le-error-info',
access_list_select: 'select[name="access_list_id"]', certificate_select: 'select[name="certificate_id"]',
ssl_forced: 'input[name="ssl_forced"]', access_list_select: 'select[name="access_list_id"]',
hsts_enabled: 'input[name="hsts_enabled"]', ssl_forced: 'input[name="ssl_forced"]',
hsts_subdomains: 'input[name="hsts_subdomains"]', hsts_enabled: 'input[name="hsts_enabled"]',
http2_support: 'input[name="http2_support"]', hsts_subdomains: 'input[name="hsts_subdomains"]',
cloudflare_switch: 'input[name="meta[cloudflare_use]"]', http2_support: 'input[name="http2_support"]',
cloudflare_token: 'input[name="meta[cloudflare_token]"', dns_challenge_switch: 'input[name="meta[dns_challenge]"]',
cloudflare: '.cloudflare', dns_challenge_content: '.dns-challenge',
forward_scheme: 'select[name="forward_scheme"]', dns_provider: 'select[name="meta[dns_provider]"]',
letsencrypt: '.letsencrypt' credentials_file_content: '.credentials-file-content',
dns_provider_credentials: 'textarea[name="meta[dns_provider_credentials]"]',
propagation_seconds: 'input[name="meta[propagation_seconds]"]',
forward_scheme: 'select[name="forward_scheme"]',
letsencrypt: '.letsencrypt'
}, },
regions: { regions: {
@ -49,7 +55,7 @@ module.exports = Mn.View.extend({
let id = this.ui.certificate_select.val(); let id = this.ui.certificate_select.val();
if (id === 'new') { if (id === 'new') {
this.ui.letsencrypt.show().find('input').prop('disabled', false); this.ui.letsencrypt.show().find('input').prop('disabled', false);
this.ui.cloudflare.hide(); this.ui.dns_challenge_content.hide();
} else { } else {
this.ui.letsencrypt.hide().find('input').prop('disabled', true); this.ui.letsencrypt.hide().find('input').prop('disabled', true);
} }
@ -95,14 +101,31 @@ module.exports = Mn.View.extend({
} }
}, },
'change @ui.cloudflare_switch': function() { 'change @ui.dns_challenge_switch': function () {
let checked = this.ui.cloudflare_switch.prop('checked'); const checked = this.ui.dns_challenge_switch.prop('checked');
if (checked) { if (checked) {
this.ui.cloudflare_token.prop('required', 'required'); this.ui.dns_provider.prop('required', 'required');
this.ui.cloudflare.show(); const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
} else { if(selected_provider != '' && dns_providers[selected_provider].credentials !== false){
this.ui.cloudflare_token.prop('required', false); this.ui.dns_provider_credentials.prop('required', 'required');
this.ui.cloudflare.hide(); }
this.ui.dns_challenge_content.show();
} else {
this.ui.dns_provider.prop('required', false);
this.ui.dns_provider_credentials.prop('required', false);
this.ui.dns_challenge_content.hide();
}
},
'change @ui.dns_provider': function () {
const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
if (selected_provider != '' && dns_providers[selected_provider].credentials !== false) {
this.ui.dns_provider_credentials.prop('required', 'required');
this.ui.dns_provider_credentials[0].value = dns_providers[selected_provider].credentials;
this.ui.credentials_file_content.show();
} else {
this.ui.dns_provider_credentials.prop('required', false);
this.ui.credentials_file_content.hide();
} }
}, },
@ -115,6 +138,7 @@ module.exports = Mn.View.extend({
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
this.ui.le_error_info.hide();
if (!this.ui.form[0].checkValidity()) { if (!this.ui.form[0].checkValidity()) {
$('<input type="submit">').hide().appendTo(this.ui.form).click().remove(); $('<input type="submit">').hide().appendTo(this.ui.form).click().remove();
@ -143,6 +167,18 @@ module.exports = Mn.View.extend({
data.hsts_enabled = !!data.hsts_enabled; data.hsts_enabled = !!data.hsts_enabled;
data.hsts_subdomains = !!data.hsts_subdomains; data.hsts_subdomains = !!data.hsts_subdomains;
data.ssl_forced = !!data.ssl_forced; data.ssl_forced = !!data.ssl_forced;
if (typeof data.meta === 'undefined') data.meta = {};
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree == 1;
data.meta.dns_challenge = data.meta.dns_challenge == 1;
if(!data.meta.dns_challenge){
data.meta.dns_provider = undefined;
data.meta.dns_provider_credentials = undefined;
data.meta.propagation_seconds = undefined;
} else {
if(data.meta.propagation_seconds === '') data.meta.propagation_seconds = undefined;
}
if (typeof data.domain_names === 'string' && data.domain_names) { if (typeof data.domain_names === 'string' && data.domain_names) {
data.domain_names = data.domain_names.split(','); data.domain_names = data.domain_names.split(',');
@ -151,7 +187,7 @@ module.exports = Mn.View.extend({
// Check for any domain names containing wildcards, which are not allowed with letsencrypt // Check for any domain names containing wildcards, which are not allowed with letsencrypt
if (data.certificate_id === 'new') { if (data.certificate_id === 'new') {
let domain_err = false; let domain_err = false;
if (!data.meta.cloudflare_use) { if (!data.meta.dns_challenge) {
data.domain_names.map(function (name) { data.domain_names.map(function (name) {
if (name.match(/\*/im)) { if (name.match(/\*/im)) {
domain_err = true; domain_err = true;
@ -160,12 +196,9 @@ module.exports = Mn.View.extend({
} }
if (domain_err) { if (domain_err) {
alert('Cannot request Let\'s Encrypt Certificate for wildcard domains without CloudFlare DNS.'); alert(i18n('ssl', 'no-wildcard-without-dns'));
return; return;
} }
data.meta.cloudflare_use = data.meta.cloudflare_use === '1';
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1';
} else { } else {
data.certificate_id = parseInt(data.certificate_id, 10); data.certificate_id = parseInt(data.certificate_id, 10);
} }
@ -194,7 +227,15 @@ module.exports = Mn.View.extend({
}); });
}) })
.catch(err => { .catch(err => {
alert(err.message); let more_info = '';
if(err.code === 500 && err.debug){
try{
more_info = JSON.parse(err.debug).debug.stack.join("\n");
} catch(e) {}
}
this.ui.le_error_info[0].innerHTML = `${err.message}${more_info !== '' ? `<pre class="mt-3">${more_info}</pre>`:''}`;
this.ui.le_error_info.show();
this.ui.le_error_info[0].scrollIntoView();
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled');
this.ui.save.removeClass('btn-loading'); this.ui.save.removeClass('btn-loading');
}); });
@ -204,7 +245,20 @@ module.exports = Mn.View.extend({
templateContext: { templateContext: {
getLetsencryptEmail: function () { getLetsencryptEmail: function () {
return App.Cache.User.get('email'); return App.Cache.User.get('email');
} },
getUseDnsChallenge: function () {
return typeof this.meta.dns_challenge !== 'undefined' ? this.meta.dns_challenge : false;
},
getDnsProvider: function () {
return typeof this.meta.dns_provider !== 'undefined' && this.meta.dns_provider != '' ? this.meta.dns_provider : null;
},
getDnsProviderCredentials: function () {
return typeof this.meta.dns_provider_credentials !== 'undefined' ? this.meta.dns_provider_credentials : '';
},
getPropagationSeconds: function () {
return typeof this.meta.propagation_seconds !== 'undefined' ? this.meta.propagation_seconds : '';
},
dns_plugins: dns_providers,
}, },
onRender: function () { onRender: function () {
@ -258,6 +312,9 @@ module.exports = Mn.View.extend({
}); });
// Certificates // Certificates
this.ui.le_error_info.hide();
this.ui.dns_challenge_content.hide();
this.ui.credentials_file_content.hide();
this.ui.letsencrypt.hide(); this.ui.letsencrypt.hide();
this.ui.certificate_select.selectize({ this.ui.certificate_select.selectize({
valueField: 'id', valueField: 'id',

View File

@ -4,6 +4,7 @@
<button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button> <button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button>
</div> </div>
<div class="modal-body has-tabs"> <div class="modal-body has-tabs">
<div class="alert alert-danger mb-0 rounded-0" id="le-error-info" role="alert"></div>
<form> <form>
<ul class="nav nav-tabs" role="tablist"> <ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li> <li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li>
@ -97,21 +98,96 @@
</div> </div>
</div> </div>
<!-- CloudFlare --> <!-- DNS challenge -->
<div class="col-sm-12 col-md-12 letsencrypt"> <div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group"> <div class="form-group">
<label class="custom-switch"> <label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="meta[cloudflare_use]" value="1"> <input
type="checkbox"
class="custom-switch-input"
name="meta[dns_challenge]"
value="1"
<%- getUseDnsChallenge() ? 'checked' : '' %>
>
<span class="custom-switch-indicator"></span> <span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%= i18n('ssl', 'use-cloudflare') %></span> <span class="custom-switch-description"><%= i18n('ssl', 'dns-challenge') %></span>
</label> </label>
</div> </div>
</div> </div>
<div class="col-sm-12 col-md-12 cloudflare letsencrypt"> <div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group"> <fieldset class="form-fieldset dns-challenge">
<label class="form-label">CloudFlare DNS API Token <span class="form-required">*</span></label> <div class="text-red mb-4"><i class="fe fe-alert-triangle"></i> <%= i18n('ssl', 'certbot-warning') %></div>
<input type="text" name="meta[cloudflare_token]" class="form-control" id="cloudflare_token">
</div> <!-- Certbot DNS plugin selection -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'dns-provider') %> <span class="form-required">*</span></label>
<select
name="meta[dns_provider]"
id="dns_provider"
class="form-control custom-select"
>
<option
value=""
disabled
hidden
<%- getDnsProvider() === null ? 'selected' : '' %>
>Please Choose...</option>
<% _.each(dns_plugins, function(plugin_info, plugin_name){ %>
<option
value="<%- plugin_name %>"
<%- getDnsProvider() === plugin_name ? 'selected' : '' %>
><%- plugin_info.display_name %></option>
<% }); %>
</select>
</div>
</div>
</div>
<!-- Certbot credentials file content -->
<div class="row credentials-file-content">
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('ssl', 'credentials-file-content') %> <span class="form-required">*</span></label>
<textarea
name="meta[dns_provider_credentials]"
class="form-control text-monospace"
id="dns_provider_credentials"
><%- getDnsProviderCredentials() %></textarea>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'credentials-file-content-info') %>
</div>
<div class="text-red small">
<i class="fe fe-alert-triangle"></i>
<%= i18n('ssl', 'stored-as-plaintext-info') %>
</div>
</div>
</div>
</div>
<!-- DNS propagation delay -->
<div class="row">
<div class="col-sm-12 col-md-12">
<div class="form-group mb-0">
<label class="form-label"><%- i18n('ssl', 'propagation-seconds') %></label>
<input
type="number"
min="0"
name="meta[propagation_seconds]"
class="form-control"
id="propagation_seconds"
value="<%- getPropagationSeconds() %>"
>
<div class="text-secondary small">
<i class="fe fe-info"></i>
<%= i18n('ssl', 'propagation-seconds-info') %>
</div>
</div>
</div>
</div>
</fieldset>
</div> </div>
<!-- Lets encrypt --> <!-- Lets encrypt -->

View File

@ -4,6 +4,9 @@ const RedirectionHostModel = require('../../../models/redirection-host');
const template = require('./form.ejs'); const template = require('./form.ejs');
const certListItemTemplate = require('../certificates-list-item.ejs'); const certListItemTemplate = require('../certificates-list-item.ejs');
const Helpers = require('../../../lib/helpers'); const Helpers = require('../../../lib/helpers');
const i18n = require('../../i18n');
const dns_providers = require('../../../../../global/certbot-dns-plugins');
require('jquery-serializejson'); require('jquery-serializejson');
require('selectize'); require('selectize');
@ -13,20 +16,24 @@ module.exports = Mn.View.extend({
className: 'modal-dialog', className: 'modal-dialog',
ui: { ui: {
form: 'form', form: 'form',
domain_names: 'input[name="domain_names"]', domain_names: 'input[name="domain_names"]',
buttons: '.modal-footer button', buttons: '.modal-footer button',
cancel: 'button.cancel', cancel: 'button.cancel',
save: 'button.save', save: 'button.save',
certificate_select: 'select[name="certificate_id"]', le_error_info: '#le-error-info',
ssl_forced: 'input[name="ssl_forced"]', certificate_select: 'select[name="certificate_id"]',
hsts_enabled: 'input[name="hsts_enabled"]', ssl_forced: 'input[name="ssl_forced"]',
hsts_subdomains: 'input[name="hsts_subdomains"]', hsts_enabled: 'input[name="hsts_enabled"]',
http2_support: 'input[name="http2_support"]', hsts_subdomains: 'input[name="hsts_subdomains"]',
cloudflare_switch: 'input[name="meta[cloudflare_use]"]', http2_support: 'input[name="http2_support"]',
cloudflare_token: 'input[name="meta[cloudflare_token]"', dns_challenge_switch: 'input[name="meta[dns_challenge]"]',
cloudflare: '.cloudflare', dns_challenge_content: '.dns-challenge',
letsencrypt: '.letsencrypt' dns_provider: 'select[name="meta[dns_provider]"]',
credentials_file_content: '.credentials-file-content',
dns_provider_credentials: 'textarea[name="meta[dns_provider_credentials]"]',
propagation_seconds: 'input[name="meta[propagation_seconds]"]',
letsencrypt: '.letsencrypt'
}, },
events: { events: {
@ -34,7 +41,7 @@ module.exports = Mn.View.extend({
let id = this.ui.certificate_select.val(); let id = this.ui.certificate_select.val();
if (id === 'new') { if (id === 'new') {
this.ui.letsencrypt.show().find('input').prop('disabled', false); this.ui.letsencrypt.show().find('input').prop('disabled', false);
this.ui.cloudflare.hide(); this.ui.dns_challenge_content.hide();
} else { } else {
this.ui.letsencrypt.hide().find('input').prop('disabled', true); this.ui.letsencrypt.hide().find('input').prop('disabled', true);
} }
@ -80,19 +87,37 @@ module.exports = Mn.View.extend({
} }
}, },
'change @ui.cloudflare_switch': function() { 'change @ui.dns_challenge_switch': function () {
let checked = this.ui.cloudflare_switch.prop('checked'); const checked = this.ui.dns_challenge_switch.prop('checked');
if (checked) { if (checked) {
this.ui.cloudflare_token.prop('required', 'required'); this.ui.dns_provider.prop('required', 'required');
this.ui.cloudflare.show(); const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
} else { if(selected_provider != '' && dns_providers[selected_provider].credentials !== false){
this.ui.cloudflare_token.prop('required', false); this.ui.dns_provider_credentials.prop('required', 'required');
this.ui.cloudflare.hide(); }
this.ui.dns_challenge_content.show();
} else {
this.ui.dns_provider.prop('required', false);
this.ui.dns_provider_credentials.prop('required', false);
this.ui.dns_challenge_content.hide();
}
},
'change @ui.dns_provider': function () {
const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
if (selected_provider != '' && dns_providers[selected_provider].credentials !== false) {
this.ui.dns_provider_credentials.prop('required', 'required');
this.ui.dns_provider_credentials[0].value = dns_providers[selected_provider].credentials;
this.ui.credentials_file_content.show();
} else {
this.ui.dns_provider_credentials.prop('required', false);
this.ui.credentials_file_content.hide();
} }
}, },
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
this.ui.le_error_info.hide();
if (!this.ui.form[0].checkValidity()) { if (!this.ui.form[0].checkValidity()) {
$('<input type="submit">').hide().appendTo(this.ui.form).click().remove(); $('<input type="submit">').hide().appendTo(this.ui.form).click().remove();
@ -103,12 +128,24 @@ module.exports = Mn.View.extend({
let data = this.ui.form.serializeJSON(); let data = this.ui.form.serializeJSON();
// Manipulate // Manipulate
data.block_exploits = !!data.block_exploits; data.block_exploits = !!data.block_exploits;
data.preserve_path = !!data.preserve_path; data.preserve_path = !!data.preserve_path;
data.http2_support = !!data.http2_support; data.http2_support = !!data.http2_support;
data.hsts_enabled = !!data.hsts_enabled; data.hsts_enabled = !!data.hsts_enabled;
data.hsts_subdomains = !!data.hsts_subdomains; data.hsts_subdomains = !!data.hsts_subdomains;
data.ssl_forced = !!data.ssl_forced; data.ssl_forced = !!data.ssl_forced;
if (typeof data.meta === 'undefined') data.meta = {};
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree == 1;
data.meta.dns_challenge = data.meta.dns_challenge == 1;
if(!data.meta.dns_challenge){
data.meta.dns_provider = undefined;
data.meta.dns_provider_credentials = undefined;
data.meta.propagation_seconds = undefined;
} else {
if(data.meta.propagation_seconds === '') data.meta.propagation_seconds = undefined;
}
if (typeof data.domain_names === 'string' && data.domain_names) { if (typeof data.domain_names === 'string' && data.domain_names) {
data.domain_names = data.domain_names.split(','); data.domain_names = data.domain_names.split(',');
@ -117,7 +154,7 @@ module.exports = Mn.View.extend({
// Check for any domain names containing wildcards, which are not allowed with letsencrypt // Check for any domain names containing wildcards, which are not allowed with letsencrypt
if (data.certificate_id === 'new') { if (data.certificate_id === 'new') {
let domain_err = false; let domain_err = false;
if (!data.meta.cloudflare_use) { if (!data.meta.dns_challenge) {
data.domain_names.map(function (name) { data.domain_names.map(function (name) {
if (name.match(/\*/im)) { if (name.match(/\*/im)) {
domain_err = true; domain_err = true;
@ -126,12 +163,9 @@ module.exports = Mn.View.extend({
} }
if (domain_err) { if (domain_err) {
alert('Cannot request Let\'s Encrypt Certificate for wildcard domains without CloudFlare DNS.'); alert(i18n('ssl', 'no-wildcard-without-dns'));
return; return;
} }
data.meta.cloudflare_use = data.meta.cloudflare_use === '1';
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1';
} else { } else {
data.certificate_id = parseInt(data.certificate_id, 10); data.certificate_id = parseInt(data.certificate_id, 10);
} }
@ -160,7 +194,15 @@ module.exports = Mn.View.extend({
}); });
}) })
.catch(err => { .catch(err => {
alert(err.message); let more_info = '';
if(err.code === 500 && err.debug){
try{
more_info = JSON.parse(err.debug).debug.stack.join("\n");
} catch(e) {}
}
this.ui.le_error_info[0].innerHTML = `${err.message}${more_info !== '' ? `<pre class="mt-3">${more_info}</pre>`:''}`;
this.ui.le_error_info.show();
this.ui.le_error_info[0].scrollIntoView();
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled');
this.ui.save.removeClass('btn-loading'); this.ui.save.removeClass('btn-loading');
}); });
@ -170,7 +212,20 @@ module.exports = Mn.View.extend({
templateContext: { templateContext: {
getLetsencryptEmail: function () { getLetsencryptEmail: function () {
return App.Cache.User.get('email'); return App.Cache.User.get('email');
} },
getUseDnsChallenge: function () {
return typeof this.meta.dns_challenge !== 'undefined' ? this.meta.dns_challenge : false;
},
getDnsProvider: function () {
return typeof this.meta.dns_provider !== 'undefined' && this.meta.dns_provider != '' ? this.meta.dns_provider : null;
},
getDnsProviderCredentials: function () {
return typeof this.meta.dns_provider_credentials !== 'undefined' ? this.meta.dns_provider_credentials : '';
},
getPropagationSeconds: function () {
return typeof this.meta.propagation_seconds !== 'undefined' ? this.meta.propagation_seconds : '';
},
dns_plugins: dns_providers,
}, },
onRender: function () { onRender: function () {
@ -191,6 +246,9 @@ module.exports = Mn.View.extend({
}); });
// Certificates // Certificates
this.ui.le_error_info.hide();
this.ui.dns_challenge_content.hide();
this.ui.credentials_file_content.hide();
this.ui.letsencrypt.hide(); this.ui.letsencrypt.hide();
this.ui.certificate_select.selectize({ this.ui.certificate_select.selectize({
valueField: 'id', valueField: 'id',

View File

@ -102,7 +102,17 @@
"letsencrypt-agree": "I Agree to the <a href=\"{url}\" target=\"_blank\">Let's Encrypt Terms of Service</a>", "letsencrypt-agree": "I Agree to the <a href=\"{url}\" target=\"_blank\">Let's Encrypt Terms of Service</a>",
"delete-ssl": "The SSL certificates attached will NOT be removed, they will need to be removed manually.", "delete-ssl": "The SSL certificates attached will NOT be removed, they will need to be removed manually.",
"hosts-warning": "These domains must be already configured to point to this installation", "hosts-warning": "These domains must be already configured to point to this installation",
"use-cloudflare": "Use CloudFlare DNS verification" "no-wildcard-without-dns": "Cannot request Let's Encrypt Certificate for wildcard domains when not using DNS challenge",
"dns-challenge": "Use a DNS Challenge",
"certbot-warning": "This section requires some knowledge about Certbot and its DNS plugins. Please consult the respective plugins documentation.",
"dns-provider": "DNS Provider",
"please-choose": "Please Choose...",
"credentials-file-content": "Credentials File Content",
"credentials-file-content-info": "This plugin requires a configuration file containing an API token or other credentials to your provider",
"stored-as-plaintext-info": "This data will be stored as plaintext in the database!",
"propagation-seconds": "Propagation Seconds",
"propagation-seconds-info": "Leave empty to use the plugins default value. Number of seconds to wait for DNS propagation.",
"obtaining-certificate-info": "Obtaining certificate... This might take a few minutes."
}, },
"proxy-hosts": { "proxy-hosts": {
"title": "Proxy Hosts", "title": "Proxy Hosts",

View File

@ -0,0 +1,251 @@
/**
* This file contains info about available Certbot DNS plugins.
* This only works for plugins which use the standard argument structure, so:
* --authenticator <plugin-name> --<plugin-name>-credentials <FILE> --<plugin-name>-propagation-seconds <number>
*
* File Structure:
*
* {
* cloudflare: {
* display_name: "Name displayed to the user",
* package_name: "Package name in PyPi repo",
* package_version: "Package version in PyPi repo",
* credentials: `Template of the credentials file`,
* full_plugin_name: "The full plugin name as used in the commandline with certbot, including prefixes, e.g. 'certbot-dns-njalla:dns-njalla'",
* credentials_file: Whether the plugin has a credentials file
* },
* ...
* }
*
*/
module.exports = {
cloudflare: {
display_name: "Cloudflare",
package_name: "certbot-dns-cloudflare",
package_version: "1.8.0",
credentials: `# Cloudflare API token
dns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567`,
full_plugin_name: "dns-cloudflare",
},
//####################################################//
cloudxns: {
display_name: "CloudXNS",
package_name: "certbot-dns-cloudxns",
package_version: "1.8.0",
credentials: `dns_cloudxns_api_key = 1234567890abcdef1234567890abcdef
dns_cloudxns_secret_key = 1122334455667788`,
full_plugin_name: "dns-cloudxns",
},
//####################################################//
corenetworks: {
display_name: "Core Networks",
package_name: "certbot-dns-corenetworks",
package_version: "0.1.4",
credentials: `certbot_dns_corenetworks:dns_corenetworks_username = asaHB12r
certbot_dns_corenetworks:dns_corenetworks_password = secure_password`,
full_plugin_name: "certbot-dns-corenetworks:dns-corenetworks",
},
//####################################################//
cpanel: {
display_name: "cPanel",
package_name: "certbot-dns-cpanel",
package_version: "0.2.2",
credentials: `certbot_dns_cpanel:cpanel_url = https://cpanel.example.com:2083
certbot_dns_cpanel:cpanel_username = user
certbot_dns_cpanel:cpanel_password = hunter2`,
full_plugin_name: "certbot-dns-cpanel:cpanel",
},
//####################################################//
digitalocean: {
display_name: "DigitalOcean",
package_name: "certbot-dns-digitalocean",
package_version: "1.8.0",
credentials: `dns_digitalocean_token = 0000111122223333444455556666777788889999aaaabbbbccccddddeeeeffff`,
full_plugin_name: "dns-digitalocean",
},
//####################################################//
directadmin: {
display_name: "DirectAdmin",
package_name: "certbot-dns-directadmin",
package_version: "0.0.20",
credentials: `directadmin_url = https://my.directadminserver.com:2222
directadmin_username = username
directadmin_password = aSuperStrongPassword`,
full_plugin_name: "certbot-dns-directadmin:directadmin",
},
//####################################################//
dnsimple: {
display_name: "DNSimple",
package_name: "certbot-dns-dnsimple",
package_version: "1.8.0",
credentials: `dns_dnsimple_token = MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw`,
full_plugin_name: "dns-dnsimple",
},
//####################################################//
dnsmadeeasy: {
display_name: "DNS Made Easy",
package_name: "certbot-dns-dnsmadeeasy",
package_version: "1.8.0",
credentials: `dns_dnsmadeeasy_api_key = 1c1a3c91-4770-4ce7-96f4-54c0eb0e457a
dns_dnsmadeeasy_secret_key = c9b5625f-9834-4ff8-baba-4ed5f32cae55`,
full_plugin_name: "dns-dnsmadeeasy",
},
//####################################################//
dnspod: {
display_name: "DNSPod",
package_name: "certbot-dns-dnspod",
package_version: "0.1.0",
credentials: `certbot_dns_dnspod:dns_dnspod_email = "DNSPOD-API-REQUIRES-A-VALID-EMAIL"
certbot_dns_dnspod:dns_dnspod_api_token = "DNSPOD-API-TOKEN"`,
full_plugin_name: "certbot-dns-dnspod:dns-dnspod",
},
//####################################################//
google: {
display_name: "Google",
package_name: "certbot-dns-google",
package_version: "1.8.0",
credentials: `{
"type": "service_account",
...
}`,
full_plugin_name: "dns-google",
},
//####################################################//
hetzner: {
display_name: "Hetzner",
package_name: "certbot-dns-hetzner",
package_version: "1.0.4",
credentials: `certbot_dns_hetzner:dns_hetzner_api_token = 0123456789abcdef0123456789abcdef`,
full_plugin_name: "certbot-dns-hetzner:dns-hetzner",
},
//####################################################//
inwx: {
display_name: "INWX",
package_name: "certbot-dns-inwx",
package_version: "2.1.2",
credentials: `certbot_dns_inwx:dns_inwx_url = https://api.domrobot.com/xmlrpc/
certbot_dns_inwx:dns_inwx_username = your_username
certbot_dns_inwx:dns_inwx_password = your_password
certbot_dns_inwx:dns_inwx_shared_secret = your_shared_secret optional`,
full_plugin_name: "certbot-dns-inwx:dns-inwx",
},
//####################################################//
ispconfig: {
display_name: "ISPConfig",
package_name: "certbot-dns-ispconfig",
package_version: "0.2.0",
credentials: `certbot_dns_ispconfig:dns_ispconfig_username = myremoteuser
certbot_dns_ispconfig:dns_ispconfig_password = verysecureremoteuserpassword
certbot_dns_ispconfig:dns_ispconfig_endpoint = https://localhost:8080`,
full_plugin_name: "certbot-dns-ispconfig:dns-ispconfig",
},
//####################################################//
isset: {
display_name: "Isset",
package_name: "certbot-dns-isset",
package_version: "0.0.3",
credentials: `certbot_dns_isset:dns_isset_endpoint="https://customer.isset.net/api"
certbot_dns_isset:dns_isset_token="<token>"`,
full_plugin_name: "certbot-dns-isset:dns-isset",
},
//####################################################//
linode: {
display_name: "Linode",
package_name: "certbot-dns-linode",
package_version: "1.8.0",
credentials: `dns_linode_key = 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ64
dns_linode_version = [<blank>|3|4]`,
full_plugin_name: "dns-linode",
},
//####################################################//
luadns: {
display_name: "LuaDNS",
package_name: "certbot-dns-luadns",
package_version: "1.8.0",
credentials: `dns_luadns_email = user@example.com
dns_luadns_token = 0123456789abcdef0123456789abcdef`,
full_plugin_name: "dns-luadns",
},
//####################################################//
netcup: {
display_name: "netcup",
package_name: "certbot-dns-netcup",
package_version: "1.0.0",
credentials: `dns_netcup_customer_id = 123456
dns_netcup_api_key = 0123456789abcdef0123456789abcdef01234567
dns_netcup_api_password = abcdef0123456789abcdef01234567abcdef0123`,
full_plugin_name: "certbot-dns-netcup:dns-netcup",
},
//####################################################//
njalla: {
display_name: "Njalla",
package_name: "certbot-dns-njalla",
package_version: "0.0.4",
credentials: `certbot_dns_njalla:dns_njalla_token = 0123456789abcdef0123456789abcdef01234567`,
full_plugin_name: "certbot-dns-njalla:dns-njalla",
},
//####################################################//
nsone: {
display_name: "NS1",
package_name: "certbot-dns-nsone",
package_version: "1.8.0",
credentials: `dns_nsone_api_key = MDAwMDAwMDAwMDAwMDAw`,
full_plugin_name: "dns-nsone",
},
//####################################################//
ovh: {
display_name: "OVH",
package_name: "certbot-dns-ovh",
package_version: "1.8.0",
credentials: `dns_ovh_endpoint = ovh-eu
dns_ovh_application_key = MDAwMDAwMDAwMDAw
dns_ovh_application_secret = MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw
dns_ovh_consumer_key = MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw`,
full_plugin_name: "dns-ovh",
},
//####################################################//
powerdns: {
display_name: "PowerDNS",
package_name: "certbot-dns-powerdns",
package_version: "0.2.0",
credentials: `certbot_dns_powerdns:dns_powerdns_api_url = https://api.mypowerdns.example.org
certbot_dns_powerdns:dns_powerdns_api_key = AbCbASsd!@34`,
full_plugin_name: "certbot-dns-powerdns:dns-powerdns",
},
//####################################################//
rfc2136: {
display_name: "RFC 2136",
package_name: "certbot-dns-rfc2136",
package_version: "1.8.0",
credentials: `# Target DNS server
dns_rfc2136_server = 192.0.2.1
# Target DNS port
dns_rfc2136_port = 53
# TSIG key name
dns_rfc2136_name = keyname.
# TSIG key secret
dns_rfc2136_secret = 4q4wM/2I180UXoMyN4INVhJNi8V9BCV+jMw2mXgZw/CSuxUT8C7NKKFs AmKd7ak51vWKgSl12ib86oQRPkpDjg==
# TSIG key algorithm
dns_rfc2136_algorithm = HMAC-SHA512`,
full_plugin_name: "dns-rfc2136",
},
//####################################################//
route53: {
display_name: "Route 53 (Amazon)",
package_name: "certbot-dns-route53",
package_version: "1.8.0",
credentials: `[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY`,
full_plugin_name: "dns-route53",
},
//####################################################//
vultr: {
display_name: "Vultr",
package_name: "certbot-dns-vultr",
package_version: "1.0.3",
credentials: `certbot_dns_vultr:dns_vultr_key = YOUR_VULTR_API_KEY`,
full_plugin_name: "certbot-dns-vultr:dns-vultr",
},
};

View File

@ -10,7 +10,7 @@ if hash docker 2>/dev/null; then
docker pull "${DOCKER_IMAGE}" docker pull "${DOCKER_IMAGE}"
cd "${DIR}/.." cd "${DIR}/.."
echo -e "${BLUE} ${CYAN}Building Frontend ...${RESET}" echo -e "${BLUE} ${CYAN}Building Frontend ...${RESET}"
docker run --rm -e CI=true -v "$(pwd)/frontend:/app/frontend" -w /app/frontend "$DOCKER_IMAGE" sh -c "yarn install && yarn build && yarn build && chown -R $(id -u):$(id -g) /app/frontend" docker run --rm -e CI=true -v "$(pwd)/frontend:/app/frontend" -v "$(pwd)/global:/app/global" -w /app/frontend "$DOCKER_IMAGE" sh -c "yarn install && yarn build && yarn build && chown -R $(id -u):$(id -g) /app/frontend"
echo -e "${BLUE} ${GREEN}Building Frontend Complete${RESET}" echo -e "${BLUE} ${GREEN}Building Frontend Complete${RESET}"
else else
echo -e "${RED} docker command is not available${RESET}" echo -e "${RED} docker command is not available${RESET}"

View File

@ -7,7 +7,7 @@ DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
if hash docker-compose 2>/dev/null; then if hash docker-compose 2>/dev/null; then
cd "${DIR}/.." cd "${DIR}/.."
echo -e "${BLUE} ${CYAN}Testing Dev Stack ...${RESET}" echo -e "${BLUE} ${CYAN}Testing Dev Stack ...${RESET}"
docker-compose exec -T npm bash -c "cd /app/backend && task test" docker-compose exec -T npm bash -c "cd /app && task test"
else else
echo -e "${RED} docker-compose command is not available${RESET}" echo -e "${RED} docker-compose command is not available${RESET}"
fi fi