Implements dns challenge provider selection in frontend

2020-10-04 23:56:02 +02:00
parent 28f72086ec
commit b81325d7bf
12 changed files with 755 additions and 155 deletions
--- a/frontend/js/app/nginx/dead/form.js
+++ b/frontend/js/app/nginx/dead/form.js
@ -4,6 +4,8 @@ const DeadHostModel        = require('../../../models/dead-host');
 const template             = require('./form.ejs');
 const certListItemTemplate = require('../certificates-list-item.ejs');
 const Helpers              = require('../../../lib/helpers');
+const i18n                 = require('../../i18n');
+const dns_providers        = require('../../../../../utils/certbot-dns-plugins');

 require('jquery-serializejson');
 require('selectize');
@ -13,20 +15,23 @@ module.exports = Mn.View.extend({
    className: 'modal-dialog',

    ui: {
-        form:               'form',
-        domain_names:       'input[name="domain_names"]',
-        buttons:            '.modal-footer button',
-        cancel:             'button.cancel',
-        save:               'button.save',
-        certificate_select: 'select[name="certificate_id"]',
-        ssl_forced:         'input[name="ssl_forced"]',
-        hsts_enabled:       'input[name="hsts_enabled"]',
-        hsts_subdomains:    'input[name="hsts_subdomains"]',
-        http2_support:      'input[name="http2_support"]',
-        cloudflare_switch:  'input[name="meta[cloudflare_use]"]',
-        cloudflare_token:   'input[name="meta[cloudflare_token]"',
-        cloudflare:         '.cloudflare',
-        letsencrypt:        '.letsencrypt'
+        form:                     'form',
+        domain_names:             'input[name="domain_names"]',
+        buttons:                  '.modal-footer button',
+        cancel:                   'button.cancel',
+        save:                     'button.save',
+        certificate_select:       'select[name="certificate_id"]',
+        ssl_forced:               'input[name="ssl_forced"]',
+        hsts_enabled:             'input[name="hsts_enabled"]',
+        hsts_subdomains:          'input[name="hsts_subdomains"]',
+        http2_support:            'input[name="http2_support"]',
+        dns_challenge_switch:     'input[name="meta[dns_challenge]"]',
+        dns_challenge_content:    '.dns-challenge',
+        dns_provider:             'select[name="meta[dns_provider]"]',
+        credentials_file_content: '.credentials-file-content',
+        dns_provider_credentials: 'textarea[name="meta[dns_provider_credentials]"]',
+        propagation_seconds:      'input[name="meta[propagation_seconds]"]',
+        letsencrypt:              '.letsencrypt'
    },

    events: {
@ -34,7 +39,7 @@ module.exports = Mn.View.extend({
            let id = this.ui.certificate_select.val();
            if (id === 'new') {
                this.ui.letsencrypt.show().find('input').prop('disabled', false);
-                this.ui.cloudflare.hide();
+                this.ui.dns_challenge_content.hide();
            } else {
                this.ui.letsencrypt.hide().find('input').prop('disabled', true);
            }
@ -81,14 +86,31 @@ module.exports = Mn.View.extend({
            }
        },

-        'change @ui.cloudflare_switch': function() {
-            let checked = this.ui.cloudflare_switch.prop('checked');
-            if (checked) {                
-                this.ui.cloudflare_token.prop('required', 'required');
-                this.ui.cloudflare.show();
-            } else {                
-                this.ui.cloudflare_token.prop('required', false);
-                this.ui.cloudflare.hide();                
+        'change @ui.dns_challenge_switch': function () {
+            const checked = this.ui.dns_challenge_switch.prop('checked');
+            if (checked) {
+                this.ui.dns_provider.prop('required', 'required');
+                const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
+                if(selected_provider != '' && dns_providers[selected_provider].credentials !== false){
+                    this.ui.dns_provider_credentials.prop('required', 'required');
+                }
+                this.ui.dns_challenge_content.show();
+            } else {
+                this.ui.dns_provider.prop('required', false);
+                this.ui.dns_provider_credentials.prop('required', false);
+                this.ui.dns_challenge_content.hide();                
+            }
+        },
+
+        'change @ui.dns_provider': function () {
+            const selected_provider = this.ui.dns_provider[0].options[this.ui.dns_provider[0].selectedIndex].value;
+            if (selected_provider != '' && dns_providers[selected_provider].credentials !== false) {
+                this.ui.dns_provider_credentials.prop('required', 'required');
+                this.ui.dns_provider_credentials[0].value = dns_providers[selected_provider].credentials;
+                this.ui.credentials_file_content.show();
+            } else {
+                this.ui.dns_provider_credentials.prop('required', false);
+                this.ui.credentials_file_content.hide();                
            }
        },

@ -104,10 +126,11 @@ module.exports = Mn.View.extend({
            let data = this.ui.form.serializeJSON();

            // Manipulate
-            data.hsts_enabled    = !!data.hsts_enabled;
-            data.hsts_subdomains = !!data.hsts_subdomains;
-            data.http2_support   = !!data.http2_support;
-            data.ssl_forced      = !!data.ssl_forced;
+            data.hsts_enabled       = !!data.hsts_enabled;
+            data.hsts_subdomains    = !!data.hsts_subdomains;
+            data.http2_support      = !!data.http2_support;
+            data.ssl_forced         = !!data.ssl_forced;
+            data.meta.dns_challenge = !!data.meta.dns_challenge;

            if (typeof data.domain_names === 'string' && data.domain_names) {
                data.domain_names = data.domain_names.split(',');
@ -116,7 +139,7 @@ module.exports = Mn.View.extend({
            // Check for any domain names containing wildcards, which are not allowed with letsencrypt
            if (data.certificate_id === 'new') {                
                let domain_err = false;
-                if (!data.meta.cloudflare_use) {
+                if (!data.meta.dns_challenge) {
                    data.domain_names.map(function (name) {
                        if (name.match(/\*/im)) {
                            domain_err = true;
@ -125,11 +148,10 @@ module.exports = Mn.View.extend({
                }

                if (domain_err) {
-                    alert('Cannot request Let\'s Encrypt Certificate for wildcard domains without CloudFlare DNS.');
+                    alert(i18n('ssl', 'no-wildcard-without-dns'));
                    return;
                }

-                data.meta.cloudflare_use = data.meta.cloudflare_use === '1';
                data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1';                
            } else {
                data.certificate_id = parseInt(data.certificate_id, 10);
@ -169,7 +191,20 @@ module.exports = Mn.View.extend({
    templateContext: {
        getLetsencryptEmail: function () {
            return App.Cache.User.get('email');
-        }
+        },
+        getUseDnsChallenge: function () {
+            return typeof this.meta.dns_challenge !== 'undefined' ? this.meta.dns_challenge : false;
+        },
+        getDnsProvider: function () {
+            return typeof this.meta.dns_provider !== 'undefined' && this.meta.dns_provider != '' ? this.meta.dns_provider : null;
+        },
+        getDnsProviderCredentials: function () {
+            return typeof this.meta.dns_provider_credentials !== 'undefined' ? this.meta.dns_provider_credentials : '';
+        },
+        getPropagationSeconds: function () {
+            return typeof this.meta.propagation_seconds !== 'undefined' ? this.meta.propagation_seconds : '';
+        },
+        dns_plugins: dns_providers,
    },

    onRender: function () {
@ -190,6 +225,8 @@ module.exports = Mn.View.extend({
        });

        // Certificates
+        this.ui.dns_challenge_content.hide();
+        this.ui.credentials_file_content.hide();
        this.ui.letsencrypt.hide();
        this.ui.certificate_select.selectize({
            valueField:       'id',