Mirrored_Repos/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/jc21/nginx-proxy-manager.git synced 2024-08-30 18:22:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Certificates into their own section

Browse Source
This commit is contained in:
Jamie Curnow 2018-08-07 20:27:20 +10:00
parent 1c57ccdc87
commit c749a22b52
41 changed files with 599 additions and 385 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package.json
View File

@ -1,7 +1,7 @@
{ {
"name": "nginx-proxy-manager", "name": "nginx-proxy-manager",
"version": "2.0.0", "version": "2.0.0",
"description": "A nice web interface for managing your endpoints", "description": "A beautiful interface for creating Nginx endpoints",
"main": "src/backend/index.js", "main": "src/backend/index.js",
"devDependencies": { "devDependencies": {
"babel-core": "^6.26.3", "babel-core": "^6.26.3",

95
src/backend/internal/certificate.js
View File

@ -3,6 +3,8 @@
const _ = require('lodash'); const _ = require('lodash');
const error = require('../lib/error'); const error = require('../lib/error');
const certificateModel = require('../models/certificate'); const certificateModel = require('../models/certificate');
const internalAuditLog = require('./audit-log');
const internalHost = require('./host');
function omissions () { function omissions () {
return ['is_deleted']; return ['is_deleted'];
@ -17,9 +19,27 @@ const internalCertificate = {
*/ */
create: (access, data) => { create: (access, data) => {
return access.can('certificates:create', data) return access.can('certificates:create', data)
.then(access_data => { .then(() => {
// TODO data.owner_user_id = access.token.get('attrs').id;
return {};
return certificateModel
.query()
.omit(omissions())
.insertAndFetch(data);
})
.then(row => {
data.meta = _.assign({}, data.meta || {}, row.meta);
// Add to audit log
return internalAuditLog.add(access, {
action: 'created',
object_type: 'certificate',
object_id: row.id,
meta: data
})
.then(() => {
return row;
});
}); });
}, },
@ -135,7 +155,7 @@ const internalCertificate = {
.groupBy('id') .groupBy('id')
.omit(['is_deleted']) .omit(['is_deleted'])
.allowEager('[owner]') .allowEager('[owner]')
.orderBy('name', 'ASC'); .orderBy('nice_name', 'ASC');
if (access_data.permission_visibility !== 'all') { if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id); query.andWhere('owner_user_id', access.token.get('attrs').id);
@ -177,6 +197,73 @@ const internalCertificate = {
.then(row => { .then(row => {
return parseInt(row.count, 10); return parseInt(row.count, 10);
}); });
},
/**
* Validates that the certs provided are good
*
* @param {Access} access
* @param {Object} data
* @param {Object} data.files
* @returns {Promise}
*/
validate: (access, data) => {
return new Promise((resolve, reject) => {
let files = {};
_.map(data.files, (file, name) => {
if (internalHost.allowed_ssl_files.indexOf(name) !== -1) {
files[name] = file.data.toString();
}
});
resolve(files);
})
.then(files => {
// TODO: validate using openssl
// files.certificate
// files.certificate_key
return true;
});
},
/**
* @param {Access} access
* @param {Object} data
* @param {Integer} data.id
* @param {Object} data.files
* @returns {Promise}
*/
upload: (access, data) => {
return internalCertificate.get(access, {id: data.id})
.then(row => {
if (row.provider !== 'other') {
throw new error.ValidationError('Cannot upload certificates for this type of provider');
}
_.map(data.files, (file, name) => {
if (internalHost.allowed_ssl_files.indexOf(name) !== -1) {
row.meta[name] = file.data.toString();
}
});
return internalCertificate.update(access, {
id: data.id,
meta: row.meta
});
})
.then(row => {
return internalAuditLog.add(access, {
action: 'updated',
object_type: 'certificate',
object_id: row.id,
meta: data
})
.then(() => {
return _.pick(row.meta, internalHost.allowed_ssl_files);
});
});
} }
}; };

8
src/backend/internal/dead-host.js
View File

@ -41,10 +41,6 @@ const internalDeadHost = {
// At this point the domains should have been checked // At this point the domains should have been checked
data.owner_user_id = access.token.get('attrs').id; data.owner_user_id = access.token.get('attrs').id;
if (typeof data.meta === 'undefined') {
data.meta = {};
}
return deadHostModel return deadHostModel
.query() .query()
.omit(omissions()) .omit(omissions())
@ -149,7 +145,7 @@ const internalDeadHost = {
.query() .query()
.where('is_deleted', 0) .where('is_deleted', 0)
.andWhere('id', data.id) .andWhere('id', data.id)
.allowEager('[owner]') .allowEager('[owner,certificate]')
.first(); .first();
if (access_data.permission_visibility !== 'all') { if (access_data.permission_visibility !== 'all') {
@ -274,7 +270,7 @@ const internalDeadHost = {
.where('is_deleted', 0) .where('is_deleted', 0)
.groupBy('id') .groupBy('id')
.omit(['is_deleted']) .omit(['is_deleted'])
.allowEager('[owner]') .allowEager('[owner,certificate]')
.orderBy('domain_names', 'ASC'); .orderBy('domain_names', 'ASC');
if (access_data.permission_visibility !== 'all') { if (access_data.permission_visibility !== 'all') {

2
src/backend/internal/host.js
View File

@ -8,7 +8,7 @@ const deadHostModel = require('../models/dead_host');
const internalHost = { const internalHost = {
allowed_ssl_files: ['other_certificate', 'other_certificate_key'], allowed_ssl_files: ['certificate', 'certificate_key'],
/** /**
* Internal use only, checks to see if the domain is already taken by any other record * Internal use only, checks to see if the domain is already taken by any other record

42
src/backend/internal/proxy-host.js
View File

@ -41,10 +41,6 @@ const internalProxyHost = {
// At this point the domains should have been checked // At this point the domains should have been checked
data.owner_user_id = access.token.get('attrs').id; data.owner_user_id = access.token.get('attrs').id;
if (typeof data.meta === 'undefined') {
data.meta = {};
}
return proxyHostModel return proxyHostModel
.query() .query()
.omit(omissions()) .omit(omissions())
@ -151,7 +147,7 @@ const internalProxyHost = {
.query() .query()
.where('is_deleted', 0) .where('is_deleted', 0)
.andWhere('id', data.id) .andWhere('id', data.id)
.allowEager('[owner,access_list]') .allowEager('[owner,access_list,certificate]')
.first(); .first();
if (access_data.permission_visibility !== 'all') { if (access_data.permission_visibility !== 'all') {
@ -226,40 +222,6 @@ const internalProxyHost = {
}); });
}, },
/**
* @param {Access} access
* @param {Object} data
* @param {Integer} data.id
* @param {Object} data.files
* @returns {Promise}
*/
setCerts: (access, data) => {
return internalProxyHost.get(access, {id: data.id})
.then(row => {
_.map(data.files, (file, name) => {
if (internalHost.allowed_ssl_files.indexOf(name) !== -1) {
row.meta[name] = file.data.toString();
}
});
return internalProxyHost.update(access, {
id: data.id,
meta: row.meta
});
})
.then(row => {
return internalAuditLog.add(access, {
action: 'updated',
object_type: 'proxy-host',
object_id: row.id,
meta: data
})
.then(() => {
return _.pick(row.meta, internalHost.allowed_ssl_files);
});
});
},
/** /**
* All Hosts * All Hosts
* *
@ -276,7 +238,7 @@ const internalProxyHost = {
.where('is_deleted', 0) .where('is_deleted', 0)
.groupBy('id') .groupBy('id')
.omit(['is_deleted']) .omit(['is_deleted'])
.allowEager('[owner,access_list]') .allowEager('[owner,access_list,certificate]')
.orderBy('domain_names', 'ASC'); .orderBy('domain_names', 'ASC');
if (access_data.permission_visibility !== 'all') { if (access_data.permission_visibility !== 'all') {

8
src/backend/internal/redirection-host.js
View File

@ -41,10 +41,6 @@ const internalRedirectionHost = {
// At this point the domains should have been checked // At this point the domains should have been checked
data.owner_user_id = access.token.get('attrs').id; data.owner_user_id = access.token.get('attrs').id;
if (typeof data.meta === 'undefined') {
data.meta = {};
}
return redirectionHostModel return redirectionHostModel
.query() .query()
.omit(omissions()) .omit(omissions())
@ -149,7 +145,7 @@ const internalRedirectionHost = {
.query() .query()
.where('is_deleted', 0) .where('is_deleted', 0)
.andWhere('id', data.id) .andWhere('id', data.id)
.allowEager('[owner]') .allowEager('[owner,certificate]')
.first(); .first();
if (access_data.permission_visibility !== 'all') { if (access_data.permission_visibility !== 'all') {
@ -274,7 +270,7 @@ const internalRedirectionHost = {
.where('is_deleted', 0) .where('is_deleted', 0)
.groupBy('id') .groupBy('id')
.omit(['is_deleted']) .omit(['is_deleted'])
.allowEager('[owner]') .allowEager('[owner,certificate]')
.orderBy('domain_names', 'ASC'); .orderBy('domain_names', 'ASC');
if (access_data.permission_visibility !== 'all') { if (access_data.permission_visibility !== 'all') {

33
src/backend/migrations/20180618015850_initial.js
View File

@ -22,7 +22,7 @@ exports.up = function (knex/*, Promise*/) {
table.integer('user_id').notNull().unsigned(); table.integer('user_id').notNull().unsigned();
table.string('type', 30).notNull(); table.string('type', 30).notNull();
table.string('secret').notNull(); table.string('secret').notNull();
table.json('meta').notNull(); table.json('meta').notNull().defaultTo('{}');
table.integer('is_deleted').notNull().unsigned().defaultTo(0); table.integer('is_deleted').notNull().unsigned().defaultTo(0);
}) })
.then(() => { .then(() => {
@ -72,12 +72,11 @@ exports.up = function (knex/*, Promise*/) {
table.string('forward_ip').notNull(); table.string('forward_ip').notNull();
table.integer('forward_port').notNull().unsigned(); table.integer('forward_port').notNull().unsigned();
table.integer('access_list_id').notNull().unsigned().defaultTo(0); table.integer('access_list_id').notNull().unsigned().defaultTo(0);
table.integer('ssl_enabled').notNull().unsigned().defaultTo(0); table.integer('certificate_id').notNull().unsigned().defaultTo(0);
table.string('ssl_provider').notNull().defaultTo('');
table.integer('ssl_forced').notNull().unsigned().defaultTo(0); table.integer('ssl_forced').notNull().unsigned().defaultTo(0);
table.integer('caching_enabled').notNull().unsigned().defaultTo(0); table.integer('caching_enabled').notNull().unsigned().defaultTo(0);
table.integer('block_exploits').notNull().unsigned().defaultTo(0); table.integer('block_exploits').notNull().unsigned().defaultTo(0);
table.json('meta').notNull(); table.json('meta').notNull().defaultTo('{}');
}); });
}) })
.then(() => { .then(() => {
@ -92,11 +91,10 @@ exports.up = function (knex/*, Promise*/) {
table.json('domain_names').notNull(); table.json('domain_names').notNull();
table.string('forward_domain_name').notNull(); table.string('forward_domain_name').notNull();
table.integer('preserve_path').notNull().unsigned().defaultTo(0); table.integer('preserve_path').notNull().unsigned().defaultTo(0);
table.integer('ssl_enabled').notNull().unsigned().defaultTo(0); table.integer('certificate_id').notNull().unsigned().defaultTo(0);
table.string('ssl_provider').notNull().defaultTo('');
table.integer('ssl_forced').notNull().unsigned().defaultTo(0); table.integer('ssl_forced').notNull().unsigned().defaultTo(0);
table.integer('block_exploits').notNull().unsigned().defaultTo(0); table.integer('block_exploits').notNull().unsigned().defaultTo(0);
table.json('meta').notNull(); table.json('meta').notNull().defaultTo('{}');
}); });
}) })
.then(() => { .then(() => {
@ -109,10 +107,9 @@ exports.up = function (knex/*, Promise*/) {
table.integer('owner_user_id').notNull().unsigned(); table.integer('owner_user_id').notNull().unsigned();
table.integer('is_deleted').notNull().unsigned().defaultTo(0); table.integer('is_deleted').notNull().unsigned().defaultTo(0);
table.json('domain_names').notNull(); table.json('domain_names').notNull();
table.integer('ssl_enabled').notNull().unsigned().defaultTo(0); table.integer('certificate_id').notNull().unsigned().defaultTo(0);
table.string('ssl_provider').notNull().defaultTo('');
table.integer('ssl_forced').notNull().unsigned().defaultTo(0); table.integer('ssl_forced').notNull().unsigned().defaultTo(0);
table.json('meta').notNull(); table.json('meta').notNull().defaultTo('{}');
}); });
}) })
.then(() => { .then(() => {
@ -129,7 +126,7 @@ exports.up = function (knex/*, Promise*/) {
table.integer('forwarding_port').notNull().unsigned(); table.integer('forwarding_port').notNull().unsigned();
table.integer('tcp_forwarding').notNull().unsigned().defaultTo(0); table.integer('tcp_forwarding').notNull().unsigned().defaultTo(0);
table.integer('udp_forwarding').notNull().unsigned().defaultTo(0); table.integer('udp_forwarding').notNull().unsigned().defaultTo(0);
table.json('meta').notNull(); table.json('meta').notNull().defaultTo('{}');
}); });
}) })
.then(() => { .then(() => {
@ -142,7 +139,7 @@ exports.up = function (knex/*, Promise*/) {
table.integer('owner_user_id').notNull().unsigned(); table.integer('owner_user_id').notNull().unsigned();
table.integer('is_deleted').notNull().unsigned().defaultTo(0); table.integer('is_deleted').notNull().unsigned().defaultTo(0);
table.string('name').notNull(); table.string('name').notNull();
table.json('meta').notNull(); table.json('meta').notNull().defaultTo('{}');
}); });
}) })
.then(() => { .then(() => {
@ -154,9 +151,11 @@ exports.up = function (knex/*, Promise*/) {
table.dateTime('modified_on').notNull(); table.dateTime('modified_on').notNull();
table.integer('owner_user_id').notNull().unsigned(); table.integer('owner_user_id').notNull().unsigned();
table.integer('is_deleted').notNull().unsigned().defaultTo(0); table.integer('is_deleted').notNull().unsigned().defaultTo(0);
table.string('name').notNull(); table.string('provider').notNull();
// TODO table.string('nice_name').notNull().defaultTo('');
table.json('meta').notNull(); table.json('domain_names').notNull().defaultTo('[]');
table.dateTime('expires_on').notNull();
table.json('meta').notNull().defaultTo('{}');
}); });
}) })
.then(() => { .then(() => {
@ -169,7 +168,7 @@ exports.up = function (knex/*, Promise*/) {
table.integer('access_list_id').notNull().unsigned(); table.integer('access_list_id').notNull().unsigned();
table.string('username').notNull(); table.string('username').notNull();
table.string('password').notNull(); table.string('password').notNull();
table.json('meta').notNull(); table.json('meta').notNull().defaultTo('{}');
}); });
}) })
.then(() => { .then(() => {
@ -183,7 +182,7 @@ exports.up = function (knex/*, Promise*/) {
table.string('object_type').notNull().defaultTo(''); table.string('object_type').notNull().defaultTo('');
table.integer('object_id').notNull().unsigned().defaultTo(0); table.integer('object_id').notNull().unsigned().defaultTo(0);
table.string('action').notNull(); table.string('action').notNull();
table.json('meta').notNull(); table.json('meta').notNull().defaultTo('{}');
}); });
}) })
.then(() => { .then(() => {

6
src/backend/models/certificate.js
View File

@ -13,6 +13,10 @@ class Certificate extends Model {
$beforeInsert () { $beforeInsert () {
this.created_on = Model.raw('NOW()'); this.created_on = Model.raw('NOW()');
this.modified_on = Model.raw('NOW()'); this.modified_on = Model.raw('NOW()');
if (typeof this.expires_on === 'undefined') {
this.expires_on = Model.raw('NOW()');
}
} }
$beforeUpdate () { $beforeUpdate () {
@ -28,7 +32,7 @@ class Certificate extends Model {
} }
static get jsonAttributes () { static get jsonAttributes () {
return ['meta']; return ['domain_names', 'meta'];
} }
static get relationMappings () { static get relationMappings () {

13
src/backend/models/dead_host.js
View File

@ -6,6 +6,7 @@
const db = require('../db'); const db = require('../db');
const Model = require('objection').Model; const Model = require('objection').Model;
const User = require('./user'); const User = require('./user');
const Certificate = require('./certificate');
Model.knex(db); Model.knex(db);
@ -44,6 +45,18 @@ class DeadHost extends Model {
qb.where('user.is_deleted', 0); qb.where('user.is_deleted', 0);
qb.omit(['id', 'created_on', 'modified_on', 'is_deleted', 'email', 'roles']); qb.omit(['id', 'created_on', 'modified_on', 'is_deleted', 'email', 'roles']);
} }
},
certificate: {
relation: Model.HasOneRelation,
modelClass: Certificate,
join: {
from: 'dead_host.certificate_id',
to: 'certificate.id'
},
modify: function (qb) {
qb.where('certificate.is_deleted', 0);
qb.omit(['id', 'created_on', 'modified_on', 'is_deleted']);
}
} }
}; };
} }

13
src/backend/models/proxy_host.js
View File

@ -7,6 +7,7 @@ const db = require('../db');
const Model = require('objection').Model; const Model = require('objection').Model;
const User = require('./user'); const User = require('./user');
const AccessList = require('./access_list'); const AccessList = require('./access_list');
const Certificate = require('./certificate');
Model.knex(db); Model.knex(db);
@ -61,6 +62,18 @@ class ProxyHost extends Model {
qb.where('access_list.is_deleted', 0); qb.where('access_list.is_deleted', 0);
qb.omit(['id', 'created_on', 'modified_on', 'is_deleted']); qb.omit(['id', 'created_on', 'modified_on', 'is_deleted']);
} }
},
certificate: {
relation: Model.HasOneRelation,
modelClass: Certificate,
join: {
from: 'proxy_host.certificate_id',
to: 'certificate.id'
},
modify: function (qb) {
qb.where('certificate.is_deleted', 0);
qb.omit(['id', 'created_on', 'modified_on', 'is_deleted']);
}
} }
}; };
} }

13
src/backend/models/redirection_host.js
View File

@ -6,6 +6,7 @@
const db = require('../db'); const db = require('../db');
const Model = require('objection').Model; const Model = require('objection').Model;
const User = require('./user'); const User = require('./user');
const Certificate = require('./certificate');
Model.knex(db); Model.knex(db);
@ -44,6 +45,18 @@ class RedirectionHost extends Model {
qb.where('user.is_deleted', 0); qb.where('user.is_deleted', 0);
qb.omit(['id', 'created_on', 'modified_on', 'is_deleted', 'email', 'roles']); qb.omit(['id', 'created_on', 'modified_on', 'is_deleted', 'email', 'roles']);
} }
},
certificate: {
relation: Model.HasOneRelation,
modelClass: Certificate,
join: {
from: 'redirection_host.certificate_id',
to: 'certificate.id'
},
modify: function (qb) {
qb.where('certificate.is_deleted', 0);
qb.omit(['id', 'created_on', 'modified_on', 'is_deleted']);
}
} }
}; };
} }

81
src/backend/routes/api/nginx/certificates.js
View File

@ -75,7 +75,7 @@ router
* /api/nginx/certificates/123 * /api/nginx/certificates/123
*/ */
router router
.route('/:host_id') .route('/:certificate_id')
.options((req, res) => { .options((req, res) => {
res.sendStatus(204); res.sendStatus(204);
}) })
@ -88,10 +88,10 @@ router
*/ */
.get((req, res, next) => { .get((req, res, next) => {
validator({ validator({
required: ['host_id'], required: ['certificate_id'],
additionalProperties: false, additionalProperties: false,
properties: { properties: {
host_id: { certificate_id: {
$ref: 'definitions#/definitions/id' $ref: 'definitions#/definitions/id'
}, },
expand: { expand: {
@ -99,12 +99,12 @@ router
} }
} }
}, { }, {
host_id: req.params.host_id, certificate_id: req.params.certificate_id,
expand: (typeof req.query.expand === 'string' ? req.query.expand.split(',') : null) expand: (typeof req.query.expand === 'string' ? req.query.expand.split(',') : null)
}) })
.then(data => { .then(data => {
return internalCertificate.get(res.locals.access, { return internalCertificate.get(res.locals.access, {
id: parseInt(data.host_id, 10), id: parseInt(data.certificate_id, 10),
expand: data.expand expand: data.expand
}); });
}) })
@ -123,7 +123,7 @@ router
.put((req, res, next) => { .put((req, res, next) => {
apiValidator({$ref: 'endpoints/certificates#/links/2/schema'}, req.body) apiValidator({$ref: 'endpoints/certificates#/links/2/schema'}, req.body)
.then(payload => { .then(payload => {
payload.id = parseInt(req.params.host_id, 10); payload.id = parseInt(req.params.certificate_id, 10);
return internalCertificate.update(res.locals.access, payload); return internalCertificate.update(res.locals.access, payload);
}) })
.then(result => { .then(result => {
@ -139,7 +139,7 @@ router
* Update and existing certificate * Update and existing certificate
*/ */
.delete((req, res, next) => { .delete((req, res, next) => {
internalCertificate.delete(res.locals.access, {id: parseInt(req.params.host_id, 10)}) internalCertificate.delete(res.locals.access, {id: parseInt(req.params.certificate_id, 10)})
.then(result => { .then(result => {
res.status(200) res.status(200)
.send(result); .send(result);
@ -147,4 +147,71 @@ router
.catch(next); .catch(next);
}); });
/**
* Upload Certs
*
* /api/nginx/certificates/123/upload
*/
router
.route('/:certificate_id/upload')
.options((req, res) => {
res.sendStatus(204);
})
.all(jwtdecode()) // preferred so it doesn't apply to nonexistent routes
/**
* POST /api/nginx/certificates/123/upload
*
* Upload certificates
*/validate
.post((req, res, next) => {
if (!req.files) {
res.status(400)
.send({error: 'No files were uploaded'});
} else {
internalCertificate.upload(res.locals.access, {
id: parseInt(req.params.certificate_id, 10),
files: req.files
})
.then(result => {
res.status(200)
.send(result);
})
.catch(next);
}
});
/**
* Validate Certs before saving
*
* /api/nginx/certificates/validate
*/
router
.route('/validate')
.options((req, res) => {
res.sendStatus(204);
})
.all(jwtdecode()) // preferred so it doesn't apply to nonexistent routes
/**
* POST /api/nginx/certificates/validate
*
* Validate certificates
*/
.post((req, res, next) => {
if (!req.files) {
res.status(400)
.send({error: 'No files were uploaded'});
} else {
internalCertificate.validate(res.locals.access, {
files: req.files
})
.then(result => {
res.status(200)
.send(result);
})
.catch(next);
}
});
module.exports = router; module.exports = router;

34
src/backend/routes/api/nginx/proxy_hosts.js
View File

@ -147,38 +147,4 @@ router
.catch(next); .catch(next);
}); });
/**
* Specific proxy-host Certificates
*
* /api/nginx/proxy-hosts/123/certificates
*/
router
.route('/:host_id/certificates')
.options((req, res) => {
res.sendStatus(204);
})
.all(jwtdecode()) // preferred so it doesn't apply to nonexistent routes
/**
* POST /api/nginx/proxy-hosts/123/certificates
*
* Upload certifications
*/
.post((req, res, next) => {
if (!req.files) {
res.status(400)
.send({error: 'No files were uploaded'});
} else {
internalProxyHost.setCerts(res.locals.access, {
id: parseInt(req.params.host_id, 10),
files: req.files
})
.then(result => {
res.status(200)
.send(result);
})
.catch(next);
}
});
module.exports = router; module.exports = router;

144
src/backend/schema/endpoints/certificates.json Normal file
View File

@ -0,0 +1,144 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"$id": "endpoints/certificates",
"title": "Certificates",
"description": "Endpoints relating to Certificates",
"stability": "stable",
"type": "object",
"definitions": {
"id": {
"$ref": "../definitions.json#/definitions/id"
},
"created_on": {
"$ref": "../definitions.json#/definitions/created_on"
},
"modified_on": {
"$ref": "../definitions.json#/definitions/modified_on"
},
"provider": {
"$ref": "../definitions.json#/definitions/ssl_provider"
},
"nice_name": {
"type": "string",
"description": "Nice Name for the custom certificate"
},
"domain_names": {
"$ref": "../definitions.json#/definitions/domain_names"
},
"expires_on": {
"description": "Date and time of expiration",
"format": "date-time",
"readOnly": true,
"type": "string"
},
"meta": {
"type": "object",
"additionalProperties": false,
"properties": {
"letsencrypt_email": {
"type": "string",
"format": "email"
},
"letsencrypt_agree": {
"type": "boolean"
}
}
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"created_on": {
"$ref": "#/definitions/created_on"
},
"modified_on": {
"$ref": "#/definitions/modified_on"
},
"provider": {
"$ref": "#/definitions/provider"
},
"nice_name": {
"$ref": "#/definitions/nice_name"
},
"domain_names": {
"$ref": "#/definitions/domain_names"
},
"expires_on": {
"$ref": "#/definitions/expires_on"
},
"meta": {
"$ref": "#/definitions/meta"
}
},
"links": [
{
"title": "List",
"description": "Returns a list of Certificates",
"href": "/nginx/certificates",
"access": "private",
"method": "GET",
"rel": "self",
"http_header": {
"$ref": "../examples.json#/definitions/auth_header"
},
"targetSchema": {
"type": "array",
"items": {
"$ref": "#/properties"
}
}
},
{
"title": "Create",
"description": "Creates a new Certificate",
"href": "/nginx/certificates",
"access": "private",
"method": "POST",
"rel": "create",
"http_header": {
"$ref": "../examples.json#/definitions/auth_header"
},
"schema": {
"type": "object",
"additionalProperties": false,
"required": [
"provider"
],
"properties": {
"provider": {
"$ref": "#/definitions/provider"
},
"nice_name": {
"$ref": "#/definitions/nice_name"
},
"domain_names": {
"$ref": "#/definitions/domain_names"
},
"meta": {
"$ref": "#/definitions/meta"
}
}
},
"targetSchema": {
"properties": {
"$ref": "#/properties"
}
}
},
{
"title": "Delete",
"description": "Deletes a existing Certificate",
"href": "/nginx/certificates/{definitions.identity.example}",
"access": "private",
"method": "DELETE",
"rel": "delete",
"http_header": {
"$ref": "../examples.json#/definitions/auth_header"
},
"targetSchema": {
"type": "boolean"
}
}
]
}

3
src/backend/schema/index.json
View File

@ -28,6 +28,9 @@
}, },
"streams": { "streams": {
"$ref": "endpoints/streams.json" "$ref": "endpoints/streams.json"
},
"certificates": {
"$ref": "endpoints/certificates.json"
} }
} }
} }

18
src/frontend/js/app/api.js
View File

@ -323,15 +323,6 @@ module.exports = {
*/ */
delete: function (id) { delete: function (id) {
return fetch('delete', 'nginx/proxy-hosts/' + id); return fetch('delete', 'nginx/proxy-hosts/' + id);
},
/**
* @param {Integer} id
* @param {FormData} form_data
* @params {Promise}
*/
setCerts: function (id, form_data) {
return FileUpload('nginx/proxy-hosts/' + id + '/certificates', form_data);
} }
}, },
@ -535,6 +526,15 @@ module.exports = {
*/ */
delete: function (id) { delete: function (id) {
return fetch('delete', 'nginx/certificates/' + id); return fetch('delete', 'nginx/certificates/' + id);
},
/**
* @param {Integer} id
* @param {FormData} form_data
* @params {Promise}
*/
upload: function (id, form_data) {
return FileUpload('nginx/certificates/' + id + '/upload', form_data);
} }
} }
}, },

8
src/frontend/js/app/audit-log/list/item.ejs
View File

@ -46,6 +46,14 @@
%> <span class="text-teal"><i class="fe fe-user"></i></span> <% %> <span class="text-teal"><i class="fe fe-user"></i></span> <%
items.push(meta.name); items.push(meta.name);
break; break;
case 'certificate':
%> <span class="text-teal"><i class="fe fe-shield"></i></span> <%
if (meta.provider === 'letsencrypt') {
items = meta.domain_names;
} else {
items.push(meta.nice_name);
}
break;
} }
%>&nbsp;<%- i18n('audit-log', action, {name: i18n('audit-log', object_type)}) %> %>&nbsp;<%- i18n('audit-log', action, {name: i18n('audit-log', object_type)}) %>
&mdash; &mdash;

26
src/frontend/js/app/controller.js
View File

@ -333,6 +333,32 @@ module.exports = {
} }
}, },
/**
* Nginx Certificate Form
*
* @param [model]
*/
showNginxCertificateForm: function (model) {
if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) {
require(['./main', './nginx/certificates/form'], function (App, View) {
App.UI.showModalDialog(new View({model: model}));
});
}
},
/**
* Certificate Delete Confirm
*
* @param model
*/
showNginxCertificateDeleteConfirm: function (model) {
if (Cache.User.isAdmin() || Cache.User.canManage('certificates')) {
require(['./main', './nginx/certificates/delete'], function (App, View) {
App.UI.showModalDialog(new View({model: model}));
});
}
},
/** /**
* Audit Log * Audit Log
*/ */

2
src/frontend/js/app/nginx/access/list/item.ejs
View File

@ -26,7 +26,7 @@
<div><%- access_list_id ? access_list.name : i18n('str', 'public') %></div> <div><%- access_list_id ? access_list.name : i18n('str', 'public') %></div>
</td> </td>
<% if (canManage) { %> <% if (canManage) { %>
<td class="text-center"> <td class="text-right">
<div class="item-action dropdown"> <div class="item-action dropdown">
<a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a> <a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a>
<div class="dropdown-menu dropdown-menu-right"> <div class="dropdown-menu dropdown-menu-right">

86
src/frontend/js/app/nginx/certificates/form.ejs
View File

@ -1,85 +1,26 @@
<div class="modal-content"> <div class="modal-content">
<div class="modal-header"> <div class="modal-header">
<h5 class="modal-title"><%- i18n('certificates', 'form-title', {id: id}) %></h5> <h5 class="modal-title"><%- i18n('certificates', 'form-title', {provider: provider}) %></h5>
<button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button> <button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button>
</div> </div>
<div class="modal-body has-tabs"> <div class="modal-body">
<form> <form>
<ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="nav-item"><a href="#details" aria-controls="tab1" role="tab" data-toggle="tab" class="nav-link active"><i class="fe fe-zap"></i> <%- i18n('all-hosts', 'details') %></a></li>
<li role="presentation" class="nav-item"><a href="#ssl-options" aria-controls="tab2" role="tab" data-toggle="tab" class="nav-link"><i class="fe fe-shield"></i> <%- i18n('str', 'ssl') %></a></li>
</ul>
<div class="tab-content">
<!-- Details -->
<div role="tabpanel" class="tab-pane active" id="details">
<div class="row"> <div class="row">
<% if (provider === 'letsencrypt') { %>
<div class="col-sm-12 col-md-12"> <div class="col-sm-12 col-md-12">
<div class="form-group"> <div class="form-group">
<label class="form-label"><%- i18n('all-hosts', 'domain-names') %> <span class="form-required">*</span></label> <label class="form-label"><%- i18n('all-hosts', 'domain-names') %> <span class="form-required">*</span></label>
<input type="text" name="domain_names" class="form-control" id="input-domains" value="<%- domain_names.join(',') %>" required> <input type="text" name="domain_names" class="form-control" id="input-domains" value="<%- domain_names.join(',') %>" required>
</div> <div class="text-blue"><i class="fe fe-alert-triangle"></i> <%- i18n('ssl', 'hosts-warning') %></div>
</div>
<div class="col-sm-8 col-md-8">
<div class="form-group">
<label class="form-label"><%- i18n('proxy-hosts', 'forward-ip') %><span class="form-required">*</span></label>
<input type="text" name="forward_ip" class="form-control text-monospace" placeholder="000.000.000.000" value="<%- forward_ip %>" autocomplete="off" maxlength="15" required>
</div>
</div>
<div class="col-sm-4 col-md-4">
<div class="form-group">
<label class="form-label"><%- i18n('proxy-hosts', 'forward-port') %> <span class="form-required">*</span></label>
<input name="forward_port" type="number" class="form-control text-monospace" placeholder="80" value="<%- forward_port %>" required>
</div>
</div>
</div>
</div>
<!-- SSL -->
<div role="tabpanel" class="tab-pane" id="ssl-options">
<div class="row">
<div class="col-sm-6 col-md-6">
<div class="form-group">
<label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="ssl_enabled" value="1"<%- ssl_enabled ? ' checked' : '' %>>
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%- i18n('all-hosts', 'enable-ssl') %></span>
</label>
</div>
</div>
<div class="col-sm-6 col-md-6">
<div class="form-group">
<label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="ssl_forced" value="1"<%- ssl_forced ? ' checked' : '' %><%- ssl_enabled ? '' : ' disabled' %>>
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%- i18n('all-hosts', 'force-ssl') %></span>
</label>
</div> </div>
</div> </div>
<div class="col-sm-12 col-md-12"> <div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('all-hosts', 'cert-provider') %></label>
<div class="selectgroup w-100">
<label class="selectgroup-item">
<input type="radio" name="ssl_provider" value="letsencrypt" class="selectgroup-input"<%- ssl_provider !== 'other' ? ' checked' : '' %>>
<span class="selectgroup-button"><%- i18n('ssl', 'letsencrypt') %></span>
</label>
<label class="selectgroup-item">
<input type="radio" name="ssl_provider" value="other" class="selectgroup-input"<%- ssl_provider === 'other' ? ' checked' : '' %>>
<span class="selectgroup-button"><%- i18n('ssl', 'other') %></span>
</label>
</div>
</div>
</div>
<!-- Lets encrypt -->
<div class="col-sm-12 col-md-12 letsencrypt-ssl">
<div class="form-group"> <div class="form-group">
<label class="form-label"><%- i18n('ssl', 'letsencrypt-email') %> <span class="form-required">*</span></label> <label class="form-label"><%- i18n('ssl', 'letsencrypt-email') %> <span class="form-required">*</span></label>
<input name="meta[letsencrypt_email]" type="email" class="form-control" placeholder="" value="<%- getLetsencryptEmail() %>" required> <input name="meta[letsencrypt_email]" type="email" class="form-control" placeholder="" value="<%- getLetsencryptEmail() %>" required>
</div> </div>
</div> </div>
<div class="col-sm-12 col-md-12 letsencrypt-ssl"> <div class="col-sm-12 col-md-12">
<div class="form-group"> <div class="form-group">
<label class="custom-switch"> <label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="meta[letsencrypt_agree]" value="1" required<%- getLetsencryptAgree() ? ' checked' : '' %>> <input type="checkbox" class="custom-switch-input" name="meta[letsencrypt_agree]" value="1" required<%- getLetsencryptAgree() ? ' checked' : '' %>>
@ -88,13 +29,19 @@
</label> </label>
</div> </div>
</div> </div>
<% } else if (provider === 'other') { %>
<!-- Other --> <!-- Other -->
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="form-label"><%- i18n('str', 'name') %> <span class="form-required">*</span></label>
<input name="nice_name" type="text" class="form-control" placeholder="" value="<%- nice_name %>" required>
</div>
</div>
<div class="col-sm-12 col-md-12 other-ssl"> <div class="col-sm-12 col-md-12 other-ssl">
<div class="form-group"> <div class="form-group">
<div class="form-label"><%- i18n('all-hosts', 'other-certificate') %></div> <div class="form-label"><%- i18n('all-hosts', 'other-certificate') %></div>
<div class="custom-file"> <div class="custom-file">
<input type="file" class="custom-file-input" name="meta[other_ssl_certificate]" id="other_ssl_certificate"> <input type="file" class="custom-file-input" name="meta[other_ssl_certificate]" id="other_ssl_certificate" required>
<label class="custom-file-label"><%- i18n('str', 'choose-file') %></label> <label class="custom-file-label"><%- i18n('str', 'choose-file') %></label>
</div> </div>
</div> </div>
@ -103,16 +50,13 @@
<div class="form-group"> <div class="form-group">
<div class="form-label"><%- i18n('all-hosts', 'other-certificate-key') %></div> <div class="form-label"><%- i18n('all-hosts', 'other-certificate-key') %></div>
<div class="custom-file"> <div class="custom-file">
<input type="file" class="custom-file-input" name="meta[other_ssl_certificate_key]" id="other_ssl_certificate_key"> <input type="file" class="custom-file-input" name="meta[other_ssl_certificate_key]" id="other_ssl_certificate_key" required>
<label class="custom-file-label"><%- i18n('str', 'choose-file') %></label> <label class="custom-file-label"><%- i18n('str', 'choose-file') %></label>
</div> </div>
</div> </div>
</div> </div>
<% } %>
</div> </div>
</div>
</div>
</form> </form>
</div> </div>
<div class="modal-footer"> <div class="modal-footer">

75
src/frontend/js/app/nginx/certificates/form.js
View File

@ -7,7 +7,6 @@ const CertificateModel = require('../../../models/certificate');
const template = require('./form.ejs'); const template = require('./form.ejs');
require('jquery-serializejson'); require('jquery-serializejson');
require('jquery-mask-plugin');
require('selectize'); require('selectize');
module.exports = Mn.View.extend({ module.exports = Mn.View.extend({
@ -18,36 +17,14 @@ module.exports = Mn.View.extend({
ui: { ui: {
form: 'form', form: 'form',
domain_names: 'input[name="domain_names"]', domain_names: 'input[name="domain_names"]',
forward_ip: 'input[name="forward_ip"]',
buttons: '.modal-footer button', buttons: '.modal-footer button',
cancel: 'button.cancel', cancel: 'button.cancel',
save: 'button.save', save: 'button.save',
ssl_enabled: 'input[name="ssl_enabled"]',
ssl_options: '#ssl-options input',
ssl_provider: 'input[name="ssl_provider"]',
other_ssl_certificate: '#other_ssl_certificate', other_ssl_certificate: '#other_ssl_certificate',
other_ssl_certificate_key: '#other_ssl_certificate_key', other_ssl_certificate_key: '#other_ssl_certificate_key'
// SSL hiding and showing
all_ssl: '.letsencrypt-ssl, .other-ssl',
letsencrypt_ssl: '.letsencrypt-ssl',
other_ssl: '.other-ssl'
}, },
events: { events: {
'change @ui.ssl_enabled': function () {
let enabled = this.ui.ssl_enabled.prop('checked');
this.ui.ssl_options.not(this.ui.ssl_enabled).prop('disabled', !enabled).parents('.form-group').css('opacity', enabled ? 1 : 0.5);
this.ui.ssl_provider.trigger('change');
},
'change @ui.ssl_provider': function () {
let enabled = this.ui.ssl_enabled.prop('checked');
let provider = this.ui.ssl_provider.filter(':checked').val();
this.ui.all_ssl.hide().find('input').prop('disabled', true);
this.ui[provider + '_ssl'].show().find('input').prop('disabled', !enabled);
},
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
@ -58,66 +35,50 @@ module.exports = Mn.View.extend({
let view = this; let view = this;
let data = this.ui.form.serializeJSON(); let data = this.ui.form.serializeJSON();
data.provider = this.model.get('provider');
// Manipulate // Manipulate
data.forward_port = parseInt(data.forward_port, 10); if (typeof data.meta !== 'undefined' && typeof data.meta.letsencrypt_agree !== 'undefined') {
_.map(data, function (item, idx) { data.meta.letsencrypt_agree = !!data.meta.letsencrypt_agree;
if (typeof item === 'string' && item === '1') {
item = true;
} else if (typeof item === 'object' && item !== null) {
_.map(item, function (item2, idx2) {
if (typeof item2 === 'string' && item2 === '1') {
item[idx2] = true;
} }
});
}
data[idx] = item;
});
if (typeof data.domain_names === 'string' && data.domain_names) { if (typeof data.domain_names === 'string' && data.domain_names) {
data.domain_names = data.domain_names.split(','); data.domain_names = data.domain_names.split(',');
} }
let require_ssl_files = typeof data.ssl_enabled !== 'undefined' && data.ssl_enabled && typeof data.ssl_provider !== 'undefined' && data.ssl_provider === 'other'; let method = App.Api.Nginx.Certificates.create;
let ssl_files = [];
let method = App.Api.Nginx.ProxyHosts.create;
let is_new = true; let is_new = true;
let ssl_files = [];
let must_require_ssl_files = require_ssl_files && !view.model.hasSslFiles('other');
if (this.model.get('id')) { if (this.model.get('id')) {
// edit // edit
is_new = false; is_new = false;
method = App.Api.Nginx.ProxyHosts.update; method = App.Api.Nginx.Certificates.update;
data.id = this.model.get('id'); data.id = this.model.get('id');
} }
// check files are attached // check files are attached
if (require_ssl_files) { if (this.model.get('provider') === 'other' && !this.model.hasSslFiles()) {
if (!this.ui.other_ssl_certificate[0].files.length || !this.ui.other_ssl_certificate[0].files[0].size) { if (!this.ui.other_ssl_certificate[0].files.length || !this.ui.other_ssl_certificate[0].files[0].size) {
if (must_require_ssl_files) {
alert('certificate file is not attached'); alert('certificate file is not attached');
return; return;
}
} else { } else {
if (this.ui.other_ssl_certificate[0].files[0].size > this.max_file_size) { if (this.ui.other_ssl_certificate[0].files[0].size > this.max_file_size) {
alert('certificate file is too large (> 5kb)'); alert('certificate file is too large (> 5kb)');
return; return;
} }
ssl_files.push({name: 'other_certificate', file: this.ui.other_ssl_certificate[0].files[0]}); ssl_files.push({name: 'certificate', file: this.ui.other_ssl_certificate[0].files[0]});
} }
if (!this.ui.other_ssl_certificate_key[0].files.length || !this.ui.other_ssl_certificate_key[0].files[0].size) { if (!this.ui.other_ssl_certificate_key[0].files.length || !this.ui.other_ssl_certificate_key[0].files[0].size) {
if (must_require_ssl_files) {
alert('certificate key file is not attached'); alert('certificate key file is not attached');
return; return;
}
} else { } else {
if (this.ui.other_ssl_certificate_key[0].files[0].size > this.max_file_size) { if (this.ui.other_ssl_certificate_key[0].files[0].size > this.max_file_size) {
alert('certificate key file is too large (> 5kb)'); alert('certificate key file is too large (> 5kb)');
return; return;
} }
ssl_files.push({name: 'other_certificate_key', file: this.ui.other_ssl_certificate_key[0].files[0]}); ssl_files.push({name: 'certificate_key', file: this.ui.other_ssl_certificate_key[0].files[0]});
} }
} }
@ -134,7 +95,7 @@ module.exports = Mn.View.extend({
form_data.append(file.name, file.file); form_data.append(file.name, file.file);
}); });
return App.Api.Nginx.ProxyHosts.setCerts(view.model.get('id'), form_data) return App.Api.Nginx.Certificates.upload(view.model.get('id'), form_data)
.then(result => { .then(result => {
view.model.set('meta', _.assign({}, view.model.get('meta'), result)); view.model.set('meta', _.assign({}, view.model.get('meta'), result));
}); });
@ -143,7 +104,7 @@ module.exports = Mn.View.extend({
.then(() => { .then(() => {
App.UI.closeModal(function () { App.UI.closeModal(function () {
if (is_new) { if (is_new) {
App.Controller.showNginxProxy(); App.Controller.showNginxCertificates();
} }
}); });
}) })
@ -165,14 +126,6 @@ module.exports = Mn.View.extend({
}, },
onRender: function () { onRender: function () {
this.ui.forward_ip.mask('099.099.099.099', {
clearIfNotMatch: true,
placeholder: '000.000.000.000'
});
this.ui.ssl_enabled.trigger('change');
this.ui.ssl_provider.trigger('change');
this.ui.domain_names.selectize({ this.ui.domain_names.selectize({
delimiter: ',', delimiter: ',',
persist: false, persist: false,
@ -183,13 +136,13 @@ module.exports = Mn.View.extend({
text: input text: input
}; };
}, },
createFilter: /^(?:\*\.)?(?:[^.*]+\.?)+[^.]$/ createFilter: /^(?:[^.*]+\.?)+[^.]$/
}); });
}, },
initialize: function (options) { initialize: function (options) {
if (typeof options.model === 'undefined' || !options.model) { if (typeof options.model === 'undefined' || !options.model) {
this.model = new CertificateModel.Model(); this.model = new CertificateModel.Model({provider: 'letsencrypt'});
} }
} }
}); });

18
src/frontend/js/app/nginx/certificates/list/item.ejs
View File

@ -5,34 +5,32 @@
</td> </td>
<td> <td>
<div> <div>
<% if (provider === 'letsencrypt') { %>
<% domain_names.map(function(host) { <% domain_names.map(function(host) {
%> %>
<span class="tag"><%- host %></span> <span class="tag"><%- host %></span>
<% <%
}); });
%> %>
<% } else { %>
<%- nice_name %>
<% } %>
</div> </div>
<div class="small text-muted"> <div class="small text-muted">
<%- i18n('str', 'created-on', {date: formatDbDate(created_on, 'Do MMMM YYYY')}) %> <%- i18n('str', 'created-on', {date: formatDbDate(created_on, 'Do MMMM YYYY')}) %>
</div> </div>
</td> </td>
<td> <td>
<div class="text-monospace"><%- forward_ip %>:<%- forward_port %></div> <%- i18n('ssl', provider) %>
</td> </td>
<td> <td class="<%- isExpired() ? 'text-danger' : '' %>">
<div><%- ssl_enabled && ssl_provider ? i18n('ssl', ssl_provider) : i18n('ssl', 'none') %></div> <%- formatDbDate(expires_on, 'Do MMMM YYYY, h:mm a') %>
</td>
<td>
<div><%- access_list_id ? access_list.name : i18n('str', 'public') %></div>
</td> </td>
<% if (canManage) { %> <% if (canManage) { %>
<td class="text-center"> <td class="text-right">
<div class="item-action dropdown"> <div class="item-action dropdown">
<a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a> <a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a>
<div class="dropdown-menu dropdown-menu-right"> <div class="dropdown-menu dropdown-menu-right">
<a href="#" class="edit dropdown-item"><i class="dropdown-icon fe fe-edit"></i> <%- i18n('str', 'edit') %></a>
<a href="#" class="logs dropdown-item"><i class="dropdown-icon fe fe-book"></i> <%- i18n('str', 'logs') %></a>
<div class="dropdown-divider"></div>
<a href="#" class="delete dropdown-item"><i class="dropdown-icon fe fe-trash-2"></i> <%- i18n('str', 'delete') %></a> <a href="#" class="delete dropdown-item"><i class="dropdown-icon fe fe-trash-2"></i> <%- i18n('str', 'delete') %></a>
</div> </div>
</div> </div>

12
src/frontend/js/app/nginx/certificates/list/item.js
View File

@ -1,6 +1,7 @@
'use strict'; 'use strict';
const Mn = require('backbone.marionette'); const Mn = require('backbone.marionette');
const moment = require('moment');
const App = require('../../../main'); const App = require('../../../main');
const template = require('./item.ejs'); const template = require('./item.ejs');
@ -9,16 +10,10 @@ module.exports = Mn.View.extend({
tagName: 'tr', tagName: 'tr',
ui: { ui: {
edit: 'a.edit',
delete: 'a.delete' delete: 'a.delete'
}, },
events: { events: {
'click @ui.edit': function (e) {
e.preventDefault();
App.Controller.showNginxCertificateForm(this.model);
},
'click @ui.delete': function (e) { 'click @ui.delete': function (e) {
e.preventDefault(); e.preventDefault();
App.Controller.showNginxCertificateDeleteConfirm(this.model); App.Controller.showNginxCertificateDeleteConfirm(this.model);
@ -26,7 +21,10 @@ module.exports = Mn.View.extend({
}, },
templateContext: { templateContext: {
canManage: App.Cache.User.canManage('certificates') canManage: App.Cache.User.canManage('certificates'),
isExpired: function () {
return moment(this.expires_on).isBefore(moment());
}
}, },
initialize: function () { initialize: function () {

7
src/frontend/js/app/nginx/certificates/list/main.ejs
View File

@ -1,9 +1,8 @@
<thead> <thead>
<th width="30">&nbsp;</th> <th width="30">&nbsp;</th>
<th><%- i18n('str', 'source') %></th> <th><%- i18n('str', 'name') %></th>
<th><%- i18n('str', 'destination') %></th> <th><%- i18n('all-hosts', 'cert-provider') %></th>
<th><%- i18n('str', 'ssl') %></th> <th><%- i18n('str', 'expires') %></th>
<th><%- i18n('str', 'access') %></th>
<% if (canManage) { %> <% if (canManage) { %>
<th>&nbsp;</th> <th>&nbsp;</th>
<% } %> <% } %>

10
src/frontend/js/app/nginx/certificates/main.ejs
View File

@ -5,7 +5,15 @@
<div class="card-options"> <div class="card-options">
<a href="#" class="btn btn-outline-secondary btn-sm ml-2 help"><i class="fe fe-help-circle"></i></a> <a href="#" class="btn btn-outline-secondary btn-sm ml-2 help"><i class="fe fe-help-circle"></i></a>
<% if (showAddButton) { %> <% if (showAddButton) { %>
<a href="#" class="btn btn-outline-teal btn-sm ml-2 add-item"><%- i18n('certificates', 'add') %></a> <div class="dropdown">
<button type="button" class="btn btn-outline-teal btn-sm ml-2 dropdown-toggle" data-toggle="dropdown">
<%- i18n('certificates', 'add') %>
</button>
<div class="dropdown-menu">
<a class="dropdown-item add-item" data-cert="letsencrypt" href="#"><%- i18n('ssl', 'letsencrypt') %></a>
<a class="dropdown-item add-item" data-cert="other" href="#"><%- i18n('ssl', 'other') %></a>
</div>
</div>
<% } %> <% } %>
</div> </div>
</div> </div>

3
src/frontend/js/app/nginx/certificates/main.js
View File

@ -26,7 +26,8 @@ module.exports = Mn.View.extend({
events: { events: {
'click @ui.add': function (e) { 'click @ui.add': function (e) {
e.preventDefault(); e.preventDefault();
App.Controller.showNginxCertificateForm(); let model = new CertificateModel.Model({provider: $(e.currentTarget).data('cert')});
App.Controller.showNginxCertificateForm(model);
}, },
'click @ui.help': function (e) { 'click @ui.help': function (e) {

4
src/frontend/js/app/nginx/dead/list/item.ejs
View File

@ -17,7 +17,7 @@
</div> </div>
</td> </td>
<td> <td>
<div><%- ssl_enabled && ssl_provider ? i18n('ssl', ssl_provider) : i18n('ssl', 'none') %></div> <div><%- certificate ? i18n('ssl', certificate.provider) : i18n('ssl', 'none') %></div>
</td> </td>
<td> <td>
<% <%
@ -31,7 +31,7 @@
<% } %> <% } %>
</td> </td>
<% if (canManage) { %> <% if (canManage) { %>
<td class="text-center"> <td class="text-right">
<div class="item-action dropdown"> <div class="item-action dropdown">
<a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a> <a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a>
<div class="dropdown-menu dropdown-menu-right"> <div class="dropdown-menu dropdown-menu-right">

2
src/frontend/js/app/nginx/dead/main.js
View File

@ -42,7 +42,7 @@ module.exports = Mn.View.extend({
onRender: function () { onRender: function () {
let view = this; let view = this;
App.Api.Nginx.DeadHosts.getAll(['owner']) App.Api.Nginx.DeadHosts.getAll(['owner', 'certificate'])
.then(response => { .then(response => {
if (!view.isDestroyed()) { if (!view.isDestroyed()) {
if (response && response.length) { if (response && response.length) {

4
src/frontend/js/app/nginx/proxy/list/item.ejs
View File

@ -20,7 +20,7 @@
<div class="text-monospace"><%- forward_ip %>:<%- forward_port %></div> <div class="text-monospace"><%- forward_ip %>:<%- forward_port %></div>
</td> </td>
<td> <td>
<div><%- ssl_enabled && ssl_provider ? i18n('ssl', ssl_provider) : i18n('ssl', 'none') %></div> <div><%- certificate ? i18n('ssl', certificate.provider) : i18n('ssl', 'none') %></div>
</td> </td>
<td> <td>
<div><%- access_list_id ? access_list.name : i18n('str', 'public') %></div> <div><%- access_list_id ? access_list.name : i18n('str', 'public') %></div>
@ -37,7 +37,7 @@
<% } %> <% } %>
</td> </td>
<% if (canManage) { %> <% if (canManage) { %>
<td class="text-center"> <td class="text-right">
<div class="item-action dropdown"> <div class="item-action dropdown">
<a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a> <a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a>
<div class="dropdown-menu dropdown-menu-right"> <div class="dropdown-menu dropdown-menu-right">

2
src/frontend/js/app/nginx/proxy/main.js
View File

@ -42,7 +42,7 @@ module.exports = Mn.View.extend({
onRender: function () { onRender: function () {
let view = this; let view = this;
App.Api.Nginx.ProxyHosts.getAll(['owner', 'access_list']) App.Api.Nginx.ProxyHosts.getAll(['owner', 'access_list', 'certificate'])
.then(response => { .then(response => {
if (!view.isDestroyed()) { if (!view.isDestroyed()) {
if (response && response.length) { if (response && response.length) {

4
src/frontend/js/app/nginx/redirection/list/item.ejs
View File

@ -20,7 +20,7 @@
<div class="text-monospace"><%- forward_domain_name %></div> <div class="text-monospace"><%- forward_domain_name %></div>
</td> </td>
<td> <td>
<div><%- ssl_enabled && ssl_provider ? i18n('ssl', ssl_provider) : i18n('ssl', 'none') %></div> <div><%- certificate ? i18n('ssl', certificate.provider) : i18n('ssl', 'none') %></div>
</td> </td>
<td> <td>
<% <%
@ -34,7 +34,7 @@
<% } %> <% } %>
</td> </td>
<% if (canManage) { %> <% if (canManage) { %>
<td class="text-center"> <td class="text-right">
<div class="item-action dropdown"> <div class="item-action dropdown">
<a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a> <a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a>
<div class="dropdown-menu dropdown-menu-right"> <div class="dropdown-menu dropdown-menu-right">

2
src/frontend/js/app/nginx/redirection/main.js
View File

@ -42,7 +42,7 @@ module.exports = Mn.View.extend({
onRender: function () { onRender: function () {
let view = this; let view = this;
App.Api.Nginx.RedirectionHosts.getAll(['owner']) App.Api.Nginx.RedirectionHosts.getAll(['owner', 'certificate'])
.then(response => { .then(response => {
if (!view.isDestroyed()) { if (!view.isDestroyed()) {
if (response && response.length) { if (response && response.length) {

2
src/frontend/js/app/nginx/stream/list/item.ejs
View File

@ -36,7 +36,7 @@
<% } %> <% } %>
</td> </td>
<% if (canManage) { %> <% if (canManage) { %>
<td class="text-center"> <td class="text-right">
<div class="item-action dropdown"> <div class="item-action dropdown">
<a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a> <a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a>
<div class="dropdown-menu dropdown-menu-right"> <div class="dropdown-menu dropdown-menu-right">

2
src/frontend/js/app/users/list/item.ejs
View File

@ -25,7 +25,7 @@
<%- r.join(', ') %> <%- r.join(', ') %>
</div> </div>
</td> </td>
<td class="text-center"> <td class="text-right">
<div class="item-action dropdown"> <div class="item-action dropdown">
<a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a> <a href="#" data-toggle="dropdown" class="icon"><i class="fe fe-more-vertical"></i></a>
<div class="dropdown-menu dropdown-menu-right"> <div class="dropdown-menu dropdown-menu-right">

20
src/frontend/js/i18n/messages.json
View File

@ -27,7 +27,8 @@
"status": "Status", "status": "Status",
"online": "Online", "online": "Online",
"offline": "Offline", "offline": "Offline",
"unknown": "Unknown" "unknown": "Unknown",
"expires": "Expires"
}, },
"login": { "login": {
"title": "Login to your account" "title": "Login to your account"
@ -72,11 +73,12 @@
}, },
"ssl": { "ssl": {
"letsencrypt": "Let's Encrypt", "letsencrypt": "Let's Encrypt",
"other": "Other", "other": "Custom",
"none": "HTTP only", "none": "HTTP only",
"letsencrypt-email": "Email Address for Let's Encrypt", "letsencrypt-email": "Email Address for Let's Encrypt",
"letsencrypt-agree": "I Agree to the <a href=\"{url}\" target=\"_blank\">Let's Encrypt Terms of Service</a>", "letsencrypt-agree": "I Agree to the <a href=\"{url}\" target=\"_blank\">Let's Encrypt Terms of Service</a>",
"delete-ssl": "The SSL certificates attached will be removed, this action cannot be recovered." "delete-ssl": "The SSL certificates attached will NOT be removed, they will need to be removed manually.",
"hosts-warning": "These domains must be already configured to point to this installation"
}, },
"proxy-hosts": { "proxy-hosts": {
"title": "Proxy Hosts", "title": "Proxy Hosts",
@ -132,11 +134,12 @@
"help-content": "A relatively new feature for Nginx, a Stream will serve to forward TCP/UDP traffic directly to another computer on the network.\nIf you're running game servers, FTP or SSH servers this can come in handy." "help-content": "A relatively new feature for Nginx, a Stream will serve to forward TCP/UDP traffic directly to another computer on the network.\nIf you're running game servers, FTP or SSH servers this can come in handy."
}, },
"certificates": { "certificates": {
"title": "Certificates", "title": "SSL Certificates",
"empty": "There are no Certificates", "empty": "There are no SSL Certificates",
"add": "Add Certificate", "add": "Add SSL Certificate",
"delete": "Delete Certificate", "form-title": "Add {provider, select, letsencrypt{Let's Encrypt} other{Custom}} Certificate",
"delete-confirm": "Are you sure you want to delete this certificate? Any hosts using it will need to be updated later.", "delete": "Delete SSL Certificate",
"delete-confirm": "Are you sure you want to delete this SSL Certificate? Any hosts using it will need to be updated later.",
"help-title": "SSL Certificates", "help-title": "SSL Certificates",
"help-content": "TODO" "help-content": "TODO"
}, },
@ -185,6 +188,7 @@
"dead-host": "404 Host", "dead-host": "404 Host",
"stream": "Stream", "stream": "Stream",
"user": "User", "user": "User",
"certificate": "Certificate",
"created": "Created {name}", "created": "Created {name}",
"updated": "Updated {name}", "updated": "Updated {name}",
"deleted": "Deleted {name}", "deleted": "Deleted {name}",

18
src/frontend/js/models/certificate.js
View File

@ -10,9 +10,25 @@ const model = Backbone.Model.extend({
id: 0, id: 0,
created_on: null, created_on: null,
modified_on: null, modified_on: null,
provider: '',
nice_name: '',
domain_names: [],
expires_on: null,
meta: {},
// The following are expansions: // The following are expansions:
owner: null owner: null,
proxy_hosts: [],
redirection_hosts: [],
dead_hosts: []
}; };
},
/**
* @returns {Boolean}
*/
hasSslFiles: function () {
let meta = this.get('meta');
return typeof meta['certificate'] !== 'undefined' && meta['certificate'] && typeof meta['certificate_key'] !== 'undefined' && meta['certificate_key'];
} }
}); });

6
src/frontend/js/models/dead-host.js
View File

@ -11,12 +11,12 @@ const model = Backbone.Model.extend({
created_on: null, created_on: null,
modified_on: null, modified_on: null,
domain_names: [], domain_names: [],
ssl_enabled: false, certificate_id: 0,
ssl_provider: false,
ssl_forced: false, ssl_forced: false,
meta: {}, meta: {},
// The following are expansions: // The following are expansions:
owner: null owner: null,
certificate: null
}; };
} }
}); });

15
src/frontend/js/models/proxy-host.js
View File

@ -14,25 +14,16 @@ const model = Backbone.Model.extend({
forward_ip: '', forward_ip: '',
forward_port: null, forward_port: null,
access_list_id: 0, access_list_id: 0,
ssl_enabled: false, certificate_id: 0,
ssl_provider: false,
ssl_forced: false, ssl_forced: false,
caching_enabled: false, caching_enabled: false,
block_exploits: false, block_exploits: false,
meta: {}, meta: {},
// The following are expansions: // The following are expansions:
owner: null, owner: null,
access_list: null access_list: null,
certificate: null
}; };
},
/**
* @param {String} type 'letsencrypt' or 'other'
* @returns {Boolean}
*/
hasSslFiles: function (type) {
let meta = this.get('meta');
return typeof meta[type + '_certificate'] !== 'undefined' && meta[type + '_certificate'] && typeof meta[type + '_certificate_key'] !== 'undefined' && meta[type + '_certificate_key'];
} }
}); });

6
src/frontend/js/models/redirection-host.js
View File

@ -13,13 +13,13 @@ const model = Backbone.Model.extend({
domain_names: [], domain_names: [],
forward_domain_name: '', forward_domain_name: '',
preserve_path: true, preserve_path: true,
ssl_enabled: false, certificate_id: 0,
ssl_provider: false,
ssl_forced: false, ssl_forced: false,
block_exploits: false, block_exploits: false,
meta: {}, meta: {},
// The following are expansions: // The following are expansions:
owner: null owner: null,
certificate: null
}; };
} }
}); });

5
src/frontend/js/models/stream.js
View File

@ -10,13 +10,14 @@ const model = Backbone.Model.extend({
id: 0, id: 0,
created_on: null, created_on: null,
modified_on: null, modified_on: null,
owner: null,
incoming_port: null, incoming_port: null,
forward_ip: null, forward_ip: null,
forwarding_port: null, forwarding_port: null,
tcp_forwarding: true, tcp_forwarding: true,
udp_forwarding: false, udp_forwarding: false,
meta: {} meta: {},
// The following are expansions:
owner: null
}; };
} }
}); });

4
src/frontend/scss/custom.scss
View File

@ -23,3 +23,7 @@ a:hover {
.min-100 { .min-100 {
min-height: 100px; min-height: 100px;
} }
.card-options .dropdown-menu a:not(.btn) {
margin-left: 0;
}