ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-10-31 15:53:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #572 from jipjan/features/dns-cloudflare

Browse Source 
Add DNS CloudFlare with wildcard support
This commit is contained in:
jc21
2020-09-03 14:01:05 +10:00
committed by GitHub
parent 4bafc7ff1a a561605653
commit 87f61b8527
14 changed files with 324 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

141
backend/internal/certificate.js
View File

@@ -141,36 +141,60 @@ const internalCertificate = {
}); });
}) })
.then((in_use_result) => { .then((in_use_result) => {
// 3. Generate the LE config // Is CloudFlare, no config needed, so skip 3 and 5.
return internalNginx.generateLetsEncryptRequestConfig(certificate) if (data.meta.cloudflare_use) {
.then(internalNginx.reload) return internalNginx.reload().then(() => {
.then(() => {
// 4. Request cert // 4. Request cert
return internalCertificate.requestLetsEncryptSsl(certificate); return internalCertificate.requestLetsEncryptCloudFlareDnsSsl(certificate, data.meta.cloudflare_token);
}) })
.then(() => { .then(internalNginx.reload)
// 5. Remove LE config .then(() => {
return internalNginx.deleteLetsEncryptRequestConfig(certificate); // 6. Re-instate previously disabled hosts
}) return internalCertificate.enableInUseHosts(in_use_result);
.then(internalNginx.reload) })
.then(() => { .then(() => {
// 6. Re-instate previously disabled hosts return certificate;
return internalCertificate.enableInUseHosts(in_use_result); })
}) .catch((err) => {
.then(() => { // In the event of failure, revert things and throw err back
return certificate; return internalCertificate.enableInUseHosts(in_use_result)
}) .then(internalNginx.reload)
.catch((err) => { .then(() => {
// In the event of failure, revert things and throw err back throw err;
return internalNginx.deleteLetsEncryptRequestConfig(certificate) });
.then(() => { });
return internalCertificate.enableInUseHosts(in_use_result); } else {
}) // 3. Generate the LE config
.then(internalNginx.reload) return internalNginx.generateLetsEncryptRequestConfig(certificate)
.then(() => { .then(internalNginx.reload)
throw err; .then(() => {
}); // 4. Request cert
}); return internalCertificate.requestLetsEncryptSsl(certificate);
})
.then(() => {
// 5. Remove LE config
return internalNginx.deleteLetsEncryptRequestConfig(certificate);
})
.then(internalNginx.reload)
.then(() => {
// 6. Re-instate previously disabled hosts
return internalCertificate.enableInUseHosts(in_use_result);
})
.then(() => {
return certificate;
})
.catch((err) => {
// In the event of failure, revert things and throw err back
return internalNginx.deleteLetsEncryptRequestConfig(certificate)
.then(() => {
return internalCertificate.enableInUseHosts(in_use_result);
})
.then(internalNginx.reload)
.then(() => {
throw err;
});
});
}
}) })
.then(() => { .then(() => {
// At this point, the letsencrypt cert should exist on disk. // At this point, the letsencrypt cert should exist on disk.
@@ -747,6 +771,39 @@ const internalCertificate = {
}); });
}, },
/**
* @param {Object} certificate the certificate row
* @param {String} apiToken the cloudflare api token
* @returns {Promise}
*/
requestLetsEncryptCloudFlareDnsSsl: (certificate, apiToken) => {
logger.info('Requesting Let\'sEncrypt certificates via Cloudflare DNS for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
let tokenLoc = '~/cloudflare-token';
let storeKey = 'echo "dns_cloudflare_api_token = ' + apiToken + '" > ' + tokenLoc;
let cmd =
storeKey + ' && ' +
certbot_command + ' certonly --non-interactive ' +
'--cert-name "npm-' + certificate.id + '" ' +
'--agree-tos ' +
'--email "' + certificate.meta.letsencrypt_email + '" ' +
'--domains "' + certificate.domain_names.join(',') + '" ' +
'--dns-cloudflare --dns-cloudflare-credentials ' + tokenLoc +
(le_staging ? ' --staging' : '')
+ ' && rm ' + tokenLoc;
if (debug_mode) {
logger.info('Command:', cmd);
}
return utils.exec(cmd).then((result) => {
logger.info(result);
return result;
});
},
/** /**
* @param {Access} access * @param {Access} access
* @param {Object} data * @param {Object} data
@@ -760,7 +817,9 @@ const internalCertificate = {
}) })
.then((certificate) => { .then((certificate) => {
if (certificate.provider === 'letsencrypt') { if (certificate.provider === 'letsencrypt') {
return internalCertificate.renewLetsEncryptSsl(certificate) let renewMethod = certificate.meta.cloudflare_use ? internalCertificate.renewLetsEncryptCloudFlareSsl : internalCertificate.renewLetsEncryptSsl;
return renewMethod(certificate)
.then(() => { .then(() => {
return internalCertificate.getCertificateInfoFromFile('/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem'); return internalCertificate.getCertificateInfoFromFile('/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem');
}) })
@@ -814,6 +873,29 @@ const internalCertificate = {
}); });
}, },
/**
* @param {Object} certificate the certificate row
* @returns {Promise}
*/
renewLetsEncryptCloudFlareSsl: (certificate) => {
logger.info('Renewing Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
let cmd = certbot_command + ' renew --non-interactive ' +
'--cert-name "npm-' + certificate.id + '" ' +
'--disable-hook-validation ' +
(le_staging ? '--staging' : '');
if (debug_mode) {
logger.info('Command:', cmd);
}
return utils.exec(cmd)
.then((result) => {
logger.info(result);
return result;
});
},
/** /**
* @param {Object} certificate the certificate row * @param {Object} certificate the certificate row
* @param {Boolean} [throw_errors] * @param {Boolean} [throw_errors]
@@ -823,7 +905,6 @@ const internalCertificate = {
logger.info('Revoking Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', ')); logger.info('Revoking Let\'sEncrypt certificates for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
let cmd = certbot_command + ' revoke --non-interactive ' + let cmd = certbot_command + ' revoke --non-interactive ' +
'--config "' + le_config + '" ' +
'--cert-path "/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem" ' + '--cert-path "/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem" ' +
'--delete-after-revoke ' + '--delete-after-revoke ' +
(le_staging ? '--staging' : ''); (le_staging ? '--staging' : '');

6
backend/schema/endpoints/certificates.json
View File

@@ -41,6 +41,12 @@
}, },
"letsencrypt_agree": { "letsencrypt_agree": {
"type": "boolean" "type": "boolean"
},
"cloudflare_use": {
"type": "boolean"
},
"cloudflare_token": {
"type": "string"
} }
} }
} }

3
docker/Dockerfile
View File

@@ -17,7 +17,8 @@ ENV NODE_ENV=production
RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
&& apk update \ && apk update \
&& apk add python2 certbot jq \ && apk add python2 py-pip certbot jq \
&& pip install certbot-dns-cloudflare \
&& rm -rf /var/cache/apk/* && rm -rf /var/cache/apk/*
ENV NPM_BUILD_VERSION="${BUILD_VERSION}" NPM_BUILD_COMMIT="${BUILD_COMMIT}" NPM_BUILD_DATE="${BUILD_DATE}" ENV NPM_BUILD_VERSION="${BUILD_VERSION}" NPM_BUILD_COMMIT="${BUILD_COMMIT}" NPM_BUILD_DATE="${BUILD_DATE}"

3
docker/dev/Dockerfile
View File

@@ -7,7 +7,8 @@ ENV S6_FIX_ATTRS_HIDDEN=1
RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \ RUN echo "fs.file-max = 65535" > /etc/sysctl.conf \
&& apk update \ && apk update \
&& apk add python2 certbot jq \ && apk add python2 py-pip certbot jq \
&& pip install certbot-dns-cloudflare \
&& rm -rf /var/cache/apk/* && rm -rf /var/cache/apk/*
# Task # Task

18
frontend/js/app/nginx/certificates/form.ejs
View File

@@ -20,6 +20,24 @@
<input name="meta[letsencrypt_email]" type="email" class="form-control" placeholder="" value="<%- getLetsencryptEmail() %>" required> <input name="meta[letsencrypt_email]" type="email" class="form-control" placeholder="" value="<%- getLetsencryptEmail() %>" required>
</div> </div>
</div> </div>
<!-- CloudFlare -->
<div class="col-sm-12 col-md-12">
<div class="form-group">
<label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="meta[cloudflare_use]" value="1">
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%= i18n('ssl', 'use-cloudflare') %></span>
</label>
</div>
</div>
<div class="col-sm-12 col-md-12 cloudflare">
<div class="form-group">
<label class="form-label">CloudFlare DNS API Token <span class="form-required">*</span></label>
<input type="text" name="meta[cloudflare_token]" class="form-control" id="cloudflare_token">
</div>
</div>
<div class="col-sm-12 col-md-12"> <div class="col-sm-12 col-md-12">
<div class="form-group"> <div class="form-group">
<label class="custom-switch"> <label class="custom-switch">

44
frontend/js/app/nginx/certificates/form.js
View File

@@ -20,15 +20,29 @@ module.exports = Mn.View.extend({
save: 'button.save', save: 'button.save',
other_certificate: '#other_certificate', other_certificate: '#other_certificate',
other_certificate_key: '#other_certificate_key', other_certificate_key: '#other_certificate_key',
other_intermediate_certificate: '#other_intermediate_certificate' other_intermediate_certificate: '#other_intermediate_certificate',
cloudflare_switch: 'input[name="meta[cloudflare_use]"]',
cloudflare_token: 'input[name="meta[cloudflare_token]"',
cloudflare: '.cloudflare'
}, },
events: { events: {
'change @ui.cloudflare_switch': function() {
let checked = this.ui.cloudflare_switch.prop('checked');
if (checked) {
this.ui.cloudflare_token.prop('required', 'required');
this.ui.cloudflare.show();
} else {
this.ui.cloudflare_token.prop('required', false);
this.ui.cloudflare.hide();
}
},
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
if (!this.ui.form[0].checkValidity()) { if (!this.ui.form[0].checkValidity()) {
$('<input type="submit">').hide().appendTo(this.ui.form).click().remove(); $('<input type="submit">').hide().appendTo(this.ui.form).click().remove();
$(this).removeClass('btn-loading');
return; return;
} }
@@ -36,10 +50,29 @@ module.exports = Mn.View.extend({
let data = this.ui.form.serializeJSON(); let data = this.ui.form.serializeJSON();
data.provider = this.model.get('provider'); data.provider = this.model.get('provider');
let domain_err = false;
if (!data.meta.cloudflare_use) {
data.domain_names.split(',').map(function (name) {
if (name.match(/\*/im)) {
domain_err = true;
}
});
}
if (domain_err) {
alert('Cannot request Let\'s Encrypt Certificate for wildcard domains when not using CloudFlare DNS');
return;
}
// Manipulate // Manipulate
if (typeof data.meta !== 'undefined' && typeof data.meta.letsencrypt_agree !== 'undefined') { if (typeof data.meta !== 'undefined' && typeof data.meta.letsencrypt_agree !== 'undefined') {
data.meta.letsencrypt_agree = !!data.meta.letsencrypt_agree; data.meta.letsencrypt_agree = !!data.meta.letsencrypt_agree;
} }
if (typeof data.meta !== 'undefined' && typeof data.meta.cloudflare_use !== 'undefined') {
data.meta.cloudflare_use = !!data.meta.cloudflare_use;
}
if (typeof data.domain_names === 'string' && data.domain_names) { if (typeof data.domain_names === 'string' && data.domain_names) {
data.domain_names = data.domain_names.split(','); data.domain_names = data.domain_names.split(',');
@@ -81,6 +114,7 @@ module.exports = Mn.View.extend({
} }
this.ui.buttons.prop('disabled', true).addClass('btn-disabled'); this.ui.buttons.prop('disabled', true).addClass('btn-disabled');
this.ui.save.addClass('btn-loading');
// compile file data // compile file data
let form_data = new FormData(); let form_data = new FormData();
@@ -119,6 +153,7 @@ module.exports = Mn.View.extend({
.catch(err => { .catch(err => {
alert(err.message); alert(err.message);
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled');
this.ui.save.removeClass('btn-loading');
}); });
} }
}, },
@@ -130,6 +165,10 @@ module.exports = Mn.View.extend({
getLetsencryptAgree: function () { getLetsencryptAgree: function () {
return typeof this.meta.letsencrypt_agree !== 'undefined' ? this.meta.letsencrypt_agree : false; return typeof this.meta.letsencrypt_agree !== 'undefined' ? this.meta.letsencrypt_agree : false;
},
getCloudflareUse: function () {
return typeof this.meta.cloudflare_use !== 'undefined' ? this.meta.cloudflare_use : false;
} }
}, },
@@ -144,8 +183,9 @@ module.exports = Mn.View.extend({
text: input text: input
}; };
}, },
createFilter: /^(?:[^.*]+\.?)+[^.]$/ createFilter: /^(?:[^.]+\.?)+[^.]$/
}); });
this.ui.cloudflare.hide();
}, },
initialize: function (options) { initialize: function (options) {

2
frontend/js/app/nginx/certificates/list/item.ejs
View File

@@ -28,7 +28,7 @@
</div> </div>
</td> </td>
<td> <td>
<%- i18n('ssl', provider) %> <%- i18n('ssl', provider) %><% if (meta.cloudflare_use) { %> - CloudFlare DNS<% } %>
</td> </td>
<td class="<%- isExpired() ? 'text-danger' : '' %>"> <td class="<%- isExpired() ? 'text-danger' : '' %>">
<%- formatDbDate(expires_on, 'Do MMMM YYYY, h:mm a') %> <%- formatDbDate(expires_on, 'Do MMMM YYYY, h:mm a') %>

17
frontend/js/app/nginx/dead/form.ejs
View File

@@ -73,6 +73,23 @@
</div> </div>
</div> </div>
<!-- CloudFlare -->
<div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group">
<label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="meta[cloudflare_use]" value="1">
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%= i18n('ssl', 'use-cloudflare') %></span>
</label>
</div>
</div>
<div class="col-sm-12 col-md-12 cloudflare letsencrypt">
<div class="form-group">
<label class="form-label">CloudFlare DNS API Token <span class="form-required">*</span></label>
<input type="text" name="meta[cloudflare_token]" class="form-control" id="cloudflare_token">
</div>
</div>
<!-- Lets encrypt --> <!-- Lets encrypt -->
<div class="col-sm-12 col-md-12 letsencrypt"> <div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group"> <div class="form-group">

38
frontend/js/app/nginx/dead/form.js
View File

@@ -23,6 +23,9 @@ module.exports = Mn.View.extend({
hsts_enabled: 'input[name="hsts_enabled"]', hsts_enabled: 'input[name="hsts_enabled"]',
hsts_subdomains: 'input[name="hsts_subdomains"]', hsts_subdomains: 'input[name="hsts_subdomains"]',
http2_support: 'input[name="http2_support"]', http2_support: 'input[name="http2_support"]',
cloudflare_switch: 'input[name="meta[cloudflare_use]"]',
cloudflare_token: 'input[name="meta[cloudflare_token]"',
cloudflare: '.cloudflare',
letsencrypt: '.letsencrypt' letsencrypt: '.letsencrypt'
}, },
@@ -31,10 +34,12 @@ module.exports = Mn.View.extend({
let id = this.ui.certificate_select.val(); let id = this.ui.certificate_select.val();
if (id === 'new') { if (id === 'new') {
this.ui.letsencrypt.show().find('input').prop('disabled', false); this.ui.letsencrypt.show().find('input').prop('disabled', false);
this.ui.cloudflare.hide();
} else { } else {
this.ui.letsencrypt.hide().find('input').prop('disabled', true); this.ui.letsencrypt.hide().find('input').prop('disabled', true);
} }
let enabled = id === 'new' || parseInt(id, 10) > 0; let enabled = id === 'new' || parseInt(id, 10) > 0;
let inputs = this.ui.ssl_forced.add(this.ui.http2_support); let inputs = this.ui.ssl_forced.add(this.ui.http2_support);
@@ -76,6 +81,17 @@ module.exports = Mn.View.extend({
} }
}, },
'change @ui.cloudflare_switch': function() {
let checked = this.ui.cloudflare_switch.prop('checked');
if (checked) {
this.ui.cloudflare_token.prop('required', 'required');
this.ui.cloudflare.show();
} else {
this.ui.cloudflare_token.prop('required', false);
this.ui.cloudflare.hide();
}
},
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
@@ -98,20 +114,23 @@ module.exports = Mn.View.extend({
} }
// Check for any domain names containing wildcards, which are not allowed with letsencrypt // Check for any domain names containing wildcards, which are not allowed with letsencrypt
if (data.certificate_id === 'new') { if (data.certificate_id === 'new') {
let domain_err = false; let domain_err = false;
data.domain_names.map(function (name) { if (!data.meta.cloudflare_use) {
if (name.match(/\*/im)) { data.domain_names.map(function (name) {
domain_err = true; if (name.match(/\*/im)) {
} domain_err = true;
}); }
});
}
if (domain_err) { if (domain_err) {
alert('Cannot request Let\'s Encrypt Certificate for wildcard domains'); alert('Cannot request Let\'s Encrypt Certificate for wildcard domains without CloudFlare DNS.');
return; return;
} }
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1'; data.meta.cloudflare_use = data.meta.cloudflare_use === '1';
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1';
} else { } else {
data.certificate_id = parseInt(data.certificate_id, 10); data.certificate_id = parseInt(data.certificate_id, 10);
} }
@@ -127,6 +146,8 @@ module.exports = Mn.View.extend({
} }
this.ui.buttons.prop('disabled', true).addClass('btn-disabled'); this.ui.buttons.prop('disabled', true).addClass('btn-disabled');
this.ui.save.addClass('btn-loading');
method(data) method(data)
.then(result => { .then(result => {
view.model.set(result); view.model.set(result);
@@ -140,6 +161,7 @@ module.exports = Mn.View.extend({
.catch(err => { .catch(err => {
alert(err.message); alert(err.message);
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled');
this.ui.save.removeClass('btn-loading');
}); });
} }
}, },

17
frontend/js/app/nginx/proxy/form.ejs
View File

@@ -141,6 +141,23 @@
</div> </div>
</div> </div>
<!-- CloudFlare -->
<div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group">
<label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="meta[cloudflare_use]" value="1">
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%= i18n('ssl', 'use-cloudflare') %></span>
</label>
</div>
</div>
<div class="col-sm-12 col-md-12 cloudflare letsencrypt">
<div class="form-group">
<label class="form-label">CloudFlare DNS API Token <span class="form-required">*</span></label>
<input type="text" name="meta[cloudflare_token]" class="form-control" id="cloudflare_token">
</div>
</div>
<!-- Lets encrypt --> <!-- Lets encrypt -->
<div class="col-sm-12 col-md-12 letsencrypt"> <div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group"> <div class="form-group">

39
frontend/js/app/nginx/proxy/form.js
View File

@@ -33,6 +33,9 @@ module.exports = Mn.View.extend({
hsts_enabled: 'input[name="hsts_enabled"]', hsts_enabled: 'input[name="hsts_enabled"]',
hsts_subdomains: 'input[name="hsts_subdomains"]', hsts_subdomains: 'input[name="hsts_subdomains"]',
http2_support: 'input[name="http2_support"]', http2_support: 'input[name="http2_support"]',
cloudflare_switch: 'input[name="meta[cloudflare_use]"]',
cloudflare_token: 'input[name="meta[cloudflare_token]"',
cloudflare: '.cloudflare',
forward_scheme: 'select[name="forward_scheme"]', forward_scheme: 'select[name="forward_scheme"]',
letsencrypt: '.letsencrypt' letsencrypt: '.letsencrypt'
}, },
@@ -46,6 +49,7 @@ module.exports = Mn.View.extend({
let id = this.ui.certificate_select.val(); let id = this.ui.certificate_select.val();
if (id === 'new') { if (id === 'new') {
this.ui.letsencrypt.show().find('input').prop('disabled', false); this.ui.letsencrypt.show().find('input').prop('disabled', false);
this.ui.cloudflare.hide();
} else { } else {
this.ui.letsencrypt.hide().find('input').prop('disabled', true); this.ui.letsencrypt.hide().find('input').prop('disabled', true);
} }
@@ -91,6 +95,17 @@ module.exports = Mn.View.extend({
} }
}, },
'change @ui.cloudflare_switch': function() {
let checked = this.ui.cloudflare_switch.prop('checked');
if (checked) {
this.ui.cloudflare_token.prop('required', 'required');
this.ui.cloudflare.show();
} else {
this.ui.cloudflare_token.prop('required', false);
this.ui.cloudflare.hide();
}
},
'click @ui.add_location_btn': function (e) { 'click @ui.add_location_btn': function (e) {
e.preventDefault(); e.preventDefault();
@@ -134,20 +149,23 @@ module.exports = Mn.View.extend({
} }
// Check for any domain names containing wildcards, which are not allowed with letsencrypt // Check for any domain names containing wildcards, which are not allowed with letsencrypt
if (data.certificate_id === 'new') { if (data.certificate_id === 'new') {
let domain_err = false; let domain_err = false;
data.domain_names.map(function (name) { if (!data.meta.cloudflare_use) {
if (name.match(/\*/im)) { data.domain_names.map(function (name) {
domain_err = true; if (name.match(/\*/im)) {
} domain_err = true;
}); }
});
}
if (domain_err) { if (domain_err) {
alert('Cannot request Let\'s Encrypt Certificate for wildcard domains'); alert('Cannot request Let\'s Encrypt Certificate for wildcard domains without CloudFlare DNS.');
return; return;
} }
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1'; data.meta.cloudflare_use = data.meta.cloudflare_use === '1';
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1';
} else { } else {
data.certificate_id = parseInt(data.certificate_id, 10); data.certificate_id = parseInt(data.certificate_id, 10);
} }
@@ -163,6 +181,8 @@ module.exports = Mn.View.extend({
} }
this.ui.buttons.prop('disabled', true).addClass('btn-disabled'); this.ui.buttons.prop('disabled', true).addClass('btn-disabled');
this.ui.save.addClass('btn-loading');
method(data) method(data)
.then(result => { .then(result => {
view.model.set(result); view.model.set(result);
@@ -176,6 +196,7 @@ module.exports = Mn.View.extend({
.catch(err => { .catch(err => {
alert(err.message); alert(err.message);
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled');
this.ui.save.removeClass('btn-loading');
}); });
} }
}, },
@@ -203,7 +224,7 @@ module.exports = Mn.View.extend({
text: input text: input
}; };
}, },
createFilter: /^(?:\*\.)?(?:[^.*]+\.?)+[^.]$/ createFilter: /^(?:\.)?(?:[^.*]+\.?)+[^.]$/
}); });
// Access Lists // Access Lists

17
frontend/js/app/nginx/redirection/form.ejs
View File

@@ -97,6 +97,23 @@
</div> </div>
</div> </div>
<!-- CloudFlare -->
<div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group">
<label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="meta[cloudflare_use]" value="1">
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%= i18n('ssl', 'use-cloudflare') %></span>
</label>
</div>
</div>
<div class="col-sm-12 col-md-12 cloudflare letsencrypt">
<div class="form-group">
<label class="form-label">CloudFlare DNS API Token <span class="form-required">*</span></label>
<input type="text" name="meta[cloudflare_token]" class="form-control" id="cloudflare_token">
</div>
</div>
<!-- Lets encrypt --> <!-- Lets encrypt -->
<div class="col-sm-12 col-md-12 letsencrypt"> <div class="col-sm-12 col-md-12 letsencrypt">
<div class="form-group"> <div class="form-group">

37
frontend/js/app/nginx/redirection/form.js
View File

@@ -23,6 +23,9 @@ module.exports = Mn.View.extend({
hsts_enabled: 'input[name="hsts_enabled"]', hsts_enabled: 'input[name="hsts_enabled"]',
hsts_subdomains: 'input[name="hsts_subdomains"]', hsts_subdomains: 'input[name="hsts_subdomains"]',
http2_support: 'input[name="http2_support"]', http2_support: 'input[name="http2_support"]',
cloudflare_switch: 'input[name="meta[cloudflare_use]"]',
cloudflare_token: 'input[name="meta[cloudflare_token]"',
cloudflare: '.cloudflare',
letsencrypt: '.letsencrypt' letsencrypt: '.letsencrypt'
}, },
@@ -31,6 +34,7 @@ module.exports = Mn.View.extend({
let id = this.ui.certificate_select.val(); let id = this.ui.certificate_select.val();
if (id === 'new') { if (id === 'new') {
this.ui.letsencrypt.show().find('input').prop('disabled', false); this.ui.letsencrypt.show().find('input').prop('disabled', false);
this.ui.cloudflare.hide();
} else { } else {
this.ui.letsencrypt.hide().find('input').prop('disabled', true); this.ui.letsencrypt.hide().find('input').prop('disabled', true);
} }
@@ -76,6 +80,17 @@ module.exports = Mn.View.extend({
} }
}, },
'change @ui.cloudflare_switch': function() {
let checked = this.ui.cloudflare_switch.prop('checked');
if (checked) {
this.ui.cloudflare_token.prop('required', 'required');
this.ui.cloudflare.show();
} else {
this.ui.cloudflare_token.prop('required', false);
this.ui.cloudflare.hide();
}
},
'click @ui.save': function (e) { 'click @ui.save': function (e) {
e.preventDefault(); e.preventDefault();
@@ -100,20 +115,23 @@ module.exports = Mn.View.extend({
} }
// Check for any domain names containing wildcards, which are not allowed with letsencrypt // Check for any domain names containing wildcards, which are not allowed with letsencrypt
if (data.certificate_id === 'new') { if (data.certificate_id === 'new') {
let domain_err = false; let domain_err = false;
data.domain_names.map(function (name) { if (!data.meta.cloudflare_use) {
if (name.match(/\*/im)) { data.domain_names.map(function (name) {
domain_err = true; if (name.match(/\*/im)) {
} domain_err = true;
}); }
});
}
if (domain_err) { if (domain_err) {
alert('Cannot request Let\'s Encrypt Certificate for wildcard domains'); alert('Cannot request Let\'s Encrypt Certificate for wildcard domains without CloudFlare DNS.');
return; return;
} }
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1'; data.meta.cloudflare_use = data.meta.cloudflare_use === '1';
data.meta.letsencrypt_agree = data.meta.letsencrypt_agree === '1';
} else { } else {
data.certificate_id = parseInt(data.certificate_id, 10); data.certificate_id = parseInt(data.certificate_id, 10);
} }
@@ -129,6 +147,8 @@ module.exports = Mn.View.extend({
} }
this.ui.buttons.prop('disabled', true).addClass('btn-disabled'); this.ui.buttons.prop('disabled', true).addClass('btn-disabled');
this.ui.save.addClass('btn-loading');
method(data) method(data)
.then(result => { .then(result => {
view.model.set(result); view.model.set(result);
@@ -142,6 +162,7 @@ module.exports = Mn.View.extend({
.catch(err => { .catch(err => {
alert(err.message); alert(err.message);
this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled');
this.ui.save.removeClass('btn-loading');
}); });
} }
}, },

3
frontend/js/i18n/messages.json
View File

@@ -101,7 +101,8 @@
"letsencrypt-email": "Email Address for Let's Encrypt", "letsencrypt-email": "Email Address for Let's Encrypt",
"letsencrypt-agree": "I Agree to the <a href=\"{url}\" target=\"_blank\">Let's Encrypt Terms of Service</a>", "letsencrypt-agree": "I Agree to the <a href=\"{url}\" target=\"_blank\">Let's Encrypt Terms of Service</a>",
"delete-ssl": "The SSL certificates attached will NOT be removed, they will need to be removed manually.", "delete-ssl": "The SSL certificates attached will NOT be removed, they will need to be removed manually.",
"hosts-warning": "These domains must be already configured to point to this installation" "hosts-warning": "These domains must be already configured to point to this installation",
"use-cloudflare": "Use CloudFlare DNS verification"
}, },
"proxy-hosts": { "proxy-hosts": {
"title": "Proxy Hosts", "title": "Proxy Hosts",