From 8854a38f49ea580ddb622715c19494f5869f0533 Mon Sep 17 00:00:00 2001 From: Linard Schwendener Date: Thu, 2 May 2024 22:52:51 +0200 Subject: [PATCH] DNS Credentials are saved in Database --- src/api.go | 1 + src/mod/acme/acme.go | 19 ++++++- src/mod/acme/autorenew.go | 32 ++++++++++++ src/web/snippet/acme.html | 106 ++++++++++++++++++++++++++++++++------ 4 files changed, 140 insertions(+), 18 deletions(-) diff --git a/src/api.go b/src/api.go index 9b23057..da4e6c1 100644 --- a/src/api.go +++ b/src/api.go @@ -187,6 +187,7 @@ func initAPIs() { authRouter.HandleFunc("/api/acme/autoRenew/email", acmeAutoRenewer.HandleACMEEmail) authRouter.HandleFunc("/api/acme/autoRenew/setDomains", acmeAutoRenewer.HandleSetAutoRenewDomains) authRouter.HandleFunc("/api/acme/autoRenew/setEAB", acmeAutoRenewer.HanldeSetEAB) + authRouter.HandleFunc("/api/acme/autoRenew/setDNS", acmeAutoRenewer.HanldeSetDNS) authRouter.HandleFunc("/api/acme/autoRenew/listDomains", acmeAutoRenewer.HandleLoadAutoRenewDomains) authRouter.HandleFunc("/api/acme/autoRenew/renewPolicy", acmeAutoRenewer.HandleRenewPolicy) authRouter.HandleFunc("/api/acme/autoRenew/renewNow", acmeAutoRenewer.HandleRenewNow) diff --git a/src/mod/acme/acme.go b/src/mod/acme/acme.go index 210ee92..ded82e1 100644 --- a/src/mod/acme/acme.go +++ b/src/mod/acme/acme.go @@ -148,8 +148,25 @@ func (a *ACMEHandler) ObtainCert(domains []string, certificateName string, email // setup how to receive challenge if dns { + if !a.Database.TableExists("acme") { + a.Database.NewTable("acme") + return false, errors.New("DNS Provider and DNS Credenital configuration required for ACME Provider (Error -1)") + } + + if !a.Database.KeyExists("acme", certificateName+"_dns_provider") || !a.Database.KeyExists("acme", certificateName+"_dns_credentials") { + return false, errors.New("DNS Provider and DNS Credenital configuration required for ACME Provider (Error -2)") + } + + var dnsCredentials string + err := a.Database.Read("acme", certificateName+"_dns_credentials", &dnsCredentials) + + if err != nil { + log.Println(err) + return false, err + } + dynuConfig := dynu.NewDefaultConfig() - dynuConfig.APIKey = "yourApiKey" + dynuConfig.APIKey = dnsCredentials provider, err := dynu.NewDNSProviderConfig(dynuConfig) if err != nil { diff --git a/src/mod/acme/autorenew.go b/src/mod/acme/autorenew.go index 3ff2a69..a5481a9 100644 --- a/src/mod/acme/autorenew.go +++ b/src/mod/acme/autorenew.go @@ -404,3 +404,35 @@ func (a *AutoRenewer) HanldeSetEAB(w http.ResponseWriter, r *http.Request) { utils.SendOK(w) } + + +// Handle update auto renew DNS configuration +func (a *AutoRenewer) HanldeSetDNS(w http.ResponseWriter, r *http.Request) { + dnsProvider, err := utils.PostPara(r, "dnsProvider") + if err != nil { + utils.SendErrorResponse(w, "dnsProvider not set") + return + } + + dnsCredentials, err := utils.PostPara(r, "dnsCredentials") + if err != nil { + utils.SendErrorResponse(w, "dnsCredentials not set") + return + } + + filename, err := utils.PostPara(r, "filename") + if err != nil { + utils.SendErrorResponse(w, "filename not set") + return + } + + if !a.AcmeHandler.Database.TableExists("acme") { + a.AcmeHandler.Database.NewTable("acme") + } + + a.AcmeHandler.Database.Write("acme", filename+"_dns_provider", dnsProvider) + a.AcmeHandler.Database.Write("acme", filename+"_dns_credentials", dnsCredentials) + + utils.SendOK(w) + +} diff --git a/src/web/snippet/acme.html b/src/web/snippet/acme.html index 8b26621..c0a57bd 100644 --- a/src/web/snippet/acme.html +++ b/src/web/snippet/acme.html @@ -346,6 +346,7 @@ $("#obtainButton").click(function() { $("#obtainButton").addClass("loading").addClass("disabled"); updateCertificateEAB(); + updateCertificateDNS(); obtainCertificate(); }); @@ -373,8 +374,31 @@ } }) + // Get filename form domains and input + function getFilename() { + var domains = $("#domainsInput").val(); + var filename = $("#filenameInput").val(); + if (filename.trim() == "" && !domains.includes(",")){ + //Zoraxy filename are the matching name for domains. + //Use the same as domains + filename = domains; + }else if (filename != "" && !domains.includes(",")){ + //Invalid settings. Force the filename to be same as domain + //if there are only 1 domain + filename = domains; + }else if (filename == "" && domains.includes(",")){ + parent.msgbox("Filename cannot be empty for certs containing multiple domains.", false, 5000); + $("#obtainButton").removeClass("loading").removeClass("disabled"); + return; + } - // Obtain certificate from API + //Filename cannot contain wildcards, and wildcards are possible with DNS challenges + filename = filename.replace("*", "_"); + return filename; + } + + + // Update EAB values for autorenewal function updateCertificateEAB() { var ca = $("#ca").dropdown("get value"); var caURL = ""; @@ -431,29 +455,79 @@ }); } + // Update DNS values for autorenewal + function updateCertificateDNS() { + var dns = $("#useDnsChallenge")[0].checked; + var dnsProvider = ""; + var dnsCredentials = ""; + + if (dns) { + dnsProvider = $("#dnsProvider").dropdown("get value"); + dnsCredentials = $("#dnsCredentials").val(); + + if(dnsProvider == "") { + parent.msgbox("DNS Provider cannot be empty", false, 5000); + $("#obtainButton").removeClass("loading").removeClass("disabled"); + return; + } + + + if(dnsCredentials == "") { + parent.msgbox("DNS Credentials cannot be empty", false, 5000); + $("#obtainButton").removeClass("loading").removeClass("disabled"); + return; + } + } else { + return; + } + + var filename = getFilename(); + if (filename == '') { + return; + } + + $.ajax({ + url: "/api/acme/autoRenew/setDNS", + method: "POST", + data: { + filename: filename, + dnsProvider: dnsProvider, + dnsCredentials: dnsCredentials, + }, + success: function(response) { + //$("#obtainButton").removeClass("loading").removeClass("disabled"); + if (response.error) { + console.log("Error:", response.error); + // Show error message + parent.msgbox(response.error, false, 12000); + } else { + console.log("Certificate DNS updated successfully"); + // Show success message + parent.msgbox("Certificate DNS updated successfully"); + } + }, + error: function(error) { + //$("#obtainButton").removeClass("loading").removeClass("disabled"); + console.log("Failed to update DNS configuration:", error); + parent.msgbox("Failed to update DNS configuration"); + } + }); + } + // Obtain certificate from API function obtainCertificate() { var domains = $("#domainsInput").val(); - var filename = $("#filenameInput").val(); + var filename = getFilename(); + if (filename == '') { + return; + } var email = $("#caRegisterEmail").val(); if (email == ""){ parent.msgbox("ACME renew email is not set", false) $("#obtainButton").removeClass("loading").removeClass("disabled"); return; } - if (filename.trim() == "" && !domains.includes(",")){ - //Zoraxy filename are the matching name for domains. - //Use the same as domains - filename = domains; - }else if (filename != "" && !domains.includes(",")){ - //Invalid settings. Force the filename to be same as domain - //if there are only 1 domain - filename = domains; - }else if (filename == "" && domains.includes(",")){ - parent.msgbox("Filename cannot be empty for certs containing multiple domains.", false, 5000); - $("#obtainButton").removeClass("loading").removeClass("disabled"); - return; - } + var ca = $("#ca").dropdown("get value"); var caURL = ""; @@ -467,8 +541,6 @@ var dnsProvider = ""; var dnsCredentials = ""; if (dns) { - //Filename cannot contain wildcards, and wildcards are possible with DNS challenges - filename = filename.replace("*", "_"); dnsProvider = $("#dnsProvider").dropdown("get value"); dnsCredentials = $("#dnsCredentials").val(); }