Skip to content

Commit

Permalink
DNS Credentials are saved in Database
Browse files Browse the repository at this point in the history
  • Loading branch information
Teifun2 committed May 2, 2024
1 parent 7583a46 commit 8854a38
Showing 4 changed files with 140 additions and 18 deletions.
1 change: 1 addition & 0 deletions src/api.go
Original file line number Diff line number Diff line change
@@ -187,6 +187,7 @@ func initAPIs() {
authRouter.HandleFunc("/api/acme/autoRenew/email", acmeAutoRenewer.HandleACMEEmail)
authRouter.HandleFunc("/api/acme/autoRenew/setDomains", acmeAutoRenewer.HandleSetAutoRenewDomains)
authRouter.HandleFunc("/api/acme/autoRenew/setEAB", acmeAutoRenewer.HanldeSetEAB)
authRouter.HandleFunc("/api/acme/autoRenew/setDNS", acmeAutoRenewer.HanldeSetDNS)
authRouter.HandleFunc("/api/acme/autoRenew/listDomains", acmeAutoRenewer.HandleLoadAutoRenewDomains)
authRouter.HandleFunc("/api/acme/autoRenew/renewPolicy", acmeAutoRenewer.HandleRenewPolicy)
authRouter.HandleFunc("/api/acme/autoRenew/renewNow", acmeAutoRenewer.HandleRenewNow)
19 changes: 18 additions & 1 deletion src/mod/acme/acme.go
Original file line number Diff line number Diff line change
@@ -148,8 +148,25 @@ func (a *ACMEHandler) ObtainCert(domains []string, certificateName string, email

// setup how to receive challenge
if dns {
if !a.Database.TableExists("acme") {
a.Database.NewTable("acme")
return false, errors.New("DNS Provider and DNS Credenital configuration required for ACME Provider (Error -1)")
}

if !a.Database.KeyExists("acme", certificateName+"_dns_provider") || !a.Database.KeyExists("acme", certificateName+"_dns_credentials") {
return false, errors.New("DNS Provider and DNS Credenital configuration required for ACME Provider (Error -2)")
}

var dnsCredentials string
err := a.Database.Read("acme", certificateName+"_dns_credentials", &dnsCredentials)

if err != nil {
log.Println(err)
return false, err
}

dynuConfig := dynu.NewDefaultConfig()
dynuConfig.APIKey = "yourApiKey"
dynuConfig.APIKey = dnsCredentials

provider, err := dynu.NewDNSProviderConfig(dynuConfig)
if err != nil {
32 changes: 32 additions & 0 deletions src/mod/acme/autorenew.go
Original file line number Diff line number Diff line change
@@ -404,3 +404,35 @@ func (a *AutoRenewer) HanldeSetEAB(w http.ResponseWriter, r *http.Request) {
utils.SendOK(w)

}


// Handle update auto renew DNS configuration
func (a *AutoRenewer) HanldeSetDNS(w http.ResponseWriter, r *http.Request) {
dnsProvider, err := utils.PostPara(r, "dnsProvider")
if err != nil {
utils.SendErrorResponse(w, "dnsProvider not set")
return
}

dnsCredentials, err := utils.PostPara(r, "dnsCredentials")
if err != nil {
utils.SendErrorResponse(w, "dnsCredentials not set")
return
}

filename, err := utils.PostPara(r, "filename")
if err != nil {
utils.SendErrorResponse(w, "filename not set")
return
}

if !a.AcmeHandler.Database.TableExists("acme") {
a.AcmeHandler.Database.NewTable("acme")
}

a.AcmeHandler.Database.Write("acme", filename+"_dns_provider", dnsProvider)
a.AcmeHandler.Database.Write("acme", filename+"_dns_credentials", dnsCredentials)

utils.SendOK(w)

}
106 changes: 89 additions & 17 deletions src/web/snippet/acme.html
Original file line number Diff line number Diff line change
@@ -346,6 +346,7 @@ <h3>Generate New Certificate</h3>
$("#obtainButton").click(function() {
$("#obtainButton").addClass("loading").addClass("disabled");
updateCertificateEAB();
updateCertificateDNS();
obtainCertificate();
});

@@ -373,8 +374,31 @@ <h3>Generate New Certificate</h3>
}
})

// Get filename form domains and input
function getFilename() {
var domains = $("#domainsInput").val();
var filename = $("#filenameInput").val();
if (filename.trim() == "" && !domains.includes(",")){
//Zoraxy filename are the matching name for domains.
//Use the same as domains
filename = domains;
}else if (filename != "" && !domains.includes(",")){
//Invalid settings. Force the filename to be same as domain
//if there are only 1 domain
filename = domains;
}else if (filename == "" && domains.includes(",")){
parent.msgbox("Filename cannot be empty for certs containing multiple domains.", false, 5000);
$("#obtainButton").removeClass("loading").removeClass("disabled");
return;
}

// Obtain certificate from API
//Filename cannot contain wildcards, and wildcards are possible with DNS challenges
filename = filename.replace("*", "_");
return filename;
}


// Update EAB values for autorenewal
function updateCertificateEAB() {
var ca = $("#ca").dropdown("get value");
var caURL = "";
@@ -431,29 +455,79 @@ <h3>Generate New Certificate</h3>
});
}

// Update DNS values for autorenewal
function updateCertificateDNS() {
var dns = $("#useDnsChallenge")[0].checked;
var dnsProvider = "";
var dnsCredentials = "";

if (dns) {
dnsProvider = $("#dnsProvider").dropdown("get value");
dnsCredentials = $("#dnsCredentials").val();

if(dnsProvider == "") {
parent.msgbox("DNS Provider cannot be empty", false, 5000);
$("#obtainButton").removeClass("loading").removeClass("disabled");
return;
}


if(dnsCredentials == "") {
parent.msgbox("DNS Credentials cannot be empty", false, 5000);
$("#obtainButton").removeClass("loading").removeClass("disabled");
return;
}
} else {
return;
}

var filename = getFilename();
if (filename == '') {
return;
}

$.ajax({
url: "/api/acme/autoRenew/setDNS",
method: "POST",
data: {
filename: filename,
dnsProvider: dnsProvider,
dnsCredentials: dnsCredentials,
},
success: function(response) {
//$("#obtainButton").removeClass("loading").removeClass("disabled");
if (response.error) {
console.log("Error:", response.error);
// Show error message
parent.msgbox(response.error, false, 12000);
} else {
console.log("Certificate DNS updated successfully");
// Show success message
parent.msgbox("Certificate DNS updated successfully");
}
},
error: function(error) {
//$("#obtainButton").removeClass("loading").removeClass("disabled");
console.log("Failed to update DNS configuration:", error);
parent.msgbox("Failed to update DNS configuration");
}
});
}

// Obtain certificate from API
function obtainCertificate() {
var domains = $("#domainsInput").val();
var filename = $("#filenameInput").val();
var filename = getFilename();
if (filename == '') {
return;
}
var email = $("#caRegisterEmail").val();
if (email == ""){
parent.msgbox("ACME renew email is not set", false)
$("#obtainButton").removeClass("loading").removeClass("disabled");
return;
}
if (filename.trim() == "" && !domains.includes(",")){
//Zoraxy filename are the matching name for domains.
//Use the same as domains
filename = domains;
}else if (filename != "" && !domains.includes(",")){
//Invalid settings. Force the filename to be same as domain
//if there are only 1 domain
filename = domains;
}else if (filename == "" && domains.includes(",")){
parent.msgbox("Filename cannot be empty for certs containing multiple domains.", false, 5000);
$("#obtainButton").removeClass("loading").removeClass("disabled");
return;
}


var ca = $("#ca").dropdown("get value");
var caURL = "";
@@ -467,8 +541,6 @@ <h3>Generate New Certificate</h3>
var dnsProvider = "";
var dnsCredentials = "";
if (dns) {
//Filename cannot contain wildcards, and wildcards are possible with DNS challenges
filename = filename.replace("*", "_");
dnsProvider = $("#dnsProvider").dropdown("get value");
dnsCredentials = $("#dnsCredentials").val();
}

0 comments on commit 8854a38

Please sign in to comment.