diff options
Diffstat (limited to 'applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js')
| -rw-r--r-- | applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js | 118 |
1 files changed, 118 insertions, 0 deletions
diff --git a/applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js b/applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js new file mode 100644 index 000000000..9f9ff079e --- /dev/null +++ b/applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js @@ -0,0 +1,118 @@ +'use strict'; +'require form'; +'require fs'; +'require view'; + +return view.extend({ + load: function () { + return Promise.all([ + L.resolveDefault(fs.stat('/usr/sbin/nginx'), {}), + L.resolveDefault(fs.stat('/usr/sbin/uhttpd'), {}) + ]); + }, + + render: function (stats) { + var m, s, o; + + m = new form.Map("acme", _("ACME certificates"), + _("This configures ACME (Letsencrypt) automatic certificate installation. " + + "Simply fill out this to have the router configured with Letsencrypt-issued " + + "certificates for the web interface. " + + "Note that the domain names in the certificate must already be configured to " + + "point at the router's public IP address. " + + "Once configured, issuing certificates can take a while. " + + "Check the logs for progress and any errors.")); + + s = m.section(form.TypedSection, "acme", _("ACME global config")); + s.anonymous = true + + o = s.option(form.Value, "state_dir", _("State directory"), + _("Where certs and other state files are kept.")); + o.rmempty = false; + o.datatype = "directory"; + + o = s.option(form.Value, "account_email", _("Account email"), + _("Email address to associate with account key.")) + o.rmempty = false; + o.datatype = "minlength(1)"; + + o = s.option(form.Flag, "debug", _("Enable debug logging")); + o.rmempty = false; + + s = m.section(form.TypedSection, "cert", _("Certificate config")) + s.anonymous = false; + s.addremove = true; + + o = s.option(form.Flag, "enabled", _("Enabled")); + o.rmempty = false; + + o = s.option(form.Flag, "use_staging", _("Use staging server"), + _("Get certificate from the Letsencrypt staging server " + + "(use for testing; the certificate won't be valid).")); + o.rmempty = false; + + o = s.option(form.ListValue, "keylength", _("Key size"), + _("Key size (and type) for the generated certificate.")); + o.value("2048", _("RSA 2048 bits")); + o.value("3072", _("RSA 3072 bits")); + o.value("4096", _("RSA 4096 bits")); + o.value("ec-256", _("ECC 256 bits")); + o.value("ec-384", _("ECC 384 bits")); + o.default = "2048"; + o.rmempty = false; + + if (stats[1].type === 'file') { + o = s.option(form.Flag, "update_uhttpd", _("Use for uhttpd"), + _("Update the uhttpd config with this certificate once issued " + + "(only select this for one certificate). " + + "Is also available luci-app-uhttpd to configure uhttpd form the LuCI interface.")); + o.rmempty = false; + } + + if (stats[0].type === 'file') { + o = s.option(form.Flag, "update_nginx", _("Use for nginx"), + _("Update the nginx config with this certificate once issued " + + "(only select this for one certificate). " + + "Nginx must support ssl, if not it won't start as it needs to be " + + "compiled with ssl support to use cert options")); + o.rmempty = false; + } + + o = s.option(form.Value, "webroot", _("Webroot directory"), + _("Webserver root directory. Set this to the webserver " + + "document root to run Acme in webroot mode. The web " + + "server must be accessible from the internet on port 80.")); + o.optional = true; + + o = s.option(form.DynamicList, "domains", _("Domain names"), + _("Domain names to include in the certificate. " + + "The first name will be the subject name, subsequent names will be alt names. " + + "Note that all domain names must point at the router in the global DNS.")); + o.datatype = "list(string)"; + + s.option(form.Value, "dns", _("DNS API"), + _("To use DNS mode to issue certificates, set this to the name of a DNS API supported by acme.sh. " + + "See https://github.com/acmesh-official/acme.sh/wiki/dnsapi for the list of available APIs. " + + "In DNS mode, the domain name does not have to resolve to the router IP. " + + "DNS mode is also the only mode that supports wildcard certificates. " + + "Using this mode requires the acme-dnsapi package to be installed.")); + + o = s.option(form.DynamicList, "credentials", _("DNS API credentials"), + _("The credentials for the DNS API mode selected above. " + + "See https://github.com/acmesh-official/acme.sh/wiki/dnsapi for the format of credentials required by each API. " + + "Add multiple entries here in KEY=VAL shell variable format to supply multiple credential variables.")) + o.datatype = "list(string)"; + + s.option(form.Value, "calias", _("Challenge Alias"), + _("The challenge alias to use for ALL domains. " + + "See https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode for the details of this process. " + + "LUCI only supports one challenge alias per certificate.")); + + s.option(form.Value, "dalias", _("Domain Alias"), + _("The domain alias to use for ALL domains. " + + "See https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode for the details of this process. " + + "LUCI only supports one challenge domain per certificate.")); + + return m.render() + } +}) |