summaryrefslogtreecommitdiffhomepage
path: root/applications/luci-app-acme/htdocs
diff options
context:
space:
mode:
Diffstat (limited to 'applications/luci-app-acme/htdocs')
-rw-r--r--applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js118
1 files changed, 118 insertions, 0 deletions
diff --git a/applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js b/applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js
new file mode 100644
index 0000000000..9f9ff079e0
--- /dev/null
+++ b/applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js
@@ -0,0 +1,118 @@
+'use strict';
+'require form';
+'require fs';
+'require view';
+
+return view.extend({
+ load: function () {
+ return Promise.all([
+ L.resolveDefault(fs.stat('/usr/sbin/nginx'), {}),
+ L.resolveDefault(fs.stat('/usr/sbin/uhttpd'), {})
+ ]);
+ },
+
+ render: function (stats) {
+ var m, s, o;
+
+ m = new form.Map("acme", _("ACME certificates"),
+ _("This configures ACME (Letsencrypt) automatic certificate installation. " +
+ "Simply fill out this to have the router configured with Letsencrypt-issued " +
+ "certificates for the web interface. " +
+ "Note that the domain names in the certificate must already be configured to " +
+ "point at the router's public IP address. " +
+ "Once configured, issuing certificates can take a while. " +
+ "Check the logs for progress and any errors."));
+
+ s = m.section(form.TypedSection, "acme", _("ACME global config"));
+ s.anonymous = true
+
+ o = s.option(form.Value, "state_dir", _("State directory"),
+ _("Where certs and other state files are kept."));
+ o.rmempty = false;
+ o.datatype = "directory";
+
+ o = s.option(form.Value, "account_email", _("Account email"),
+ _("Email address to associate with account key."))
+ o.rmempty = false;
+ o.datatype = "minlength(1)";
+
+ o = s.option(form.Flag, "debug", _("Enable debug logging"));
+ o.rmempty = false;
+
+ s = m.section(form.TypedSection, "cert", _("Certificate config"))
+ s.anonymous = false;
+ s.addremove = true;
+
+ o = s.option(form.Flag, "enabled", _("Enabled"));
+ o.rmempty = false;
+
+ o = s.option(form.Flag, "use_staging", _("Use staging server"),
+ _("Get certificate from the Letsencrypt staging server " +
+ "(use for testing; the certificate won't be valid)."));
+ o.rmempty = false;
+
+ o = s.option(form.ListValue, "keylength", _("Key size"),
+ _("Key size (and type) for the generated certificate."));
+ o.value("2048", _("RSA 2048 bits"));
+ o.value("3072", _("RSA 3072 bits"));
+ o.value("4096", _("RSA 4096 bits"));
+ o.value("ec-256", _("ECC 256 bits"));
+ o.value("ec-384", _("ECC 384 bits"));
+ o.default = "2048";
+ o.rmempty = false;
+
+ if (stats[1].type === 'file') {
+ o = s.option(form.Flag, "update_uhttpd", _("Use for uhttpd"),
+ _("Update the uhttpd config with this certificate once issued " +
+ "(only select this for one certificate). " +
+ "Is also available luci-app-uhttpd to configure uhttpd form the LuCI interface."));
+ o.rmempty = false;
+ }
+
+ if (stats[0].type === 'file') {
+ o = s.option(form.Flag, "update_nginx", _("Use for nginx"),
+ _("Update the nginx config with this certificate once issued " +
+ "(only select this for one certificate). " +
+ "Nginx must support ssl, if not it won't start as it needs to be " +
+ "compiled with ssl support to use cert options"));
+ o.rmempty = false;
+ }
+
+ o = s.option(form.Value, "webroot", _("Webroot directory"),
+ _("Webserver root directory. Set this to the webserver " +
+ "document root to run Acme in webroot mode. The web " +
+ "server must be accessible from the internet on port 80."));
+ o.optional = true;
+
+ o = s.option(form.DynamicList, "domains", _("Domain names"),
+ _("Domain names to include in the certificate. " +
+ "The first name will be the subject name, subsequent names will be alt names. " +
+ "Note that all domain names must point at the router in the global DNS."));
+ o.datatype = "list(string)";
+
+ s.option(form.Value, "dns", _("DNS API"),
+ _("To use DNS mode to issue certificates, set this to the name of a DNS API supported by acme.sh. " +
+ "See https://github.com/acmesh-official/acme.sh/wiki/dnsapi for the list of available APIs. " +
+ "In DNS mode, the domain name does not have to resolve to the router IP. " +
+ "DNS mode is also the only mode that supports wildcard certificates. " +
+ "Using this mode requires the acme-dnsapi package to be installed."));
+
+ o = s.option(form.DynamicList, "credentials", _("DNS API credentials"),
+ _("The credentials for the DNS API mode selected above. " +
+ "See https://github.com/acmesh-official/acme.sh/wiki/dnsapi for the format of credentials required by each API. " +
+ "Add multiple entries here in KEY=VAL shell variable format to supply multiple credential variables."))
+ o.datatype = "list(string)";
+
+ s.option(form.Value, "calias", _("Challenge Alias"),
+ _("The challenge alias to use for ALL domains. " +
+ "See https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode for the details of this process. " +
+ "LUCI only supports one challenge alias per certificate."));
+
+ s.option(form.Value, "dalias", _("Domain Alias"),
+ _("The domain alias to use for ALL domains. " +
+ "See https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode for the details of this process. " +
+ "LUCI only supports one challenge domain per certificate."));
+
+ return m.render()
+ }
+})