luci-app-acme: convert to client side rendering
[project/luci.git] / applications / luci-app-acme / htdocs / luci-static / resources / view / acme.js
1 'use strict';
2 'require form';
3 'require fs';
4 'require view';
5
6 return view.extend({
7 load: function () {
8 return Promise.all([
9 L.resolveDefault(fs.stat('/usr/sbin/nginx'), {}),
10 L.resolveDefault(fs.stat('/usr/sbin/uhttpd'), {})
11 ]);
12 },
13
14 render: function (stats) {
15 var m, s, o;
16
17 m = new form.Map("acme", _("ACME certificates"),
18 _("This configures ACME (Letsencrypt) automatic certificate installation. " +
19 "Simply fill out this to have the router configured with Letsencrypt-issued " +
20 "certificates for the web interface. " +
21 "Note that the domain names in the certificate must already be configured to " +
22 "point at the router's public IP address. " +
23 "Once configured, issuing certificates can take a while. " +
24 "Check the logs for progress and any errors."));
25
26 s = m.section(form.TypedSection, "acme", _("ACME global config"));
27 s.anonymous = true
28
29 o = s.option(form.Value, "state_dir", _("State directory"),
30 _("Where certs and other state files are kept."));
31 o.rmempty = false;
32 o.datatype = "directory";
33
34 o = s.option(form.Value, "account_email", _("Account email"),
35 _("Email address to associate with account key."))
36 o.rmempty = false;
37 o.datatype = "minlength(1)";
38
39 o = s.option(form.Flag, "debug", _("Enable debug logging"));
40 o.rmempty = false;
41
42 s = m.section(form.TypedSection, "cert", _("Certificate config"))
43 s.anonymous = false;
44 s.addremove = true;
45
46 o = s.option(form.Flag, "enabled", _("Enabled"));
47 o.rmempty = false;
48
49 o = s.option(form.Flag, "use_staging", _("Use staging server"),
50 _("Get certificate from the Letsencrypt staging server " +
51 "(use for testing; the certificate won't be valid)."));
52 o.rmempty = false;
53
54 o = s.option(form.ListValue, "keylength", _("Key size"),
55 _("Key size (and type) for the generated certificate."));
56 o.value("2048", _("RSA 2048 bits"));
57 o.value("3072", _("RSA 3072 bits"));
58 o.value("4096", _("RSA 4096 bits"));
59 o.value("ec-256", _("ECC 256 bits"));
60 o.value("ec-384", _("ECC 384 bits"));
61 o.default = "2048";
62 o.rmempty = false;
63
64 if (stats[1].type === 'file') {
65 o = s.option(form.Flag, "update_uhttpd", _("Use for uhttpd"),
66 _("Update the uhttpd config with this certificate once issued " +
67 "(only select this for one certificate). " +
68 "Is also available luci-app-uhttpd to configure uhttpd form the LuCI interface."));
69 o.rmempty = false;
70 }
71
72 if (stats[0].type === 'file') {
73 o = s.option(form.Flag, "update_nginx", _("Use for nginx"),
74 _("Update the nginx config with this certificate once issued " +
75 "(only select this for one certificate). " +
76 "Nginx must support ssl, if not it won't start as it needs to be " +
77 "compiled with ssl support to use cert options"));
78 o.rmempty = false;
79 }
80
81 o = s.option(form.Value, "webroot", _("Webroot directory"),
82 _("Webserver root directory. Set this to the webserver " +
83 "document root to run Acme in webroot mode. The web " +
84 "server must be accessible from the internet on port 80."));
85 o.optional = true;
86
87 o = s.option(form.DynamicList, "domains", _("Domain names"),
88 _("Domain names to include in the certificate. " +
89 "The first name will be the subject name, subsequent names will be alt names. " +
90 "Note that all domain names must point at the router in the global DNS."));
91 o.datatype = "list(string)";
92
93 s.option(form.Value, "dns", _("DNS API"),
94 _("To use DNS mode to issue certificates, set this to the name of a DNS API supported by acme.sh. " +
95 "See https://github.com/acmesh-official/acme.sh/wiki/dnsapi for the list of available APIs. " +
96 "In DNS mode, the domain name does not have to resolve to the router IP. " +
97 "DNS mode is also the only mode that supports wildcard certificates. " +
98 "Using this mode requires the acme-dnsapi package to be installed."));
99
100 o = s.option(form.DynamicList, "credentials", _("DNS API credentials"),
101 _("The credentials for the DNS API mode selected above. " +
102 "See https://github.com/acmesh-official/acme.sh/wiki/dnsapi for the format of credentials required by each API. " +
103 "Add multiple entries here in KEY=VAL shell variable format to supply multiple credential variables."))
104 o.datatype = "list(string)";
105
106 s.option(form.Value, "calias", _("Challenge Alias"),
107 _("The challenge alias to use for ALL domains. " +
108 "See https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode for the details of this process. " +
109 "LUCI only supports one challenge alias per certificate."));
110
111 s.option(form.Value, "dalias", _("Domain Alias"),
112 _("The domain alias to use for ALL domains. " +
113 "See https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode for the details of this process. " +
114 "LUCI only supports one challenge domain per certificate."));
115
116 return m.render()
117 }
118 })