@serve.zone/dcrouter 13.7.1 → 13.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist_serve/bundle.js +707 -563
- package/dist_ts/00_commitinfo_data.js +1 -1
- package/dist_ts/acme/index.d.ts +1 -0
- package/dist_ts/acme/index.js +2 -0
- package/dist_ts/acme/manager.acme-config.d.ts +48 -0
- package/dist_ts/acme/manager.acme-config.js +156 -0
- package/dist_ts/classes.dcrouter.d.ts +2 -0
- package/dist_ts/classes.dcrouter.js +58 -20
- package/dist_ts/db/documents/classes.acme-config.doc.d.ts +22 -0
- package/dist_ts/db/documents/classes.acme-config.doc.js +121 -0
- package/dist_ts/db/documents/index.d.ts +1 -0
- package/dist_ts/db/documents/index.js +3 -1
- package/dist_ts/opsserver/classes.opsserver.d.ts +1 -0
- package/dist_ts/opsserver/classes.opsserver.js +3 -1
- package/dist_ts/opsserver/handlers/acme-config.handler.d.ts +16 -0
- package/dist_ts/opsserver/handlers/acme-config.handler.js +77 -0
- package/dist_ts/opsserver/handlers/index.d.ts +1 -0
- package/dist_ts/opsserver/handlers/index.js +2 -1
- package/dist_ts_interfaces/data/acme-config.d.ts +25 -0
- package/dist_ts_interfaces/data/acme-config.js +2 -0
- package/dist_ts_interfaces/data/index.d.ts +1 -0
- package/dist_ts_interfaces/data/index.js +2 -1
- package/dist_ts_interfaces/data/route-management.d.ts +1 -1
- package/dist_ts_interfaces/requests/acme-config.d.ts +42 -0
- package/dist_ts_interfaces/requests/acme-config.js +2 -0
- package/dist_ts_interfaces/requests/index.d.ts +1 -0
- package/dist_ts_interfaces/requests/index.js +2 -1
- package/dist_ts_web/00_commitinfo_data.js +1 -1
- package/dist_ts_web/appstate.d.ts +15 -0
- package/dist_ts_web/appstate.js +60 -1
- package/dist_ts_web/elements/domains/ops-view-certificates.d.ts +3 -0
- package/dist_ts_web/elements/domains/ops-view-certificates.js +208 -4
- package/package.json +1 -1
- package/ts/00_commitinfo_data.ts +1 -1
- package/ts/acme/index.ts +1 -0
- package/ts/acme/manager.acme-config.ts +182 -0
- package/ts/classes.dcrouter.ts +72 -25
- package/ts/db/documents/classes.acme-config.doc.ts +49 -0
- package/ts/db/documents/index.ts +3 -0
- package/ts/opsserver/classes.opsserver.ts +2 -0
- package/ts/opsserver/handlers/acme-config.handler.ts +94 -0
- package/ts/opsserver/handlers/index.ts +2 -1
- package/ts_web/00_commitinfo_data.ts +1 -1
- package/ts_web/appstate.ts +88 -0
- package/ts_web/elements/domains/ops-view-certificates.ts +205 -2
|
@@ -0,0 +1,121 @@
|
|
|
1
|
+
var __esDecorate = (this && this.__esDecorate) || function (ctor, descriptorIn, decorators, contextIn, initializers, extraInitializers) {
|
|
2
|
+
function accept(f) { if (f !== void 0 && typeof f !== "function") throw new TypeError("Function expected"); return f; }
|
|
3
|
+
var kind = contextIn.kind, key = kind === "getter" ? "get" : kind === "setter" ? "set" : "value";
|
|
4
|
+
var target = !descriptorIn && ctor ? contextIn["static"] ? ctor : ctor.prototype : null;
|
|
5
|
+
var descriptor = descriptorIn || (target ? Object.getOwnPropertyDescriptor(target, contextIn.name) : {});
|
|
6
|
+
var _, done = false;
|
|
7
|
+
for (var i = decorators.length - 1; i >= 0; i--) {
|
|
8
|
+
var context = {};
|
|
9
|
+
for (var p in contextIn) context[p] = p === "access" ? {} : contextIn[p];
|
|
10
|
+
for (var p in contextIn.access) context.access[p] = contextIn.access[p];
|
|
11
|
+
context.addInitializer = function (f) { if (done) throw new TypeError("Cannot add initializers after decoration has completed"); extraInitializers.push(accept(f || null)); };
|
|
12
|
+
var result = (0, decorators[i])(kind === "accessor" ? { get: descriptor.get, set: descriptor.set } : descriptor[key], context);
|
|
13
|
+
if (kind === "accessor") {
|
|
14
|
+
if (result === void 0) continue;
|
|
15
|
+
if (result === null || typeof result !== "object") throw new TypeError("Object expected");
|
|
16
|
+
if (_ = accept(result.get)) descriptor.get = _;
|
|
17
|
+
if (_ = accept(result.set)) descriptor.set = _;
|
|
18
|
+
if (_ = accept(result.init)) initializers.unshift(_);
|
|
19
|
+
}
|
|
20
|
+
else if (_ = accept(result)) {
|
|
21
|
+
if (kind === "field") initializers.unshift(_);
|
|
22
|
+
else descriptor[key] = _;
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
if (target) Object.defineProperty(target, contextIn.name, descriptor);
|
|
26
|
+
done = true;
|
|
27
|
+
};
|
|
28
|
+
var __runInitializers = (this && this.__runInitializers) || function (thisArg, initializers, value) {
|
|
29
|
+
var useValue = arguments.length > 2;
|
|
30
|
+
for (var i = 0; i < initializers.length; i++) {
|
|
31
|
+
value = useValue ? initializers[i].call(thisArg, value) : initializers[i].call(thisArg);
|
|
32
|
+
}
|
|
33
|
+
return useValue ? value : void 0;
|
|
34
|
+
};
|
|
35
|
+
import * as plugins from '../../plugins.js';
|
|
36
|
+
import { DcRouterDb } from '../classes.dcrouter-db.js';
|
|
37
|
+
const getDb = () => DcRouterDb.getInstance().getDb();
|
|
38
|
+
/**
|
|
39
|
+
* Singleton ACME configuration document. One row per dcrouter instance,
|
|
40
|
+
* keyed on the fixed `configId = 'acme-config'` following the
|
|
41
|
+
* `VpnServerKeysDoc` pattern.
|
|
42
|
+
*
|
|
43
|
+
* Replaces the legacy `tls.contactEmail` and `smartProxyConfig.acme.*`
|
|
44
|
+
* constructor fields. Managed via the OpsServer UI at
|
|
45
|
+
* **Domains > Certificates > Settings**.
|
|
46
|
+
*/
|
|
47
|
+
let AcmeConfigDoc = (() => {
|
|
48
|
+
let _classDecorators = [plugins.smartdata.Collection(() => getDb())];
|
|
49
|
+
let _classDescriptor;
|
|
50
|
+
let _classExtraInitializers = [];
|
|
51
|
+
let _classThis;
|
|
52
|
+
let _classSuper = plugins.smartdata.SmartDataDbDoc;
|
|
53
|
+
let _configId_decorators;
|
|
54
|
+
let _configId_initializers = [];
|
|
55
|
+
let _configId_extraInitializers = [];
|
|
56
|
+
let _accountEmail_decorators;
|
|
57
|
+
let _accountEmail_initializers = [];
|
|
58
|
+
let _accountEmail_extraInitializers = [];
|
|
59
|
+
let _enabled_decorators;
|
|
60
|
+
let _enabled_initializers = [];
|
|
61
|
+
let _enabled_extraInitializers = [];
|
|
62
|
+
let _useProduction_decorators;
|
|
63
|
+
let _useProduction_initializers = [];
|
|
64
|
+
let _useProduction_extraInitializers = [];
|
|
65
|
+
let _autoRenew_decorators;
|
|
66
|
+
let _autoRenew_initializers = [];
|
|
67
|
+
let _autoRenew_extraInitializers = [];
|
|
68
|
+
let _renewThresholdDays_decorators;
|
|
69
|
+
let _renewThresholdDays_initializers = [];
|
|
70
|
+
let _renewThresholdDays_extraInitializers = [];
|
|
71
|
+
let _updatedAt_decorators;
|
|
72
|
+
let _updatedAt_initializers = [];
|
|
73
|
+
let _updatedAt_extraInitializers = [];
|
|
74
|
+
let _updatedBy_decorators;
|
|
75
|
+
let _updatedBy_initializers = [];
|
|
76
|
+
let _updatedBy_extraInitializers = [];
|
|
77
|
+
var AcmeConfigDoc = class extends _classSuper {
|
|
78
|
+
static { _classThis = this; }
|
|
79
|
+
static {
|
|
80
|
+
const _metadata = typeof Symbol === "function" && Symbol.metadata ? Object.create(_classSuper[Symbol.metadata] ?? null) : void 0;
|
|
81
|
+
_configId_decorators = [plugins.smartdata.unI(), plugins.smartdata.svDb()];
|
|
82
|
+
_accountEmail_decorators = [plugins.smartdata.svDb()];
|
|
83
|
+
_enabled_decorators = [plugins.smartdata.svDb()];
|
|
84
|
+
_useProduction_decorators = [plugins.smartdata.svDb()];
|
|
85
|
+
_autoRenew_decorators = [plugins.smartdata.svDb()];
|
|
86
|
+
_renewThresholdDays_decorators = [plugins.smartdata.svDb()];
|
|
87
|
+
_updatedAt_decorators = [plugins.smartdata.svDb()];
|
|
88
|
+
_updatedBy_decorators = [plugins.smartdata.svDb()];
|
|
89
|
+
__esDecorate(null, null, _configId_decorators, { kind: "field", name: "configId", static: false, private: false, access: { has: obj => "configId" in obj, get: obj => obj.configId, set: (obj, value) => { obj.configId = value; } }, metadata: _metadata }, _configId_initializers, _configId_extraInitializers);
|
|
90
|
+
__esDecorate(null, null, _accountEmail_decorators, { kind: "field", name: "accountEmail", static: false, private: false, access: { has: obj => "accountEmail" in obj, get: obj => obj.accountEmail, set: (obj, value) => { obj.accountEmail = value; } }, metadata: _metadata }, _accountEmail_initializers, _accountEmail_extraInitializers);
|
|
91
|
+
__esDecorate(null, null, _enabled_decorators, { kind: "field", name: "enabled", static: false, private: false, access: { has: obj => "enabled" in obj, get: obj => obj.enabled, set: (obj, value) => { obj.enabled = value; } }, metadata: _metadata }, _enabled_initializers, _enabled_extraInitializers);
|
|
92
|
+
__esDecorate(null, null, _useProduction_decorators, { kind: "field", name: "useProduction", static: false, private: false, access: { has: obj => "useProduction" in obj, get: obj => obj.useProduction, set: (obj, value) => { obj.useProduction = value; } }, metadata: _metadata }, _useProduction_initializers, _useProduction_extraInitializers);
|
|
93
|
+
__esDecorate(null, null, _autoRenew_decorators, { kind: "field", name: "autoRenew", static: false, private: false, access: { has: obj => "autoRenew" in obj, get: obj => obj.autoRenew, set: (obj, value) => { obj.autoRenew = value; } }, metadata: _metadata }, _autoRenew_initializers, _autoRenew_extraInitializers);
|
|
94
|
+
__esDecorate(null, null, _renewThresholdDays_decorators, { kind: "field", name: "renewThresholdDays", static: false, private: false, access: { has: obj => "renewThresholdDays" in obj, get: obj => obj.renewThresholdDays, set: (obj, value) => { obj.renewThresholdDays = value; } }, metadata: _metadata }, _renewThresholdDays_initializers, _renewThresholdDays_extraInitializers);
|
|
95
|
+
__esDecorate(null, null, _updatedAt_decorators, { kind: "field", name: "updatedAt", static: false, private: false, access: { has: obj => "updatedAt" in obj, get: obj => obj.updatedAt, set: (obj, value) => { obj.updatedAt = value; } }, metadata: _metadata }, _updatedAt_initializers, _updatedAt_extraInitializers);
|
|
96
|
+
__esDecorate(null, null, _updatedBy_decorators, { kind: "field", name: "updatedBy", static: false, private: false, access: { has: obj => "updatedBy" in obj, get: obj => obj.updatedBy, set: (obj, value) => { obj.updatedBy = value; } }, metadata: _metadata }, _updatedBy_initializers, _updatedBy_extraInitializers);
|
|
97
|
+
__esDecorate(null, _classDescriptor = { value: _classThis }, _classDecorators, { kind: "class", name: _classThis.name, metadata: _metadata }, null, _classExtraInitializers);
|
|
98
|
+
AcmeConfigDoc = _classThis = _classDescriptor.value;
|
|
99
|
+
if (_metadata) Object.defineProperty(_classThis, Symbol.metadata, { enumerable: true, configurable: true, writable: true, value: _metadata });
|
|
100
|
+
__runInitializers(_classThis, _classExtraInitializers);
|
|
101
|
+
}
|
|
102
|
+
configId = __runInitializers(this, _configId_initializers, 'acme-config');
|
|
103
|
+
accountEmail = (__runInitializers(this, _configId_extraInitializers), __runInitializers(this, _accountEmail_initializers, ''));
|
|
104
|
+
enabled = (__runInitializers(this, _accountEmail_extraInitializers), __runInitializers(this, _enabled_initializers, true));
|
|
105
|
+
useProduction = (__runInitializers(this, _enabled_extraInitializers), __runInitializers(this, _useProduction_initializers, true));
|
|
106
|
+
autoRenew = (__runInitializers(this, _useProduction_extraInitializers), __runInitializers(this, _autoRenew_initializers, true));
|
|
107
|
+
renewThresholdDays = (__runInitializers(this, _autoRenew_extraInitializers), __runInitializers(this, _renewThresholdDays_initializers, 30));
|
|
108
|
+
updatedAt = (__runInitializers(this, _renewThresholdDays_extraInitializers), __runInitializers(this, _updatedAt_initializers, 0));
|
|
109
|
+
updatedBy = (__runInitializers(this, _updatedAt_extraInitializers), __runInitializers(this, _updatedBy_initializers, ''));
|
|
110
|
+
constructor() {
|
|
111
|
+
super();
|
|
112
|
+
__runInitializers(this, _updatedBy_extraInitializers);
|
|
113
|
+
}
|
|
114
|
+
static async load() {
|
|
115
|
+
return await AcmeConfigDoc.getInstance({ configId: 'acme-config' });
|
|
116
|
+
}
|
|
117
|
+
};
|
|
118
|
+
return AcmeConfigDoc = _classThis;
|
|
119
|
+
})();
|
|
120
|
+
export { AcmeConfigDoc };
|
|
121
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5hY21lLWNvbmZpZy5kb2MuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90cy9kYi9kb2N1bWVudHMvY2xhc3Nlcy5hY21lLWNvbmZpZy5kb2MudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLE9BQU8sS0FBSyxPQUFPLE1BQU0sa0JBQWtCLENBQUM7QUFDNUMsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLDJCQUEyQixDQUFDO0FBRXZELE1BQU0sS0FBSyxHQUFHLEdBQUcsRUFBRSxDQUFDLFVBQVUsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxLQUFLLEVBQUUsQ0FBQztBQUVyRDs7Ozs7Ozs7R0FRRztJQUVVLGFBQWE7NEJBRHpCLE9BQU8sQ0FBQyxTQUFTLENBQUMsVUFBVSxDQUFDLEdBQUcsRUFBRSxDQUFDLEtBQUssRUFBRSxDQUFDOzs7O3NCQUNULE9BQU8sQ0FBQyxTQUFTLENBQUMsY0FBYzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs2QkFBeEMsU0FBUSxXQUE4RDs7OztvQ0FDOUYsT0FBTyxDQUFDLFNBQVMsQ0FBQyxHQUFHLEVBQUUsRUFDdkIsT0FBTyxDQUFDLFNBQVMsQ0FBQyxJQUFJLEVBQUU7d0NBR3hCLE9BQU8sQ0FBQyxTQUFTLENBQUMsSUFBSSxFQUFFO21DQUd4QixPQUFPLENBQUMsU0FBUyxDQUFDLElBQUksRUFBRTt5Q0FHeEIsT0FBTyxDQUFDLFNBQVMsQ0FBQyxJQUFJLEVBQUU7cUNBR3hCLE9BQU8sQ0FBQyxTQUFTLENBQUMsSUFBSSxFQUFFOzhDQUd4QixPQUFPLENBQUMsU0FBUyxDQUFDLElBQUksRUFBRTtxQ0FHeEIsT0FBTyxDQUFDLFNBQVMsQ0FBQyxJQUFJLEVBQUU7cUNBR3hCLE9BQU8sQ0FBQyxTQUFTLENBQUMsSUFBSSxFQUFFO1lBcEJ6QiwwS0FBTyxRQUFRLDZCQUFSLFFBQVEsMkZBQXlCO1lBR3hDLHNMQUFPLFlBQVksNkJBQVosWUFBWSxtR0FBYztZQUdqQyx1S0FBTyxPQUFPLDZCQUFQLE9BQU8seUZBQWlCO1lBRy9CLHlMQUFPLGFBQWEsNkJBQWIsYUFBYSxxR0FBaUI7WUFHckMsNktBQU8sU0FBUyw2QkFBVCxTQUFTLDZGQUFpQjtZQUdqQyx3TUFBTyxrQkFBa0IsNkJBQWxCLGtCQUFrQiwrR0FBYztZQUd2Qyw2S0FBTyxTQUFTLDZCQUFULFNBQVMsNkZBQWE7WUFHN0IsNktBQU8sU0FBUyw2QkFBVCxTQUFTLDZGQUFjO1lBeEJoQyw2S0FpQ0M7OztZQWpDWSx1REFBYTs7UUFHakIsUUFBUSxtREFBVyxhQUFhLEVBQUM7UUFHakMsWUFBWSw4R0FBVyxFQUFFLEdBQUM7UUFHMUIsT0FBTyw2R0FBWSxJQUFJLEdBQUM7UUFHeEIsYUFBYSw4R0FBWSxJQUFJLEdBQUM7UUFHOUIsU0FBUyxnSEFBWSxJQUFJLEdBQUM7UUFHMUIsa0JBQWtCLHFIQUFXLEVBQUUsR0FBQztRQUdoQyxTQUFTLHFIQUFXLENBQUMsR0FBQztRQUd0QixTQUFTLDRHQUFXLEVBQUUsR0FBQztRQUU5QjtZQUNFLEtBQUssRUFBRSxDQUFDOztTQUNUO1FBRU0sTUFBTSxDQUFDLEtBQUssQ0FBQyxJQUFJO1lBQ3RCLE9BQU8sTUFBTSxhQUFhLENBQUMsV0FBVyxDQUFDLEVBQUUsUUFBUSxFQUFFLGFBQWEsRUFBRSxDQUFDLENBQUM7UUFDdEUsQ0FBQzs7OztTQWhDVSxhQUFhIn0=
|
|
@@ -24,4 +24,6 @@ export * from './classes.accounting-session.doc.js';
|
|
|
24
24
|
export * from './classes.dns-provider.doc.js';
|
|
25
25
|
export * from './classes.domain.doc.js';
|
|
26
26
|
export * from './classes.dns-record.doc.js';
|
|
27
|
-
|
|
27
|
+
// ACME configuration (singleton)
|
|
28
|
+
export * from './classes.acme-config.doc.js';
|
|
29
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90cy9kYi9kb2N1bWVudHMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsOEJBQThCO0FBQzlCLGNBQWMsMkJBQTJCLENBQUM7QUFDMUMsY0FBYyxtQ0FBbUMsQ0FBQztBQUVsRCwwQkFBMEI7QUFDMUIsY0FBYywrQkFBK0IsQ0FBQztBQUM5QyxjQUFjLGlDQUFpQyxDQUFDO0FBQ2hELGNBQWMsNEJBQTRCLENBQUM7QUFDM0MsY0FBYyxpQ0FBaUMsQ0FBQztBQUNoRCxjQUFjLGlDQUFpQyxDQUFDO0FBQ2hELGNBQWMsaUNBQWlDLENBQUM7QUFFaEQsdUJBQXVCO0FBQ3ZCLGNBQWMsa0NBQWtDLENBQUM7QUFDakQsY0FBYyw2QkFBNkIsQ0FBQztBQUU1QywrQkFBK0I7QUFDL0IsY0FBYyw0QkFBNEIsQ0FBQztBQUMzQyxjQUFjLDZCQUE2QixDQUFDO0FBQzVDLGNBQWMsK0JBQStCLENBQUM7QUFFOUMsa0NBQWtDO0FBQ2xDLGNBQWMsc0NBQXNDLENBQUM7QUFFckQsMEJBQTBCO0FBQzFCLGNBQWMsZ0NBQWdDLENBQUM7QUFDL0MsY0FBYyxxQ0FBcUMsQ0FBQztBQUVwRCwyQ0FBMkM7QUFDM0MsY0FBYywrQkFBK0IsQ0FBQztBQUM5QyxjQUFjLHlCQUF5QixDQUFDO0FBQ3hDLGNBQWMsNkJBQTZCLENBQUM7QUFFNUMsaUNBQWlDO0FBQ2pDLGNBQWMsOEJBQThCLENBQUMifQ==
|
|
@@ -31,6 +31,7 @@ export class OpsServer {
|
|
|
31
31
|
dnsProviderHandler;
|
|
32
32
|
domainHandler;
|
|
33
33
|
dnsRecordHandler;
|
|
34
|
+
acmeConfigHandler;
|
|
34
35
|
constructor(dcRouterRefArg) {
|
|
35
36
|
this.dcRouterRef = dcRouterRefArg;
|
|
36
37
|
// Add our typedrouter to the dcRouter's main typedrouter
|
|
@@ -86,6 +87,7 @@ export class OpsServer {
|
|
|
86
87
|
this.dnsProviderHandler = new handlers.DnsProviderHandler(this);
|
|
87
88
|
this.domainHandler = new handlers.DomainHandler(this);
|
|
88
89
|
this.dnsRecordHandler = new handlers.DnsRecordHandler(this);
|
|
90
|
+
this.acmeConfigHandler = new handlers.AcmeConfigHandler(this);
|
|
89
91
|
console.log('✅ OpsServer TypedRequest handlers initialized');
|
|
90
92
|
}
|
|
91
93
|
async stop() {
|
|
@@ -98,4 +100,4 @@ export class OpsServer {
|
|
|
98
100
|
}
|
|
99
101
|
}
|
|
100
102
|
}
|
|
101
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
103
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5vcHNzZXJ2ZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi90cy9vcHNzZXJ2ZXIvY2xhc3Nlcy5vcHNzZXJ2ZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQ0EsT0FBTyxLQUFLLE9BQU8sTUFBTSxlQUFlLENBQUM7QUFDekMsT0FBTyxLQUFLLEtBQUssTUFBTSxhQUFhLENBQUM7QUFDckMsT0FBTyxLQUFLLFFBQVEsTUFBTSxxQkFBcUIsQ0FBQztBQUNoRCxPQUFPLEtBQUssVUFBVSxNQUFNLDhCQUE4QixDQUFDO0FBQzNELE9BQU8sRUFBRSxvQkFBb0IsRUFBRSxvQkFBb0IsRUFBRSxNQUFNLHFCQUFxQixDQUFDO0FBRWpGLE1BQU0sT0FBTyxTQUFTO0lBQ2IsV0FBVyxDQUFXO0lBQ3RCLE1BQU0sQ0FBMkQ7SUFFeEUsMkZBQTJGO0lBQ3BGLFdBQVcsR0FBRyxJQUFJLE9BQU8sQ0FBQyxZQUFZLENBQUMsV0FBVyxFQUFFLENBQUM7SUFFNUQsZ0ZBQWdGO0lBQ3pFLFVBQVUsR0FBRyxJQUFJLE9BQU8sQ0FBQyxZQUFZLENBQUMsV0FBVyxFQUF3RCxDQUFDO0lBQzFHLFdBQVcsR0FBRyxJQUFJLE9BQU8sQ0FBQyxZQUFZLENBQUMsV0FBVyxFQUF3RCxDQUFDO0lBRWxILG9CQUFvQjtJQUNiLFlBQVksQ0FBeUI7SUFDcEMsYUFBYSxDQUEwQjtJQUN2QyxXQUFXLENBQXdCO0lBQ25DLGVBQWUsQ0FBNEI7SUFDM0MsWUFBWSxDQUF5QjtJQUNyQyxhQUFhLENBQTBCO0lBQ3ZDLGVBQWUsQ0FBNEI7SUFDM0Msa0JBQWtCLENBQStCO0lBQ2pELG9CQUFvQixDQUFpQztJQUNyRCxzQkFBc0IsQ0FBbUM7SUFDekQsZUFBZSxDQUE0QjtJQUMzQyxVQUFVLENBQXVCO0lBQ2pDLG9CQUFvQixDQUFpQztJQUNyRCxvQkFBb0IsQ0FBaUM7SUFDckQsb0JBQW9CLENBQWlDO0lBQ3JELFlBQVksQ0FBeUI7SUFDckMsa0JBQWtCLENBQStCO0lBQ2pELGFBQWEsQ0FBMEI7SUFDdkMsZ0JBQWdCLENBQTZCO0lBQzdDLGlCQUFpQixDQUE4QjtJQUV2RCxZQUFZLGNBQXdCO1FBQ2xDLElBQUksQ0FBQyxXQUFXLEdBQUcsY0FBYyxDQUFDO1FBRWxDLHlEQUF5RDtRQUN6RCxJQUFJLENBQUMsV0FBVyxDQUFDLFdBQVcsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQ2hFLENBQUM7SUFFTSxLQUFLLENBQUMsS0FBSztRQUNoQixJQUFJLENBQUMsTUFBTSxHQUFHLElBQUksT0FBTyxDQUFDLFdBQVcsQ0FBQyxjQUFjLENBQUMsb0JBQW9CLENBQUM7WUFDeEUsTUFBTSxFQUFFLFdBQVc7WUFDbkIsWUFBWSxFQUFFLFNBQVM7WUFDdkIsUUFBUSxFQUFFLEtBQUssQ0FBQyxTQUFTO1NBQzFCLENBQUMsQ0FBQztRQUVILHlEQUF5RDtRQUN6RCxnRUFBZ0U7UUFDaEUsSUFBSSxDQUFDLE1BQU0sQ0FBQyxXQUFXLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFckUsa0JBQWtCO1FBQ2xCLE1BQU0sSUFBSSxDQUFDLGFBQWEsRUFBRSxDQUFDO1FBRTNCLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQUMsYUFBYSxJQUFJLElBQUksQ0FBQyxDQUFDO0lBQzFFLENBQUM7SUFFRDs7T0FFRztJQUNLLEtBQUssQ0FBQyxhQUFhO1FBQ3pCLHVFQUF1RTtRQUN2RSxJQUFJLENBQUMsWUFBWSxHQUFHLElBQUksUUFBUSxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNwRCxNQUFNLElBQUksQ0FBQyxZQUFZLENBQUMsVUFBVSxFQUFFLENBQUM7UUFFckMsc0VBQXNFO1FBQ3RFLElBQUksQ0FBQyxVQUFVLENBQUMsYUFBYSxDQUFDLEtBQUssRUFBRSxZQUFZLEVBQUUsRUFBRTtZQUNuRCxNQUFNLG9CQUFvQixDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUUsWUFBWSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3RFLENBQUMsQ0FBQyxDQUFDO1FBRUgsa0RBQWtEO1FBQ2xELElBQUksQ0FBQyxXQUFXLENBQUMsYUFBYSxDQUFDLEtBQUssRUFBRSxZQUFZLEVBQUUsRUFBRTtZQUNwRCxNQUFNLG9CQUFvQixDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUUsWUFBWSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3RFLENBQUMsQ0FBQyxDQUFDO1FBRUgsK0NBQStDO1FBQy9DLElBQUksQ0FBQyxXQUFXLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUNqRCxJQUFJLENBQUMsV0FBVyxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUM7UUFFbEQsNEVBQTRFO1FBQzVFLElBQUksQ0FBQyxhQUFhLEdBQUcsSUFBSSxRQUFRLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3RELElBQUksQ0FBQyxXQUFXLEdBQUcsSUFBSSxRQUFRLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ2xELElBQUksQ0FBQyxlQUFlLEdBQUcsSUFBSSxRQUFRLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQzFELElBQUksQ0FBQyxZQUFZLEdBQUcsSUFBSSxRQUFRLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3BELElBQUksQ0FBQyxhQUFhLEdBQUcsSUFBSSxRQUFRLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3RELElBQUksQ0FBQyxlQUFlLEdBQUcsSUFBSSxRQUFRLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQzFELElBQUksQ0FBQyxrQkFBa0IsR0FBRyxJQUFJLFFBQVEsQ0FBQyxrQkFBa0IsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNoRSxJQUFJLENBQUMsb0JBQW9CLEdBQUcsSUFBSSxRQUFRLENBQUMsb0JBQW9CLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDcEUsSUFBSSxDQUFDLHNCQUFzQixHQUFHLElBQUksUUFBUSxDQUFDLHNCQUFzQixDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3hFLElBQUksQ0FBQyxlQUFlLEdBQUcsSUFBSSxRQUFRLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQzFELElBQUksQ0FBQyxVQUFVLEdBQUcsSUFBSSxRQUFRLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ2hELElBQUksQ0FBQyxvQkFBb0IsR0FBRyxJQUFJLFFBQVEsQ0FBQyxvQkFBb0IsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNwRSxJQUFJLENBQUMsb0JBQW9CLEdBQUcsSUFBSSxRQUFRLENBQUMsb0JBQW9CLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDcEUsSUFBSSxDQUFDLG9CQUFvQixHQUFHLElBQUksUUFBUSxDQUFDLG9CQUFvQixDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3BFLElBQUksQ0FBQyxZQUFZLEdBQUcsSUFBSSxRQUFRLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3BELElBQUksQ0FBQyxrQkFBa0IsR0FBRyxJQUFJLFFBQVEsQ0FBQyxrQkFBa0IsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNoRSxJQUFJLENBQUMsYUFBYSxHQUFHLElBQUksUUFBUSxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUN0RCxJQUFJLENBQUMsZ0JBQWdCLEdBQUcsSUFBSSxRQUFRLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDNUQsSUFBSSxDQUFDLGlCQUFpQixHQUFHLElBQUksUUFBUSxDQUFDLGlCQUFpQixDQUFDLElBQUksQ0FBQyxDQUFDO1FBRTlELE9BQU8sQ0FBQyxHQUFHLENBQUMsK0NBQStDLENBQUMsQ0FBQztJQUMvRCxDQUFDO0lBRU0sS0FBSyxDQUFDLElBQUk7UUFDZiwrRUFBK0U7UUFDL0UsSUFBSSxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDckIsSUFBSSxDQUFDLFdBQVcsQ0FBQyxPQUFPLEVBQUUsQ0FBQztRQUM3QixDQUFDO1FBQ0QsSUFBSSxJQUFJLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDaEIsTUFBTSxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksRUFBRSxDQUFDO1FBQzNCLENBQUM7SUFDSCxDQUFDO0NBQ0YifQ==
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import * as plugins from '../../plugins.js';
|
|
2
|
+
import type { OpsServer } from '../classes.opsserver.js';
|
|
3
|
+
import * as interfaces from '../../../dist_ts_interfaces/index.js';
|
|
4
|
+
/**
|
|
5
|
+
* CRUD handler for the singleton `AcmeConfigDoc`.
|
|
6
|
+
*
|
|
7
|
+
* Auth: same dual-mode pattern as other handlers — admin JWT or API token
|
|
8
|
+
* with `acme-config:read` / `acme-config:write` scope.
|
|
9
|
+
*/
|
|
10
|
+
export declare class AcmeConfigHandler {
|
|
11
|
+
private opsServerRef;
|
|
12
|
+
typedrouter: plugins.typedrequest.TypedRouter<interfaces.typedrequestInterfaces.ITypedRequest>;
|
|
13
|
+
constructor(opsServerRef: OpsServer);
|
|
14
|
+
private requireAuth;
|
|
15
|
+
private registerHandlers;
|
|
16
|
+
}
|
|
@@ -0,0 +1,77 @@
|
|
|
1
|
+
import * as plugins from '../../plugins.js';
|
|
2
|
+
import * as interfaces from '../../../dist_ts_interfaces/index.js';
|
|
3
|
+
/**
|
|
4
|
+
* CRUD handler for the singleton `AcmeConfigDoc`.
|
|
5
|
+
*
|
|
6
|
+
* Auth: same dual-mode pattern as other handlers — admin JWT or API token
|
|
7
|
+
* with `acme-config:read` / `acme-config:write` scope.
|
|
8
|
+
*/
|
|
9
|
+
export class AcmeConfigHandler {
|
|
10
|
+
opsServerRef;
|
|
11
|
+
typedrouter = new plugins.typedrequest.TypedRouter();
|
|
12
|
+
constructor(opsServerRef) {
|
|
13
|
+
this.opsServerRef = opsServerRef;
|
|
14
|
+
this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
|
|
15
|
+
this.registerHandlers();
|
|
16
|
+
}
|
|
17
|
+
async requireAuth(request, requiredScope) {
|
|
18
|
+
if (request.identity?.jwt) {
|
|
19
|
+
try {
|
|
20
|
+
const isAdmin = await this.opsServerRef.adminHandler.adminIdentityGuard.exec({
|
|
21
|
+
identity: request.identity,
|
|
22
|
+
});
|
|
23
|
+
if (isAdmin)
|
|
24
|
+
return request.identity.userId;
|
|
25
|
+
}
|
|
26
|
+
catch { /* fall through */ }
|
|
27
|
+
}
|
|
28
|
+
if (request.apiToken) {
|
|
29
|
+
const tokenManager = this.opsServerRef.dcRouterRef.apiTokenManager;
|
|
30
|
+
if (tokenManager) {
|
|
31
|
+
const token = await tokenManager.validateToken(request.apiToken);
|
|
32
|
+
if (token) {
|
|
33
|
+
if (!requiredScope || tokenManager.hasScope(token, requiredScope)) {
|
|
34
|
+
return token.createdBy;
|
|
35
|
+
}
|
|
36
|
+
throw new plugins.typedrequest.TypedResponseError('insufficient scope');
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
throw new plugins.typedrequest.TypedResponseError('unauthorized');
|
|
41
|
+
}
|
|
42
|
+
registerHandlers() {
|
|
43
|
+
// Get current ACME config
|
|
44
|
+
this.typedrouter.addTypedHandler(new plugins.typedrequest.TypedHandler('getAcmeConfig', async (dataArg) => {
|
|
45
|
+
await this.requireAuth(dataArg, 'acme-config:read');
|
|
46
|
+
const mgr = this.opsServerRef.dcRouterRef.acmeConfigManager;
|
|
47
|
+
if (!mgr)
|
|
48
|
+
return { config: null };
|
|
49
|
+
return { config: mgr.getConfig() };
|
|
50
|
+
}));
|
|
51
|
+
// Update (upsert) the ACME config
|
|
52
|
+
this.typedrouter.addTypedHandler(new plugins.typedrequest.TypedHandler('updateAcmeConfig', async (dataArg) => {
|
|
53
|
+
const userId = await this.requireAuth(dataArg, 'acme-config:write');
|
|
54
|
+
const mgr = this.opsServerRef.dcRouterRef.acmeConfigManager;
|
|
55
|
+
if (!mgr) {
|
|
56
|
+
return {
|
|
57
|
+
success: false,
|
|
58
|
+
message: 'AcmeConfigManager not initialized (DB disabled?)',
|
|
59
|
+
};
|
|
60
|
+
}
|
|
61
|
+
try {
|
|
62
|
+
const updated = await mgr.updateConfig({
|
|
63
|
+
accountEmail: dataArg.accountEmail,
|
|
64
|
+
enabled: dataArg.enabled,
|
|
65
|
+
useProduction: dataArg.useProduction,
|
|
66
|
+
autoRenew: dataArg.autoRenew,
|
|
67
|
+
renewThresholdDays: dataArg.renewThresholdDays,
|
|
68
|
+
}, userId);
|
|
69
|
+
return { success: true, config: updated };
|
|
70
|
+
}
|
|
71
|
+
catch (err) {
|
|
72
|
+
return { success: false, message: err.message };
|
|
73
|
+
}
|
|
74
|
+
}));
|
|
75
|
+
}
|
|
76
|
+
}
|
|
77
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWNtZS1jb25maWcuaGFuZGxlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3RzL29wc3NlcnZlci9oYW5kbGVycy9hY21lLWNvbmZpZy5oYW5kbGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxPQUFPLE1BQU0sa0JBQWtCLENBQUM7QUFFNUMsT0FBTyxLQUFLLFVBQVUsTUFBTSxpQ0FBaUMsQ0FBQztBQUU5RDs7Ozs7R0FLRztBQUNILE1BQU0sT0FBTyxpQkFBaUI7SUFHUjtJQUZiLFdBQVcsR0FBRyxJQUFJLE9BQU8sQ0FBQyxZQUFZLENBQUMsV0FBVyxFQUFFLENBQUM7SUFFNUQsWUFBb0IsWUFBdUI7UUFBdkIsaUJBQVksR0FBWixZQUFZLENBQVc7UUFDekMsSUFBSSxDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUMvRCxJQUFJLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztJQUMxQixDQUFDO0lBRU8sS0FBSyxDQUFDLFdBQVcsQ0FDdkIsT0FBb0UsRUFDcEUsYUFBOEM7UUFFOUMsSUFBSSxPQUFPLENBQUMsUUFBUSxFQUFFLEdBQUcsRUFBRSxDQUFDO1lBQzFCLElBQUksQ0FBQztnQkFDSCxNQUFNLE9BQU8sR0FBRyxNQUFNLElBQUksQ0FBQyxZQUFZLENBQUMsWUFBWSxDQUFDLGtCQUFrQixDQUFDLElBQUksQ0FBQztvQkFDM0UsUUFBUSxFQUFFLE9BQU8sQ0FBQyxRQUFRO2lCQUMzQixDQUFDLENBQUM7Z0JBQ0gsSUFBSSxPQUFPO29CQUFFLE9BQU8sT0FBTyxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUM7WUFDOUMsQ0FBQztZQUFDLE1BQU0sQ0FBQyxDQUFDLGtCQUFrQixDQUFDLENBQUM7UUFDaEMsQ0FBQztRQUVELElBQUksT0FBTyxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ3JCLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsV0FBVyxDQUFDLGVBQWUsQ0FBQztZQUNuRSxJQUFJLFlBQVksRUFBRSxDQUFDO2dCQUNqQixNQUFNLEtBQUssR0FBRyxNQUFNLFlBQVksQ0FBQyxhQUFhLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUNqRSxJQUFJLEtBQUssRUFBRSxDQUFDO29CQUNWLElBQUksQ0FBQyxhQUFhLElBQUksWUFBWSxDQUFDLFFBQVEsQ0FBQyxLQUFLLEVBQUUsYUFBYSxDQUFDLEVBQUUsQ0FBQzt3QkFDbEUsT0FBTyxLQUFLLENBQUMsU0FBUyxDQUFDO29CQUN6QixDQUFDO29CQUNELE1BQU0sSUFBSSxPQUFPLENBQUMsWUFBWSxDQUFDLGtCQUFrQixDQUFDLG9CQUFvQixDQUFDLENBQUM7Z0JBQzFFLENBQUM7WUFDSCxDQUFDO1FBQ0gsQ0FBQztRQUVELE1BQU0sSUFBSSxPQUFPLENBQUMsWUFBWSxDQUFDLGtCQUFrQixDQUFDLGNBQWMsQ0FBQyxDQUFDO0lBQ3BFLENBQUM7SUFFTyxnQkFBZ0I7UUFDdEIsMEJBQTBCO1FBQzFCLElBQUksQ0FBQyxXQUFXLENBQUMsZUFBZSxDQUM5QixJQUFJLE9BQU8sQ0FBQyxZQUFZLENBQUMsWUFBWSxDQUNuQyxlQUFlLEVBQ2YsS0FBSyxFQUFFLE9BQU8sRUFBRSxFQUFFO1lBQ2hCLE1BQU0sSUFBSSxDQUFDLFdBQVcsQ0FBQyxPQUFPLEVBQUUsa0JBQWtCLENBQUMsQ0FBQztZQUNwRCxNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLFdBQVcsQ0FBQyxpQkFBaUIsQ0FBQztZQUM1RCxJQUFJLENBQUMsR0FBRztnQkFBRSxPQUFPLEVBQUUsTUFBTSxFQUFFLElBQUksRUFBRSxDQUFDO1lBQ2xDLE9BQU8sRUFBRSxNQUFNLEVBQUUsR0FBRyxDQUFDLFNBQVMsRUFBRSxFQUFFLENBQUM7UUFDckMsQ0FBQyxDQUNGLENBQ0YsQ0FBQztRQUVGLGtDQUFrQztRQUNsQyxJQUFJLENBQUMsV0FBVyxDQUFDLGVBQWUsQ0FDOUIsSUFBSSxPQUFPLENBQUMsWUFBWSxDQUFDLFlBQVksQ0FDbkMsa0JBQWtCLEVBQ2xCLEtBQUssRUFBRSxPQUFPLEVBQUUsRUFBRTtZQUNoQixNQUFNLE1BQU0sR0FBRyxNQUFNLElBQUksQ0FBQyxXQUFXLENBQUMsT0FBTyxFQUFFLG1CQUFtQixDQUFDLENBQUM7WUFDcEUsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUMsaUJBQWlCLENBQUM7WUFDNUQsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO2dCQUNULE9BQU87b0JBQ0wsT0FBTyxFQUFFLEtBQUs7b0JBQ2QsT0FBTyxFQUFFLGtEQUFrRDtpQkFDNUQsQ0FBQztZQUNKLENBQUM7WUFDRCxJQUFJLENBQUM7Z0JBQ0gsTUFBTSxPQUFPLEdBQUcsTUFBTSxHQUFHLENBQUMsWUFBWSxDQUNwQztvQkFDRSxZQUFZLEVBQUUsT0FBTyxDQUFDLFlBQVk7b0JBQ2xDLE9BQU8sRUFBRSxPQUFPLENBQUMsT0FBTztvQkFDeEIsYUFBYSxFQUFFLE9BQU8sQ0FBQyxhQUFhO29CQUNwQyxTQUFTLEVBQUUsT0FBTyxDQUFDLFNBQVM7b0JBQzVCLGtCQUFrQixFQUFFLE9BQU8sQ0FBQyxrQkFBa0I7aUJBQy9DLEVBQ0QsTUFBTSxDQUNQLENBQUM7Z0JBQ0YsT0FBTyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsTUFBTSxFQUFFLE9BQU8sRUFBRSxDQUFDO1lBQzVDLENBQUM7WUFBQyxPQUFPLEdBQVksRUFBRSxDQUFDO2dCQUN0QixPQUFPLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRSxPQUFPLEVBQUcsR0FBYSxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQzdELENBQUM7UUFDSCxDQUFDLENBQ0YsQ0FDRixDQUFDO0lBQ0osQ0FBQztDQUNGIn0=
|
|
@@ -17,4 +17,5 @@ export * from './users.handler.js';
|
|
|
17
17
|
export * from './dns-provider.handler.js';
|
|
18
18
|
export * from './domain.handler.js';
|
|
19
19
|
export * from './dns-record.handler.js';
|
|
20
|
-
|
|
20
|
+
export * from './acme-config.handler.js';
|
|
21
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90cy9vcHNzZXJ2ZXIvaGFuZGxlcnMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsY0FBYyxvQkFBb0IsQ0FBQztBQUNuQyxjQUFjLHFCQUFxQixDQUFDO0FBQ3BDLGNBQWMsbUJBQW1CLENBQUM7QUFDbEMsY0FBYyx1QkFBdUIsQ0FBQztBQUN0QyxjQUFjLG9CQUFvQixDQUFDO0FBQ25DLGNBQWMscUJBQXFCLENBQUM7QUFDcEMsY0FBYyx3QkFBd0IsQ0FBQztBQUN2QyxjQUFjLDBCQUEwQixDQUFDO0FBQ3pDLGNBQWMsNEJBQTRCLENBQUM7QUFDM0MsY0FBYywrQkFBK0IsQ0FBQztBQUM5QyxjQUFjLHdCQUF3QixDQUFDO0FBQ3ZDLGNBQWMsa0JBQWtCLENBQUM7QUFDakMsY0FBYyw2QkFBNkIsQ0FBQztBQUM1QyxjQUFjLDZCQUE2QixDQUFDO0FBQzVDLGNBQWMsNkJBQTZCLENBQUM7QUFDNUMsY0FBYyxvQkFBb0IsQ0FBQztBQUNuQyxjQUFjLDJCQUEyQixDQUFDO0FBQzFDLGNBQWMscUJBQXFCLENBQUM7QUFDcEMsY0FBYyx5QkFBeUIsQ0FBQztBQUN4QyxjQUFjLDBCQUEwQixDQUFDIn0=
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* ACME configuration for automated TLS certificate issuance via Let's Encrypt.
|
|
3
|
+
*
|
|
4
|
+
* Persisted as a singleton `AcmeConfigDoc` in the DcRouterDb. Replaces the
|
|
5
|
+
* legacy constructor fields `tls.contactEmail` / `smartProxyConfig.acme.*`
|
|
6
|
+
* which are now seed-only (used once on first boot if the DB is empty).
|
|
7
|
+
*
|
|
8
|
+
* Managed via the OpsServer UI at **Domains > Certificates > Settings**.
|
|
9
|
+
*/
|
|
10
|
+
export interface IAcmeConfig {
|
|
11
|
+
/** Contact email used for Let's Encrypt account registration. */
|
|
12
|
+
accountEmail: string;
|
|
13
|
+
/** Whether ACME is enabled. If false, no certs are issued via ACME. */
|
|
14
|
+
enabled: boolean;
|
|
15
|
+
/** True = Let's Encrypt production, false = staging. */
|
|
16
|
+
useProduction: boolean;
|
|
17
|
+
/** Whether to automatically renew certs before expiry. */
|
|
18
|
+
autoRenew: boolean;
|
|
19
|
+
/** Renew when a cert has fewer than this many days of validity left. */
|
|
20
|
+
renewThresholdDays: number;
|
|
21
|
+
/** Unix ms timestamp of last config change. */
|
|
22
|
+
updatedAt: number;
|
|
23
|
+
/** Who last updated the config (userId or 'seed' / 'system'). */
|
|
24
|
+
updatedBy: string;
|
|
25
|
+
}
|
|
@@ -7,4 +7,5 @@ export * from './vpn.js';
|
|
|
7
7
|
export * from './dns-provider.js';
|
|
8
8
|
export * from './domain.js';
|
|
9
9
|
export * from './dns-record.js';
|
|
10
|
-
|
|
10
|
+
export * from './acme-config.js';
|
|
11
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi90c19pbnRlcmZhY2VzL2RhdGEvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsY0FBYyxXQUFXLENBQUM7QUFDMUIsY0FBYyxZQUFZLENBQUM7QUFDM0IsY0FBYyxvQkFBb0IsQ0FBQztBQUNuQyxjQUFjLHVCQUF1QixDQUFDO0FBQ3RDLGNBQWMscUJBQXFCLENBQUM7QUFDcEMsY0FBYyxVQUFVLENBQUM7QUFDekIsY0FBYyxtQkFBbUIsQ0FBQztBQUNsQyxjQUFjLGFBQWEsQ0FBQztBQUM1QixjQUFjLGlCQUFpQixDQUFDO0FBQ2hDLGNBQWMsa0JBQWtCLENBQUMifQ==
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import type { IRouteConfig } from '@push.rocks/smartproxy';
|
|
2
2
|
import type { IDcRouterRouteConfig } from './remoteingress.js';
|
|
3
3
|
export type IRouteSecurity = NonNullable<IRouteConfig['security']>;
|
|
4
|
-
export type TApiTokenScope = 'routes:read' | 'routes:write' | 'config:read' | 'tokens:read' | 'tokens:manage' | 'source-profiles:read' | 'source-profiles:write' | 'target-profiles:read' | 'target-profiles:write' | 'targets:read' | 'targets:write' | 'dns-providers:read' | 'dns-providers:write' | 'domains:read' | 'domains:write' | 'dns-records:read' | 'dns-records:write';
|
|
4
|
+
export type TApiTokenScope = 'routes:read' | 'routes:write' | 'config:read' | 'tokens:read' | 'tokens:manage' | 'source-profiles:read' | 'source-profiles:write' | 'target-profiles:read' | 'target-profiles:write' | 'targets:read' | 'targets:write' | 'dns-providers:read' | 'dns-providers:write' | 'domains:read' | 'domains:write' | 'dns-records:read' | 'dns-records:write' | 'acme-config:read' | 'acme-config:write';
|
|
5
5
|
/**
|
|
6
6
|
* A reusable, named source profile that can be referenced by routes.
|
|
7
7
|
* Stores the full IRouteSecurity shape from SmartProxy.
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
import * as plugins from '../plugins.js';
|
|
2
|
+
import type * as authInterfaces from '../data/auth.js';
|
|
3
|
+
import type { IAcmeConfig } from '../data/acme-config.js';
|
|
4
|
+
/**
|
|
5
|
+
* Get the current ACME configuration. Returns null if no config has been
|
|
6
|
+
* set yet (neither from DB nor seeded from the constructor).
|
|
7
|
+
*/
|
|
8
|
+
export interface IReq_GetAcmeConfig extends plugins.typedrequestInterfaces.implementsTR<plugins.typedrequestInterfaces.ITypedRequest, IReq_GetAcmeConfig> {
|
|
9
|
+
method: 'getAcmeConfig';
|
|
10
|
+
request: {
|
|
11
|
+
identity?: authInterfaces.IIdentity;
|
|
12
|
+
apiToken?: string;
|
|
13
|
+
};
|
|
14
|
+
response: {
|
|
15
|
+
config: IAcmeConfig | null;
|
|
16
|
+
};
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Update the ACME configuration (upsert). All fields are required on first
|
|
20
|
+
* create, optional on subsequent updates (partial update).
|
|
21
|
+
*
|
|
22
|
+
* NOTE: Most fields take effect on the next dcrouter restart — SmartAcme is
|
|
23
|
+
* instantiated once at startup. `renewThresholdDays` applies immediately to
|
|
24
|
+
* the next renewal check.
|
|
25
|
+
*/
|
|
26
|
+
export interface IReq_UpdateAcmeConfig extends plugins.typedrequestInterfaces.implementsTR<plugins.typedrequestInterfaces.ITypedRequest, IReq_UpdateAcmeConfig> {
|
|
27
|
+
method: 'updateAcmeConfig';
|
|
28
|
+
request: {
|
|
29
|
+
identity?: authInterfaces.IIdentity;
|
|
30
|
+
apiToken?: string;
|
|
31
|
+
accountEmail?: string;
|
|
32
|
+
enabled?: boolean;
|
|
33
|
+
useProduction?: boolean;
|
|
34
|
+
autoRenew?: boolean;
|
|
35
|
+
renewThresholdDays?: number;
|
|
36
|
+
};
|
|
37
|
+
response: {
|
|
38
|
+
success: boolean;
|
|
39
|
+
config?: IAcmeConfig;
|
|
40
|
+
message?: string;
|
|
41
|
+
};
|
|
42
|
+
}
|
|
@@ -0,0 +1,2 @@
|
|
|
1
|
+
import * as plugins from '../plugins.js';
|
|
2
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYWNtZS1jb25maWcuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi90c19pbnRlcmZhY2VzL3JlcXVlc3RzL2FjbWUtY29uZmlnLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxPQUFPLE1BQU0sZUFBZSxDQUFDIn0=
|
|
@@ -17,4 +17,5 @@ export * from './users.js';
|
|
|
17
17
|
export * from './dns-providers.js';
|
|
18
18
|
export * from './domains.js';
|
|
19
19
|
export * from './dns-records.js';
|
|
20
|
-
|
|
20
|
+
export * from './acme-config.js';
|
|
21
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi90c19pbnRlcmZhY2VzL3JlcXVlc3RzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLGNBQWMsWUFBWSxDQUFDO0FBQzNCLGNBQWMsYUFBYSxDQUFDO0FBQzVCLGNBQWMsV0FBVyxDQUFDO0FBQzFCLGNBQWMsWUFBWSxDQUFDO0FBQzNCLGNBQWMscUJBQXFCLENBQUM7QUFDcEMsY0FBYyxhQUFhLENBQUM7QUFDNUIsY0FBYyxnQkFBZ0IsQ0FBQztBQUMvQixjQUFjLGtCQUFrQixDQUFDO0FBQ2pDLGNBQWMsb0JBQW9CLENBQUM7QUFDbkMsY0FBYyx1QkFBdUIsQ0FBQztBQUN0QyxjQUFjLGlCQUFpQixDQUFDO0FBQ2hDLGNBQWMsVUFBVSxDQUFDO0FBQ3pCLGNBQWMsc0JBQXNCLENBQUM7QUFDckMsY0FBYyxzQkFBc0IsQ0FBQztBQUNyQyxjQUFjLHNCQUFzQixDQUFDO0FBQ3JDLGNBQWMsWUFBWSxDQUFDO0FBQzNCLGNBQWMsb0JBQW9CLENBQUM7QUFDbkMsY0FBYyxjQUFjLENBQUM7QUFDN0IsY0FBYyxrQkFBa0IsQ0FBQztBQUNqQyxjQUFjLGtCQUFrQixDQUFDIn0=
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
*/
|
|
4
4
|
export const commitinfo = {
|
|
5
5
|
name: '@serve.zone/dcrouter',
|
|
6
|
-
version: '13.
|
|
6
|
+
version: '13.8.0',
|
|
7
7
|
description: 'A multifaceted routing service handling mail and SMS delivery functions.'
|
|
8
8
|
};
|
|
9
9
|
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiMDBfY29tbWl0aW5mb19kYXRhLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vdHNfd2ViLzAwX2NvbW1pdGluZm9fZGF0YS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7R0FFRztBQUNILE1BQU0sQ0FBQyxNQUFNLFVBQVUsR0FBRztJQUN4QixJQUFJLEVBQUUsc0JBQXNCO0lBQzVCLE9BQU8sRUFBRSxRQUFRO0lBQ2pCLFdBQVcsRUFBRSwwRUFBMEU7Q0FDeEYsQ0FBQSJ9
|
|
@@ -101,6 +101,13 @@ export declare const logStatePart: plugins.deesElement.domtools.plugins.smartsta
|
|
|
101
101
|
export declare const networkStatePart: plugins.deesElement.domtools.plugins.smartstate.StatePart<string, INetworkState>;
|
|
102
102
|
export declare const emailOpsStatePart: plugins.deesElement.domtools.plugins.smartstate.StatePart<string, IEmailOpsState>;
|
|
103
103
|
export declare const certificateStatePart: plugins.deesElement.domtools.plugins.smartstate.StatePart<string, ICertificateState>;
|
|
104
|
+
export interface IAcmeConfigState {
|
|
105
|
+
config: interfaces.data.IAcmeConfig | null;
|
|
106
|
+
isLoading: boolean;
|
|
107
|
+
error: string | null;
|
|
108
|
+
lastUpdated: number;
|
|
109
|
+
}
|
|
110
|
+
export declare const acmeConfigStatePart: plugins.deesElement.domtools.plugins.smartstate.StatePart<string, IAcmeConfigState>;
|
|
104
111
|
export interface IRemoteIngressState {
|
|
105
112
|
edges: interfaces.data.IRemoteIngress[];
|
|
106
113
|
statuses: interfaces.data.IRemoteIngressStatus[];
|
|
@@ -392,6 +399,14 @@ export declare const deleteDnsRecordAction: plugins.deesElement.domtools.plugins
|
|
|
392
399
|
id: string;
|
|
393
400
|
domainId: string;
|
|
394
401
|
}>;
|
|
402
|
+
export declare const fetchAcmeConfigAction: plugins.deesElement.domtools.plugins.smartstate.StateAction<IAcmeConfigState, unknown>;
|
|
403
|
+
export declare const updateAcmeConfigAction: plugins.deesElement.domtools.plugins.smartstate.StateAction<IAcmeConfigState, {
|
|
404
|
+
accountEmail?: string;
|
|
405
|
+
enabled?: boolean;
|
|
406
|
+
useProduction?: boolean;
|
|
407
|
+
autoRenew?: boolean;
|
|
408
|
+
renewThresholdDays?: number;
|
|
409
|
+
}>;
|
|
395
410
|
export declare const fetchMergedRoutesAction: plugins.deesElement.domtools.plugins.smartstate.StateAction<IRouteManagementState, unknown>;
|
|
396
411
|
export declare const createRouteAction: plugins.deesElement.domtools.plugins.smartstate.StateAction<IRouteManagementState, {
|
|
397
412
|
route: any;
|