homebridge-config-ui-x 5.9.1-beta.9 → 5.10.0

package/dist/modules/server/server.service.js

@@ -12,13 +12,11 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
 };
 import { Buffer } from 'node:buffer';
 import { exec, spawn } from 'node:child_process';
-import { createPrivateKey, createPublicKey, X509Certificate } from 'node:crypto';
 import { createWriteStream } from 'node:fs';
 import { readdir, unlink } from 'node:fs/promises';
 import { extname, join, resolve } from 'node:path';
 import process from 'node:process';
 import { pipeline } from 'node:stream';
-import { createSecureContext } from 'node:tls';
 import { promisify } from 'node:util';
 import { Categories } from '@homebridge/hap-client/dist/hap-types.js';
 import { BadRequestException, Inject, Injectable, InternalServerErrorException, NotFoundException, ServiceUnavailableException, } from '@nestjs/common';
@@ -29,7 +27,6 @@ import { check as tcpCheck } from 'tcp-port-used';
 import { ConfigService } from '../../core/config/config.service.js';
 import { HomebridgeIpcService } from '../../core/homebridge-ipc/homebridge-ipc.service.js';
 import { Logger } from '../../core/logger/logger.service.js';
-import { SslCertGeneratorService } from '../../core/ssl/ssl-cert-generator.service.js';
 import { AccessoriesService } from '../accessories/accessories.service.js';
 import { ConfigEditorService } from '../config-editor/config-editor.service.js';
 const pump = promisify(pipeline);
@@ -53,44 +50,42 @@ let ServerService = class ServerService {
         this.accessoryId = this.configService.homebridgeConfig.bridge.username.split(':').join('');
         this.accessoryInfoPath = join(this.configService.storagePath, 'persist', `AccessoryInfo.${this.accessoryId}.json`);
     }
-    async deleteSingleDeviceAccessories(id, cachedAccessoriesDir, protocol = 'both') {
-        if (protocol === 'hap' || protocol === 'both') {
-            const cachedAccessories = join(cachedAccessoriesDir, `cachedAccessories.${id}`);
-            const cachedAccessoriesBackup = join(cachedAccessoriesDir, `.cachedAccessories.${id}.bak`);
-            if (await pathExists(cachedAccessories)) {
-                await unlink(cachedAccessories);
-                this.logger.warn(`Bridge ${id} HAP accessory removal: removed ${cachedAccessories}.`);
-            }
-            if (await pathExists(cachedAccessoriesBackup)) {
-                await unlink(cachedAccessoriesBackup);
-                this.logger.warn(`Bridge ${id} HAP accessory removal: removed ${cachedAccessoriesBackup}.`);
-            }
+    async deleteSingleDeviceAccessories(id, cachedAccessoriesDir) {
+        const cachedAccessories = join(cachedAccessoriesDir, `cachedAccessories.${id}`);
+        const cachedAccessoriesBackup = join(cachedAccessoriesDir, `.cachedAccessories.${id}.bak`);
+        if (await pathExists(cachedAccessories)) {
+            await unlink(cachedAccessories);
+            this.logger.warn(`Bridge ${id} accessory removal: removed ${cachedAccessories}.`);
         }
-        if (protocol === 'matter' || protocol === 'both') {
-            const deviceId = id.split(':').join('').toUpperCase();
-            const matterPath = join(this.configService.storagePath, 'matter', deviceId);
-            if (await pathExists(matterPath)) {
-                await remove(matterPath);
-                this.logger.warn(`Bridge ${id} Matter accessory removal: removed Matter bridge storage at ${matterPath}.`);
-            }
+        if (await pathExists(cachedAccessoriesBackup)) {
+            await unlink(cachedAccessoriesBackup);
+            this.logger.warn(`Bridge ${id} accessory removal: removed ${cachedAccessoriesBackup}.`);
         }
     }
     async deleteSingleDevicePairing(id, resetPairingInfo) {
         const persistPath = join(this.configService.storagePath, 'persist');
         const accessoryInfo = join(persistPath, `AccessoryInfo.${id}.json`);
         const identifierCache = join(persistPath, `IdentifierCache.${id}.json`);
-        const deviceId = id.includes(':') ? id.split(':').join('').toUpperCase() : id.toUpperCase();
-        const matterPath = join(this.configService.storagePath, 'matter', deviceId);
         try {
             const configFile = await this.configEditorService.getConfigFile();
-            const username = id.includes(':') ? id.toUpperCase() : id.match(/.{1,2}/g)?.join(':').toUpperCase() || id.toUpperCase();
+            const username = id.match(/.{1,2}/g).join(':').toUpperCase();
             const uiConfig = configFile.platforms.find(x => x.platform === 'config');
             let blacklistChanged = false;
+            let bridgesChanged = false;
             if (uiConfig.accessoryControl?.instanceBlacklist?.includes(username)) {
                 blacklistChanged = true;
                 uiConfig.accessoryControl.instanceBlacklist = uiConfig.accessoryControl.instanceBlacklist
                     .filter((x) => x.toUpperCase() !== username);
             }
+            let oldBridgeConfig;
+            if (uiConfig.bridges && Array.isArray(uiConfig.bridges)) {
+                const bridgeIndex = uiConfig.bridges.findIndex(x => x.username?.toUpperCase() === username);
+                if (bridgeIndex > -1) {
+                    bridgesChanged = true;
+                    oldBridgeConfig = uiConfig.bridges[bridgeIndex];
+                    uiConfig.bridges.splice(bridgeIndex, 1);
+                }
+            }
             if (resetPairingInfo) {
                 const pluginBlocks = [
                     ...(configFile.accessories || []),
@@ -108,7 +103,13 @@ let ServerService = class ServerService {
                     });
                     if (blacklistChanged) {
                         uiConfig.accessoryControl.instanceBlacklist = uiConfig.accessoryControl.instanceBlacklist
-                            .concat(pluginBlock._bridge.username.toUpperCase());
+                            .concat(pluginBlock._bridge.username);
+                    }
+                    if (bridgesChanged) {
+                        uiConfig.bridges.push({
+                            ...oldBridgeConfig,
+                            username: pluginBlock._bridge.username,
+                        });
                     }
                     this.logger.warn(`Bridge ${id} reset: new username: ${pluginBlock._bridge.username} and new pin: ${pluginBlock._bridge.pin}.`);
                 }
@@ -133,10 +134,6 @@ let ServerService = class ServerService {
             await unlink(identifierCache);
             this.logger.warn(`Bridge ${id} reset: removed ${identifierCache}.`);
         }
-        if (await pathExists(matterPath)) {
-            await remove(matterPath);
-            this.logger.warn(`Bridge ${id} reset: removed Matter bridge storage at ${matterPath}.`);
-        }
         await this.deleteDeviceAccessories(id);
     }
     async restartServer() {
@@ -180,12 +177,6 @@ let ServerService = class ServerService {
         await this.configEditorService.updateConfigFile(configFile);
         await remove(resolve(this.configService.storagePath, 'accessories'));
         await remove(resolve(this.configService.storagePath, 'persist'));
-        const deviceId = oldUsername.split(':').join('').toUpperCase();
-        const matterPath = join(this.configService.storagePath, 'matter', deviceId);
-        if (await pathExists(matterPath)) {
-            await remove(matterPath);
-            this.logger.warn(`Bridge ${oldUsername} reset: removed Matter bridge storage at ${matterPath}.`);
-        }
         this.logger.log('Homebridge bridge reset: accessories and persist directories were removed.');
     }
     async getDevicePairings() {
@@ -193,68 +184,9 @@ let ServerService = class ServerService {
         const devices = (await readdir(persistPath))
             .filter(x => x.match(/AccessoryInfo\.([A-Fa-f0-9]+)\.json$/));
         const configFile = await this.configEditorService.getConfigFile();
-        const hapDevices = await Promise.all(devices.map(async (x) => {
+        return Promise.all(devices.map(async (x) => {
             return await this.getDevicePairingById(x.split('.')[1], configFile);
         }));
-        const matterExternalDevices = await this.getMatterExternalAccessories(hapDevices);
-        return [...hapDevices, ...matterExternalDevices].sort((a, b) => a.name.localeCompare(b.name));
-    }
-    async getMatterExternalAccessories(hapDevices) {
-        const matterPath = join(this.configService.storagePath, 'matter');
-        if (!await pathExists(matterPath)) {
-            return [];
-        }
-        const matterDirs = (await readdir(matterPath))
-            .filter(x => x.match(/^[A-F0-9]{12}$/));
-        const matterExternalDevices = [];
-        for (const deviceId of matterDirs) {
-            try {
-                const hasHapAccessoryInfo = hapDevices.some(d => d._id === deviceId);
-                if (hasHapAccessoryInfo) {
-                    continue;
-                }
-                const mainBridgeId = this.configService.homebridgeConfig.bridge.username.split(':').join('').toUpperCase();
-                if (deviceId.toUpperCase() === mainBridgeId) {
-                    continue;
-                }
-                const accessoriesPath = join(matterPath, deviceId, 'accessories.json');
-                if (!await pathExists(accessoriesPath)) {
-                    continue;
-                }
-                const accessories = await readJson(accessoriesPath);
-                if (!Array.isArray(accessories) || accessories.length === 0) {
-                    continue;
-                }
-                const accessory = accessories[0];
-                const commissioningPath = join(matterPath, deviceId, 'commissioning.json');
-                let commissioned = false;
-                if (await pathExists(commissioningPath)) {
-                    const commissioningInfo = await readJson(commissioningPath);
-                    commissioned = commissioningInfo.commissioned || false;
-                }
-                const device = {
-                    _id: deviceId,
-                    _username: deviceId.match(/.{1,2}/g)?.join(':').toUpperCase() || deviceId,
-                    _main: false,
-                    _category: 'other',
-                    _matter: true,
-                    _matterOnly: true,
-                    _isPaired: commissioned,
-                    _plugin: accessory.plugin,
-                    name: accessory.displayName || 'Matter External Accessory',
-                    displayName: accessory.displayName || 'Matter External Accessory',
-                    manufacturer: accessory.manufacturer || 'Unknown',
-                    model: accessory.model || 'Unknown',
-                    serialNumber: accessory.serialNumber || deviceId,
-                    category: 1,
-                };
-                matterExternalDevices.push(device);
-            }
-            catch (e) {
-                this.logger.error(`Failed to read Matter external accessory ${deviceId}: ${e.message}`);
-            }
-        }
-        return matterExternalDevices;
     }
     async getDevicePairingById(deviceId, configFile = null) {
         const persistPath = join(this.configService.storagePath, 'persist');
@@ -287,10 +219,6 @@ let ServerService = class ServerService {
         device._isPaired = device.pairedClients && Object.keys(device.pairedClients).length > 0;
         device._setupCode = this.generateSetupCode(device);
         device._couldBeStale = !device._main && device._category === 'bridge' && !pluginBlock;
-        device._matter = !!(pluginBlock?._bridge?.matter);
-        if (device._matter && pluginBlock && 'accessory' in pluginBlock) {
-            this.logger.warn(`Device ${deviceId} has Matter configuration on an accessory-based plugin. Matter is only supported for platform-based plugins.`);
-        }
         delete device.signSk;
         delete device.signPk;
         delete device.configHash;
@@ -304,44 +232,6 @@ let ServerService = class ServerService {
         await this.deleteSingleDevicePairing(id, resetPairingInfo);
         return { ok: true };
     }
-    async deleteDeviceMatterConfig(id) {
-        try {
-            const configFile = await this.configEditorService.getConfigFile();
-            const username = id.includes(':') ? id.toUpperCase() : id.match(/.{1,2}/g)?.join(':').toUpperCase() || id.toUpperCase();
-            const pluginBlocks = [
-                ...(configFile.accessories || []),
-                ...(configFile.platforms || []),
-            ]
-                .filter((block) => block._bridge?.username?.toUpperCase() === username.toUpperCase());
-            const pluginBlock = pluginBlocks.find((block) => block._bridge?.matter);
-            if (!pluginBlock) {
-                this.logger.error(`Failed to find Matter configuration for child bridge ${id}.`);
-                throw new NotFoundException(`Matter configuration not found for bridge ${id}`);
-            }
-            if ('accessory' in pluginBlock) {
-                this.logger.warn(`Removing Matter configuration from accessory-based plugin block for bridge ${id}. Matter is only supported for platform-based plugins.`);
-            }
-            delete pluginBlock._bridge.matter;
-            this.logger.warn(`Bridge ${id} Matter configuration removed from config.json.`);
-            await this.configEditorService.updateConfigFile(configFile);
-        }
-        catch (e) {
-            if (e instanceof NotFoundException) {
-                throw e;
-            }
-            this.logger.error(`Failed to remove Matter configuration for child bridge ${id} as ${e.message}.`);
-            throw new InternalServerErrorException(`Failed to remove Matter configuration: ${e.message}`);
-        }
-        this.logger.warn(`Shutting down Homebridge before removing Matter storage for bridge ${id}...`);
-        await this.homebridgeIpcService.restartAndWaitForClose();
-        const deviceId = id.includes(':') ? id.split(':').join('').toUpperCase() : id.toUpperCase();
-        const matterPath = join(this.configService.storagePath, 'matter', deviceId);
-        if (await pathExists(matterPath)) {
-            await remove(matterPath);
-            this.logger.warn(`Bridge ${id} Matter storage removed at ${matterPath}.`);
-        }
-        return { ok: true };
-    }
     async deleteDevicesPairing(bridges) {
         this.logger.warn(`Shutting down Homebridge before resetting paired bridges ${bridges.map(x => x.id).join(', ')}...`);
         await this.homebridgeIpcService.restartAndWaitForClose();
@@ -365,9 +255,9 @@ let ServerService = class ServerService {
         this.logger.warn(`Shutting down Homebridge before removing accessories for paired bridges ${bridges.map(x => x.id).join(', ')}...`);
         await this.homebridgeIpcService.restartAndWaitForClose();
         const cachedAccessoriesDir = join(this.configService.storagePath, 'accessories');
-        for (const { id, protocol } of bridges) {
+        for (const { id } of bridges) {
             try {
-                await this.deleteSingleDeviceAccessories(id, cachedAccessoriesDir, protocol || 'both');
+                await this.deleteSingleDeviceAccessories(id, cachedAccessoriesDir);
             }
             catch (e) {
                 this.logger.error(`Failed to remove accessories for bridge ${id} as ${e.message}.`);
@@ -448,19 +338,13 @@ let ServerService = class ServerService {
         await this.homebridgeIpcService.restartAndWaitForClose();
         this.logger.warn('Shutting down Homebridge before removing cached accessories');
         try {
-            this.logger.log('Clearing all HAP cached accessories...');
+            this.logger.log('Clearing all cached accessories...');
             for (const thisCachedAccessoriesPath of cachedAccessoryPaths) {
                 if (await pathExists(thisCachedAccessoriesPath)) {
                     await unlink(thisCachedAccessoriesPath);
                     this.logger.warn(`Removed ${thisCachedAccessoriesPath}.`);
                 }
             }
-            const matterDir = join(this.configService.storagePath, 'matter');
-            if (await pathExists(matterDir)) {
-                this.logger.log('Clearing all Matter cached accessories...');
-                await remove(matterDir);
-                this.logger.warn(`Removed Matter storage directory at ${matterDir}.`);
-            }
         }
         catch (e) {
             this.logger.error(`Failed to clear all cached accessories at ${cachedAccessoriesPath} as ${e.message}.`);
@@ -469,96 +353,6 @@ let ServerService = class ServerService {
         }
         return { ok: true };
     }
-    async getMatterAccessories() {
-        const matterDir = join(this.configService.storagePath, 'matter');
-        if (!await pathExists(matterDir)) {
-            return [];
-        }
-        const matterBridges = (await readdir(matterDir))
-            .filter(x => x.match(/^[A-F0-9]+$/));
-        const matterAccessories = [];
-        await Promise.all(matterBridges.map(async (deviceId) => {
-            try {
-                const accessoriesPath = join(matterDir, deviceId, 'accessories.json');
-                if (await pathExists(accessoriesPath)) {
-                    const accessories = await readJson(accessoriesPath);
-                    if (Array.isArray(accessories)) {
-                        for (const accessory of accessories) {
-                            accessory.$deviceId = deviceId;
-                            accessory.$protocol = 'matter';
-                            matterAccessories.push(accessory);
-                        }
-                    }
-                }
-            }
-            catch (e) {
-                this.logger.error(`Failed to read Matter accessories for bridge ${deviceId}: ${e.message}`);
-            }
-        }));
-        return matterAccessories;
-    }
-    async deleteMatterAccessory(deviceId, uuid) {
-        const matterAccessoriesPath = join(this.configService.storagePath, 'matter', deviceId, 'accessories.json');
-        if (!await pathExists(matterAccessoriesPath)) {
-            this.logger.error(`Matter accessories file not found for bridge ${deviceId}`);
-            throw new NotFoundException();
-        }
-        this.logger.warn(`Shutting down Homebridge before removing Matter accessory ${uuid} from bridge ${deviceId}...`);
-        await this.homebridgeIpcService.restartAndWaitForClose();
-        const matterAccessories = await readJson(matterAccessoriesPath);
-        const accessoryIndex = matterAccessories.findIndex(x => x.uuid === uuid);
-        if (accessoryIndex > -1) {
-            matterAccessories.splice(accessoryIndex, 1);
-            await writeJson(matterAccessoriesPath, matterAccessories, { spaces: 2 });
-            this.logger.warn(`Removed Matter accessory with UUID ${uuid} from bridge ${deviceId}.`);
-        }
-        else {
-            this.logger.error(`Cannot find Matter accessory with UUID ${uuid} in bridge ${deviceId}.`);
-            throw new NotFoundException();
-        }
-        return { ok: true };
-    }
-    async deleteMatterAccessories(accessories) {
-        this.logger.warn(`Shutting down Homebridge before removing Matter accessories ${accessories.map(x => x.uuid).join(', ')}.`);
-        await this.homebridgeIpcService.restartAndWaitForClose();
-        const accessoriesByBridge = new Map();
-        for (const { deviceId, uuid } of accessories) {
-            if (!accessoriesByBridge.has(deviceId)) {
-                accessoriesByBridge.set(deviceId, []);
-            }
-            accessoriesByBridge.get(deviceId).push({ uuid });
-        }
-        for (const [deviceId, bridgeAccessories] of accessoriesByBridge.entries()) {
-            const matterAccessoriesPath = join(this.configService.storagePath, 'matter', deviceId, 'accessories.json');
-            try {
-                if (!await pathExists(matterAccessoriesPath)) {
-                    this.logger.error(`Matter accessories file not found for bridge ${deviceId}`);
-                    continue;
-                }
-                const matterAccessories = await readJson(matterAccessoriesPath);
-                for (const { uuid } of bridgeAccessories) {
-                    try {
-                        const accessoryIndex = matterAccessories.findIndex(x => x.uuid === uuid);
-                        if (accessoryIndex > -1) {
-                            matterAccessories.splice(accessoryIndex, 1);
-                            this.logger.warn(`Removed Matter accessory with UUID ${uuid} from bridge ${deviceId}.`);
-                        }
-                        else {
-                            this.logger.error(`Cannot find Matter accessory with UUID ${uuid} in bridge ${deviceId}.`);
-                        }
-                    }
-                    catch (e) {
-                        this.logger.error(`Failed to remove Matter accessory with UUID ${uuid} from bridge ${deviceId} as ${e.message}.`);
-                    }
-                }
-                await writeJson(matterAccessoriesPath, matterAccessories, { spaces: 2 });
-            }
-            catch (e) {
-                this.logger.error(`Failed to process Matter accessories for bridge ${deviceId} as ${e.message}.`);
-            }
-        }
-        return { ok: true };
-    }
     async getSetupCode() {
         if (this.setupCode) {
             return this.setupCode;
@@ -663,30 +457,6 @@ let ServerService = class ServerService {
         }
         return { port };
     }
-    async lookupUnusedMatterPort() {
-        const min = 5530;
-        const max = 5541;
-        const config = await this.configEditorService.getConfigFile();
-        const usedMatterPorts = new Set();
-        if (config.bridge?.matter?.port) {
-            usedMatterPorts.add(config.bridge.matter.port);
-        }
-        for (const block of [...(config.accessories || []), ...(config.platforms || [])]) {
-            if (block._bridge?.matter?.port) {
-                if ('accessory' in block) {
-                    this.logger.warn(`Found Matter configuration on accessory-based plugin block, skipping port ${block._bridge.matter.port}`);
-                    continue;
-                }
-                usedMatterPorts.add(block._bridge.matter.port);
-            }
-        }
-        for (let port = min; port <= max; port += 1) {
-            if (!usedMatterPorts.has(port) && !await tcpCheck(port)) {
-                return { port };
-            }
-        }
-        throw new InternalServerErrorException('No available ports in the Matter port range (5530-5541)');
-    }
     async getHomebridgePort() {
         const config = await this.configEditorService.getConfigFile();
         return { port: config.bridge.port };
@@ -819,248 +589,6 @@ let ServerService = class ServerService {
             });
         });
     }
-    async uploadSslKeyCert(req) {
-        const parts = req.parts ? req.parts() : null;
-        const files = [];
-        if (parts) {
-            for await (const part of parts) {
-                if (part.file) {
-                    files.push(part);
-                }
-            }
-        }
-        else {
-            const single = await req.file();
-            if (single?.file) {
-                files.push(single);
-            }
-        }
-        if (!files.length) {
-            throw new BadRequestException('No files uploaded. Please upload both the private key and certificate files.');
-        }
-        const readStreamToBuffer = async (stream) => {
-            const chunks = [];
-            await new Promise((resolvePromise, rejectPromise) => {
-                stream.on('data', (d) => chunks.push(Buffer.isBuffer(d) ? d : Buffer.from(d)));
-                stream.on('end', () => resolvePromise());
-                stream.on('error', rejectPromise);
-            });
-            return Buffer.concat(chunks);
-        };
-        let keyPem = null;
-        let certPem = null;
-        for (const f of files) {
-            if (f.file?.truncated) {
-                throw new InternalServerErrorException(`Upload exceeds maximum size ${globalThis.backup.maxBackupSizeText}.`);
-            }
-            const buf = await readStreamToBuffer(f.file);
-            const text = buf.toString('utf8');
-            if (/-----BEGIN (?:RSA |EC )?PRIVATE KEY-----/.test(text)) {
-                keyPem = buf;
-            }
-            else if (/-----BEGIN CERTIFICATE-----/.test(text)) {
-                certPem = buf;
-            }
-            else if (f.fieldname === 'key') {
-                keyPem = buf;
-            }
-            else if (f.fieldname === 'cert') {
-                certPem = buf;
-            }
-        }
-        if (!keyPem || !certPem) {
-            throw new BadRequestException('Both a PEM private key and certificate must be provided.');
-        }
-        try {
-            const x509 = new X509Certificate(certPem);
-            const certPub = x509.publicKey.export({ type: 'spki', format: 'der' });
-            const priv = createPrivateKey({ key: keyPem });
-            const pubFromPriv = createPublicKey(priv).export({ type: 'spki', format: 'der' });
-            if (!certPub.equals(pubFromPriv)) {
-                throw new BadRequestException('The private key does not match the certificate public key.');
-            }
-            createSecureContext({ key: keyPem, cert: certPem });
-        }
-        catch (e) {
-            if (e instanceof BadRequestException) {
-                throw e;
-            }
-            throw new BadRequestException(`Invalid key/certificate: ${e?.message || e}`);
-        }
-        const sslDir = join(this.configService.storagePath, 'ssl-certs');
-        const keyPath = join(sslDir, 'ui-ssl.key');
-        const certPath = join(sslDir, 'ui-ssl.crt');
-        const { ensureDir, writeFile } = await import('fs-extra');
-        await ensureDir(sslDir);
-        await writeFile(keyPath, keyPem);
-        await writeFile(certPath, certPem);
-        const configFile = await this.configEditorService.getConfigFile();
-        const uiConfigBlock = configFile.platforms.find((x) => x.platform === 'config');
-        if (!uiConfigBlock) {
-            throw new InternalServerErrorException('Config platform block not found.');
-        }
-        if (!uiConfigBlock.ssl) {
-            uiConfigBlock.ssl = {};
-        }
-        uiConfigBlock.ssl.key = keyPath;
-        uiConfigBlock.ssl.cert = certPath;
-        delete uiConfigBlock.ssl.pfx;
-        delete uiConfigBlock.ssl.passphrase;
-        uiConfigBlock.ssl.selfSigned = false;
-        await this.configEditorService.updateConfigFile(configFile);
-        return {
-            ok: true,
-            type: 'keycert',
-            keyPath,
-            certPath,
-            details: 'Certificate and key validated and saved.',
-        };
-    }
-    async uploadSslPfx(req) {
-        let passphrase;
-        let filePart;
-        if (req.parts) {
-            for await (const part of req.parts()) {
-                if (part.type === 'file' || part.file) {
-                    filePart = part;
-                }
-                else if (part.type === 'field' || part.value) {
-                    if (part.fieldname === 'passphrase') {
-                        passphrase = part.value;
-                    }
-                }
-            }
-        }
-        else {
-            filePart = await req.file();
-            passphrase = req.body?.passphrase;
-        }
-        if (!filePart) {
-            throw new BadRequestException('No PFX file uploaded.');
-        }
-        if (filePart.file?.truncated) {
-            throw new InternalServerErrorException(`Upload exceeds maximum size ${globalThis.backup.maxBackupSizeText}.`);
-        }
-        const readStreamToBuffer = async (stream) => {
-            const chunks = [];
-            await new Promise((resolvePromise, rejectPromise) => {
-                stream.on('data', (d) => chunks.push(Buffer.isBuffer(d) ? d : Buffer.from(d)));
-                stream.on('end', () => resolvePromise());
-                stream.on('error', rejectPromise);
-            });
-            return Buffer.concat(chunks);
-        };
-        const pfxBuffer = await readStreamToBuffer(filePart.file);
-        try {
-            createSecureContext({ pfx: pfxBuffer, passphrase });
-        }
-        catch (e) {
-            throw new BadRequestException(`Invalid PFX or passphrase: ${e?.message || e}`);
-        }
-        const sslDir = join(this.configService.storagePath, 'ssl-certs');
-        const pfxPath = join(sslDir, 'ui-ssl.pfx');
-        const { ensureDir, writeFile } = await import('fs-extra');
-        await ensureDir(sslDir);
-        await writeFile(pfxPath, pfxBuffer);
-        const configFile = await this.configEditorService.getConfigFile();
-        const uiConfigBlock = configFile.platforms.find((x) => x.platform === 'config');
-        if (!uiConfigBlock) {
-            throw new InternalServerErrorException('Config platform block not found.');
-        }
-        if (!uiConfigBlock.ssl) {
-            uiConfigBlock.ssl = {};
-        }
-        uiConfigBlock.ssl.pfx = pfxPath;
-        uiConfigBlock.ssl.passphrase = passphrase || '';
-        delete uiConfigBlock.ssl.key;
-        delete uiConfigBlock.ssl.cert;
-        uiConfigBlock.ssl.selfSigned = false;
-        await this.configEditorService.updateConfigFile(configFile);
-        return {
-            ok: true,
-            type: 'pfx',
-            pfxPath,
-            details: 'PFX validated and saved.',
-        };
-    }
-    async validateCurrentSslConfig() {
-        const configFile = await this.configEditorService.getConfigFile();
-        const uiConfigBlock = configFile.platforms.find((x) => x.platform === 'config');
-        const ssl = uiConfigBlock?.ssl || {};
-        if (!ssl || (!ssl.selfSigned && !ssl.key && !ssl.cert && !ssl.pfx)) {
-            return { ok: true, valid: true, type: 'off', details: 'HTTPS is disabled.' };
-        }
-        if (ssl.selfSigned) {
-            return { ok: true, valid: true, type: 'selfsigned', details: 'Self-signed mode enabled.' };
-        }
-        try {
-            if (ssl.key && ssl.cert) {
-                const { readFile } = await import('fs-extra');
-                const keyPem = await readFile(ssl.key);
-                const certPem = await readFile(ssl.cert);
-                const x509 = new X509Certificate(certPem);
-                const certPub = x509.publicKey.export({ type: 'spki', format: 'der' });
-                const priv = createPrivateKey({ key: keyPem });
-                const pubFromPriv = createPublicKey(priv).export({ type: 'spki', format: 'der' });
-                if (!certPub.equals(pubFromPriv)) {
-                    return { ok: true, valid: false, type: 'keycert', details: 'Private key does not match certificate.' };
-                }
-                createSecureContext({ key: keyPem, cert: certPem });
-                return { ok: true, valid: true, type: 'keycert', details: 'Key and certificate are valid and match.' };
-            }
-            if (ssl.pfx) {
-                const { readFile } = await import('fs-extra');
-                const pfx = await readFile(ssl.pfx);
-                createSecureContext({ pfx, passphrase: ssl.passphrase });
-                return { ok: true, valid: true, type: 'pfx', details: 'PFX file and passphrase are valid.' };
-            }
-        }
-        catch (e) {
-            return { ok: true, valid: false, type: ssl.pfx ? 'pfx' : 'keycert', details: e?.message || String(e) };
-        }
-        return { ok: true, valid: false, type: 'off', details: 'No SSL configuration found.' };
-    }
-    async generateSelfSignedCertificate(options = {}) {
-        const hostnames = Array.isArray(options.hostnames) && options.hostnames.length
-            ? options.hostnames.map(h => String(h).trim()).filter(Boolean)
-            : ['localhost', '127.0.0.1'];
-        const mode = options.mode || 'keycert';
-        const generator = new SslCertGeneratorService();
-        await generator.generateCertificate(hostnames);
-        const sslDir = join(this.configService.storagePath, 'ssl-certs');
-        const keyPath = join(sslDir, 'private-key.pem');
-        const certPath = join(sslDir, 'certificate.pem');
-        const configFile = await this.configEditorService.getConfigFile();
-        const uiConfigBlock = configFile.platforms.find((x) => x.platform === 'config');
-        if (!uiConfigBlock.ssl) {
-            uiConfigBlock.ssl = {};
-        }
-        if (mode === 'keycert') {
-            uiConfigBlock.ssl.key = keyPath;
-            uiConfigBlock.ssl.cert = certPath;
-            delete uiConfigBlock.ssl.pfx;
-            delete uiConfigBlock.ssl.passphrase;
-            uiConfigBlock.ssl.selfSigned = false;
-            uiConfigBlock.ssl.selfSignedHostnames = hostnames;
-        }
-        else {
-            delete uiConfigBlock.ssl.key;
-            delete uiConfigBlock.ssl.cert;
-            delete uiConfigBlock.ssl.pfx;
-            delete uiConfigBlock.ssl.passphrase;
-            uiConfigBlock.ssl.selfSigned = true;
-            uiConfigBlock.ssl.selfSignedHostnames = hostnames;
-        }
-        await this.configEditorService.updateConfigFile(configFile);
-        return {
-            ok: true,
-            type: 'generated',
-            mode,
-            keyPath: mode === 'keycert' ? keyPath : undefined,
-            certPath: mode === 'keycert' ? certPath : undefined,
-            details: `Self-signed certificate generated for ${hostnames.join(', ')}`,
-        };
-    }
 };
 ServerService = __decorate([
     Injectable(),