projects / project / luci.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
luci-app-acme: DNS API: list of all providers
[project/luci.git] / applications / luci-app-acme / htdocs / luci-static / resources / view / acme.js
1 'use strict';
2 'require form';
3 'require fs';
4 'require uci';
5 'require view';
6
7 return view.extend({
8 render: function (stats) {
9 let wikiUrl = 'https://github.com/acmesh-official/acme.sh/wiki/';
10 var wikiInstructionUrl = wikiUrl + 'dnsapi';
11 var m, s, o;
12
13 m = new form.Map("acme", _("ACME certificates"),
14 _("This configures ACME (Letsencrypt) automatic certificate installation. " +
15 "Simply fill out this to have the router configured with Letsencrypt-issued " +
16 "certificates for the web interface. " +
17 "Note that the domain names in the certificate must already be configured to " +
18 "point at the router's public IP address. " +
19 "Once configured, issuing certificates can take a while. " +
20 "Check the logs for progress and any errors.") + '<br/>' +
21 _("Cert files are stored in") + ' <em>/etc/ssl/acme<em>'
22 );
23
24 s = m.section(form.TypedSection, "acme", _("ACME global config"));
25 s.anonymous = true;
26
27 o = s.option(form.Value, "account_email", _("Account email"),
28 _("Email address to associate with account key."))
29 o.rmempty = false;
30 o.datatype = "minlength(1)";
31
32 o = s.option(form.Flag, "debug", _("Enable debug logging"));
33 o.rmempty = false;
34
35 s = m.section(form.GridSection, "cert", _("Certificate config"))
36 s.anonymous = false;
37 s.addremove = true;
38 s.nodescriptions = true;
39
40 o = s.tab("general", _("General Settings"));
41 o = s.tab('challenge_webroot', _('Webroot Challenge Validation'));
42 o = s.tab('challenge_dns', _('DNS Challenge Validation'));
43 o = s.tab("advanced", _('Advanced Settings'));
44
45 o = s.taboption('general', form.Flag, "enabled", _("Enabled"));
46 o.rmempty = false;
47
48 o = s.taboption('general', form.DynamicList, "domains", _("Domain names"),
49 _("Domain names to include in the certificate. " +
50 "The first name will be the subject name, subsequent names will be alt names. " +
51 "Note that all domain names must point at the router in the global DNS."));
52 o.datatype = "list(string)";
53
54 o = s.taboption('general', form.ListValue, 'validation_method', _('Validation method'),
55 _("Standalone mode will use the built-in webserver of acme.sh to issue a certificate. " +
56 "Webroot mode will use an existing webserver to issue a certificate. " +
57 "DNS mode will allow you to use the DNS API of your DNS provider to issue a certificate."));
58 o.value("standalone", _("Standalone"));
59 o.value("webroot", _("Webroot"));
60 o.value("dns", _("DNS"));
61 o.default = 'webroot';
62
63 o = s.taboption('challenge_webroot', form.Value, 'webroot', _('Webroot directory'),
64 _("Webserver root directory. Set this to the webserver " +
65 "document root to run Acme in webroot mode. The web " +
66 "server must be accessible from the internet on port 80.") + '<br/>' +
67 _("Default") + " <em>/var/run/acme/challenge/</em>"
68 );
69 o.optional = true;
70 o.depends("validation_method", "webroot");
71 o.modalonly = true;
72
73 o = s.taboption('challenge_dns', form.ListValue, 'dns', _('DNS API'),
74 _("To use DNS mode to issue certificates, set this to the name of a DNS API supported by acme.sh. " +
75 "See https://github.com/acmesh-official/acme.sh/wiki/dnsapi for the list of available APIs. " +
76 "In DNS mode, the domain name does not have to resolve to the router IP. " +
77 "DNS mode is also the only mode that supports wildcard certificates. " +
78 "Using this mode requires the acme-dnsapi package to be installed."));
79 o.depends("validation_method", "dns");
80 // List of supported DNS API. Names are same as file names in acme.sh for easier search.
81 // May be outdated but not changed too often.
82 o.value('', '')
83 o.value('dns_acmedns', 'ACME DNS API github.com/joohoi/acme-dns');
84 o.value('dns_acmeproxy', 'ACME Proxy github.com/mdbraber/acmeproxy');
85 o.value('dns_1984hosting', '1984.is');
86 o.value('dns_active24', 'Active24.com');
87 o.value('dns_ad', 'Alwaysdata.com');
88 o.value('dns_ali', 'Alibaba Cloud Aliyun.com');
89 o.value('dns_anx', 'Anexia.com');
90 o.value('dns_arvan', 'ArvanCloud.ir');
91 o.value('dns_aurora', 'AuroraDNS.eu');
92 o.value('dns_autodns', 'autoDNS (InternetX)');
93 o.value('dns_aws', 'Amazon AWS Route53');
94 o.value('dns_azion', 'Azion.com');
95 o.value('dns_azure', 'Azure');
96 o.value('dns_bunny', 'Bunny.net');
97 o.value('dns_cf', 'CloudFlare.com');
98 o.value('dns_clouddns', 'CloudDNS vshosting.cz');
99 o.value('dns_cloudns', 'ClouDNS.net');
100 o.value('dns_cn', 'Core-Networks.de');
101 o.value('dns_conoha', 'ConoHa.io');
102 o.value('dns_constellix', 'constellix.com');
103 o.value('dns_cpanel', 'CPanel');
104 o.value('dns_curanet', 'curanet.dk scannet.dk wannafind.dk dandomain.dk');
105 o.value('dns_cyon', 'cayon.ch');
106 o.value('dns_da', 'DirectAdmin Panel');
107 o.value('dns_ddnss', 'DDNSS.de');
108 o.value('dns_desec', 'deSEC.io');
109 o.value('dns_df', 'DynDnsFree.de');
110 o.value('dns_dgon', 'DigitalOcean.com');
111 o.value('dns_dnshome', 'dnsHome.de');
112 o.value('dns_dnsimple', 'DNSimple.com');
113 o.value('dns_dnsservices', 'dns.services');
114 o.value('dns_doapi', 'Domain-Offensive do.de');
115 o.value('dns_domeneshop', 'DomeneShop.no');
116 o.value('dns_dp', 'DNSPod.cn');
117 o.value('dns_dpi', 'DNSPod.com');
118 o.value('dns_dreamhost', 'DreamHost.com');
119 o.value('dns_duckdns', 'DuckDNS.org');
120 o.value('dns_durabledns', 'DurableDNS.com');
121 o.value('dns_dyn', 'Dyn.com');
122 o.value('dns_dynu', 'Dynu.com');
123 o.value('dns_dynv6', 'DynV6.com');
124 o.value('dns_easydns', 'EasyDNS.net');
125 o.value('dns_edgedns', 'Akamai Edge DNS');
126 o.value('dns_euserv', 'euserv.eu');
127 o.value('dns_exoscale', 'Exoscale.com');
128 o.value('dns_fornex', 'fornex.com');
129 o.value('dns_freedns', 'FreeDNS.afraid.org');
130 o.value('dns_gandi_livedns', 'LiveDNS.Gandi.net');
131 // o.value('dns_gcloud', 'Google Cloud gcloud client');
132 o.value('dns_gcore', 'Gcore.com');
133 o.value('dns_gd', 'GoDaddy.com');
134 o.value('dns_geoscaling', 'Geoscaling.com');
135 o.value('dns_googledomains', 'Google Domains');
136 o.value('dns_he', 'he.net');
137 o.value('dns_hetzner', 'Hetzner.com');
138 o.value('dns_hexonet', 'Hexonet.net');
139 o.value('dns_hostingde', 'Hosting.de');
140 o.value('dns_huaweicloud', 'MyHuaweiCloud.com');
141 o.value('dns_infoblox', 'Infoblox');
142 o.value('dns_infomaniak', 'InfoManiak.com');
143 o.value('dns_internetbs', 'InternetBS.net');
144 o.value('dns_inwx', 'inwx.de');
145 o.value('dns_ionos', 'IONOS.com');
146 o.value('dns_ipv64', 'ipv64.net');
147 o.value('dns_ispconfig', 'ISPConfig Server');
148 o.value('dns_jd', 'JDCloud.com');
149 o.value('dns_joker', 'Joker.com');
150 o.value('dns_kappernet', 'kapper.net');
151 o.value('dns_kas', 'kasserver.com');
152 o.value('dns_kinghost', 'KingHost.net');
153 o.value('dns_la', 'dns.la');
154 o.value('dns_leaseweb', 'leaseweb.com');
155 // o.value('dns_lexicon', 'Lexicon client');
156 o.value('dns_linode_v4', 'Linode.com');
157 o.value('dns_loopia', 'Loopia.se');
158 o.value('dns_lua', 'LuaDNS.com');
159 // o.value('dns_maradns', 'MaraDNS Server zone file');
160 o.value('dns_me', 'DNSMadeEasy.com');
161 // o.value('dns_miab', 'Mail-in-a-Box Server API');
162 o.value('dns_misaka', 'misaka.io');
163 o.value('dns_mydevil', 'MyDevil.net');
164 o.value('dns_mydnsjp', 'MyDNS.JP');
165 o.value('dns_mythic_beasts', 'Mythic-Beasts.com');
166 o.value('dns_namecheap', 'NameCheap.com');
167 o.value('dns_namecom', 'Name.com');
168 o.value('dns_namesilo', 'NameSilo.com');
169 o.value('dns_nanelo', 'Nanelo.com');
170 o.value('dns_nederhost', 'NederHost.nl');
171 o.value('dns_neodigit', 'Neodigit.net');
172 o.value('dns_netcup', 'netcup.eu netcup.de');
173 o.value('dns_netlify', 'Netlify.com');
174 o.value('dns_nic', 'nic.ru');
175 o.value('dns_njalla', 'Njalla njal.la');
176 o.value('dns_nm', 'NameMaster.de');
177 // o.value('dns_nsd', 'NSD Server zone file');
178 o.value('dns_nsone', 'NS1 nsone.net');
179 o.value('dns_nsupdate', 'nsupdate (RFC2136) Server');
180 o.value('dns_nw', 'Nexcess.net');
181 o.value('dns_oci', 'Oracle Cloud Infrastructure (OCI)');
182 o.value('dns_one', 'one.com');
183 o.value('dns_online', 'online.net');
184 o.value('dns_openprovider', 'OpenProvider.com');
185 // o.value('dns_openstack', 'OpenStack Client');
186 o.value('dns_opnsense', 'OPNsense Bind API');
187 o.value('dns_ovh', 'OVH ovh.com ovhcloud.com kimsufi.com soyoustart.com');
188 o.value('dns_pdns', 'PowerDNS Server');
189 o.value('dns_pleskxml', 'plesk.com XML API');
190 o.value('dns_pointhq', 'PointDNS pointhq.com');
191 o.value('dns_porkbun', 'Porkbun.com');
192 o.value('dns_rackcorp', 'RackCorp.com');
193 o.value('dns_rackspace', 'RackSpace rackspacecloud.com');
194 o.value('dns_rage4', 'rage4.com');
195 o.value('dns_rcode0', 'Rcode0 rcodezero.at');
196 o.value('dns_regru', 'Reg.ru');
197 o.value('dns_scaleway', 'Scaleway.com');
198 o.value('dns_schlundtech', 'Schlundtech.de');
199 o.value('dns_selectel', 'Selectel.ru');
200 o.value('dns_selfhost', 'selfhost.de');
201 o.value('dns_servercow', 'servercow.de');
202 o.value('dns_simply', 'Simply.com');
203 o.value('dns_tele3', 'tele3.cz');
204 o.value('dns_transip', 'transip.nl');
205 o.value('dns_udr', 'ud-reselling.com');
206 o.value('dns_ultra', 'UltraDNS.com');
207 o.value('dns_variomedia', 'variomedia.de');
208 o.value('dns_veesp', 'veesp.com');
209 o.value('dns_vercel', 'Vercel.com');
210 o.value('dns_vscale', 'vscale.io');
211 o.value('dns_vultr', 'vultr.com');
212 o.value('dns_websupport', 'websupport.sk');
213 o.value('dns_world4you', 'World4You.com');
214 o.value('dns_yandex', 'Yandex DNS dns.yandex.ru');
215 o.value('dns_yc', 'Yandex Cloud cloud.yandex.net');
216 o.value('dns_zilore', 'zilore.com');
217 o.value('dns_zone', 'Zone.ee');
218 o.value('dns_zonomi', 'Zonomi.com');
219 o.modalonly = true;
220 o.onchange = L.bind(_handleCheckService, o, s);
221
222 o = s.taboption('challenge_dns', form.DummyValue, '_wiki_url', _('See instructions'), '');
223 o.rawhtml = true;
224 o.default = '<a id="wikiInstructionUrl" href="%s" target="_blank" rel="noreferrer">Acme Wiki DNS API</a>'
225 .format(wikiInstructionUrl);
226 o.depends('validation_method', 'dns');
227 o.modalonly = true;
228
229 _addDnsProviderField(s, 'dns_1984hosting', 'One984HOSTING_Username', '1984.is Username', '');
230 _addDnsProviderField(s, 'dns_1984hosting', 'One984HOSTING_Password', '1984.is Password', '');
231
232 _addDnsProviderField(s, 'dns_acmedns', 'ACMEDNS_BASE_URL', 'ACMEDNS URL', '');
233 _addDnsProviderField(s, 'dns_acmedns', 'ACMEDNS_USERNAME', 'ACMEDNS User', '');
234 _addDnsProviderField(s, 'dns_acmedns', 'ACMEDNS_PASSWORD', 'ACMEDNS Password', '');
235 _addDnsProviderField(s, 'dns_acmedns', 'ACMEDNS_SUBDOMAIN', 'ACMEDNS Subdomain', '');
236
237 _addDnsProviderField(s, 'dns_ali', 'Ali_Key', 'Ali Key', '');
238 _addDnsProviderField(s, 'dns_ali', 'Ali_Secret', 'Ali Secret', '');
239
240 _addDnsProviderField(s, 'dns_aws', 'AWS_ACCESS_KEY_ID', 'AWS access key id', '');
241 _addDnsProviderField(s, 'dns_aws', 'AWS_SECRET_ACCESS_KEY', 'AWS secret access key', '');
242
243 _addDnsProviderField(s, 'dns_azure', 'AZUREDNS_SUBSCRIPTIONID', 'Azure Subscription ID', '');
244 _addDnsProviderField(s, 'dns_azure', 'AZUREDNS_TENANTID', 'Azure Tenant ID', '');
245 _addDnsProviderField(s, 'dns_azure', 'AZUREDNS_APPID', 'Azure App ID', '');
246 _addDnsProviderField(s, 'dns_azure', 'AZUREDNS_CLIENTSECRET', 'Azure Client Secret', '');
247
248 _addDnsProviderField(s, 'dns_bunny', 'BUNNY_API_KEY', 'Bunny API Key', '');
249
250 _addDnsProviderField(s, 'dns_cf', 'CF_Key', 'CF Key', '');
251 _addDnsProviderField(s, 'dns_cf', 'CF_Email', 'CF Email', '');
252 _addDnsProviderField(s, 'dns_cf', 'CF_Token', 'CF Token', '');
253 _addDnsProviderField(s, 'dns_cf', 'CF_Account_ID', 'CF Account ID', '');
254 _addDnsProviderField(s, 'dns_cf', 'CF_Zone_ID', 'CF Zone ID', '');
255
256 _addDnsProviderField(s, 'dns_ddnss', 'DDNSS_Token', 'DDNSS.de Token', '');
257
258 _addDnsProviderField(s, 'dns_desec', 'DEDYN_TOKEN', 'deSEC.io Token', '');
259
260 _addDnsProviderField(s, 'dns_duckdns', 'DuckDNS_Token', 'DuckDNS Token',
261 _('Open <a href="https://www.duckdns.org/">DuckDNS</a> and copy a token here')
262 );
263
264 _addDnsProviderField(s, 'dns_dynv6', 'DYNV6_TOKEN', 'DynV6 Token', '');
265
266 _addDnsProviderField(s, 'dns_dnsimple', 'DNSimple_OAUTH_TOKEN', 'DNSimple OAuth TOKEN', '');
267
268 _addDnsProviderField(s, 'dns_dgon', 'DO_API_KEY', 'Digital Ocean API Key', '');
269
270 _addDnsProviderField(s, 'dns_dreamhost', 'DH_API_KEY', 'DreamHost.com API Key', '');
271
272 _addDnsProviderField(s, 'dns_df', 'DF_user', 'DynDnsFree.de Username', '');
273 _addDnsProviderField(s, 'dns_df', 'DF_password', 'DynDnsFree.de Password', '');
274
275 _addDnsProviderField(s, 'dns_gandi_livedns', 'GANDI_LIVEDNS_KEY', 'Gandi LiveDNS Key', '');
276
277 _addDnsProviderField(s, 'dns_gcore', 'GCORE_Key', 'GCore Key', '');
278
279 _addDnsProviderField(s, 'dns_gd', 'GD_Key', 'GoDaddy.com Key', '');
280 _addDnsProviderField(s, 'dns_gd', 'GD_Secret', 'GoDaddy.com Secret', '');
281
282 _addDnsProviderField(s, 'dns_geoscaling', 'GEOSCALING_Username', 'Geoscaling.com Username',
283 _('This is usually NOT an email address')
284 );
285 _addDnsProviderField(s, 'dns_geoscaling', 'GEOSCALING_Password', 'Geoscaling.com Password', '');
286
287 _addDnsProviderField(s, 'dns_googledomains', 'GOOGLEDOMAINS_ACCESS_TOKEN', 'Google Domains Access Token', '');
288 _addDnsProviderField(s, 'dns_googledomains', 'GOOGLEDOMAINS_ZONE', 'Google Domains Zone', '');
289
290 _addDnsProviderField(s, 'dns_he', 'HE_Username', 'dns.he.net Username', '');
291 _addDnsProviderField(s, 'dns_he', 'HE_Password', 'dns.he.net Password', '');
292
293 _addDnsProviderField(s, 'dns_hetzner', 'HETZNER_Token', 'Hetzner Token', '');
294
295 _addDnsProviderField(s, 'dns_he', 'dns_hexonet', 'Hexonet.net Login', 'username!roleId');
296 _addDnsProviderField(s, 'dns_he', 'dns_hexonet', 'Hexonet.net Password', '');
297
298 _addDnsProviderField(s, 'dns_huaweicloud', 'HUAWEICLOUD_Username', 'MyHuaweiCloud.com Username', '');
299 _addDnsProviderField(s, 'dns_huaweicloud', 'HUAWEICLOUD_Password', 'MyHuaweiCloud.com Password', '');
300 _addDnsProviderField(s, 'dns_huaweicloud', 'HUAWEICLOUD_DomainName', 'MyHuaweiCloud.com Domain Name', '');
301
302 _addDnsProviderField(s, 'dns_infomaniak', 'INFOMANIAK_API_TOKEN', 'InfoManiak Token', '');
303
304 _addDnsProviderField(s, 'dns_ipv64', 'IPv64_Token', 'ipv64.net Token', '');
305
306 _addDnsProviderField(s, 'dns_jd', 'JD_ACCESS_KEY_ID', 'JDCloud.com Access Key ID', '');
307 _addDnsProviderField(s, 'dns_jd', 'JD_ACCESS_KEY_SECRET', 'JDCloud.com Access Key Secret', '');
308 _addDnsProviderField(s, 'dns_jd', 'JD_REGION', 'JDCloud.com Region', 'cn-north-1');
309
310 _addDnsProviderField(s, 'dns_joker', 'JOKER_USERNAME', 'Joker.com User', '');
311 _addDnsProviderField(s, 'dns_joker', 'JOKER_PASSWORD', 'Joker.com Password', '');
312
313 _addDnsProviderField(s, 'dns_freedns', 'FREEDNS_User', 'FreeDNS User', '');
314 _addDnsProviderField(s, 'dns_freedns', 'FREEDNS_Password', 'FreeDNS Password', '');
315
316 _addDnsProviderField(s, 'dns_la', 'LA_Id', 'dns.la Id', '');
317 _addDnsProviderField(s, 'dns_la', 'LA_Key', 'dns.la Key', '');
318
319 _addDnsProviderField(s, 'dns_linodev4', 'LINODE_V4_API_KEY', 'Linode API Key', '');
320
321 _addDnsProviderField(s, 'dns_loopia', 'LOOPIA_User', 'Loopia User', '');
322 _addDnsProviderField(s, 'dns_loopia', 'LOOPIA_Password', 'Loopia Password', '');
323
324 _addDnsProviderField(s, 'dns_lua', 'LUA_Email', 'luadns.com email', '');
325 _addDnsProviderField(s, 'dns_lua', 'LUA_Key', 'luadns.com Key', '');
326
327 _addDnsProviderField(s, 'dns_mydnsjp', 'MYDNSJP_MasterID', 'MyDNS.jp MasterID', '');
328 _addDnsProviderField(s, 'dns_mydnsjp', 'MYDNSJP_Password', 'MyDNS.jp Password', '');
329
330 _addDnsProviderField(s, 'dns_me', 'ME_Key', 'DNSMadeEasy Key', '');
331 _addDnsProviderField(s, 'dns_me', 'ME_Secret', 'DNSMadeEasy Secret', '');
332
333 _addDnsProviderField(s, 'dns_namecom', 'Namecom_Username', 'Name.com Username', '');
334 _addDnsProviderField(s, 'dns_namecom', 'Namecom_Token', 'Name.com Token', '');
335
336 _addDnsProviderField(s, 'dns_namecheap', 'NAMECHEAP_API_KEY', 'NameCheap API Key', '');
337 _addDnsProviderField(s, 'dns_namecheap', 'NAMECHEAP_USERNAME', 'NameCheap User', '');
338 _addDnsProviderField(s, 'dns_namecheap', 'NAMECHEAP_SOURCEIP', 'NameCheap Source IP', '');
339
340 _addDnsProviderField(s, 'dns_nic', 'NIC_ClientID', 'Nic.ru ClientID', '');
341 _addDnsProviderField(s, 'dns_nic', 'NIC_ClientSecret', 'Nic.ru ClientSecret', '');
342 _addDnsProviderField(s, 'dns_nic', 'NIC_Username', 'Nic.ru Username', '');
343 _addDnsProviderField(s, 'dns_nic', 'NIC_Password', 'Nic.ru Password', '');
344
345 _addDnsProviderField(s, 'dns_netlify', 'NETLIFY_ACCESS_TOKEN', 'Netlify Access Token', '');
346
347 _addDnsProviderField(s, 'dns_nsone', 'NS1_Key', 'nsone.net Key', '');
348
349 _addDnsProviderField(s, 'dns_nsupdate', 'NSUPDATE_SERVER', 'nsupdate server address', '');
350 _addDnsProviderField(s, 'dns_nsupdate', 'NSUPDATE_SERVER_PORT', 'nsupdate server port', '');
351 _addDnsProviderField(s, 'dns_nsupdate', 'NSUPDATE_KEY', 'nsupdate key file path', '');
352 _addDnsProviderField(s, 'dns_nsupdate', 'NSUPDATE_ZONE', 'nsupdate zone', '');
353
354 _addDnsProviderField(s, 'dns_nsupdate', 'OCI_CLI_TENANCY', 'OCI Tenancy',
355 _('OCID of tenancy that contains the target DNS zone')
356 );
357 _addDnsProviderField(s, 'dns_nsupdate', 'OCI_CLI_USER', 'OCI User',
358 _('OCID of user with permission to add/remove records from zones')
359 );
360 _addDnsProviderField(s, 'dns_nsupdate', 'OCI_CLI_REGION', 'OCI Region',
361 _('Should point to the tenancy home region')
362 );
363 _addDnsProviderField(s, 'dns_nsupdate', 'OCI_CLI_KEY_FILE', 'OCI Key file',
364 _('Path to private API signing key file in PEM format')
365 );
366 _addDnsProviderField(s, 'dns_nsupdate', 'OCI_CLI_KEY', 'OCI Key',
367 _('The private API signing key in PEM format')
368 );
369
370 _addDnsProviderField(s, 'dns_ovh', 'OVH_AK', 'OVH Application Key', '');
371 _addDnsProviderField(s, 'dns_ovh', 'OVH_AS', 'OVH Application Secret', '');
372 _addDnsProviderField(s, 'dns_ovh', 'OVH_CK', 'OVH Consumer Key', '');
373 _addDnsProviderField(s, 'dns_ovh', 'OVH_END_POINT', 'OVH Region/Endpoint',
374 'ovh-eu, ovh-us, ovh-ca, kimsufi-eu, kimsufi-ca, soyoustart-eu, soyoustart-ca'
375 );
376
377 _addDnsProviderField(s, 'dns_pdns', 'PDNS_Url', 'PDNS API URL', '');
378 _addDnsProviderField(s, 'dns_pdns', 'PDNS_ServerId', 'PDNS Server ID', '');
379 _addDnsProviderField(s, 'dns_pdns', 'PDNS_Token', 'PDNS Token', '');
380 _addDnsProviderField(s, 'dns_pdns', 'PDNS_Ttl', 'PDNS Default TTL', '60');
381
382 _addDnsProviderField(s, 'dns_porkbun', 'PORKBUN_API_KEY', 'Porkbun API Key', '');
383 _addDnsProviderField(s, 'dns_porkbun', 'PORKBUN_SECRET_API_KEY', 'Porkbun API Secret', '');
384
385 _addDnsProviderField(s, 'dns_rackspace', 'RACKSPACE_Apikey', 'RackSpace API Key', '');
386 _addDnsProviderField(s, 'dns_rackspace', 'RACKSPACE_Username', 'Porkbun Username', '');
387
388 _addDnsProviderField(s, 'dns_regru', 'REGRU_API_Username', 'reg.ru Username', '');
389 _addDnsProviderField(s, 'dns_regru', 'REGRU_API_Password', 'reg.ru Password', '');
390
391 _addDnsProviderField(s, 'dns_selectel', 'SL_Key', 'Selectel API Key', '');
392
393 _addDnsProviderField(s, 'dns_selfhost', 'SELFHOSTDNS_USERNAME', 'SelfHost.de Username', '');
394 _addDnsProviderField(s, 'dns_selfhost', 'SELFHOSTDNS_PASSWORD', 'SelfHost.de Password', '');
395 _addDnsProviderField(s, 'dns_selfhost', 'SELFHOSTDNS_MAP', 'SelfHost.de Domains map',
396 _('E.g. <code>_acme-challenge.example.com:12345:98765 alias.example.com:11111</code>')
397 );
398
399 _addDnsProviderField(s, 'dns_simply', 'SIMPLY_AccountName', 'Simply.com account name', '');
400 _addDnsProviderField(s, 'dns_simply', 'SIMPLY_ApiKey', 'Simply.com API Key', '');
401
402 _addDnsProviderField(s, 'dns_tele3', 'TELE3_Key', 'tele3.cz API Key', '');
403 _addDnsProviderField(s, 'dns_tele3', 'TELE3_Secret', 'tele3.cz API Secret', '');
404
405 _addDnsProviderField(s, 'dns_vultr', 'VULTR_API_KEY', 'Vultr API Secret', '');
406
407 _addDnsProviderField(s, 'dns_vscale', 'VSCALE_API_KEY', 'vscale.io API Key', '');
408
409 _addDnsProviderField(s, 'dns_yandex', 'PDD_Token', 'Yandex DNS API Token', '');
410
411 _addDnsProviderField(s, 'dns_yandex', 'PDD_Token', 'Yandex DNS API Token', '');
412
413 _addDnsProviderField(s, 'dns_yc', 'YC_Zone_ID', 'Yandex Cloud: DNS Zone ID', '');
414 _addDnsProviderField(s, 'dns_yc', 'YC_Folder_ID', 'Yandex Cloud: YC Folder ID', '');
415 _addDnsProviderField(s, 'dns_yc', 'YC_SA_ID', 'Yandex Cloud: Service Account ID', '');
416 _addDnsProviderField(s, 'dns_yc', 'YC_SA_Key_ID', 'Yandex Cloud: Service Account IAM Key ID', '');
417 _addDnsProviderField(s, 'dns_yc', 'YC_SA_Key_File_Path', 'Yandex Cloud: Path to private key', '');
418 _addDnsProviderField(s, 'dns_yc', 'YC_SA_Key_File_PEM_b64', 'Yandex Cloud: PEM of private key',
419 _('Base64 content of private key. Use instead of YC_SA_Key_File_Path')
420 );
421
422 _addDnsProviderField(s, 'dns_zilore', 'Zilore_Key', 'Zilore API Key', '');
423
424 _addDnsProviderField(s, 'dns_zone', 'ZONE_Username', 'Zone.ee Username', '');
425 _addDnsProviderField(s, 'dns_zone', 'ZONE_Key', 'Zone.ee API Key', '');
426
427 _addDnsProviderField(s, 'dns_zonomi', 'ZM_Key', 'Zonomi.com API Key', '');
428
429
430 o = s.taboption('challenge_dns', form.DynamicList, 'credentials', _('DNS API credentials'),
431 _("The credentials for the DNS API mode selected above. " +
432 "See https://github.com/acmesh-official/acme.sh/wiki/dnsapi for the format of credentials required by each API. " +
433 "Add multiple entries here in KEY=VAL shell variable format to supply multiple credential variables."))
434 o.datatype = "list(string)";
435 o.depends("validation_method", "dns");
436 o.modalonly = true;
437
438 o = s.taboption('challenge_dns', form.Value, 'calias', _('Challenge Alias'),
439 _("The challenge alias to use for ALL domains. " +
440 "See https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode for the details of this process. " +
441 "LUCI only supports one challenge alias per certificate."));
442 o.depends("validation_method", "dns");
443 o.modalonly = true;
444
445 o = s.taboption('challenge_dns', form.Value, 'dalias', _('Domain Alias'),
446 _("The domain alias to use for ALL domains. " +
447 "See https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode for the details of this process. " +
448 "LUCI only supports one challenge domain per certificate."));
449 o.depends("validation_method", "dns");
450 o.modalonly = true;
451
452
453 o = s.taboption('advanced', form.Flag, 'use_staging', _('Use staging server'),
454 _(
455 'Get certificate from the Letsencrypt staging server ' +
456 '(use for testing; the certificate won\'t be valid).'
457 )
458 );
459 o.rmempty = false;
460 o.modalonly = true;
461
462 o = s.taboption('advanced', form.ListValue, 'key_type', _('Key size'),
463 _('Key size (and type) for the generated certificate.')
464 );
465 o.value('rsa2048', _('RSA 2048 bits'));
466 o.value('rsa3072', _('RSA 3072 bits'));
467 o.value('rsa4096', _('RSA 4096 bits'));
468 o.value('ec256', _('ECC 256 bits'));
469 o.value('ec384', _('ECC 384 bits'));
470 o.rmempty = false;
471 o.optional = true;
472 o.modalonly = true;
473 o.cfgvalue = function(section_id, set_value) {
474 var keylength = uci.get('acme', section_id, 'keylength');
475 if (keylength) {
476 // migrate the old keylength to a new keytype
477 switch (keylength) {
478 case '2048': return 'rsa2048';
479 case '3072': return 'rsa3072';
480 case '4096': return 'rsa4096';
481 case 'ec-256': return 'ec256';
482 case 'ec-384': return 'ec384';
483 default: return ''; // bad value
484 }
485 }
486 return set_value;
487 };
488 o.write = function(section_id, value) {
489 // remove old keylength
490 uci.unset('acme', section_id, 'keylength');
491 uci.set('acme', section_id, 'key_type', value);
492 };
493
494 o = s.taboption('advanced', form.Flag, "use_acme_server",
495 _("Custom ACME CA"), _("Use a custom CA instead of Let's Encrypt."));
496 o.depends("use_staging", "0");
497 o.default = false;
498 o.modalonly = true;
499
500 o = s.taboption('advanced', form.Value, "acme_server", _("ACME server URL"),
501 _("Custom ACME server directory URL."));
502 o.depends("use_acme_server", "1");
503 o.placeholder = "https://api.buypass.com/acme/directory";
504 o.optional = true;
505 o.modalonly = true;
506
507 o = s.taboption('advanced', form.Value, 'days', _('Days until renewal'));
508 o.optional = true;
509 o.placeholder = 90;
510 o.datatype = 'uinteger';
511 o.modalonly = true;
512
513 return m.render()
514 }
515 })
516
517
518 function _addDnsProviderField(s, provider, env, title, desc) {
519 let o = s.taboption('challenge_dns', form.Value, '_' + env, _(title),
520 _(desc));
521 o.depends('dns', provider);
522 o.modalonly = true;
523 o.cfgvalue = function (section_id, stored_val) {
524 var creds = this.map.data.get(this.map.config, section_id, 'credentials');
525 return _extractParamValue(creds, env);
526 };
527 o.write = function (section_id, value) {
528 this.map.data.set('acme', section_id, 'credentials', [env + '="' + value + '"']);
529 };
530 return o;
531 }
532
533 /**
534 * @param {string[]} paramsKeyVals
535 * @param {string} paramName
536 * @returns {string}
537 */
538 function _extractParamValue(paramsKeyVals, paramName) {
539 if (!paramsKeyVals) {
540 return '';
541 }
542 for (let i = 0; i < paramsKeyVals.length; i++) {
543 var paramKeyVal = paramsKeyVals[i];
544 var parts = paramKeyVal.split('=');
545 if (parts.lenght < 2) {
546 continue;
547 }
548 var name = parts[0];
549 var val = parts[1];
550 if (name == paramName) {
551 // unquote
552 return val.substring(0, val.length-1).substring(1);
553 }
554 }
555 return '';
556 }
557
558 function _handleCheckService(c, event, curVal, newVal) {
559 document.getElementById('wikiInstructionUrl').href = 'https://github.com/acmesh-official/acme.sh/wiki/dnsapi#' + newVal;
560 }
Lua Configuration Interface (mirror)