From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 56E67909AC for ; Thu, 9 Mar 2023 11:19:22 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 1FCF69269 for ; Thu, 9 Mar 2023 11:18:52 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Thu, 9 Mar 2023 11:18:51 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id CAA6645848 for ; Thu, 9 Mar 2023 11:18:50 +0100 (CET) From: Christoph Heiss To: pmg-devel@lists.proxmox.com Date: Thu, 9 Mar 2023 11:18:45 +0100 Message-Id: <20230309101846.192177-3-c.heiss@proxmox.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230309101846.192177-1-c.heiss@proxmox.com> References: <20230309101846.192177-1-c.heiss@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.082 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pmg-devel] [PATCH pmg-gui 2/3] fix #2437: proxy: Add 'TLS Inbound Policy' panel X-BeenThere: pmg-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Mail Gateway development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2023 10:19:22 -0000 This panel can be used to configure sender domains for which TLS will be enforced my postfix. As this takes the usual transport domain format, either a FQDN or .FQDN (for matching subdomains) can be specified. Signed-off-by: Christoph Heiss --- js/MailProxyTLSInboundPolicy.js | 93 +++++++++++++++++++++++++++++++++ js/MailProxyTLSPanel.js | 8 ++- js/Makefile | 1 + 3 files changed, 101 insertions(+), 1 deletion(-) create mode 100644 js/MailProxyTLSInboundPolicy.js diff --git a/js/MailProxyTLSInboundPolicy.js b/js/MailProxyTLSInboundPolicy.js new file mode 100644 index 0000000..bc45527 --- /dev/null +++ b/js/MailProxyTLSInboundPolicy.js @@ -0,0 +1,93 @@ +Ext.define('pmg-tls-inbound-policy', { + extend: 'Ext.data.Model', + fields: ['domain'], + idProperty: 'domain', + proxy: { + type: 'proxmox', + url: '/api2/json/config/tlsinboundpolicy', + }, + sorters: { + property: 'domain', + direction: 'ASC', + }, +}); + +Ext.define('PMG.TLSInboundPolicyEdit', { + extend: 'Proxmox.window.Edit', + xtype: 'pmgTLSInboundPolicyEdit', + onlineHelp: 'pmgconfig_mailproxy_tls', + + subject: gettext('TLS Inbound Policy'), + url: '/api2/extjs/config/tlsinboundpolicy', + method: 'POST', + + items: [ + { + xtype: 'proxmoxtextfield', + name: 'domain', + fieldLabel: gettext('Domain'), + }, + ], +}); + +Ext.define('PMG.MailProxyTLSInboundPolicy', { + extend: 'Ext.grid.GridPanel', + alias: ['widget.pmgMailProxyTLSInboundPolicy'], + + viewConfig: { + trackOver: false, + }, + + columns: [ + { + header: gettext('Domain'), + flex: 1, + sortable: true, + dataIndex: 'domain', + }, + ], + + initComponent: function() { + const me = this; + + const rstore = Ext.create('Proxmox.data.UpdateStore', { + model: 'pmg-tls-inbound-policy', + storeid: 'pmg-mailproxy-tls-inbound-policy-store-' + ++Ext.idSeed, + }); + + const store = Ext.create('Proxmox.data.DiffStore', { rstore: rstore }); + const reload = () => rstore.load(); + me.selModel = Ext.create('Ext.selection.RowModel', {}); + Proxmox.Utils.monStoreErrors(me, store, true); + + Ext.apply(me, { + store, + tbar: [ + { + text: gettext('Create'), + handler: () => { + Ext.createWidget('pmgTLSInboundPolicyEdit', { + autoShow: true, + listeners: { + destroy: reload, + }, + }); + }, + }, + { + xtype: 'proxmoxStdRemoveButton', + baseurl: '/config/tlsinboundpolicy', + callback: reload, + waitMsgTarget: me, + }, + ], + listeners: { + activate: rstore.startUpdate, + destroy: rstore.stopUpdate, + deactivate: rstore.stopUpdate, + }, + }); + + me.callParent(); + }, +}); diff --git a/js/MailProxyTLSPanel.js b/js/MailProxyTLSPanel.js index 82dc3f8..5a5837c 100644 --- a/js/MailProxyTLSPanel.js +++ b/js/MailProxyTLSPanel.js @@ -26,11 +26,17 @@ Ext.define('PMG.MailProxyTLSPanel', { flex: 1, }); - me.items = [tlsSettings, tlsDestinations]; + const tlsInboundPolicy = Ext.create('PMG.MailProxyTLSInboundPolicy', { + title: gettext('TLS Inbound Policy'), + flex: 1, + }); + + me.items = [tlsSettings, tlsDestinations, tlsInboundPolicy]; me.callParent(); tlsSettings.relayEvents(me, ['activate', 'deactivate', 'destroy']); tlsDestinations.relayEvents(me, ['activate', 'deactivate', 'destroy']); + tlsInboundPolicy.relayEvents(me, ['activate', 'deactivate', 'destroy']); }, }); diff --git a/js/Makefile b/js/Makefile index 9a2bcf2..e3b9e78 100644 --- a/js/Makefile +++ b/js/Makefile @@ -50,6 +50,7 @@ JSSRC= \ MailProxyTLS.js \ MailProxyTLSPanel.js \ MailProxyTLSDestinations.js \ + MailProxyTLSInboundPolicy.js \ Transport.js \ MyNetworks.js \ RelayDomains.js \ -- 2.39.2