* [pve-devel] [PATCH manager 0/2] fix #5093 add custom directory and eab to ui
@ 2024-01-16 14:33 Folke Gleumes
2024-01-16 14:33 ` [pve-devel] [PATCH manager 1/2] fix #5093: webui: acme: custom directory option Folke Gleumes
` (3 more replies)
0 siblings, 4 replies; 6+ messages in thread
From: Folke Gleumes @ 2024-01-16 14:33 UTC (permalink / raw)
To: pve-devel
This patch series adds the option to set a custom directory for ACME and
enables the user to use external account binding, which is required by
some providers.
Folke Gleumes (2):
fix #5093: webui: acme: custom directory option
webui: acme: add eab fields
www/manager6/node/ACME.js | 168 ++++++++++++++++++++++++++++++--------
1 file changed, 135 insertions(+), 33 deletions(-)
--
2.39.2
^ permalink raw reply [flat|nested] 6+ messages in thread* [pve-devel] [PATCH manager 1/2] fix #5093: webui: acme: custom directory option 2024-01-16 14:33 [pve-devel] [PATCH manager 0/2] fix #5093 add custom directory and eab to ui Folke Gleumes @ 2024-01-16 14:33 ` Folke Gleumes 2024-04-17 14:34 ` Mira Limbeck 2024-01-16 14:33 ` [pve-devel] [PATCH manager 2/2] webui: acme: add eab fields Folke Gleumes ` (2 subsequent siblings) 3 siblings, 1 reply; 6+ messages in thread From: Folke Gleumes @ 2024-01-16 14:33 UTC (permalink / raw) To: pve-devel This patch allows the user to set a custom ACME directory by providing a 'Custom' option in the directory dropdown. This in turn reveals an input for the url. When using a custom directory the directory has to be manually queried via button press to prevent from spamming the directory on every input. Signed-off-by: Folke Gleumes <f.gleumes@proxmox.com> --- www/manager6/node/ACME.js | 140 +++++++++++++++++++++++++++++--------- 1 file changed, 107 insertions(+), 33 deletions(-) diff --git a/www/manager6/node/ACME.js b/www/manager6/node/ACME.js index 21137b1a..5b71778a 100644 --- a/www/manager6/node/ACME.js +++ b/www/manager6/node/ACME.js @@ -10,6 +10,14 @@ Ext.define('PVE.node.ACMEAccountCreate', { url: '/cluster/acme/account', showTaskViewer: true, defaultExists: false, + referenceHolder: true, + onlineHelp: "sysadmin_certs_acme_account", + + viewModel: { + data: { + customDirectory: false, + }, + }, items: [ { @@ -30,12 +38,17 @@ Ext.define('PVE.node.ACMEAccountCreate', { }, { xtype: 'proxmoxComboGrid', - name: 'directory', - allowBlank: false, + notFoundIsValid: true, + isFormField: false, valueField: 'url', displayField: 'name', fieldLabel: gettext('ACME Directory'), store: { + listeners: { + 'load': function() { + this.add({ name: gettext("Custom"), url: '' }); + }, + }, autoLoad: true, fields: ['name', 'url'], idProperty: ['name'], @@ -43,10 +56,6 @@ Ext.define('PVE.node.ACMEAccountCreate', { type: 'proxmox', url: '/api2/json/cluster/acme/directories', }, - sorters: { - property: 'name', - direction: 'ASC', - }, }, listConfig: { columns: [ @@ -64,41 +73,93 @@ Ext.define('PVE.node.ACMEAccountCreate', { }, listeners: { change: function(combogrid, value) { - var me = this; - if (!value) { - return; - } + let me = this; - var disp = me.up('window').down('#tos_url_display'); - var field = me.up('window').down('#tos_url'); - var checkbox = me.up('window').down('#tos_checkbox'); + let vm = me.up('window').getViewModel(); + let dirField = me.up('window').lookupReference('directoryInput'); + let tosButton = me.up('window').lookupReference('queryTos'); - disp.setValue(gettext('Loading')); - field.setValue(undefined); - checkbox.setValue(undefined); - checkbox.setHidden(true); + let isCustom = combogrid.getSelection().get('name') === gettext("Custom"); + vm.set('customDirectory', isCustom); - Proxmox.Utils.API2Request({ - url: '/cluster/acme/meta', - method: 'GET', - params: { - directory: value, + dirField.setValue(value); + + if (!isCustom) { + tosButton.click(); + } else { + me.up('window').clearToSFields(); + } + }, + }, + }, + { + xtype: 'fieldcontainer', + layout: 'hbox', + fieldLabel: gettext('URL'), + bind: { + hidden: '{!customDirectory}', + }, + items: [ + { + xtype: 'proxmoxtextfield', + name: 'directory', + reference: 'directoryInput', + flex: 1, + allowBlank: false, + listeners: { + change: function(textbox, value) { + let me = this; + me.up('window').clearToSFields(); }, - success: function(response, opt) { - if (response.result.data.termsOfService) { - field.setValue(response.result.data.termsOfService); - disp.setValue(response.result.data.termsOfService); - checkbox.setHidden(false); + }, + }, + { + xtype: 'proxmoxButton', + margin: '0 0 0 5', + reference: 'queryTos', + text: gettext('Query URL'), + listeners: { + click: function(button) { + let me = this; + + let w = me.up('window'); + let disp = w.down('#tos_url_display'); + let field = w.down('#tos_url'); + let checkbox = w.down('#tos_checkbox'); + let value = w.lookupReference('directoryInput').getValue(); + w.clearToSFields(); + + if (!value) { + return; } else { - disp.setValue(undefined); + disp.setValue(gettext("Loading")); } + + Proxmox.Utils.API2Request({ + url: '/cluster/acme/meta', + method: 'GET', + params: { + directory: value, + }, + success: function(response, opt) { + if (response.result.data.termsOfService) { + field.setValue(response.result.data.termsOfService); + disp.setValue(response.result.data.termsOfService); + checkbox.setHidden(false); + } else { + checkbox.setValue(false); + disp.setValue("No terms of service agreement required"); + } + }, + failure: function(response, opt) { + disp.setValue(undefined); + Ext.Msg.alert(gettext('Error'), response.htmlStatus); + }, + }); }, - failure: function(response, opt) { - Ext.Msg.alert(gettext('Error'), response.htmlStatus); - }, - }); + }, }, - }, + ], }, { xtype: 'displayfield', @@ -125,6 +186,19 @@ Ext.define('PVE.node.ACMEAccountCreate', { }, ], + clearToSFields: function() { + let me = this; + + let disp = me.down('#tos_url_display'); + let field = me.down('#tos_url'); + let checkbox = me.down('#tos_checkbox'); + + disp.setValue("Terms of service not fetched yet"); + field.setValue(undefined); + checkbox.setValue(undefined); + checkbox.setHidden(true); + }, + }); Ext.define('PVE.node.ACMEAccountView', { -- 2.39.2 ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [pve-devel] [PATCH manager 1/2] fix #5093: webui: acme: custom directory option 2024-01-16 14:33 ` [pve-devel] [PATCH manager 1/2] fix #5093: webui: acme: custom directory option Folke Gleumes @ 2024-04-17 14:34 ` Mira Limbeck 0 siblings, 0 replies; 6+ messages in thread From: Mira Limbeck @ 2024-04-17 14:34 UTC (permalink / raw) To: pve-devel On 1/16/24 15:33, Folke Gleumes wrote: > This patch allows the user to set a custom ACME directory by providing > a 'Custom' option in the directory dropdown. This in turn reveals an > input for the url. When using a custom directory the directory has to > be manually queried via button press to prevent from spamming the > directory on every input. > > Signed-off-by: Folke Gleumes <f.gleumes@proxmox.com> > --- > www/manager6/node/ACME.js | 140 +++++++++++++++++++++++++++++--------- > 1 file changed, 107 insertions(+), 33 deletions(-) > > diff --git a/www/manager6/node/ACME.js b/www/manager6/node/ACME.js > index 21137b1a..5b71778a 100644 > --- a/www/manager6/node/ACME.js > +++ b/www/manager6/node/ACME.js > @@ -10,6 +10,14 @@ Ext.define('PVE.node.ACMEAccountCreate', { > url: '/cluster/acme/account', > showTaskViewer: true, > defaultExists: false, > + referenceHolder: true, > + onlineHelp: "sysadmin_certs_acme_account", > + > + viewModel: { > + data: { > + customDirectory: false, > + }, > + }, > > items: [ > { > @@ -30,12 +38,17 @@ Ext.define('PVE.node.ACMEAccountCreate', { > }, > { > xtype: 'proxmoxComboGrid', > - name: 'directory', > - allowBlank: false, > + notFoundIsValid: true, > + isFormField: false, > valueField: 'url', > displayField: 'name', > fieldLabel: gettext('ACME Directory'), > store: { > + listeners: { > + 'load': function() { > + this.add({ name: gettext("Custom"), url: '' }); > + }, > + }, > autoLoad: true, > fields: ['name', 'url'], > idProperty: ['name'], > @@ -43,10 +56,6 @@ Ext.define('PVE.node.ACMEAccountCreate', { > type: 'proxmox', > url: '/api2/json/cluster/acme/directories', > }, > - sorters: { > - property: 'name', > - direction: 'ASC', > - }, > }, > listConfig: { > columns: [ > @@ -64,41 +73,93 @@ Ext.define('PVE.node.ACMEAccountCreate', { > }, > listeners: { > change: function(combogrid, value) { > - var me = this; > - if (!value) { > - return; > - } > + let me = this; > > - var disp = me.up('window').down('#tos_url_display'); > - var field = me.up('window').down('#tos_url'); > - var checkbox = me.up('window').down('#tos_checkbox'); > + let vm = me.up('window').getViewModel(); > + let dirField = me.up('window').lookupReference('directoryInput'); > + let tosButton = me.up('window').lookupReference('queryTos'); > > - disp.setValue(gettext('Loading')); > - field.setValue(undefined); > - checkbox.setValue(undefined); > - checkbox.setHidden(true); > + let isCustom = combogrid.getSelection().get('name') === gettext("Custom"); > + vm.set('customDirectory', isCustom); > > - Proxmox.Utils.API2Request({ > - url: '/cluster/acme/meta', > - method: 'GET', > - params: { > - directory: value, > + dirField.setValue(value); > + > + if (!isCustom) { > + tosButton.click(); > + } else { > + me.up('window').clearToSFields(); > + } > + }, > + }, > + }, > + { > + xtype: 'fieldcontainer', > + layout: 'hbox', > + fieldLabel: gettext('URL'), > + bind: { > + hidden: '{!customDirectory}', > + }, > + items: [ > + { > + xtype: 'proxmoxtextfield', > + name: 'directory', > + reference: 'directoryInput', > + flex: 1, > + allowBlank: false, > + listeners: { > + change: function(textbox, value) { > + let me = this; > + me.up('window').clearToSFields(); > }, > - success: function(response, opt) { > - if (response.result.data.termsOfService) { > - field.setValue(response.result.data.termsOfService); > - disp.setValue(response.result.data.termsOfService); > - checkbox.setHidden(false); > + }, > + }, > + { > + xtype: 'proxmoxButton', > + margin: '0 0 0 5', > + reference: 'queryTos', > + text: gettext('Query URL'), > + listeners: { > + click: function(button) { > + let me = this; > + > + let w = me.up('window'); > + let disp = w.down('#tos_url_display'); > + let field = w.down('#tos_url'); > + let checkbox = w.down('#tos_checkbox'); > + let value = w.lookupReference('directoryInput').getValue(); > + w.clearToSFields(); > + > + if (!value) { > + return; > } else { > - disp.setValue(undefined); > + disp.setValue(gettext("Loading")); > } > + > + Proxmox.Utils.API2Request({ > + url: '/cluster/acme/meta', > + method: 'GET', > + params: { > + directory: value, > + }, > + success: function(response, opt) { > + if (response.result.data.termsOfService) { > + field.setValue(response.result.data.termsOfService); > + disp.setValue(response.result.data.termsOfService); > + checkbox.setHidden(false); > + } else { > + checkbox.setValue(false); > + disp.setValue("No terms of service agreement required"); > + } > + }, > + failure: function(response, opt) { > + disp.setValue(undefined); > + Ext.Msg.alert(gettext('Error'), response.htmlStatus); > + }, > + }); > }, > - failure: function(response, opt) { > - Ext.Msg.alert(gettext('Error'), response.htmlStatus); > - }, > - }); > + }, > }, > - }, > + ], > }, > { > xtype: 'displayfield', > @@ -125,6 +186,19 @@ Ext.define('PVE.node.ACMEAccountCreate', { > }, > ], > > + clearToSFields: function() { > + let me = this; > + > + let disp = me.down('#tos_url_display'); > + let field = me.down('#tos_url'); > + let checkbox = me.down('#tos_checkbox'); > + > + disp.setValue("Terms of service not fetched yet"); > + field.setValue(undefined); > + checkbox.setValue(undefined); > + checkbox.setHidden(true); > + }, > + > }); > > Ext.define('PVE.node.ACMEAccountView', { Tested this patch series in a Debian 12 container with Pebble 2.4 installed via the Debian Bookworm repositories. The behavior of the combobox changed with this patch. The combobox now shows an `x` to clear it, but doesn't actually clear the selection. Instead it always sets it to `Custom`. Account creation worked like a charm using a custom directory and EAB (with the 2nd patch). Other than the combobox issue above, consider this and the 2nd patch: Tested-by: Mira Limbeck <m.limbeck@proxmox.com> _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel ^ permalink raw reply [flat|nested] 6+ messages in thread
* [pve-devel] [PATCH manager 2/2] webui: acme: add eab fields 2024-01-16 14:33 [pve-devel] [PATCH manager 0/2] fix #5093 add custom directory and eab to ui Folke Gleumes 2024-01-16 14:33 ` [pve-devel] [PATCH manager 1/2] fix #5093: webui: acme: custom directory option Folke Gleumes @ 2024-01-16 14:33 ` Folke Gleumes 2024-01-16 14:49 ` [pve-devel] [PATCH manager 0/2] fix #5093 add custom directory and eab to ui Folke Gleumes 2024-04-16 8:46 ` Folke Gleumes 3 siblings, 0 replies; 6+ messages in thread From: Folke Gleumes @ 2024-01-16 14:33 UTC (permalink / raw) To: pve-devel Adds fields for eab credentials. By default eab is optional, but if the directory should report that eab is required, the eab credential fields are marked as mandatory and prevent the form from being submittable until credentials are provided. Signed-off-by: Folke Gleumes <f.gleumes@proxmox.com> --- www/manager6/node/ACME.js | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/www/manager6/node/ACME.js b/www/manager6/node/ACME.js index 5b71778a..ab2f0211 100644 --- a/www/manager6/node/ACME.js +++ b/www/manager6/node/ACME.js @@ -16,6 +16,12 @@ Ext.define('PVE.node.ACMEAccountCreate', { viewModel: { data: { customDirectory: false, + eabRequired: false, + }, + formulas: { + eabEmptyText: function(get) { + return get('eabRequired') ? gettext("required") : gettext("optional"); + }, }, }, @@ -123,6 +129,7 @@ Ext.define('PVE.node.ACMEAccountCreate', { let me = this; let w = me.up('window'); + let vm = w.getViewModel(); let disp = w.down('#tos_url_display'); let field = w.down('#tos_url'); let checkbox = w.down('#tos_checkbox'); @@ -150,6 +157,7 @@ Ext.define('PVE.node.ACMEAccountCreate', { checkbox.setValue(false); disp.setValue("No terms of service agreement required"); } + vm.set('eabRequired', !!response.result.data.externalAccountRequired); }, failure: function(response, opt) { disp.setValue(undefined); @@ -184,6 +192,26 @@ Ext.define('PVE.node.ACMEAccountCreate', { return false; }, }, + { + xtype: 'proxmoxtextfield', + name: 'eab-kid', + fieldLabel: gettext('EAB Key ID'), + bind: { + hidden: '{!customDirectory}', + allowBlank: '{!eabRequired}', + emptyText: '{eabEmptyText}', + }, + }, + { + xtype: 'proxmoxtextfield', + name: 'eab-hmac-key', + fieldLabel: gettext('EAB Key'), + bind: { + hidden: '{!customDirectory}', + allowBlank: '{!eabRequired}', + emptyText: '{eabEmptyText}', + }, + }, ], clearToSFields: function() { -- 2.39.2 ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [pve-devel] [PATCH manager 0/2] fix #5093 add custom directory and eab to ui 2024-01-16 14:33 [pve-devel] [PATCH manager 0/2] fix #5093 add custom directory and eab to ui Folke Gleumes 2024-01-16 14:33 ` [pve-devel] [PATCH manager 1/2] fix #5093: webui: acme: custom directory option Folke Gleumes 2024-01-16 14:33 ` [pve-devel] [PATCH manager 2/2] webui: acme: add eab fields Folke Gleumes @ 2024-01-16 14:49 ` Folke Gleumes 2024-04-16 8:46 ` Folke Gleumes 3 siblings, 0 replies; 6+ messages in thread From: Folke Gleumes @ 2024-01-16 14:49 UTC (permalink / raw) To: pve-devel For testing, I have used pebble [0] in a separate lxc container. 1. Download and compile the project 2. Start pebble with the included eab config: pebble -c test/config/pebble-config-external-account-bindings.json 3. Import the certificates from the test/certs folder into the pve instance 4. Add the pebble to the /etc/hosts of your pve instance 5. Use https://pebble:14000/dir as the acme directory for testing, eab credentials can be found in the config used in step 2 [0] https://github.com/letsencrypt/pebble On Tue, 2024-01-16 at 15:33 +0100, Folke Gleumes wrote: > This patch series adds the option to set a custom directory for ACME > and > enables the user to use external account binding, which is required > by > some providers. > > Folke Gleumes (2): > fix #5093: webui: acme: custom directory option > webui: acme: add eab fields > > www/manager6/node/ACME.js | 168 ++++++++++++++++++++++++++++++------ > -- > 1 file changed, 135 insertions(+), 33 deletions(-) > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [pve-devel] [PATCH manager 0/2] fix #5093 add custom directory and eab to ui 2024-01-16 14:33 [pve-devel] [PATCH manager 0/2] fix #5093 add custom directory and eab to ui Folke Gleumes ` (2 preceding siblings ...) 2024-01-16 14:49 ` [pve-devel] [PATCH manager 0/2] fix #5093 add custom directory and eab to ui Folke Gleumes @ 2024-04-16 8:46 ` Folke Gleumes 3 siblings, 0 replies; 6+ messages in thread From: Folke Gleumes @ 2024-04-16 8:46 UTC (permalink / raw) To: pve-devel ping still applies cleanly and works On Tue, 2024-01-16 at 15:33 +0100, Folke Gleumes wrote: > This patch series adds the option to set a custom directory for ACME > and > enables the user to use external account binding, which is required > by > some providers. > > Folke Gleumes (2): > fix #5093: webui: acme: custom directory option > webui: acme: add eab fields > > www/manager6/node/ACME.js | 168 ++++++++++++++++++++++++++++++------ > -- > 1 file changed, 135 insertions(+), 33 deletions(-) > ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2024-04-17 14:34 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2024-01-16 14:33 [pve-devel] [PATCH manager 0/2] fix #5093 add custom directory and eab to ui Folke Gleumes 2024-01-16 14:33 ` [pve-devel] [PATCH manager 1/2] fix #5093: webui: acme: custom directory option Folke Gleumes 2024-04-17 14:34 ` Mira Limbeck 2024-01-16 14:33 ` [pve-devel] [PATCH manager 2/2] webui: acme: add eab fields Folke Gleumes 2024-01-16 14:49 ` [pve-devel] [PATCH manager 0/2] fix #5093 add custom directory and eab to ui Folke Gleumes 2024-04-16 8:46 ` Folke Gleumes
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox