Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
packages/net/acme/files/acme-cbi.lua
Toke Høiland-Jørgensen 34ed7a9f2c acme: Support running in webroot mode, detect other daemons on port 80 
For configurations where another web server is running on port 80, running
acme.sh in standalone mode fails. Try to detect this and refuse to run; and
allow the user to configure a webroot directory to use the running webserver for
certificate verification.

This also updates acme.sh to the latest version.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2017-04-26 16:32:24 +02:00

72 lines
3 KiB
Lua
Raw Blame History

--[[
LuCI - Lua Configuration Interface
Copyright 2016 Toke Høiland-Jørgensen <toke@toke.dk>
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 3 of the License, or (at your option) any later
# version.
]]--
m = Map("acme", translate("ACME certificates"),
translate("This configures ACME (Letsencrypt) automatic certificate installation. " ..
"Simply fill out this to have the router configured with Letsencrypt-issued " ..
"certificates for the web interface. " ..
"Note that the domain names in the certificate must already be configured to " ..
"point at the router's public IP address. " ..
"Once configured, issuing certificates can take a while. " ..
"Check the logs for progress and any errors."))
s = m:section(TypedSection, "acme", translate("ACME global config"))
s.anonymous = true
st = s:option(Value, "state_dir", translate("State directory"),
translate("Where certs and other state files are kept."))
st.rmempty = false
st.datatype = "directory"
ae = s:option(Value, "account_email", translate("Account email"),
translate("Email address to associate with account key."))
ae.rmempty = false
ae.datatype = "minlength(1)"
d = s:option(Flag, "debug", translate("Enable debug logging"))
d.rmempty = false
cs = m:section(TypedSection, "cert", translate("Certificate config"))
cs.anonymous = false
cs.addremove = true
e = cs:option(Flag, "enabled", translate("Enabled"))
e.rmempty = false
us = cs:option(Flag, "use_staging", translate("Use staging server"),
translate("Get certificate from the Letsencrypt staging server " ..
"(use for testing; the certificate won't be valid)."))
us.rmempty = false
kl = cs:option(Value, "keylength", translate("Key length"),
translate("Number of bits (minimum 2048)."))
kl.rmempty = false
kl.datatype = "and(uinteger,min(2048))"
u = cs:option(Flag, "update_uhttpd", translate("Use for uhttpd"),
translate("Update the uhttpd config with this certificate once issued " ..
"(only select this for one certificate)."))
u.rmempty = false
wr = cs:option(Value, "webroot", translate("Webroot directory"),
translate("Webserver root directory. Set this to the webserver " ..
"document root to run Acme in webroot mode. The web " ..
"server must be accessible from the internet on port 80."))
wr.rmempty = false
dom = cs:option(DynamicList, "domains", translate("Domain names"),
translate("Domain names to include in the certificate. " ..
"The first name will be the subject name, subsequent names will be alt names. " ..
"Note that all domain names must point at the router in the global DNS."))
dom.datatype = "list(string)"
return m
Reference in a new issue View git blame Copy permalink