diff --git a/src/routes/domains.js b/src/routes/domains.js index daa091e06..d3f128d45 100644 --- a/src/routes/domains.js +++ b/src/routes/domains.js @@ -26,8 +26,10 @@ function add(req, res, next) { if ('fallbackCertificate' in req.body && typeof req.body.fallbackCertificate !== 'object') return next(new HttpError(400, 'fallbackCertificate must be a object with cert and key strings')); if (req.body.fallbackCertificate && (!req.body.cert || typeof req.body.cert !== 'string')) return next(new HttpError(400, 'fallbackCertificate.cert must be a string')); if (req.body.fallbackCertificate && (!req.body.key || typeof req.body.key !== 'string')) return next(new HttpError(400, 'fallbackCertificate.key must be a string')); + if ('tlsConfig' in req.body && typeof req.body.tlsConfig !== 'object') return next(new HttpError(400, 'tlsConfig must be a object with a provider string property')); + if (req.body.tlsConfig && (!req.body.tlsConfig.provider || typeof req.body.tlsConfig.provider !== 'string')) return next(new HttpError(400, 'tlsConfig.provider must be a string')); - domains.add(req.body.domain, req.body.zoneName || '', req.body.provider, req.body.config, req.body.fallbackCertificate || null, function (error) { + domains.add(req.body.domain, req.body.zoneName || '', req.body.provider, req.body.config, req.body.fallbackCertificate || null, req.body.tlsConfig || { provider: 'letsencrypt-prod' }, function (error) { if (error && error.reason === DomainError.ALREADY_EXISTS) return next(new HttpError(409, error.message)); if (error && error.reason === DomainError.BAD_FIELD) return next(new HttpError(400, error.message)); if (error && error.reason === DomainError.INVALID_PROVIDER) return next(new HttpError(400, error.message)); @@ -65,8 +67,10 @@ function update(req, res, next) { if ('fallbackCertificate' in req.body && typeof req.body.fallbackCertificate !== 'object') return next(new HttpError(400, 'fallbackCertificate must be a object with cert and key strings')); if (req.body.fallbackCertificate && (!req.body.fallbackCertificate.cert || typeof req.body.fallbackCertificate.cert !== 'string')) return next(new HttpError(400, 'fallbackCertificate.cert must be a string')); if (req.body.fallbackCertificate && (!req.body.fallbackCertificate.key || typeof req.body.fallbackCertificate.key !== 'string')) return next(new HttpError(400, 'fallbackCertificate.key must be a string')); + if ('tlsConfig' in req.body && typeof req.body.tlsConfig !== 'object') return next(new HttpError(400, 'tlsConfig must be a object with a provider string property')); + if (req.body.tlsConfig && (!req.body.tlsConfig.provider || typeof req.body.tlsConfig.provider !== 'string')) return next(new HttpError(400, 'tlsConfig.provider must be a string')); - domains.update(req.params.domain, req.body.provider, req.body.config, req.body.fallbackCertificate || null, function (error) { + domains.update(req.params.domain, req.body.provider, req.body.config, req.body.fallbackCertificate || null, req.body.tlsConfig || { provider: 'letsencrypt-prod' }, function (error) { if (error && error.reason === DomainError.NOT_FOUND) return next(new HttpError(404, error.message)); if (error && error.reason === DomainError.BAD_FIELD) return next(new HttpError(400, error.message)); if (error && error.reason === DomainError.INVALID_PROVIDER) return next(new HttpError(400, error.message)); diff --git a/src/routes/setup.js b/src/routes/setup.js index b8d9aac5b..51bfa5c48 100644 --- a/src/routes/setup.js +++ b/src/routes/setup.js @@ -72,7 +72,10 @@ function dnsSetup(req, res, next) { if ('zoneName' in req.body && typeof req.body.zoneName !== 'string') return next(new HttpError(400, 'zoneName must be a string')); if (!req.body.config || typeof req.body.config !== 'object') return next(new HttpError(400, 'config must be an object')); - setup.dnsSetup(req.body.adminFqdn.toLowerCase(), req.body.domain.toLowerCase(), req.body.zoneName || '', req.body.provider, req.body.config, function (error) { + if ('tlsConfig' in req.body && typeof req.body.tlsConfig !== 'object') return next(new HttpError(400, 'tlsConfig must be an object')); + if (req.body.tlsConfig && (!req.body.tlsConfig.provider || typeof req.body.tlsConfig.provider !== 'string')) return next(new HttpError(400, 'tlsConfig.provider must be a string')); + + setup.dnsSetup(req.body.adminFqdn.toLowerCase(), req.body.domain.toLowerCase(), req.body.zoneName || '', req.body.provider, req.body.config, req.body.tlsConfig || { provider: 'letsencrypt-prod' }, function (error) { if (error && error.reason === SetupError.ALREADY_SETUP) return next(new HttpError(409, error.message)); if (error && error.reason === SetupError.BAD_FIELD) return next(new HttpError(400, error.message)); if (error) return next(new HttpError(500, error)); diff --git a/src/setup.js b/src/setup.js index c2717c3fd..c92881160 100644 --- a/src/setup.js +++ b/src/setup.js @@ -174,12 +174,13 @@ function configureWebadmin(callback) { }); } -function dnsSetup(adminFqdn, domain, zoneName, provider, dnsConfig, callback) { +function dnsSetup(adminFqdn, domain, zoneName, provider, dnsConfig, tlsConfig, callback) { assert.strictEqual(typeof adminFqdn, 'string'); assert.strictEqual(typeof domain, 'string'); assert.strictEqual(typeof zoneName, 'string'); assert.strictEqual(typeof provider, 'string'); assert.strictEqual(typeof dnsConfig, 'object'); + assert.strictEqual(typeof tlsConfig, 'object'); assert.strictEqual(typeof callback, 'function'); if (config.adminDomain()) return callback(new SetupError(SetupError.ALREADY_SETUP)); @@ -210,11 +211,11 @@ function dnsSetup(adminFqdn, domain, zoneName, provider, dnsConfig, callback) { if (!result) { async.series([ - domains.add.bind(null, domain, zoneName, provider, dnsConfig, null /* cert */), + domains.add.bind(null, domain, zoneName, provider, dnsConfig, null /* cert */, tlsConfig), mail.add.bind(null, domain) ], done); } else { - domains.update(domain, provider, dnsConfig, null /* cert */, done); + domains.update(domain, provider, dnsConfig, null /* cert */, tlsConfig, done); } }); }