Allow s3 backend to accept self-signed certs

Fixes #316

src/routes/settings.js

@@ -275,6 +275,7 @@ function setBackupConfig(req, res, next) {
     if (typeof req.body.retentionSecs !== 'number') return next(new HttpError(400, 'retentionSecs is required'));
     if ('key' in req.body && typeof req.body.key !== 'string') return next(new HttpError(400, 'key must be a string'));
     if (typeof req.body.format !== 'string') return next(new HttpError(400, 'format must be a string'));
+    if ('acceptSelfSignedCerts' in req.body && typeof req.body.acceptSelfSignedCerts !== 'boolean') return next(new HttpError(400, 'format must be a boolean'));
 
     settings.setBackupConfig(req.body, function (error) {
         if (error && error.reason === SettingsError.BAD_FIELD) return next(new HttpError(400, error.message));

src/storage/s3.js

@@ -22,11 +22,12 @@ var assert = require('assert'),
     async = require('async'),
     AWS = require('aws-sdk'),
     BackupsError = require('../backups.js').BackupsError,
+    chunk = require('lodash.chunk'),
     config = require('../config.js'),
     debug = require('debug')('box:storage/s3'),
     EventEmitter = require('events'),
     fs = require('fs'),
-    chunk = require('lodash.chunk'),
+    https = require('https'),
     mkdirp = require('mkdirp'),
     PassThrough = require('stream').PassThrough,
     path = require('path'),
@@ -98,6 +99,11 @@ function getBackupCredentials(apiConfig, callback) {
 
     if (apiConfig.endpoint) credentials.endpoint = apiConfig.endpoint;
 
+    if (apiConfig.acceptSelfSignedCerts === true) {
+        credentials.httpOptions =  {
+            agent: new https.Agent({ rejectUnauthorized: false })
+        };
+    }
     callback(null, credentials);
 }
 

webadmin/src/views/settings.html

@@ -152,6 +152,14 @@
                             <input type="text" class="form-control" ng-model="configureBackup.endpoint" id="inputConfigureBackupEndpoint" name="endpoint" ng-disabled="configureBackup.busy" placeholder="URL of Minio/S3 Compatible" ng-required="configureBackup.provider === 'minio' || configureBackup.provider === 's3-v4-compat'">
                         </div>
 
+                        <div class="checkbox" ng-show="configureBackup.provider === 'minio' || configureBackup.provider === 's3-v4-compat'" >
+                            <label>
+                                <input type="checkbox" ng-model="configureBackup.acceptSelfSignedCerts" id="inputConfigureBackupSelfSigned">
+                                    Accept Self-signed certificate
+                                </input>
+                            </label>
+                        </div>
+
                         <div class="form-group" ng-class="{ 'has-error': configureBackup.error.bucket }" ng-show="s3like(configureBackup.provider)">
                             <label class="control-label" for="inputConfigureBackupBucket">Bucket name</label>
                             <input type="text" class="form-control" ng-model="configureBackup.bucket" id="inputConfigureBackupBucket" name="bucket" ng-disabled="configureBackup.busy" ng-required="s3like(configureBackup.provider)">

webadmin/src/views/settings.js

@@ -327,6 +327,7 @@ angular.module('Application').controller('SettingsController', ['$scope', '$loca
         endpoint: '',
         backupFolder: '',
         retentionSecs: -1,
+        acceptSelfSignedCerts: false,
         format: 'tgz',
 
         clearForm: function () {
@@ -339,6 +340,7 @@ angular.module('Application').controller('SettingsController', ['$scope', '$loca
             $scope.configureBackup.backupFolder = '';
             $scope.configureBackup.retentionSecs = -1;
             $scope.configureBackup.format = 'tgz';
+            $scope.configureBackup.acceptSelfSignedCerts = false;
         },
 
         show: function () {
@@ -356,6 +358,7 @@ angular.module('Application').controller('SettingsController', ['$scope', '$loca
             $scope.configureBackup.backupFolder = $scope.backupConfig.backupFolder;
             $scope.configureBackup.retentionSecs = $scope.backupConfig.retentionSecs;
             $scope.configureBackup.format = $scope.backupConfig.format;
+            $scope.configureBackup.acceptSelfSignedCerts = !!$scope.backupConfig.acceptSelfSignedCerts;
 
             $('#configureBackupModal').modal('show');
         },
@@ -384,6 +387,7 @@ angular.module('Application').controller('SettingsController', ['$scope', '$loca
                     if ($scope.configureBackup.region) backupConfig.region = $scope.configureBackup.region;
                 } else if (backupConfig.provider === 'minio' || backupConfig.provider === 's3-v4-compat') {
                     backupConfig.region = 'us-east-1';
+                    backupConfig.acceptSelfSignedCerts = $scope.configureBackup.acceptSelfSignedCerts;
                 } else if (backupConfig.provider === 'exoscale-sos') {
                     backupConfig.endpoint = 'https://sos.exo.io';
                     backupConfig.region = 'us-east-1';