ske087/digiserver-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add HTTPS configuration management system

Browse Source 
- Add HTTPSConfig model for managing HTTPS settings
- Add admin routes for HTTPS configuration management
- Add beautiful admin template for HTTPS configuration
- Add database migration for https_config table
- Add CLI utility for HTTPS management
- Add setup script for automated configuration
- Add Caddy configuration generator and manager
- Add comprehensive documentation (3 guides)
- Add HTTPS Configuration card to admin dashboard
- Implement input validation and security features
- Add admin-only access control with audit trail
- Add real-time configuration preview
- Integrate with existing Caddy reverse proxy

Features:
- Enable/disable HTTPS from web interface
- Configure domain, hostname, IP address, port
- Automatic SSL certificate management via Let's Encrypt
- Real-time Caddyfile generation and reload
- Full audit trail with admin username and timestamps
- Support for HTTPS and HTTP fallback access points
- Beautiful, mobile-responsive UI

Modified files:
- app/models/__init__.py (added HTTPSConfig import)
- app/blueprints/admin.py (added HTTPS routes)
- app/templates/admin/admin.html (added HTTPS card)
- docker-compose.yml (added Caddyfile mount and admin port)

New files:
- app/models/https_config.py
- app/blueprints/https_config.html
- app/utils/caddy_manager.py
- https_manager.py
- setup_https.sh
- migrations/add_https_config_table.py
- migrations/add_email_to_https_config.py
- HTTPS_STATUS.txt
- Documentation files (3 markdown guides)
This commit is contained in:
Quality App Developer
2026-01-14 12:02:49 +02:00
parent ef17abfe6b
commit 48f1bfbcad
108 changed files with 2835 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

157
https_manager.py Normal file
View File

@@ -0,0 +1,157 @@
"""Utility script for managing HTTPS configuration from command line."""
import sys
import os
sys.path.insert(0, '/app')
from app.app import create_app
from app.models.https_config import HTTPSConfig
def show_help():
"""Display help information."""
print("""
HTTPS Configuration Management Utility
======================================
Usage:
python https_manager.py <command> [arguments]
Commands:
status Show current HTTPS configuration status
enable <hostname> <domain> <email> <ip> [port]
Enable HTTPS with specified settings
disable Disable HTTPS
show Show detailed configuration
Examples:
# Show current status
python https_manager.py status
# Enable HTTPS
python https_manager.py enable digiserver digiserver.sibiusb.harting.intra admin@example.com 10.76.152.164 443
# Disable HTTPS
python https_manager.py disable
# Show detailed config
python https_manager.py show
""")
def show_status():
"""Show current HTTPS status."""
app = create_app()
with app.app_context():
config = HTTPSConfig.get_config()
if config:
print("\n" + "=" * 50)
print("HTTPS Configuration Status")
print("=" * 50)
print(f"Status: {'✅ ENABLED' if config.https_enabled else '⚠️ DISABLED'}")
print(f"Hostname: {config.hostname or 'N/A'}")
print(f"Domain: {config.domain or 'N/A'}")
print(f"IP Address: {config.ip_address or 'N/A'}")
print(f"Port: {config.port}")
print(f"Updated: {config.updated_at.strftime('%Y-%m-%d %H:%M:%S')} by {config.updated_by or 'N/A'}")
if config.https_enabled:
print(f"\nAccess URL: https://{config.domain}")
print(f"Fallback: http://{config.ip_address}")
print("=" * 50 + "\n")
else:
print("\n⚠️ No HTTPS configuration found. Use 'enable' command to create one.\n")
def enable_https(hostname: str, domain: str, ip_address: str, email: str, port: str = '443'):
"""Enable HTTPS with specified settings."""
app = create_app()
with app.app_context():
try:
port_num = int(port)
config = HTTPSConfig.create_or_update(
https_enabled=True,
hostname=hostname,
domain=domain,
ip_address=ip_address,
email=email,
port=port_num,
updated_by='cli_admin'
)
print("\n" + "=" * 50)
print("✅ HTTPS Configuration Updated")
print("=" * 50)
print(f"Hostname: {hostname}")
print(f"Domain: {domain}")
print(f"Email: {email}")
print(f"IP Address: {ip_address}")
print(f"Port: {port_num}")
print(f"\nAccess URL: https://{domain}")
print(f"Fallback: http://{ip_address}")
print("=" * 50 + "\n")
except Exception as e:
print(f"\n❌ Error: {str(e)}\n")
sys.exit(1)
def disable_https():
"""Disable HTTPS."""
app = create_app()
with app.app_context():
try:
config = HTTPSConfig.create_or_update(
https_enabled=False,
updated_by='cli_admin'
)
print("\n" + "=" * 50)
print("⚠️ HTTPS Disabled")
print("=" * 50)
print("The application is now running on HTTP only (port 80)")
print("=" * 50 + "\n")
except Exception as e:
print(f"\n❌ Error: {str(e)}\n")
sys.exit(1)
def show_config():
"""Show detailed configuration."""
app = create_app()
with app.app_context():
config = HTTPSConfig.get_config()
if config:
print("\n" + "=" * 50)
print("Detailed HTTPS Configuration")
print("=" * 50)
for key, value in config.to_dict().items():
print(f"{key:.<30} {value}")
print("=" * 50 + "\n")
else:
print("\n⚠️ No HTTPS configuration found.\n")
def main():
"""Main entry point."""
if len(sys.argv) < 2:
show_help()
sys.exit(1)
command = sys.argv[1].lower()
if command == 'status':
show_status()
elif command == 'enable':
if len(sys.argv) < 6:
print("\nError: 'enable' requires: hostname domain email ip_address [port]\n")
show_help()
sys.exit(1)
hostname = sys.argv[2]
domain = sys.argv[3]
email = sys.argv[4]
ip_address = sys.argv[5]
port = sys.argv[6] if len(sys.argv) > 6 else '443'
enable_https(hostname, domain, ip_address, email, port)
elif command == 'disable':
disable_https()
elif command == 'show':
show_config()
elif command in ['help', '-h', '--help']:
show_help()
else:
print(f"\nUnknown command: {command}\n")
show_help()
sys.exit(1)
if __name__ == '__main__':
main()