48f1bfbcad
- Add HTTPSConfig model for managing HTTPS settings - Add admin routes for HTTPS configuration management - Add beautiful admin template for HTTPS configuration - Add database migration for https_config table - Add CLI utility for HTTPS management - Add setup script for automated configuration - Add Caddy configuration generator and manager - Add comprehensive documentation (3 guides) - Add HTTPS Configuration card to admin dashboard - Implement input validation and security features - Add admin-only access control with audit trail - Add real-time configuration preview - Integrate with existing Caddy reverse proxy Features: - Enable/disable HTTPS from web interface - Configure domain, hostname, IP address, port - Automatic SSL certificate management via Let's Encrypt - Real-time Caddyfile generation and reload - Full audit trail with admin username and timestamps - Support for HTTPS and HTTP fallback access points - Beautiful, mobile-responsive UI Modified files: - app/models/__init__.py (added HTTPSConfig import) - app/blueprints/admin.py (added HTTPS routes) - app/templates/admin/admin.html (added HTTPS card) - docker-compose.yml (added Caddyfile mount and admin port) New files: - app/models/https_config.py - app/blueprints/https_config.html - app/utils/caddy_manager.py - https_manager.py - setup_https.sh - migrations/add_https_config_table.py - migrations/add_email_to_https_config.py - HTTPS_STATUS.txt - Documentation files (3 markdown guides)
158 lines
5.1 KiB
Python
158 lines
5.1 KiB
Python
"""Utility script for managing HTTPS configuration from command line."""
|
|
import sys
|
|
import os
|
|
sys.path.insert(0, '/app')
|
|
|
|
from app.app import create_app
|
|
from app.models.https_config import HTTPSConfig
|
|
|
|
def show_help():
|
|
"""Display help information."""
|
|
print("""
|
|
HTTPS Configuration Management Utility
|
|
======================================
|
|
|
|
Usage:
|
|
python https_manager.py <command> [arguments]
|
|
|
|
Commands:
|
|
status Show current HTTPS configuration status
|
|
enable <hostname> <domain> <email> <ip> [port]
|
|
Enable HTTPS with specified settings
|
|
disable Disable HTTPS
|
|
show Show detailed configuration
|
|
|
|
Examples:
|
|
# Show current status
|
|
python https_manager.py status
|
|
|
|
# Enable HTTPS
|
|
python https_manager.py enable digiserver digiserver.sibiusb.harting.intra admin@example.com 10.76.152.164 443
|
|
|
|
# Disable HTTPS
|
|
python https_manager.py disable
|
|
|
|
# Show detailed config
|
|
python https_manager.py show
|
|
""")
|
|
|
|
def show_status():
|
|
"""Show current HTTPS status."""
|
|
app = create_app()
|
|
with app.app_context():
|
|
config = HTTPSConfig.get_config()
|
|
if config:
|
|
print("\n" + "=" * 50)
|
|
print("HTTPS Configuration Status")
|
|
print("=" * 50)
|
|
print(f"Status: {'✅ ENABLED' if config.https_enabled else '⚠️ DISABLED'}")
|
|
print(f"Hostname: {config.hostname or 'N/A'}")
|
|
print(f"Domain: {config.domain or 'N/A'}")
|
|
print(f"IP Address: {config.ip_address or 'N/A'}")
|
|
print(f"Port: {config.port}")
|
|
print(f"Updated: {config.updated_at.strftime('%Y-%m-%d %H:%M:%S')} by {config.updated_by or 'N/A'}")
|
|
if config.https_enabled:
|
|
print(f"\nAccess URL: https://{config.domain}")
|
|
print(f"Fallback: http://{config.ip_address}")
|
|
print("=" * 50 + "\n")
|
|
else:
|
|
print("\n⚠️ No HTTPS configuration found. Use 'enable' command to create one.\n")
|
|
|
|
def enable_https(hostname: str, domain: str, ip_address: str, email: str, port: str = '443'):
|
|
"""Enable HTTPS with specified settings."""
|
|
app = create_app()
|
|
with app.app_context():
|
|
try:
|
|
port_num = int(port)
|
|
config = HTTPSConfig.create_or_update(
|
|
https_enabled=True,
|
|
hostname=hostname,
|
|
domain=domain,
|
|
ip_address=ip_address,
|
|
email=email,
|
|
port=port_num,
|
|
updated_by='cli_admin'
|
|
)
|
|
print("\n" + "=" * 50)
|
|
print("✅ HTTPS Configuration Updated")
|
|
print("=" * 50)
|
|
print(f"Hostname: {hostname}")
|
|
print(f"Domain: {domain}")
|
|
print(f"Email: {email}")
|
|
print(f"IP Address: {ip_address}")
|
|
print(f"Port: {port_num}")
|
|
print(f"\nAccess URL: https://{domain}")
|
|
print(f"Fallback: http://{ip_address}")
|
|
print("=" * 50 + "\n")
|
|
except Exception as e:
|
|
print(f"\n❌ Error: {str(e)}\n")
|
|
sys.exit(1)
|
|
|
|
def disable_https():
|
|
"""Disable HTTPS."""
|
|
app = create_app()
|
|
with app.app_context():
|
|
try:
|
|
config = HTTPSConfig.create_or_update(
|
|
https_enabled=False,
|
|
updated_by='cli_admin'
|
|
)
|
|
print("\n" + "=" * 50)
|
|
print("⚠️ HTTPS Disabled")
|
|
print("=" * 50)
|
|
print("The application is now running on HTTP only (port 80)")
|
|
print("=" * 50 + "\n")
|
|
except Exception as e:
|
|
print(f"\n❌ Error: {str(e)}\n")
|
|
sys.exit(1)
|
|
|
|
def show_config():
|
|
"""Show detailed configuration."""
|
|
app = create_app()
|
|
with app.app_context():
|
|
config = HTTPSConfig.get_config()
|
|
if config:
|
|
print("\n" + "=" * 50)
|
|
print("Detailed HTTPS Configuration")
|
|
print("=" * 50)
|
|
for key, value in config.to_dict().items():
|
|
print(f"{key:.<30} {value}")
|
|
print("=" * 50 + "\n")
|
|
else:
|
|
print("\n⚠️ No HTTPS configuration found.\n")
|
|
|
|
def main():
|
|
"""Main entry point."""
|
|
if len(sys.argv) < 2:
|
|
show_help()
|
|
sys.exit(1)
|
|
|
|
command = sys.argv[1].lower()
|
|
|
|
if command == 'status':
|
|
show_status()
|
|
elif command == 'enable':
|
|
if len(sys.argv) < 6:
|
|
print("\nError: 'enable' requires: hostname domain email ip_address [port]\n")
|
|
show_help()
|
|
sys.exit(1)
|
|
hostname = sys.argv[2]
|
|
domain = sys.argv[3]
|
|
email = sys.argv[4]
|
|
ip_address = sys.argv[5]
|
|
port = sys.argv[6] if len(sys.argv) > 6 else '443'
|
|
enable_https(hostname, domain, ip_address, email, port)
|
|
elif command == 'disable':
|
|
disable_https()
|
|
elif command == 'show':
|
|
show_config()
|
|
elif command in ['help', '-h', '--help']:
|
|
show_help()
|
|
else:
|
|
print(f"\nUnknown command: {command}\n")
|
|
show_help()
|
|
sys.exit(1)
|
|
|
|
if __name__ == '__main__':
|
|
main()
|