48f1bfbcad
- Add HTTPSConfig model for managing HTTPS settings - Add admin routes for HTTPS configuration management - Add beautiful admin template for HTTPS configuration - Add database migration for https_config table - Add CLI utility for HTTPS management - Add setup script for automated configuration - Add Caddy configuration generator and manager - Add comprehensive documentation (3 guides) - Add HTTPS Configuration card to admin dashboard - Implement input validation and security features - Add admin-only access control with audit trail - Add real-time configuration preview - Integrate with existing Caddy reverse proxy Features: - Enable/disable HTTPS from web interface - Configure domain, hostname, IP address, port - Automatic SSL certificate management via Let's Encrypt - Real-time Caddyfile generation and reload - Full audit trail with admin username and timestamps - Support for HTTPS and HTTP fallback access points - Beautiful, mobile-responsive UI Modified files: - app/models/__init__.py (added HTTPSConfig import) - app/blueprints/admin.py (added HTTPS routes) - app/templates/admin/admin.html (added HTTPS card) - docker-compose.yml (added Caddyfile mount and admin port) New files: - app/models/https_config.py - app/blueprints/https_config.html - app/utils/caddy_manager.py - https_manager.py - setup_https.sh - migrations/add_https_config_table.py - migrations/add_email_to_https_config.py - HTTPS_STATUS.txt - Documentation files (3 markdown guides)
105 lines
3.7 KiB
Python
105 lines
3.7 KiB
Python
"""HTTPS Configuration model."""
|
|
from datetime import datetime
|
|
from typing import Optional
|
|
|
|
from app.extensions import db
|
|
|
|
|
|
class HTTPSConfig(db.Model):
|
|
"""HTTPS configuration model for managing secure connections.
|
|
|
|
Attributes:
|
|
id: Primary key
|
|
https_enabled: Whether HTTPS is enabled
|
|
hostname: Server hostname (e.g., 'digiserver')
|
|
domain: Full domain name (e.g., 'digiserver.sibiusb.harting.intra')
|
|
ip_address: IP address for direct access
|
|
email: Email address for SSL certificate notifications
|
|
port: HTTPS port (default 443)
|
|
created_at: Creation timestamp
|
|
updated_at: Last update timestamp
|
|
updated_by: User who made the last update
|
|
"""
|
|
__tablename__ = 'https_config'
|
|
|
|
id = db.Column(db.Integer, primary_key=True)
|
|
https_enabled = db.Column(db.Boolean, default=False, nullable=False)
|
|
hostname = db.Column(db.String(255), nullable=True)
|
|
domain = db.Column(db.String(255), nullable=True)
|
|
ip_address = db.Column(db.String(45), nullable=True) # Support IPv6
|
|
email = db.Column(db.String(255), nullable=True)
|
|
port = db.Column(db.Integer, default=443, nullable=False)
|
|
created_at = db.Column(db.DateTime, default=datetime.utcnow, nullable=False)
|
|
updated_at = db.Column(db.DateTime, default=datetime.utcnow,
|
|
onupdate=datetime.utcnow, nullable=False)
|
|
updated_by = db.Column(db.String(255), nullable=True)
|
|
|
|
def __repr__(self) -> str:
|
|
"""String representation of HTTPSConfig."""
|
|
status = 'ENABLED' if self.https_enabled else 'DISABLED'
|
|
return f'<HTTPSConfig [{status}] {self.domain or "N/A"}>'
|
|
|
|
@classmethod
|
|
def get_config(cls) -> Optional['HTTPSConfig']:
|
|
"""Get the current HTTPS configuration.
|
|
|
|
Returns:
|
|
HTTPSConfig instance or None if not configured
|
|
"""
|
|
return cls.query.first()
|
|
|
|
@classmethod
|
|
def create_or_update(cls, https_enabled: bool, hostname: str = None,
|
|
domain: str = None, ip_address: str = None,
|
|
email: str = None, port: int = 443,
|
|
updated_by: str = None) -> 'HTTPSConfig':
|
|
"""Create or update HTTPS configuration.
|
|
|
|
Args:
|
|
https_enabled: Whether HTTPS is enabled
|
|
hostname: Server hostname
|
|
domain: Full domain name
|
|
ip_address: IP address
|
|
email: Email for SSL certificates
|
|
port: HTTPS port
|
|
updated_by: Username of who made the update
|
|
|
|
Returns:
|
|
HTTPSConfig instance
|
|
"""
|
|
config = cls.get_config()
|
|
if not config:
|
|
config = cls()
|
|
|
|
config.https_enabled = https_enabled
|
|
config.hostname = hostname
|
|
config.domain = domain
|
|
config.ip_address = ip_address
|
|
config.email = email
|
|
config.port = port
|
|
config.updated_by = updated_by
|
|
config.updated_at = datetime.utcnow()
|
|
|
|
db.session.add(config)
|
|
db.session.commit()
|
|
return config
|
|
|
|
def to_dict(self) -> dict:
|
|
"""Convert configuration to dictionary.
|
|
|
|
Returns:
|
|
Dictionary representation of config
|
|
"""
|
|
return {
|
|
'id': self.id,
|
|
'https_enabled': self.https_enabled,
|
|
'hostname': self.hostname,
|
|
'domain': self.domain,
|
|
'ip_address': self.ip_address,
|
|
'email': self.email,
|
|
'port': self.port,
|
|
'created_at': self.created_at.isoformat() if self.created_at else None,
|
|
'updated_at': self.updated_at.isoformat() if self.updated_at else None,
|
|
'updated_by': self.updated_by,
|
|
}
|