From ff1770204c8b553b287b6f4214489e4c3394ce6d Mon Sep 17 00:00:00 2001
From: Jaap-Jan de Wit <jaap-jan@dodotech.dev>
Date: Sun, 23 Aug 2020 12:50:41 +0000
Subject: [PATCH] request via cloudflare dns working

---
 backend/internal/certificate.js             | 40 ++++++++++++++++++++-
 backend/schema/endpoints/certificates.json  |  6 ++++
 frontend/js/app/nginx/certificates/form.ejs |  4 +--
 frontend/js/app/nginx/certificates/form.js  |  9 ++++-
 4 files changed, 55 insertions(+), 4 deletions(-)

diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js
index 4f0caf3..1c71a45 100644
--- a/backend/internal/certificate.js
+++ b/backend/internal/certificate.js
@@ -146,7 +146,11 @@ const internalCertificate = {
 								.then(internalNginx.reload)
 								.then(() => {
 									// 4. Request cert
-									return internalCertificate.requestLetsEncryptSsl(certificate);
+									if (data.meta.cloudflare_use) {
+										return internalCertificate.requestLetsEncryptCloudFlareDnsSsl(certificate, data.meta.cloudflare_token);
+									} else {
+										return internalCertificate.requestLetsEncryptSsl(certificate);
+									}
 								})
 								.then(() => {
 									// 5. Remove LE config
@@ -748,6 +752,40 @@ const internalCertificate = {
 			});
 	},
 
+	/**
+	 * @param   {Object}  certificate   the certificate row
+	 * @param	{String} apiToken		the cloudflare api token
+	 * @returns {Promise}
+	 */
+	requestLetsEncryptCloudFlareDnsSsl: (certificate, apiToken) => {
+		logger.info('Requesting Let\'sEncrypt certificates via Cloudflare DNS for Cert #' + certificate.id + ': ' + certificate.domain_names.join(', '));
+
+		let tokenLoc = '~/cloudflare-token';
+		let storeKey = 'echo "dns_cloudflare_api_token = ' + apiToken + '" > ' + tokenLoc;	
+
+		let cmd = certbot_command + ' certonly --non-interactive ' +
+			'--cert-name "npm-' + certificate.id + '" ' +
+			'--agree-tos ' +
+			'--email "' + certificate.meta.letsencrypt_email + '" ' +			
+			'--domains "' + certificate.domain_names.join(',') + '" ' +
+			'--dns-cloudflare --dns-cloudflare-credentials ' + tokenLoc + ' ' +
+			(le_staging ? '--staging' : '');
+
+		if (debug_mode) {
+			logger.info('Command:', cmd);
+		}
+
+		return utils.exec(storeKey).then((result) => {
+			utils.exec(cmd).then((result) => {
+				utils.exec('rm ' + tokenLoc).then(result => {
+					logger.success(result);
+					return result;
+				});				
+			});
+		});
+	},
+
+
 	/**
 	 * @param   {Access}  access
 	 * @param   {Object}  data
diff --git a/backend/schema/endpoints/certificates.json b/backend/schema/endpoints/certificates.json
index d3294f8..27ea2d2 100644
--- a/backend/schema/endpoints/certificates.json
+++ b/backend/schema/endpoints/certificates.json
@@ -41,6 +41,12 @@
         },
         "letsencrypt_agree": {
           "type": "boolean"
+        },
+        "cloudflare_use": {
+          "type": "boolean"
+        },
+        "cloudflare_token": {
+          "type": "string"
         }
       }
     }
diff --git a/frontend/js/app/nginx/certificates/form.ejs b/frontend/js/app/nginx/certificates/form.ejs
index 98de260..2af4345 100644
--- a/frontend/js/app/nginx/certificates/form.ejs
+++ b/frontend/js/app/nginx/certificates/form.ejs
@@ -25,7 +25,7 @@
                     <div class="col-sm-12 col-md-12">
                         <div class="form-group">
                             <label class="custom-switch">
-                                <input type="checkbox" class="custom-switch-input" name="use_cloudflare" value="1">
+                                <input type="checkbox" class="custom-switch-input" name="meta[cloudflare_use]" value="1">
                                 <span class="custom-switch-indicator"></span>
                                 <span class="custom-switch-description"><%= i18n('ssl', 'use-cloudflare') %></span>
                             </label>
@@ -34,7 +34,7 @@
                     <div class="col-sm-12 col-md-12 cloudflare">
                         <div class="form-group">
                             <label class="form-label">CloudFlare DNS API Token  <span class="form-required">*</span></label>
-                            <input type="text" name="cloudflare_dns_api_token" class="form-control" id="input-domains" required>                            
+                            <input type="text" name="meta[cloudflare_token]" class="form-control" id="cloudflare_token" required>
                         </div>
                     </div>
 
diff --git a/frontend/js/app/nginx/certificates/form.js b/frontend/js/app/nginx/certificates/form.js
index bdb4f6c..7387202 100644
--- a/frontend/js/app/nginx/certificates/form.js
+++ b/frontend/js/app/nginx/certificates/form.js
@@ -21,7 +21,7 @@ module.exports = Mn.View.extend({
         other_certificate:              '#other_certificate',
         other_certificate_key:          '#other_certificate_key',
         other_intermediate_certificate: '#other_intermediate_certificate',
-        cloudflare_switch:              'input[name="use_cloudflare"]',
+        cloudflare_switch:              'input[name="meta[cloudflare_use]"]',
         cloudflare:                     '.cloudflare'
     },
 
@@ -50,6 +50,9 @@ module.exports = Mn.View.extend({
             if (typeof data.meta !== 'undefined' && typeof data.meta.letsencrypt_agree !== 'undefined') {
                 data.meta.letsencrypt_agree = !!data.meta.letsencrypt_agree;
             }
+            if (typeof data.meta !== 'undefined' && typeof data.meta.cloudflare_use !== 'undefined') {
+                data.meta.cloudflare_use = !!data.meta.cloudflare_use;
+            }
 
             if (typeof data.domain_names === 'string' && data.domain_names) {
                 data.domain_names = data.domain_names.split(',');
@@ -140,6 +143,10 @@ module.exports = Mn.View.extend({
 
         getLetsencryptAgree: function () {
             return typeof this.meta.letsencrypt_agree !== 'undefined' ? this.meta.letsencrypt_agree : false;
+        },
+
+        getCloudflareUse: function () {
+            return typeof this.meta.cloudflare_use !== 'undefined' ? this.meta.cloudflare_use : false;
         }
     },