refactor(cert): introducing new management page

1. User can now view the latest renew logs of the certain certificate.

2. Add manually renew button in certificate modify page for managed certificate (auto cert)

Author: 0xJacky

api/certificate/certificate.go

@@ -3,48 +3,31 @@ package certificate
 import (
 	"github.com/0xJacky/Nginx-UI/api"
 	"github.com/0xJacky/Nginx-UI/api/cosy"
-	"github.com/0xJacky/Nginx-UI/api/sites"
 	"github.com/0xJacky/Nginx-UI/internal/cert"
 	"github.com/0xJacky/Nginx-UI/model"
+	"github.com/0xJacky/Nginx-UI/query"
 	"github.com/gin-gonic/gin"
 	"github.com/spf13/cast"
 	"net/http"
 	"os"
-	"path/filepath"
 )
 
-func GetCertList(c *gin.Context) {
-	cosy.Core[model.Cert](c).SetFussy("name", "domain").PagingList()
+type APICertificate struct {
+	*model.Cert
+	SSLCertificate    string     `json:"ssl_certificate,omitempty"`
+	SSLCertificateKey string     `json:"ssl_certificate_key,omitempty"`
+	CertificateInfo   *cert.Info `json:"certificate_info,omitempty"`
 }
 
-func getCert(c *gin.Context, certModel *model.Cert) {
-	type resp struct {
-		*model.Cert
-		SSLCertificate    string                 `json:"ssl_certificate"`
-		SSLCertificateKey string                 `json:"ssl_certificate_key"`
-		CertificateInfo   *sites.CertificateInfo `json:"certificate_info,omitempty"`
-	}
-
+func Transformer(certModel *model.Cert) (certificate *APICertificate) {
 	var sslCertificationBytes, sslCertificationKeyBytes []byte
-	var certificateInfo *sites.CertificateInfo
+	var certificateInfo *cert.Info
 	if certModel.SSLCertificatePath != "" {
 		if _, err := os.Stat(certModel.SSLCertificatePath); err == nil {
 			sslCertificationBytes, _ = os.ReadFile(certModel.SSLCertificatePath)
 		}
 
-		pubKey, err := cert.GetCertInfo(certModel.SSLCertificatePath)
-
-		if err != nil {
-			api.ErrHandler(c, err)
-			return
-		}
-
-		certificateInfo = &sites.CertificateInfo{
-			SubjectName: pubKey.Subject.CommonName,
-			IssuerName:  pubKey.Issuer.CommonName,
-			NotAfter:    pubKey.NotAfter,
-			NotBefore:   pubKey.NotBefore,
-		}
+		certificateInfo, _ = cert.GetCertInfo(certModel.SSLCertificatePath)
 	}
 
 	if certModel.SSLCertificateKeyPath != "" {
@@ -53,32 +36,48 @@ func getCert(c *gin.Context, certModel *model.Cert) {
 		}
 	}
 
-	c.JSON(http.StatusOK, resp{
-		certModel,
-		string(sslCertificationBytes),
-		string(sslCertificationKeyBytes),
-		certificateInfo,
-	})
+	return &APICertificate{
+		Cert:              certModel,
+		SSLCertificate:    string(sslCertificationBytes),
+		SSLCertificateKey: string(sslCertificationKeyBytes),
+		CertificateInfo:   certificateInfo,
+	}
+}
+
+func GetCertList(c *gin.Context) {
+	cosy.Core[model.Cert](c).SetFussy("name", "domain").SetTransformer(func(m *model.Cert) any {
+
+		info, _ := cert.GetCertInfo(m.SSLCertificatePath)
+
+		return APICertificate{
+			Cert:            m,
+			CertificateInfo: info,
+		}
+	}).PagingList()
 }
 
 func GetCert(c *gin.Context) {
-	certModel, err := model.FirstCertByID(cast.ToInt(c.Param("id")))
+	q := query.Cert
+
+	certModel, err := q.FirstByID(cast.ToInt(c.Param("id")))
 
 	if err != nil {
 		api.ErrHandler(c, err)
 		return
 	}
 
-	getCert(c, &certModel)
+	c.JSON(http.StatusOK, Transformer(certModel))
 }
 
 func AddCert(c *gin.Context) {
 	var json struct {
 		Name                  string `json:"name"`
 		SSLCertificatePath    string `json:"ssl_certificate_path" binding:"required"`
 		SSLCertificateKeyPath string `json:"ssl_certificate_key_path" binding:"required"`
-		SSLCertification      string `json:"ssl_certification"`
-		SSLCertificationKey   string `json:"ssl_certification_key"`
+		SSLCertificate        string `json:"ssl_certificate"`
+		SSLCertificateKey     string `json:"ssl_certificate_key"`
+		ChallengeMethod       string `json:"challenge_method"`
+		DnsCredentialID       int    `json:"dns_credential_id"`
 	}
 	if !api.BindAndValid(c, &json) {
 		return
@@ -87,6 +86,8 @@ func AddCert(c *gin.Context) {
 		Name:                  json.Name,
 		SSLCertificatePath:    json.SSLCertificatePath,
 		SSLCertificateKeyPath: json.SSLCertificateKeyPath,
+		ChallengeMethod:       json.ChallengeMethod,
+		DnsCredentialID:       json.DnsCredentialID,
 	}
 
 	err := certModel.Insert()
@@ -96,35 +97,21 @@ func AddCert(c *gin.Context) {
 		return
 	}
 
-	err = os.MkdirAll(filepath.Dir(json.SSLCertificatePath), 0644)
-	if err != nil {
-		api.ErrHandler(c, err)
-		return
+	content := &cert.Content{
+		SSLCertificatePath:    json.SSLCertificatePath,
+		SSLCertificateKeyPath: json.SSLCertificateKeyPath,
+		SSLCertificate:        json.SSLCertificate,
+		SSLCertificateKey:     json.SSLCertificateKey,
 	}
 
-	err = os.MkdirAll(filepath.Dir(json.SSLCertificateKeyPath), 0644)
+	err = content.WriteFile()
+
 	if err != nil {
 		api.ErrHandler(c, err)
 		return
 	}
 
-	if json.SSLCertification != "" {
-		err = os.WriteFile(json.SSLCertificatePath, []byte(json.SSLCertification), 0644)
-		if err != nil {
-			api.ErrHandler(c, err)
-			return
-		}
-	}
-
-	if json.SSLCertificationKey != "" {
-		err = os.WriteFile(json.SSLCertificateKeyPath, []byte(json.SSLCertificationKey), 0644)
-		if err != nil {
-			api.ErrHandler(c, err)
-			return
-		}
-	}
-
-	getCert(c, certModel)
+	c.JSON(http.StatusOK, Transformer(certModel))
 }
 
 func ModifyCert(c *gin.Context) {
@@ -136,13 +123,17 @@ func ModifyCert(c *gin.Context) {
 		SSLCertificateKeyPath string `json:"ssl_certificate_key_path" binding:"required"`
 		SSLCertificate        string `json:"ssl_certificate"`
 		SSLCertificateKey     string `json:"ssl_certificate_key"`
+		ChallengeMethod       string `json:"challenge_method"`
+		DnsCredentialID       int    `json:"dns_credential_id"`
 	}
 
 	if !api.BindAndValid(c, &json) {
 		return
 	}
 
-	certModel, err := model.FirstCertByID(id)
+	q := query.Cert
+
+	certModel, err := q.FirstByID(id)
 	if err != nil {
 		api.ErrHandler(c, err)
 		return
@@ -152,41 +143,29 @@ func ModifyCert(c *gin.Context) {
 		Name:                  json.Name,
 		SSLCertificatePath:    json.SSLCertificatePath,
 		SSLCertificateKeyPath: json.SSLCertificateKeyPath,
+		ChallengeMethod:       json.ChallengeMethod,
+		DnsCredentialID:       json.DnsCredentialID,
 	})
 
 	if err != nil {
 		api.ErrHandler(c, err)
 		return
 	}
 
-	err = os.MkdirAll(filepath.Dir(json.SSLCertificatePath), 0644)
-	if err != nil {
-		api.ErrHandler(c, err)
-		return
+	content := &cert.Content{
+		SSLCertificatePath:    json.SSLCertificatePath,
+		SSLCertificateKeyPath: json.SSLCertificateKeyPath,
+		SSLCertificate:        json.SSLCertificate,
+		SSLCertificateKey:     json.SSLCertificateKey,
 	}
 
-	err = os.MkdirAll(filepath.Dir(json.SSLCertificateKeyPath), 0644)
+	err = content.WriteFile()
+
 	if err != nil {
 		api.ErrHandler(c, err)
 		return
 	}
 
-	if json.SSLCertificate != "" {
-		err = os.WriteFile(json.SSLCertificatePath, []byte(json.SSLCertificate), 0644)
-		if err != nil {
-			api.ErrHandler(c, err)
-			return
-		}
-	}
-
-	if json.SSLCertificateKeyPath != "" {
-		err = os.WriteFile(json.SSLCertificateKeyPath, []byte(json.SSLCertificateKey), 0644)
-		if err != nil {
-			api.ErrHandler(c, err)
-			return
-		}
-	}
-
 	GetCert(c)
 }
 

api/certificate/issue.go

@@ -24,7 +24,7 @@ type IssueCertResponse struct {
 	SSLCertificateKey string `json:"ssl_certificate_key,omitempty"`
 }
 
-func handleIssueCertLogChan(conn *websocket.Conn, logChan chan string) {
+func handleIssueCertLogChan(conn *websocket.Conn, log *cert.Logger, logChan chan string) {
 	defer func() {
 		if err := recover(); err != nil {
 			logger.Error(err)
@@ -33,6 +33,8 @@ func handleIssueCertLogChan(conn *websocket.Conn, logChan chan string) {
 
 	for logString := range logChan {
 
+		log.Info(logString)
+
 		err := conn.WriteJSON(IssueCertResponse{
 			Status:  Info,
 			Message: logString,
@@ -42,7 +44,6 @@ func handleIssueCertLogChan(conn *websocket.Conn, logChan chan string) {
 			logger.Error(err)
 			return
 		}
-
 	}
 }
 
@@ -65,9 +66,9 @@ func IssueCert(c *gin.Context) {
 	}(ws)
 
 	// read
-	buffer := &cert.ConfigPayload{}
+	payload := &cert.ConfigPayload{}
 
-	err = ws.ReadJSON(buffer)
+	err = ws.ReadJSON(payload)
 
 	if err != nil {
 		logger.Error(err)
@@ -84,15 +85,20 @@ func IssueCert(c *gin.Context) {
 	logChan := make(chan string, 1)
 	errChan := make(chan error, 1)
 
-	go cert.IssueCert(buffer, logChan, errChan)
+	log := &cert.Logger{}
+	log.SetCertModel(&certModel)
+
+	go cert.IssueCert(payload, logChan, errChan)
 
-	go handleIssueCertLogChan(ws, logChan)
+	go handleIssueCertLogChan(ws, log, logChan)
 
 	// block, until errChan closes
 	for err = range errChan {
-		errLog := &cert.AutoCertErrorLog{}
-		errLog.SetCertModel(&certModel)
-		errLog.Exit("issue cert", err)
+
+		log.Error(err)
+
+		// Save logs to db
+		log.Exit()
 
 		err = ws.WriteJSON(IssueCertResponse{
 			Status:  Error,
@@ -107,12 +113,12 @@ func IssueCert(c *gin.Context) {
 		return
 	}
 
-	certDirName := strings.Join(buffer.ServerName, "_")
+	certDirName := strings.Join(payload.ServerName, "_")
 	sslCertificatePath := nginx.GetConfPath("ssl", certDirName, "fullchain.cer")
 	sslCertificateKeyPath := nginx.GetConfPath("ssl", certDirName, "private.key")
 
 	err = certModel.Updates(&model.Cert{
-		Domains:               buffer.ServerName,
+		Domains:               payload.ServerName,
 		SSLCertificatePath:    sslCertificatePath,
 		SSLCertificateKeyPath: sslCertificateKeyPath,
 	})
@@ -126,7 +132,8 @@ func IssueCert(c *gin.Context) {
 		return
 	}
 
-	certModel.ClearLog()
+	// Save logs to db
+	log.Exit()
 
 	err = ws.WriteJSON(IssueCertResponse{
 		Status:            Success,

api/sites/domain.go

@@ -1,19 +1,19 @@
 package sites
 
 import (
-    "github.com/0xJacky/Nginx-UI/api"
-    "github.com/0xJacky/Nginx-UI/internal/cert"
-    "github.com/0xJacky/Nginx-UI/internal/config"
-    "github.com/0xJacky/Nginx-UI/internal/helper"
-    "github.com/0xJacky/Nginx-UI/internal/logger"
-    "github.com/0xJacky/Nginx-UI/internal/nginx"
-    "github.com/0xJacky/Nginx-UI/model"
-    "github.com/0xJacky/Nginx-UI/query"
-    "github.com/gin-gonic/gin"
-    "github.com/sashabaranov/go-openai"
-    "net/http"
-    "os"
-    "strings"
+	"github.com/0xJacky/Nginx-UI/api"
+	"github.com/0xJacky/Nginx-UI/internal/cert"
+	"github.com/0xJacky/Nginx-UI/internal/config"
+	"github.com/0xJacky/Nginx-UI/internal/helper"
+	"github.com/0xJacky/Nginx-UI/internal/logger"
+	"github.com/0xJacky/Nginx-UI/internal/nginx"
+	"github.com/0xJacky/Nginx-UI/model"
+	"github.com/0xJacky/Nginx-UI/query"
+	"github.com/gin-gonic/gin"
+	"github.com/sashabaranov/go-openai"
+	"net/http"
+	"os"
+	"strings"
 )
 
 func GetDomains(c *gin.Context) {
@@ -146,7 +146,7 @@ func GetDomain(c *gin.Context) {
 
 	c.Set("maybe_error", "")
 
-	certInfoMap := make(map[int]CertificateInfo)
+	certInfoMap := make(map[int]*cert.Info)
 	for serverIdx, server := range nginxConfig.Servers {
 		for _, directive := range server.Directives {
 			if directive.Directive == "ssl_certificate" {
@@ -158,12 +158,7 @@ func GetDomain(c *gin.Context) {
 					break
 				}
 
-				certInfoMap[serverIdx] = CertificateInfo{
-					SubjectName: pubKey.Subject.CommonName,
-					IssuerName:  pubKey.Issuer.CommonName,
-					NotAfter:    pubKey.NotAfter,
-					NotBefore:   pubKey.NotBefore,
-				}
+				certInfoMap[serverIdx] = pubKey
 
 				break
 			}