alexei.dolgolyov/tiny-forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2a57927419c6470d8c1f9de80b9508faa10a1b84
tiny-forge/web/src/routes/settings/+page.svelte
T
alexei.dolgolyov c730cfaa45 feat: Cloudflare DNS management with automatic record sync 
Add flexible DNS management to Docker Watcher. By default, wildcard DNS
is assumed (current behavior). When disabled, users can configure a
Cloudflare DNS provider with API token and zone selection. DNS A records
are automatically created/updated/deleted in sync with proxy consumers
(deployed instances and standalone proxies).

- Settings: wildcard_dns toggle, dns_provider, cloudflare credentials
- Cloudflare client: Provider interface with EnsureRecord/DeleteRecord/ListRecords
- DNS lifecycle hooks in deployer and proxy manager (best-effort)
- Settings UI: DNS config section with provider picker, zone selector, test button
- DNS Records page at /dns with filtering, sync status, reconciliation
- Records visible in both wildcard and managed modes
- Cleanup on provider change: removes old records when switching modes
2026-04-02 14:49:21 +03:00

497 lines
19 KiB
Svelte
Raw Blame History

<script lang="ts">
import { getSettings, updateSettings, getWebhookUrl, regenerateWebhookUrl, listNpmCertificates, testDnsConnection, listDnsZones } from '$lib/api';
import type { EntityPickerItem } from '$lib/types';
import FormField from '$lib/components/FormField.svelte';
import EntityPicker from '$lib/components/EntityPicker.svelte';
import { toasts } from '$lib/stores/toast';
import { t } from '$lib/i18n';
import { IconLoader, IconCopy, IconRefresh, IconShield, IconX } from '$lib/components/icons';
import Skeleton from '$lib/components/Skeleton.svelte';
let loading = $state(true);
let saving = $state(false);
let webhookUrl = $state('');
let regenerating = $state(false);
let domain = $state('');
let serverIp = $state('');
let network = $state('');
let subdomainPattern = $state('');
let pollingInterval = $state('');
let baseVolumePath = $state('');
let notificationUrl = $state('');
let staleThresholdDays = $state('7');
let sslCertificateId = $state(0);
let sslCertName = $state('');
let certPickerOpen = $state(false);
let certPickerItems = $state<EntityPickerItem[]>([]);
let loadingCerts = $state(false);
// DNS settings state.
let wildcardDns = $state(true);
let dnsProvider = $state('');
let cloudflareApiToken = $state('');
let hasCloudflareApiToken = $state(false);
let cloudflareZoneId = $state('');
let zonePickerOpen = $state(false);
let zonePickerItems = $state<EntityPickerItem[]>([]);
let loadingZones = $state(false);
let zoneName = $state('');
let testingDns = $state(false);
let errors = $state<Record<string, string>>({});
function validateDomain(value: string): string {
if (!value.trim()) return $t('validation.required', { field: 'Domain' });
if (!/^[a-zA-Z0-9][a-zA-Z0-9.\-]+\.[a-zA-Z]{2,}$/.test(value.trim())) return $t('validation.invalidDomain');
return '';
}
function validateIp(value: string): string {
if (!value.trim()) return '';
if (!/^(\d{1,3}\.){3}\d{1,3}$/.test(value.trim())) return $t('validation.invalidIp');
return '';
}
function validatePollingInterval(value: string): string {
if (!value.trim()) return '';
const num = parseInt(value, 10);
if (isNaN(num) || num < 10 || num > 86400) return $t('validation.invalidPollingInterval');
return '';
}
function validateUrl(value: string): string {
if (!value.trim()) return '';
try { new URL(value.trim()); return ''; } catch { return $t('validation.invalidUrl'); }
}
function validateAll(): boolean {
const newErrors: Record<string, string> = {};
const domainErr = validateDomain(domain);
if (domainErr) newErrors.domain = domainErr;
const ipErr = validateIp(serverIp);
if (ipErr) newErrors.serverIp = ipErr;
const intervalErr = validatePollingInterval(pollingInterval);
if (intervalErr) newErrors.pollingInterval = intervalErr;
const urlErr = validateUrl(notificationUrl);
if (urlErr) newErrors.notificationUrl = urlErr;
errors = newErrors;
return Object.keys(newErrors).length === 0;
}
async function loadSettings() {
loading = true;
try {
const settings = await getSettings();
domain = settings.domain ?? '';
serverIp = settings.server_ip ?? '';
network = settings.network ?? '';
subdomainPattern = settings.subdomain_pattern ?? '';
pollingInterval = settings.polling_interval ?? '';
baseVolumePath = settings.base_volume_path ?? '';
sslCertificateId = settings.ssl_certificate_id ?? 0;
notificationUrl = settings.notification_url ?? '';
staleThresholdDays = String(settings.stale_threshold_days ?? 7);
wildcardDns = settings.wildcard_dns ?? true;
dnsProvider = settings.dns_provider ?? '';
hasCloudflareApiToken = settings.has_cloudflare_api_token ?? false;
cloudflareZoneId = settings.cloudflare_zone_id ?? '';
} catch (err) {
toasts.error(err instanceof Error ? err.message : $t('settingsGeneral.loadFailed'));
} finally {
loading = false;
}
}
async function loadWebhookUrlValue() {
try {
const result = await getWebhookUrl();
webhookUrl = result.url;
} catch { /* may not be configured */ }
}
async function handleSave() {
if (!validateAll()) return;
saving = true;
try {
const payload: Record<string, unknown> = {
domain: domain.trim(), server_ip: serverIp.trim(), network: network.trim(),
subdomain_pattern: subdomainPattern.trim(), polling_interval: pollingInterval.trim(),
base_volume_path: baseVolumePath.trim(), notification_url: notificationUrl.trim(),
ssl_certificate_id: sslCertificateId,
stale_threshold_days: Math.max(1, parseInt(staleThresholdDays, 10) || 7),
wildcard_dns: wildcardDns,
dns_provider: wildcardDns ? '' : dnsProvider,
cloudflare_zone_id: cloudflareZoneId
};
if (cloudflareApiToken) {
payload.cloudflare_api_token = cloudflareApiToken;
}
await updateSettings(payload as any);
toasts.success($t('settingsGeneral.saved'));
} catch (err) {
toasts.error(err instanceof Error ? err.message : $t('settingsGeneral.saveFailed'));
} finally {
saving = false;
}
}
async function handleRegenerateWebhook() {
regenerating = true;
try {
const result = await regenerateWebhookUrl();
webhookUrl = result.url;
toasts.success($t('settingsGeneral.regenerated'));
} catch (err) {
toasts.error(err instanceof Error ? err.message : $t('settingsGeneral.regenerateFailed'));
} finally {
regenerating = false;
}
}
async function openCertPicker() {
loadingCerts = true;
certPickerOpen = true;
try {
const certs = await listNpmCertificates();
certPickerItems = certs.map((cert): EntityPickerItem => ({
value: String(cert.id),
label: cert.nice_name || `Certificate #${cert.id}`,
description: cert.domain_names.join(', ')
}));
} catch (err) {
toasts.error(err instanceof Error ? err.message : $t('settingsGeneral.noCertificatesFound'));
certPickerOpen = false;
} finally {
loadingCerts = false;
}
}
function handleCertSelect(value: string) {
const id = parseInt(value, 10);
sslCertificateId = id;
const item = certPickerItems.find((i) => i.value === value);
sslCertName = item?.label ?? '';
certPickerOpen = false;
}
function clearCertificate() {
sslCertificateId = 0;
sslCertName = '';
}
// When loading settings, try to resolve cert name if an ID is set.
async function resolveCertName() {
if (sslCertificateId <= 0) return;
try {
const certs = await listNpmCertificates();
const match = certs.find((c) => c.id === sslCertificateId);
if (match) {
sslCertName = match.nice_name || `Certificate #${match.id}`;
} else {
sslCertName = `Certificate #${sslCertificateId}`;
}
} catch {
sslCertName = `Certificate #${sslCertificateId}`;
}
}
async function openZonePicker() {
loadingZones = true;
zonePickerOpen = true;
try {
const token = cloudflareApiToken || undefined;
const zones = await listDnsZones(token);
zonePickerItems = zones.map((zone): EntityPickerItem => ({
value: zone.id,
label: zone.name,
description: zone.id
}));
if (zonePickerItems.length === 0) {
toasts.error($t('settingsGeneral.noZonesFound'));
zonePickerOpen = false;
}
} catch (err) {
toasts.error(err instanceof Error ? err.message : $t('settingsGeneral.noZonesFound'));
zonePickerOpen = false;
} finally {
loadingZones = false;
}
}
function handleZoneSelect(value: string) {
cloudflareZoneId = value;
const item = zonePickerItems.find((i) => i.value === value);
zoneName = item?.label ?? '';
zonePickerOpen = false;
}
async function handleTestDns() {
testingDns = true;
try {
const token = cloudflareApiToken || '';
const result = await testDnsConnection('cloudflare', token, cloudflareZoneId);
if (result.success) {
toasts.success($t('settingsGeneral.connectionSuccess'));
} else {
toasts.error(`${$t('settingsGeneral.connectionFailed')}: ${result.error}`);
}
} catch (err) {
toasts.error(err instanceof Error ? err.message : $t('settingsGeneral.connectionFailed'));
} finally {
testingDns = false;
}
}
async function resolveZoneName() {
if (!cloudflareZoneId) return;
try {
const zones = await listDnsZones();
const match = zones.find((z) => z.id === cloudflareZoneId);
zoneName = match?.name ?? cloudflareZoneId;
} catch {
zoneName = cloudflareZoneId;
}
}
async function init() {
await loadSettings();
await resolveCertName();
if (!wildcardDns && cloudflareZoneId) {
resolveZoneName();
}
loadWebhookUrlValue();
}
$effect(() => { init(); });
</script>
<svelte:head>
<title>{$t('settingsGeneral.title')} - {$t('app.name')}</title>
</svelte:head>
<div class="space-y-6">
{#if loading}
<div class="space-y-4">
<Skeleton height="2rem" width="12rem" />
<div class="grid grid-cols-2 gap-4">
{#each Array(6) as _}
<Skeleton height="4rem" />
{/each}
</div>
</div>
{:else}
<div class="rounded-xl border border-[var(--border-primary)] bg-[var(--surface-card)] p-6 shadow-[var(--shadow-sm)]">
<h2 class="mb-4 text-lg font-semibold text-[var(--text-primary)]">{$t('settingsGeneral.globalConfig')}</h2>
<div class="grid grid-cols-1 gap-4 md:grid-cols-2">
<FormField label={$t('settingsGeneral.domain')} name="domain" bind:value={domain} placeholder="example.com" required error={errors.domain ?? ''} helpText={$t('settingsGeneral.domainHelp')} />
<FormField label={$t('settingsGeneral.serverIp')} name="serverIp" bind:value={serverIp} placeholder="93.84.96.191" error={errors.serverIp ?? ''} helpText={$t('settingsGeneral.serverIpHelp')} />
<FormField label={$t('settingsGeneral.dockerNetwork')} name="network" bind:value={network} placeholder="staging-net" helpText={$t('settingsGeneral.dockerNetworkHelp')} />
<FormField label={$t('settingsGeneral.subdomainPattern')} name="subdomainPattern" bind:value={subdomainPattern} placeholder="stage-{'{stage}'}-{'{project}'}" helpText={$t('settingsGeneral.subdomainPatternHelp')} />
<FormField label={$t('settingsGeneral.pollingInterval')} name="pollingInterval" type="number" bind:value={pollingInterval} placeholder="60" error={errors.pollingInterval ?? ''} helpText={$t('settingsGeneral.pollingIntervalHelp')} />
<FormField label="Base Volume Path" name="baseVolumePath" bind:value={baseVolumePath} placeholder="/data" helpText="Prepended to relative volume sources (e.g., /data + my-app/uploads = /data/my-app/uploads)" />
<FormField label={$t('settingsGeneral.notificationUrl')} name="notificationUrl" bind:value={notificationUrl} placeholder="https://notify.example.com/webhook" error={errors.notificationUrl ?? ''} helpText={$t('settingsGeneral.notificationUrlHelp')} />
</div>
<!-- SSL Certificate -->
<div class="mt-6 border-t border-[var(--border-primary)] pt-4">
<div class="flex items-start gap-3">
<div class="flex-1">
<label class="block text-sm font-medium text-[var(--text-primary)]">{$t('settingsGeneral.sslCertificate')}</label>
<p class="mt-0.5 text-xs text-[var(--text-tertiary)]">{$t('settingsGeneral.sslCertificateHelp')}</p>
<div class="mt-2 flex items-center gap-2">
<button
type="button"
onclick={openCertPicker}
class="inline-flex items-center gap-2 rounded-lg border border-[var(--border-primary)] px-3 py-2 text-sm text-[var(--text-secondary)] hover:bg-[var(--surface-card-hover)] transition-colors"
>
<IconShield size={16} />
{#if loadingCerts}
{$t('settingsGeneral.loadingCertificates')}
{:else if sslCertificateId > 0 && sslCertName}
{sslCertName}
{:else}
{$t('settingsGeneral.noCertificate')}
{/if}
</button>
{#if sslCertificateId > 0}
<button
type="button"
onclick={clearCertificate}
class="inline-flex items-center gap-1 rounded-lg border border-[var(--border-primary)] px-2 py-2 text-sm text-[var(--text-tertiary)] hover:text-[var(--color-danger)] hover:bg-[var(--surface-card-hover)] transition-colors"
title={$t('settingsGeneral.clearCertificate')}
>
<IconX size={14} />
</button>
{/if}
</div>
</div>
</div>
</div>
<!-- Stale Detection -->
<div class="mt-6 border-t border-[var(--border-primary)] pt-4">
<h3 class="mb-3 text-sm font-semibold text-[var(--text-primary)]">{$t('stale.title')}</h3>
<div class="max-w-xs">
<FormField
label={$t('settings.staleThreshold')}
name="staleThresholdDays"
type="number"
bind:value={staleThresholdDays}
placeholder="7"
helpText={$t('settings.staleThresholdHelp')}
/>
</div>
</div>
<!-- DNS Configuration -->
<div class="mt-6 border-t border-[var(--border-primary)] pt-4">
<h3 class="mb-3 text-sm font-semibold text-[var(--text-primary)]">{$t('settingsGeneral.dnsConfig')}</h3>
<label class="flex items-center gap-3 cursor-pointer">
<input type="checkbox" bind:checked={wildcardDns}
class="h-4 w-4 rounded border-[var(--border-primary)] text-[var(--color-brand-600)] focus:ring-[var(--color-brand-500)]" />
<div>
<span class="text-sm font-medium text-[var(--text-primary)]">{$t('settingsGeneral.wildcardDns')}</span>
<p class="text-xs text-[var(--text-tertiary)]">{$t('settingsGeneral.wildcardDnsHelp')}</p>
</div>
</label>
{#if !wildcardDns}
<div class="mt-4 space-y-4 rounded-lg border border-[var(--border-primary)] bg-[var(--surface-card-hover)] p-4">
<!-- DNS Provider -->
<div>
<label for="dnsProvider" class="block text-sm font-medium text-[var(--text-primary)]">{$t('settingsGeneral.dnsProvider')}</label>
<p class="mt-0.5 text-xs text-[var(--text-tertiary)]">{$t('settingsGeneral.dnsProviderHelp')}</p>
<select id="dnsProvider" bind:value={dnsProvider}
class="mt-1.5 w-full max-w-xs rounded-lg border border-[var(--border-primary)] bg-[var(--surface-card)] px-3 py-2 text-sm text-[var(--text-primary)] focus:border-[var(--color-brand-500)] focus:outline-none focus:ring-1 focus:ring-[var(--color-brand-500)]">
<option value="">-- Select --</option>
<option value="cloudflare">Cloudflare</option>
</select>
</div>
{#if dnsProvider === 'cloudflare'}
<!-- Cloudflare API Token -->
<div>
<FormField
label={$t('settingsGeneral.cloudflareApiToken')}
name="cloudflareApiToken"
type="password"
bind:value={cloudflareApiToken}
placeholder={hasCloudflareApiToken ? '••••••••' : $t('settingsGeneral.cloudflareApiTokenPlaceholder')}
helpText={hasCloudflareApiToken ? $t('settingsGeneral.cloudflareApiTokenConfigured') : $t('settingsGeneral.cloudflareApiTokenHelp')}
/>
</div>
<!-- Zone Picker -->
<div>
<label for="cloudflareZoneBtn" class="block text-sm font-medium text-[var(--text-primary)]">{$t('settingsGeneral.cloudflareZone')}</label>
<p class="mt-0.5 text-xs text-[var(--text-tertiary)]">{$t('settingsGeneral.cloudflareZoneHelp')}</p>
<div class="mt-1.5 flex items-center gap-2">
<button
id="cloudflareZoneBtn"
type="button"
onclick={openZonePicker}
class="inline-flex items-center gap-2 rounded-lg border border-[var(--border-primary)] px-3 py-2 text-sm text-[var(--text-secondary)] hover:bg-[var(--surface-card)] transition-colors"
>
{#if loadingZones}
{$t('settingsGeneral.loadingZones')}
{:else if cloudflareZoneId && zoneName}
{zoneName}
{:else}
{$t('settingsGeneral.noZone')}
{/if}
</button>
{#if cloudflareZoneId}
<button
type="button"
onclick={() => { cloudflareZoneId = ''; zoneName = ''; }}
class="inline-flex items-center gap-1 rounded-lg border border-[var(--border-primary)] px-2 py-2 text-sm text-[var(--text-tertiary)] hover:text-[var(--color-danger)] hover:bg-[var(--surface-card)] transition-colors"
>
<IconX size={14} />
</button>
{/if}
</div>
</div>
<!-- Test Connection -->
<div>
<button
type="button"
onclick={handleTestDns}
disabled={testingDns || (!cloudflareApiToken && !hasCloudflareApiToken)}
class="inline-flex items-center gap-2 rounded-lg border border-[var(--color-brand-600)] px-3 py-2 text-sm font-medium text-[var(--color-brand-600)] hover:bg-[var(--color-brand-50)] transition-colors disabled:opacity-50"
>
{#if testingDns}<IconLoader size={16} />{/if}
{testingDns ? $t('settingsGeneral.testingConnection') : $t('settingsGeneral.testConnection')}
</button>
</div>
{/if}
</div>
{/if}
</div>
<div class="mt-6">
<button onclick={handleSave} disabled={saving} class="inline-flex items-center gap-2 rounded-lg bg-[var(--color-brand-600)] px-4 py-2.5 text-sm font-medium text-white shadow-sm transition-all duration-150 hover:bg-[var(--color-brand-700)] disabled:opacity-50 active:animate-press">
{#if saving}<IconLoader size={16} />{/if}
{saving ? $t('settingsGeneral.saving') : $t('settingsGeneral.saveSettings')}
</button>
</div>
</div>
<!-- Webhook URL -->
<div class="rounded-xl border border-[var(--border-primary)] bg-[var(--surface-card)] p-6 shadow-[var(--shadow-sm)]">
<h2 class="mb-1 text-lg font-semibold text-[var(--text-primary)]">{$t('settingsGeneral.webhookUrl')}</h2>
<p class="mb-3 text-sm text-[var(--text-secondary)]">{$t('settingsGeneral.webhookDesc')}</p>
{#if webhookUrl}
<div class="flex items-center gap-3">
<code class="flex-1 rounded-lg border border-[var(--border-primary)] bg-[var(--surface-card-hover)] px-3 py-2.5 font-mono text-sm text-[var(--text-secondary)] break-all">
{webhookUrl}
</code>
<button
onclick={() => { navigator.clipboard.writeText(webhookUrl); toasts.info($t('settingsGeneral.copied')); }}
class="inline-flex items-center gap-1.5 rounded-lg border border-[var(--border-primary)] px-3 py-2.5 text-sm font-medium text-[var(--text-secondary)] hover:bg-[var(--surface-card-hover)] transition-colors"
>
<IconCopy size={16} />
{$t('settingsGeneral.copy')}
</button>
</div>
{:else}
<p class="text-sm text-[var(--text-tertiary)] italic">{$t('settingsGeneral.noWebhookUrl')}</p>
{/if}
<div class="mt-4">
<button
onclick={handleRegenerateWebhook}
disabled={regenerating}
class="inline-flex items-center gap-2 rounded-lg border border-[var(--color-danger)] px-4 py-2 text-sm font-medium text-[var(--color-danger)] hover:bg-[var(--color-danger-light)] transition-colors disabled:opacity-50 active:animate-press"
>
{#if regenerating}<IconLoader size={16} />{/if}
<IconRefresh size={16} />
{regenerating ? $t('settingsGeneral.regenerating') : $t('settingsGeneral.regenerateUrl')}
</button>
<p class="mt-1 text-xs text-[var(--text-tertiary)]">{$t('settingsGeneral.regenerateWarning')}</p>
</div>
</div>
{/if}
</div>
<EntityPicker
bind:open={certPickerOpen}
items={certPickerItems}
current={String(sslCertificateId)}
title={$t('settingsGeneral.selectCertificate')}
onselect={handleCertSelect}
onclose={() => { certPickerOpen = false; }}
/>
<EntityPicker
bind:open={zonePickerOpen}
items={zonePickerItems}
current={cloudflareZoneId}
title={$t('settingsGeneral.selectZone')}
onselect={handleZoneSelect}
onclose={() => { zonePickerOpen = false; }}
/>
Reference in New Issue View Git Blame Copy Permalink