diff --git a/api.php b/api.php index a0bd892..cda5b7a 100644 --- a/api.php +++ b/api.php @@ -4256,6 +4256,38 @@ switch ($action) { echo json_encode(['success' => true]); break; + case 'provision_ssl': + requireSuperAdmin(); + if ($method !== 'POST') break; + $input = json_decode(file_get_contents('php://input'), true); + $domains = $input['domains'] ?? []; + if (empty($domains)) { + http_response_code(400); + echo json_encode(['error' => 'Domainit puuttuvat']); + break; + } + // Validoi domainit + foreach ($domains as $d) { + if (!preg_match('/^[a-z0-9.-]+\.[a-z]{2,}$/', $d)) { + http_response_code(400); + echo json_encode(['error' => "Virheellinen domain: $d"]); + break 2; + } + } + // Suorita provisiointi shell-skriptinä + $escapedDomains = array_map('escapeshellarg', $domains); + $domainList = implode(' ', $escapedDomains); + $output = []; + $exitCode = 0; + exec("sudo /usr/local/bin/provision-ssl.sh $domainList 2>&1", $output, $exitCode); + if ($exitCode !== 0) { + http_response_code(500); + echo json_encode(['error' => 'SSL-provisiointi epäonnistui: ' . implode("\n", $output)]); + } else { + echo json_encode(['success' => true, 'message' => 'SSL-sertifikaatti päivitetty: ' . implode(', ', $domains)]); + } + break; + case 'company_switch': requireAuth(); if ($method !== 'POST') break; diff --git a/index.html b/index.html index 92861d5..e9d26e8 100644 --- a/index.html +++ b/index.html @@ -1673,6 +1673,8 @@
+ +
diff --git a/script.js b/script.js index 98572ec..d3516db 100644 --- a/script.js +++ b/script.js @@ -2908,6 +2908,8 @@ async function showCompanyDetail(id) { if (modulesSection) modulesSection.style.display = isSA ? '' : 'none'; if (integrationsSection) integrationsSection.style.display = isSA ? '' : 'none'; if (ipsSection) ipsSection.style.display = isSA ? '' : 'none'; + const sslBtn = document.getElementById('btn-provision-ssl'); + if (sslBtn) sslBtn.style.display = isSA ? '' : 'none'; // Moduuli-checkboxit (yhteensopivuus: vanha 'devices' → 'tekniikka') let enabledMods = comp?.enabled_modules || []; @@ -3203,6 +3205,30 @@ document.getElementById('btn-save-company-settings').addEventListener('click', a } catch (e) { alert(e.message); } }); +// SSL-sertifikaatin provisiointi (superadmin) +document.getElementById('btn-provision-ssl')?.addEventListener('click', async () => { + const domains = document.getElementById('company-edit-domains').value.trim().split('\n').map(d => d.trim()).filter(Boolean); + if (!domains.length) { alert('Lisää ensin domainit!'); return; } + if (!confirm('Päivitetäänkö Apache-config ja Let\'s Encrypt -sertifikaatti seuraavilla domaineilla?\n\n' + domains.join('\n'))) return; + const btn = document.getElementById('btn-provision-ssl'); + const status = document.getElementById('ssl-provision-status'); + btn.disabled = true; + btn.textContent = '⏳ Provisioidaan...'; + status.style.display = 'block'; + status.textContent = 'Päivitetään Apache-config ja Let\'s Encrypt...'; + try { + const result = await apiCall('provision_ssl', 'POST', { domains }); + status.style.color = '#27ae60'; + status.textContent = '✅ ' + (result.message || 'SSL-sertifikaatti päivitetty!'); + } catch (e) { + status.style.color = '#e74c3c'; + status.textContent = '❌ ' + e.message; + } finally { + btn.disabled = false; + btn.textContent = '🔒 Päivitä SSL-sertifikaatti'; + } +}); + // ==================== POSTILAATIKOT ==================== let mailboxesData = [];