mirror of
https://github.com/unraid/webgui.git
synced 2026-01-29 13:09:05 -06:00
Merge pull request #170 from bergware/6.4-wip
Several changes in Encryption Settings page
This commit is contained in:
tom mortensen
@@ -16,76 +16,71 @@ Tag="key"
|
||||
*/
|
||||
?>
|
||||
<?
|
||||
$keyfile = file_exists($var['luksKeyfile']) ? $var['luksKeyfile'] : '';
|
||||
$confirm = $var['fsNumEncrypted']==0;
|
||||
$online = $var['fsState']=='Stopped' ? '' : 'disabled';
|
||||
$keyfile = file_exists($var['luksKeyfile']) ? $var['luksKeyfile']:'';
|
||||
$online = $var['fsState']=='Stopped' ? '':'disabled';
|
||||
?>
|
||||
<script>
|
||||
<?if ($keyfile):?>
|
||||
function checkInput(form) {
|
||||
function prepareInput(form) {
|
||||
form.keyfile.disabled = true;
|
||||
return true;
|
||||
}
|
||||
function toggleButton(checked) {
|
||||
function toggleApply(checked) {
|
||||
$('input[name="#apply"]').prop('disabled',!checked);
|
||||
}
|
||||
<?else:?>
|
||||
function checkInput(form) {
|
||||
var forced = <?=$var['fsNumEncrypted']==0 ? 'true':'false'?>;
|
||||
var confirm = forced || <?=$var['luksRestricted']!='yes' ? 'true':'false'?>;
|
||||
|
||||
function prepareInput(form) {
|
||||
$.post('/update.htm',{luksRestricted:form.luksRestricted.value,changeDisk:'apply'});
|
||||
if (form.text.value || form.file.value) {
|
||||
form.input.disabled = true;
|
||||
form.local.disabled = true;
|
||||
return true;
|
||||
form.copy.disabled = true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
function toggleApply(form) {
|
||||
var disabled = confirm ? form.text.value!=form.copy.value:form.text.value=='';
|
||||
form.apply.disabled = disabled;
|
||||
}
|
||||
function selectInput(form) {
|
||||
if (form.input.value == 'text') {
|
||||
form.file.value = '';
|
||||
form.local.value = '';
|
||||
$('#text').show(); $('#file').hide();
|
||||
$('#text').show();
|
||||
$('#file').hide();
|
||||
} else {
|
||||
form.text.value = '';
|
||||
<?if ($confirm):?>
|
||||
form.textConf.value = '';
|
||||
<?endif;?>
|
||||
$('#text').hide(); $('#file').show();
|
||||
form.copy.value = '';
|
||||
$('#text').hide();
|
||||
$('#file').show();
|
||||
}
|
||||
form.apply.disabled = true;
|
||||
}
|
||||
function showPass(checked) {
|
||||
$('input[name="text"],input[name="textConf"]').attr('type',checked ? 'text' : 'password');
|
||||
$('input[name="text"],input[name="copy"]').attr('type',checked ? 'text':'password');
|
||||
}
|
||||
function showRetype(form) {
|
||||
if (form.input.value=='file') return;
|
||||
confirm = forced || form.luksRestricted.value!='yes';
|
||||
toggleApply(form);
|
||||
if (confirm) $('#retype').show(); else $('#retype').hide();
|
||||
}
|
||||
function getFileContent(event,form) {
|
||||
var input = event.target;
|
||||
var reader = new FileReader();
|
||||
reader.onload = function(){form.file.value = reader.result; form.apply.disabled = false;};
|
||||
reader.onload = function(){form.file.value=reader.result; form.apply.disabled=false;};
|
||||
reader.readAsDataURL(input.files[0]);
|
||||
}
|
||||
$(function(){
|
||||
if (confirm) $('#retype').show();
|
||||
});
|
||||
<?endif;?>
|
||||
</script>
|
||||
<form markdown="1" name="encrypt_start" method="POST" action="/update.htm" target="progressFrame">
|
||||
Restricted Start:
|
||||
: <select name="luksStartMode" size="1">
|
||||
<?=mk_option($var['luksStartMode'], "0", "Yes")?>
|
||||
<?=mk_option($var['luksStartMode'], "1", "No")?>
|
||||
</select>
|
||||
|
||||
> When set to **Yes** the array cannot Start if the encryption passphrase/keyfile is missing or wrong. This
|
||||
> is the normal setting.
|
||||
|
||||
> When set to **No** the array may be Started and:
|
||||
|
||||
> * If the passphrase/keyfile is **missing**, then encrypted volumes will not be mounted and cannot be formatted.
|
||||
> * If the passphrase/keyfile is **wrong**, then encrypted volumes will appear Unmountable and may be formatted.
|
||||
|
||||
|
||||
: <input type="submit" name="changeDisk" value="Apply"><input type="button" value="Done" onclick="done()">
|
||||
</form>
|
||||
<form markdown="1" name="encrypt_settings" method="POST" action="/update.php" target="progressFrame" onsubmit="return checkInput(this)">
|
||||
<form markdown="1" name="encrypt_settings" method="POST" action="/update.php" target="progressFrame" onsubmit="prepareInput(this)">
|
||||
<input type="hidden" name="#file" value="unused">
|
||||
<input type="hidden" name="#include" value="webGui/include/KeyUpload.php">
|
||||
<input type="hidden" name="file" value="">
|
||||
<input type="hidden" name="flag" value="true">
|
||||
<?if ($keyfile):?>
|
||||
Encryption key:
|
||||
: <?=$keyfile?>
|
||||
@@ -93,21 +88,35 @@ Encryption key:
|
||||
> Shows the path and name of the current keyfile, if present.
|
||||
>
|
||||
> This keyfile is read during array Start and is used to encrypt/decrypt content of encrypted devices.
|
||||
|
||||
>
|
||||
> With array Stopped, the keyfile may be deleted and the user can specify a new encryption key. Note that once a device
|
||||
> is formatted with a particular key it may only be opened using that same key. Changing the encryption key requires
|
||||
> encrypted devices to be reformatted **resulting in permanent loss of all existing data on those devices.**
|
||||
|
||||
>
|
||||
> With array Started, the keyfile may be deleted to ensure there is no encryption key present on the server when
|
||||
> the array is online. Note that plugins are installed and may execute before and during the array Start process.
|
||||
> the array is online. Note that plugins are installed and may execute before and during the array Start process.
|
||||
|
||||
Delete <input type="checkbox" name="keyfile" onchange="toggleButton(this.checked)">
|
||||
Delete <input type="checkbox" name="keyfile" onchange="toggleApply(this.checked)">
|
||||
: <input type="submit" name="#apply" value="Delete" disabled><input type="button" value="Done" class="lock" onclick="done()">
|
||||
|
||||
<?else:?>
|
||||
Encryption key:
|
||||
: Not present
|
||||
|
||||
Restricted Start:
|
||||
: <select name="luksRestricted" size="1" onchange="showRetype(this.form)"<?=$online?>>
|
||||
<?=mk_option($var['luksRestricted'], "yes", "Yes")?>
|
||||
<?=mk_option($var['luksRestricted'], "no", "No")?>
|
||||
</select>
|
||||
|
||||
> When set to **Yes** the array cannot Start if the encryption passphrase/keyfile is missing or wrong.
|
||||
> This is the normal setting.
|
||||
>
|
||||
> When set to **No** the array may be Started and:
|
||||
>
|
||||
> * If the passphrase/keyfile is **missing**, then encrypted volumes will not be mounted and cannot be formatted.
|
||||
> * If the passphrase/keyfile is **different**, then encrypted volumes will appear Unmountable and may be formatted with the new key.
|
||||
|
||||
Encryption input:
|
||||
: <select name="input" size="1" onchange="selectInput(this.form)"<?=$online?>>
|
||||
<?=mk_option(1, "text", "Passphrase")?>
|
||||
@@ -119,14 +128,15 @@ Encryption input:
|
||||
> The array will **not** Start automatically when encrypted volumes are present.
|
||||
|
||||
<div id="text" markdown="1">
|
||||
<?if ($confirm):?>
|
||||
Passphrase:
|
||||
: <input type="password" name="text" maxlength="512" value=""<?=$online?> onKeyUp="this.form.apply.disabled=(this.form.text.value!=this.form.textConf.value)"><?if (!$online):?><input id="eye" type="checkbox" onchange="showPass(this.checked)">show passphrase<?endif;?>
|
||||
: <input type="password" name="text" maxlength="512" value=""<?=$online?> onKeyUp="toggleApply(this.form)"><?if (!$online):?><input id="eye" type="checkbox" onchange="showPass(this.checked)">show passphrase<?endif;?>
|
||||
|
||||
<div id="retype" markdown="1" style="display:none">
|
||||
Retype passphrase:
|
||||
: <input type="password" name="textConf" maxlength="512" value=""<?=$online?> onKeyUp="this.form.apply.disabled=(this.form.text.value!=this.form.textConf.value)">
|
||||
: <input type="password" name="copy" maxlength="512" value=""<?=$online?> onKeyUp="toggleApply(this.form)">
|
||||
|
||||
> Enter a passphrase of up to 512 characters. It is highly advisable to only use the 95 printable characters from the
|
||||
</div>
|
||||
> Enter a passphrase of up to 512 characters. It is highly advisable to only use the 95 printable characters from the
|
||||
> first 128 characters of the [ASCII table](https://en.wikipedia.org/wiki/ASCII), as they will always have the same binary
|
||||
> representation. Other characters may have different encoding depending on system configuration and your passphrase will
|
||||
> not work with a different encoding. If you want a longer passphrase or to include binary data, upload a keyfile instead.
|
||||
@@ -136,22 +146,13 @@ Retype passphrase:
|
||||
>
|
||||
> **Memorize** this passphrase. **IF LOST, ENCRYPTED CONTENT CANNOT BE RECOVERED!**
|
||||
|
||||
<?else:?>
|
||||
Passphrase:
|
||||
: <input type="password" name="text" maxlength="512" value=""<?=$online?> onKeyUp="this.form.apply.disabled=(this.form.text.value=='')"><?if (!$online):?><input id="eye" type="checkbox" onchange="showPass(this.checked)">show passphrase<?endif;?>
|
||||
|
||||
> Enter the correct passphrase to unlock the encrypted devices present in this system.
|
||||
>
|
||||
> **Memorize** this passphrase. **IF LOST, ENCRYPTED CONTENT CANNOT BE RECOVERED!**
|
||||
|
||||
<?endif;?>
|
||||
</div>
|
||||
<div id="file" markdown="1" style="display:none">
|
||||
Keyfile:
|
||||
: <input type="file" name="local" onchange="getFileContent(event,this.form)"<?=$online?>>
|
||||
|
||||
> Select a local keyfile with a stored encryption key. The maximum size keyfile is 8M (8388608).
|
||||
|
||||
> Select a local keyfile with a stored encryption key or a binary file. The maximum size of the keyfile is 8M (8388608 byte).
|
||||
>
|
||||
> **Backup** your local keyfile. **IF LOST, ENCRYPTED CONTENT CANNOT BE RECOVERED!**
|
||||
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user