akanealw/caddy-proxy-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

feat: add mTLS support for proxy hosts

Browse Source 
- New `ca_certificates` table for reusable CA certs (migration 0011)
- CA cert CRUD model, server actions, and UI dialogs
- Proxy host create/edit dialogs include mTLS toggle + CA cert selection
- Caddy config generates `client_authentication` TLS policy blocks with
  `require_and_verify` mode for hosts with mTLS enabled
- CA certs sync to slave instances via instance-sync payload
- Certificates page shows CA Certificates section

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
fuomag9
2026-03-05 20:29:55 +01:00
parent c407a01ca4
commit f3358c20cd
16 changed files with 821 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/(dashboard)/proxy-hosts/ProxyHostsClient.tsx
View File

@@ -9,6 +9,7 @@ import ContentCopyIcon from "@mui/icons-material/ContentCopy";
import type { AccessList } from "@/src/lib/models/access-lists";
import type { Certificate } from "@/src/lib/models/certificates";
import type { ProxyHost } from "@/src/lib/models/proxy-hosts";
import type { CaCertificate } from "@/src/lib/models/ca-certificates";
import type { AuthentikSettings } from "@/src/lib/settings";
import { toggleProxyHostAction } from "./actions";
import { PageHeader } from "@/src/components/ui/PageHeader";
@@ -20,12 +21,13 @@ type Props = {
hosts: ProxyHost[];
certificates: Certificate[];
accessLists: AccessList[];
caCertificates: CaCertificate[];
authentikDefaults: AuthentikSettings | null;
pagination: { total: number; page: number; perPage: number };
initialSearch: string;
};
export default function ProxyHostsClient({ hosts, certificates, accessLists, authentikDefaults, pagination, initialSearch }: Props) {
export default function ProxyHostsClient({ hosts, certificates, accessLists, caCertificates, authentikDefaults, pagination, initialSearch }: Props) {
const [createOpen, setCreateOpen] = useState(false);
const [duplicateHost, setDuplicateHost] = useState<ProxyHost | null>(null);
const [editHost, setEditHost] = useState<ProxyHost | null>(null);
@@ -170,6 +172,7 @@ export default function ProxyHostsClient({ hosts, certificates, accessLists, aut
certificates={certificates}
accessLists={accessLists}
authentikDefaults={authentikDefaults}
caCertificates={caCertificates}
/>
{editHost && (
@@ -179,6 +182,7 @@ export default function ProxyHostsClient({ hosts, certificates, accessLists, aut
onClose={() => setEditHost(null)}
certificates={certificates}
accessLists={accessLists}
caCertificates={caCertificates}
/>
)}