generated from pandosme/node-red-axis-template
-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
axis-security.html
257 lines (233 loc) · 7.45 KB
/
axis-security.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
<script type="text/x-red" data-template-name="Axis Security">
<div class="form-row">
<label for="node-input-preset"><i class="icon-tag"></i> Device</label>
<input type="text" id="node-input-preset">
</div>
<div class="form-row">
<label for="node-input-action"><i class="icon-tag"></i> Action</label>
<select id="node-input-action">
<option value="List accounts">List accounts</option>
<option value="Set account">Set account</option>
<option value="Remove account">Remove account</option>
<option value="Allow discovery">Allow discovery</option>
<option value="Allow SSH">Allow SSH</option>
<option value="Set SSH User">Set SSH User</option>
<option value="Allow Browser Access">Allow Browser Access</option>
<option value="Set firewall">Set firewall</option>
<option value="List certificates">List certificates</option>
<option value="Generate CSR">Generate CSR</option>
<option value="Install Certificate">Install Certificate</option>
<option value="Remove Certificate">Remove Certificate</option>
<option value="Set HTTPS certificate">Set HTTPS certificate</option>
</select>
</div>
</script>
<script type="text/javascript">
RED.nodes.registerType('Axis Security',{
category: 'Axis',
color: '#FFCC33',
defaults: {
name: { value:""},
preset: {type:"Device Access"},
address: {value:""},
action: { value:"List accounts"},
data: { value:""},
options: { value:""}
},
icon: "font-awesome/fa-shield",
inputs:1,
outputs:1,
label: function() {
return this.name || this.action || "Axis Security";
},
oneditprepare: function() {
$("#node-input-action").change(function() {
var action = $("#node-input-action").val();
$(".input_options").hide();
$(".input_data").hide();
$(".input_account").hide();
switch (action) {
case "List accounts":
break;
case "Set account":
break;
case "Remove account":
$(".input_account").show();
break;
case "Remove Certificate":
$(".input_data").show();
break;
default:
}
});
}
});
</script>
<script type="text/x-red" data-help-name="Axis Security">
<h2>Inputs & Outputs</h2>
Set the device and call an action.
Action will only output on success. Use a Catch node to get detailed errors.
<br/><br/>
<p>
<b>List accounts</b><br/>
Get all accounts
</p><br/>
<p>
<b>Set account</b><br/>
Adds or updates an account. Valid privilege levels are Viewer, Operator and Admin.<br/>
<code>msg.payload</code><br/>
<dl class="message-properties">
<dt>msg.payload<span class="property-type">object</span></dt>
<dd>
{<br/>
"name":"",<br/>
"password":"",<br/>
"privileges":"Admin"<br/>
}<br/>
</dd>
</dl>
</p><br/>
<p>
<b>Remove account</b><br/>
<dl class="message-properties">
<dt>msg.payload<span class="property-type">string</span></dt>
<dd>
Account name
</dd>
</dl>
</p><br/>
<p>
<b>Allow discovery</b><br/>
Enable or disabled discovey protocols (UPnP, Bonjour and Link-local)
<dl class="message-properties">
<dt>msg.payload<span class="property-type">boolean</span></dt>
<dd>
true or false
</dd>
</dl>
</p><br/>
<p>
<b>Allow SSH</b><br/>
Enable or disabled ability to connect terminal over SSH (Secure Shell)<br/>
Only for advanced maintence. Recommended to disable during daily operations.
<dl class="message-properties">
<dt>msg.payload<span class="property-type">boolean</span></dt>
<dd>
true or false
</dd>
</dl>
</p><br/>
<p>
<b>Set SSH User</b><br/>
Set or update SSH User. SSH must be enabled for users to access.<br/>
<dl class="message-properties">
<dt>msg.payload<span class="property-type">object</span></dt>
<dd>
{<br/>
"user":"name",<br/>
"password":"password",<br/>
"comment":"optional",<br/>
}</code><br/>
</dd>
</dl>
</p><br/>
<p>
<b>Allow Browser Access</b><br/>
Enable or disabled ability access device with a Browser<br/>
Does not affect the device API for VMS or other clients. Recommended to disable during daily operations.
<dl class="message-properties">
<dt>msg.payload<span class="property-type">boolean</span></dt>
<dd>
true or false
</dd>
</dl>
</p><br/>
<p>
<b>Set firewall</b><br/>
Limit connections to only trusted clients and service address.<br/>
Add multiple trusted client address to minimize locking yourself out.<br/>
All trusted connections needs to be added including outgoing connections such NTP, DNS and MQTT. Use the Axis Device node to list all current connections and they should be added in the list.
<dl class="message-properties">
<dt>msg.payload<span class="property-type">array</span></dt>
<dd>
List of at least two white listed IP addresses. An empty list will whitelist all connections.<br/>
["1.2.3.4.5","2.3.4.5",...]
</dd>
</dl>
</p><br/>
<p>
<b>List certificates</b><br/>
List all installed certificates<br/>
</p><br/>
<p>
<b>Generate CSR</b><br/>
Generate a CSR (Certificate signing request) to be signed by a CA.<br/>
<dl class="message-properties">
<dt>msg.payload<span class="property-type">object</span></dt>
<dd>
{<br/>
"CN":"host.domain.com",<br/>
"C":"US",<br/>
"O":"Acme Inc"<br/>
"ST":"State or province name"<br/>
"days":365<br/>
}<br/>
</dd>
</dl>
</p><br/>
<p>
<b>Install Certificate</b><br/>
Install a CA-signed certificate<br/>
<dl class="message-properties">
<dt>msg.payload<span class="property-type">string</span></dt>
<dd>
Certificate as PEM format
</dd>
</dl>
</p><br/>
<p>
<b>Remove Certificate</b><br/>
Remove an unused certificate (not currently used by HTTPS or 802.1x<br/>
<dl class="message-properties">
<dt>msg.payload<span class="property-type">string</span></dt>
<dd>
Certificate ID from List Certificate
</dd>
</dl>
</p><br/>
<p>
<b>Set HTTPS certificate</b><br/>
Installs a CA-signed certificate and configure HTTPS to use it<br/>
<dl class="message-properties">
<dt>msg.payload<span class="property-type">object</span></dt>
<dd>
{<br/>
"cert":"PEM data",<br/>
"key":"PEM data"<br/>
}</code><br/>
</dd>
</dl>
</p><br/>
<dl class="message-properties">
<dt>Options<span class="property-type">string | object | buffer</span></dt>
<dd>Depends on action<br/>
Use <code>msg.options</code> to override config.
</dd>
</dl>
<dl class="message-properties">
<dt>Data<span class="property-type">string | object | buffer</span></dt>
<dd>Depends on action<br/>
Use <code>msg.payload</code> to override config.
</dd>
</dl>
<h3>Outputs:</h3>
<dl class="message-properties">
<dt>msg.error<span class="property-type">bool | string</span></dt>
<dd>On success, error will be <code>false</code><br/>
On failure, error will be <code>true</code> or message string</dd>
</dl>
<dl class="message-properties">
<dt>msg.payload<span class="property-type">bool | string | buffer</span></dt>
<dd>Depends on action</dd>
</dl>
</script>