From 382a8629c2e7f51970931f86a26de78136e7f1ba Mon Sep 17 00:00:00 2001
From: Rephl3x <zak.bearman@amslabs.net>
Date: Thu, 29 Jan 2026 13:23:45 +1300
Subject: [PATCH] Add How-to dialog and simplify run controls

---
 certy.ps1 | 87 +++++++++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 71 insertions(+), 16 deletions(-)

diff --git a/certy.ps1 b/certy.ps1
index c0ebbaf..8edf89e 100644
--- a/certy.ps1
+++ b/certy.ps1
@@ -573,6 +573,13 @@ $headerSub.Location = [System.Drawing.Point]::new(12, 38)
 $headerSub.Size = [System.Drawing.Size]::new(600, 20)
 $header.Controls.Add($headerSub)
 
+$helpBtn = New-Object System.Windows.Forms.Button
+$helpBtn.Text = "How to use me"
+$helpBtn.Size = [System.Drawing.Size]::new(140, 28)
+$helpBtn.Location = [System.Drawing.Point]::new(($header.Width - 152), 20)
+$header.Controls.Add($helpBtn)
+Style-ButtonSecondary $helpBtn
+
 $y = $header.Bottom + 16
 
 Add-SectionHeader "Input"
@@ -594,7 +601,7 @@ Add-Label "File preview (first 200 lines)" $xLabel $y $labelWidth $rowHeight
 $filePreviewBox = Add-TextBox $xInput $y ($inputWidth - ($buttonWidth + $buttonGap)) 80 $true
 $filePreviewBox.ReadOnly = $true
 $filePreviewBtn = New-Object System.Windows.Forms.Button
-$filePreviewBtn.Text = "Preview"
+$filePreviewBtn.Text = "1) Preview"
 $filePreviewBtn.Location = [System.Drawing.Point]::new(($xInput + $inputWidth - $buttonWidth), ($y - 1))
 $filePreviewBtn.Size = [System.Drawing.Size]::new($buttonWidth, 26)
 $panel.Controls.Add($filePreviewBtn)
@@ -652,7 +659,7 @@ $dnsServerBox.BackColor = $colorInput
 $dnsServerBox.ForeColor = $colorText
 $panel.Controls.Add($dnsServerBox)
 $dnsScanBtn = New-Object System.Windows.Forms.Button
-$dnsScanBtn.Text = "Scan"
+$dnsScanBtn.Text = "2) Scan"
 $dnsScanBtn.Location = [System.Drawing.Point]::new(($xInput + $inputWidth - $buttonWidth), ($y - 1))
 $dnsScanBtn.Size = [System.Drawing.Size]::new($buttonWidth, 26)
 $panel.Controls.Add($dnsScanBtn)
@@ -757,15 +764,12 @@ $y += $rowHeight + $gap
 
 Add-SectionHeader "Run"
 $verboseBox = Add-CheckBox "Verbose" $xInput $y 120 $rowHeight
-$runWacsBox = Add-CheckBox "Run WACS after DNS update" ($xInput + 140) $y 260 $rowHeight
 $perHostBox = Add-CheckBox "One cert per host" ($xInput + 430) $y 180 $rowHeight
-$runWacsBox.Checked = $true
-$y += $rowHeight + $gap
-$disableCertsBox = Add-CheckBox "Turn off cert generation (DNS-only mode)" $xInput $y 360 $rowHeight
+$disableCertsBox = Add-CheckBox "Turn off cert generation (DNS-only mode)" ($xInput + 140) $y 360 $rowHeight
 $y += $rowHeight + ($gap * 2)
 
 $runBtn = New-Object System.Windows.Forms.Button
-$runBtn.Text = "Run"
+$runBtn.Text = "5) Run"
 $runBtn.Location = [System.Drawing.Point]::new($xInput, $y)
 $runBtn.Size = [System.Drawing.Size]::new(120, 30)
 $panel.Controls.Add($runBtn)
@@ -810,6 +814,60 @@ function Update-OutputTypeUI {
     }
 }
 
+function Show-HelpDialog {
+    $helpForm = New-Object System.Windows.Forms.Form
+    $helpForm.Text = "How to use me"
+    $helpForm.Size = [System.Drawing.Size]::new(720, 520)
+    $helpForm.StartPosition = "CenterParent"
+    $helpForm.BackColor = $colorBg
+
+    $panelHelp = New-Object System.Windows.Forms.Panel
+    $panelHelp.Dock = "Fill"
+    $panelHelp.BackColor = $colorBg
+    $panelHelp.Padding = New-Object System.Windows.Forms.Padding(16)
+    $helpForm.Controls.Add($panelHelp)
+
+    $title = New-Object System.Windows.Forms.Label
+    $title.Text = "How Certy Works"
+    $title.Font = New-Object System.Drawing.Font("Segoe UI Semibold", 14)
+    $title.ForeColor = $colorText
+    $title.AutoSize = $true
+    $panelHelp.Controls.Add($title)
+
+    $body = New-Object System.Windows.Forms.TextBox
+    $body.Multiline = $true
+    $body.ReadOnly = $true
+    $body.ScrollBars = "Vertical"
+    $body.BorderStyle = "FixedSingle"
+    $body.Font = $font
+    $body.BackColor = $colorInput
+    $body.ForeColor = $colorText
+    $body.Location = [System.Drawing.Point]::new(0, 40)
+    $body.Size = [System.Drawing.Size]::new(660, 380)
+    $body.Text = @"
+1. Add your hostnames via one-per-line, CSV or CSR folder then click 1) Preview.
+2. Click 2) Scan and select the DNS server in question (Primary is 10.106.60.1). Replication runs from there.
+3. Update the replication wait for as long as you want. Usually 15 minutes.
+4. Choose the output type (PEM/PFX). If PFX, supply a password.
+5. Click 5) Run.
+
+Other options:
+- Turn off cert generation (DNS-only mode) to just add DNS records now and generate certs later.
+- Disable DNS replication if records already point correctly and you only need a renewal certificate.
+"@
+    $panelHelp.Controls.Add($body)
+
+    $closeBtn = New-Object System.Windows.Forms.Button
+    $closeBtn.Text = "Close"
+    $closeBtn.Size = [System.Drawing.Size]::new(100, 30)
+    $closeBtn.Location = [System.Drawing.Point]::new(($body.Width - 100), ($body.Bottom + 12))
+    $panelHelp.Controls.Add($closeBtn)
+    Style-ButtonSecondary $closeBtn
+    $closeBtn.Add_Click({ $helpForm.Close() })
+
+    $helpForm.ShowDialog() | Out-Null
+}
+
 function Update-ReplicationUI {
     $enabled = $replicationEnabledBox.Checked
     $replicationTargetsBox.Enabled = $enabled
@@ -824,11 +882,7 @@ function Update-ReplicationUI {
 
 function Update-CertGenerationUI {
     $disabled = $disableCertsBox.Checked
-    $runWacsBox.Enabled = -not $disabled
     $perHostBox.Enabled = -not $disabled
-    if ($disabled) {
-        $runWacsBox.Checked = $false
-    }
 
     $wacsPathBox.Enabled = -not $disabled
     $outputTypeBox.Enabled = -not $disabled
@@ -896,9 +950,6 @@ if ($loadedDefaults) {
     $value = Get-DefaultValue -Defaults $loadedDefaults -Name "UseProvidedFqdn"
     if ($null -ne $value) { $useFqdnBox.Checked = [bool]$value }
 
-    $value = Get-DefaultValue -Defaults $loadedDefaults -Name "RunWacs"
-    if ($null -ne $value) { $runWacsBox.Checked = [bool]$value }
-
     $value = Get-DefaultValue -Defaults $loadedDefaults -Name "Verbose"
     if ($null -ne $value) { $verboseBox.Checked = [bool]$value }
 
@@ -928,6 +979,7 @@ function Apply-Layout {
     foreach ($line in $sectionLines) {
         $line.Width = $contentWidth
     }
+    $helpBtn.Left = $header.Width - $helpBtn.Width - 12
 
     $hostsBox.Width = $inputWidthCalc
     $fileBox.Width = $inputWidthCalc - ($buttonWidth + $buttonGap)
@@ -1087,6 +1139,10 @@ $outputTypeBox.Add_SelectedIndexChanged({
     Update-OutputTypeUI
 })
 
+$helpBtn.Add_Click({
+    Show-HelpDialog
+})
+
 $replicationCredBtn.Add_Click({
     $cred = Get-Credential -Message "Enter credentials for replication sessions."
     if (-not $cred) {
@@ -1123,7 +1179,6 @@ $saveDefaultsBtn.Add_Click({
         Validation          = $validationBox.Text
         ValidationPort      = $validationPortBox.Text
         UseProvidedFqdn     = $useFqdnBox.Checked
-        RunWacs             = $runWacsBox.Checked
         Verbose             = $verboseBox.Checked
         PerHostCerts        = $perHostBox.Checked
         DisableCertGeneration = $disableCertsBox.Checked
@@ -1229,7 +1284,7 @@ $runBtn.Add_Click({
 
         if ($disableCertsBox.Checked) {
             & $logAction "Cert generation disabled; DNS updates/replication only."
-        } elseif ($runWacsBox.Checked) {
+        } else {
             $wacsPath = $wacsPathBox.Text.Trim()
             if (-not (Test-Path -Path $wacsPath -PathType Leaf)) {
                 throw "WACS not found at: $wacsPath"