Browse Source

Reinstall on Debian 11 (and lots of small changes)

Miraty 4 years ago
parent
commit
131f92b56c
40 changed files with 1045 additions and 699 deletions
  1. 1 0
      .gitignore
  2. 0 149
      admin/reg.php
  3. 0 6
      admin/sftp.php
  4. 2 2
      auth/login.php
  5. 2 2
      auth/password.php
  6. 10 5
      auth/register.php
  7. 4 4
      ht/gemini-domain.php
  8. 8 6
      ht/gemini-onion.php
  9. 7 3
      ht/http-onion.php
  10. 3 3
      ht/https-domain.php
  11. 74 59
      ht/sftp.php
  12. 150 0
      inc/const.inc.php
  13. 46 33
      inc/form/form.ns.inc.php
  14. 1 1
      inc/ht.inc.php
  15. 0 15
      inc/html/ttl.ns.inc.php
  16. 6 2
      inc/ns.inc.php
  17. 2 2
      inc/pages.inc.php
  18. 2 103
      inc/reg.inc.php
  19. 4 4
      index.php
  20. 25 15
      less/form.less
  21. 5 25
      less/main.less
  22. 350 1
      niver.log
  23. 1 1
      ns/caa.php
  24. 41 4
      ns/dnssec.php
  25. 10 9
      ns/index.php
  26. 6 7
      ns/ip.php
  27. 52 0
      ns/loc.php
  28. 1 1
      ns/mx.php
  29. 2 2
      ns/ns.php
  30. 1 1
      ns/srv.php
  31. 1 1
      ns/sshfp.php
  32. 1 1
      ns/tlsa.php
  33. 1 1
      ns/txt.php
  34. 48 14
      ns/zone.php
  35. 2 2
      reg/ds.php
  36. 21 26
      reg/glue.php
  37. 4 4
      reg/index.php
  38. 1 1
      reg/ns.php
  39. 129 122
      reg/register.php
  40. 21 62
      top.inc.php

+ 1 - 0
.gitignore

@@ -1,3 +1,4 @@
 css/
 niver.log
 db/niver.db
+cmds

+ 0 - 149
admin/reg.php

@@ -1,149 +0,0 @@
-<?php
-exit();
-define("PREFIX", "/malaxe");
-define("ROOT_PATH", "/var/www/niver" . PREFIX);
-define("DB_PATH", ROOT_PATH . "/db/auth.db");
-$suffixes = array(
-  /* "atope.art.", */
-
-  "asso.atope.art.",
-  "org.atope.art.",
-  "perso.atope.art.",
-  "blog.atope.art.",
-  "me.atope.art.",
-
-  "edu.atope.art.",
-  "info.atope.art.",
-  "wiki.atope.art.",
-  "sci.atope.art.",
-
-  "pol.atope.art.",
-  "libre.atope.art.",
-  "fem.atope.art.",
-  "eco.atope.art.",
-  "veg.atope.art.",
-  "bio.atope.art.",
-  "anar.atope.art.",
-  "ancom.atope.art.",
-  "acab.atope.art.",
-  "handi.atope.art.",
-
-  "queer.atope.art.",
-  "gay.atope.art.",
-  "enby.atope.art.",
-  "trans.atope.art.",
-
-  "net.atope.art.",
-  "tech.atope.art.",
-  "io.atope.art.",
-  "sec.atope.art.",
-  "cyber.atope.art.",
-  "dev.atope.art.",
-  "geek.atope.art.",
-  "fs.atope.art.",
-  "ht.atope.art.",
-  "hyper.atope.art.",
-  "git.atope.art.",
-  "forge.atope.art.",
-  "code.atope.art.",
-  "lab.atope.art.",
-  "labs.atope.art.",
-  "gemini.atope.art.",
-  "gmi.atope.art.",
-  "gemlog.atope.art.",
-  "mail.atope.art.",
-  "ynh.atope.art.",
-  "yuno.atope.art.",
-  "sys.atope.art.",
-
-  "fed.atope.art.",
-  "fedi.atope.art.",
-  "soc.atope.art.",
-  "masto.atope.art.",
-  "plero.atope.art.",
-  "pix.atope.art.",
-  "mobi.atope.art.",
-
-  "art.atope.art.",
-  "music.atope.art.",
-  "video.atope.art.",
-  "draw.atope.art.",
-  "audio.atope.art.",
-  "ink.atope.art.",
-
-  "na.atope.art.",
-  "psy.atope.art.",
-  "neuro.atope.art.",
-  "auti.atope.art.",
-  "plur.atope.art.",
-
-  "blue.atope.art.",
-  "red.atope.art.",
-  "pink.atope.art.",
-  "green.atope.art.",
-  "black.atope.art.",
-
-  "city.atope.art.",
-  "town.atope.art.",
-  "cafe.atope.art.",
-  "home.atope.art.",
-  "forum.atope.art.",
-
-  "dream.atope.art.",
-  "space.atope.art.",
-  "forest.atope.art.",
-  "rain.atope.art.",
-  "snow.atope.art.",
-  "sun.atope.art.",
-  "earth.atope.art.",
-  "world.atope.art.",
-  "soft.atope.art.",
-  "cute.atope.art.",
-  "cutie.atope.art.",
-  "fun.atope.art.",
-  "play.atope.art.",
-  "game.atope.art.",
-);
-
-foreach ($suffixes as $extension) {
-  /*
-  $db = new PDO('sqlite:' . DB_PATH);
-  $stmt = $db->prepare("INSERT INTO registry(domain, username, last_renewal) VALUES(:domain, :username, :last_renewal)");
-
-  $time = date("Y-m-d H:i:s");
-  $username = "niver";
-  $stmt->bindParam(':domain', $extension);
-  $stmt->bindParam(':username', $username);
-  $stmt->bindParam(':last_renewal', $time);
-
-  $stmt->execute();
-
-  echo $extension . "\n";
-  exec("cp /var/lib/knot/zones/template /var/lib/knot/zones/" . $extension . "zone");
-  exec("sed -i 's/maison.atope.art./" . $extension . "/g' /var/lib/knot/zones/" . $extension . "zone");
-
-  exec("knotc zone-begin atope.art.");
-  exec("knotc zone-set atope.art. " . $extension . " 86400 IN NS ns1.atope.art.");
-  exec("knotc zone-set atope.art. " . $extension . " 86400 IN NS ns6.gandi.net.");
-  exec("knotc zone-commit atope.art.");
-
-  exec("knotc conf-begin");
-  exec("knotc conf-set 'zone[" . $extension . "]'");
-  exec("knotc conf-set 'zone[" . $extension . "].file' '" . $extension . "zone'");
-  exec("knotc conf-commit");
-
-  exec("knotc zone-begin " . $extension);
-  exec("knotc zone-set " . $extension . " " . $extension . " 86400 IN NS ns1.atope.art.");
-  exec("knotc zone-set " . $extension . " " . $extension . " 86400 IN NS ns6.gandi.net.");
-  exec("knotc zone-commit " . $extension);
-*/
-  unset($output);
-  exec("/usr/sbin/keymgr " . $extension . " ds", $output);
-
-  $dsRecord = preg_replace("/DS/", "86400 DS", $output[0]);
-
-  exec("knotc zone-begin atope.art.");
-  exec("knotc zone-set atope.art. " . $dsRecord);
-  exec("knotc zone-commit atope.art.");
-
-}

+ 0 - 6
admin/sftp.php

@@ -1,6 +0,0 @@
-<?php
-$username = "castux";
-$password = $username . $username;
-//passthru("/usr/bin/sudo /usr/local/bin/maniver reload-nginx", $output);
-passthru("/usr/bin/sudo /usr/local/bin/maniver setup-user " . $username . " " . $password, $output);
-var_dump($output);

+ 2 - 2
auth/login.php

@@ -2,11 +2,11 @@
 
 <form method="post">
   <label for="username">Identifiant</label><br>
-  <input required="" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" id="username" name="username" type="text" placeholder="proudhon">
+  <input required="" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" id="username" name="username" type="text" placeholder="lain">
   <br>
 
   <label for="password">Clé de passe</label><br>
-  <input required="" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="password" name="password" type="password" placeholder="************">
+  <input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="password" name="password" type="password" placeholder="************">
   <br>
 
   <input type="submit">

+ 2 - 2
auth/password.php

@@ -6,10 +6,10 @@
 
 <form method="post">
   <label for="currentPassword">Mot de passe actuel</label><br>
-  <input required="" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="currentPassword" name="currentPassword" type="password" placeholder="************"><br>
+  <input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="currentPassword" name="currentPassword" type="password" placeholder="************"><br>
 
   <label for="newPassword">Nouveau mot de passe</label><br>
-  <input required="" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="newPassword" name="newPassword" type="password" placeholder="************"><br>
+  <input required="" autocomplete="new-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="newPassword" name="newPassword" type="password" placeholder="************"><br>
 
   <input type="submit">
 </form>

+ 10 - 5
auth/register.php

@@ -39,20 +39,25 @@ if (isset($_POST['username']) AND isset($_POST['password'])) {
 ?>
 
 <form method="post">
-  <label for="username">Identifiant</label><br>
-  <input id="username" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" required="" name="username" type="text" placeholder="proudhon"><span></span><br>
+  <label for="username">
+    <details>
+      <summary>Identifiant</summary>
+      Uniquement composé de lettres minuscules.
+    </details>
+    <input id="username" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" required="" name="username" type="text" placeholder="lain"><span></span><br>
+  </label>
   <?php
   if (isset($userExist) AND $userExist == true) {
-    echo "Cet identifiant est déjà utilisé. Choisissez-en un autre.";
+    echo "<br>Cet identifiant est déjà utilisé. Choisissez-en un autre.";
   }
    ?>
   <label for="password">
     <details>
       <summary>Clé de passe</summary>
-      Minimum 10 caractères ou minimum 8 caractères s'il contient minuscule, majuscule et chiffre
+      Minimum 8 caractères si elle contient minuscule, majuscule et chiffre, ou minimum 10 caractères sinon.
     </details>
 
-    <input id="password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" required="" name="password" type="password" placeholder="************"><span title="Le format nest pas valide"></span><br>
+    <input autocomplete="new-password" id="password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" required="" name="password" type="password" placeholder="************"><span title="Le format nest pas valide"></span><br>
 
   </label>
 

+ 4 - 4
ht/gemini-domain.php

@@ -2,9 +2,9 @@
 
 <p>
   Ajouter un domaine sur un dossier de site<br>
-  Le domaine doit pointer vers ces adresses IP :<br>
-  IPv4 : 45.13.104.169<br>
-  IPv6 : 2a0b:cbc0:1103:2::106f
+  Le domaine doit pointer vers ces adresses IP :
+  <br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
+  <br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
 </p>
 
 <form method="post">
@@ -64,7 +64,7 @@ if (isset($_POST['domain']) AND isset($_POST['dir']) AND isset($_SESSION['userna
 
   $conf = "# START NIVERSITE
 [" . $_POST['domain'] . "]
-root=/srv/hyper/" . $_SESSION['username'] . "/hyper/" . $_POST['dir'] . "
+root=" . HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'] . "
 # STOP NIVERSITE
 ";
   file_put_contents("/etc/gmnisrv.ini", $conf, FILE_APPEND);

+ 8 - 6
ht/gemini-onion.php

@@ -64,17 +64,19 @@ if (isset($_POST['dir']) AND isset($_SESSION['username'])) {
   exec(SUDO_PATH . " " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
   addNiverLog("Tor data exported by " . $_SESSION['username'], $output);
 
+  // Wait
+  sleep(1);
+
   // Get the address generated by Tor
-  $onion = file_get_contents("/srv/hyper/" . $_SESSION['username'] . "/hyper/" . $_POST['dir'] . "/hostname");
-  $onion = str_replace(array("\r","\n"), "", $onion);
+  $onion = file_get_contents(HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'] . "/hostname");
+  $onion = str_replace(array("\r", "\n"), "", $onion);
 
   // Store it in the database
   addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "gemini");
 
-  $conf = "# START NIVERSITE
+  $conf = "
 [" . $onion . "]
-root=/srv/hyper/" . $_SESSION['username'] . "/hyper/" . $_POST['dir'] . "
-# STOP NIVERSITE
+root=" . HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'] . "
 ";
   file_put_contents("/etc/gmnisrv.ini", $conf, FILE_APPEND);
 
@@ -82,7 +84,7 @@ root=/srv/hyper/" . $_SESSION['username'] . "/hyper/" . $_POST['dir'] . "
   exec(SUDO_PATH . " " . MANIVER_PATH . " restart-gmnisrv");
 
   // Tell the user their site address
-  echo "<p>L'adresse de votre capsule Onion Gemini est :<br><a href='http://" . $onion . "'<code>http://" . $onion . "</code></a></p>";
+  echo "<p>L'adresse de votre capsule Onion Gemini est : <br><a href='http://" . $onion . "'<code>http://" . $onion . "</code></a></p>";
 
 }
 

+ 7 - 3
ht/http-onion.php

@@ -64,9 +64,12 @@ if (isset($_POST['dir']) AND isset($_SESSION['username'])) {
   exec(SUDO_PATH . " " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
   addNiverLog("Tor data exported by " . $_SESSION['username'], $output);
 
+  // Wait
+  sleep(1);
+
   // Get the address generated by Tor
-  $onion = file_get_contents("/srv/hyper/" . $_SESSION['username'] . "/hyper/" . $_POST['dir'] . "/hostname");
-  $onion = str_replace(array("\r","\n"), "", $onion);
+  $onion = file_get_contents(HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'] . "/hostname");
+  $onion = str_replace(array("\r", "\n"), "", $onion);
 
   // Store it in the database
   addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "http");
@@ -79,7 +82,8 @@ if (isset($_POST['dir']) AND isset($_SESSION['username'])) {
   file_put_contents(NGINX_CONFIG_PATH . "/" . $_POST['dir'] . ".conf", $nginxConf);
 
   // Reload Nginx
-  exec(SUDO_PATH . " " . MANIVER_PATH . " reload-nginx");
+  exec(SUDO_PATH . " " . MANIVER_PATH . " reload-nginx", $output);
+  addNiverLog("Nginx reloaded by " . $_SESSION['username'], $output);
 
   // Tell the user their site address
   echo "<p>L'adresse de votre site Onion HTTP est :<br><a href='http://" . $onion . "'<code>http://" . $onion . "</code></a></p>";

+ 3 - 3
ht/https-domain.php

@@ -2,9 +2,9 @@
 
 <p>
   Ajouter un domaine sur un dossier de site<br>
-  Le domaine doit pointer vers ces adresses IP :<br>
-  IPv4 : 45.13.104.169<br>
-  IPv6 : 2a0b:cbc0:1103:2::106f
+  Le domaine doit pointer vers ces adresses IP :
+  <br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
+  <br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
 </p>
 
 <form method="post">

+ 74 - 59
ht/sftp.php

@@ -4,7 +4,7 @@
 if ($_SESSION['sftp_enabled'] == false) { ?>
 <p>
   Pour que vous puissiez mettre en ligne votre site via <abbr title="SSH File Transfert Protocol">SFTP</abbr>, veuillez définir un mot de passe.
-  <br>Il sera loggué en clair dans le systèmee et il ne pourra pas être modifié.
+  <br>Il sera loggué en clair dans le système et il ne pourra pas être modifié.
 </p>
 
 <form method="post">
@@ -28,41 +28,56 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
   }
 } else if ($_SESSION['sftp_enabled'] == true) { ?>
 
-  Indiquez les données ci-dessous à votre client <abbr title="SSH File Transfert Protocol">SFTP</abbr> pour accéder à vos sites.
-  <dl>
-    <dt>Utilisataire</dt>
-    <dd>
-      <code><?= $_SESSION['username'] ?></code>
-    </dd>
-
-    <dt>Clé de passe</dt>
-    <dd>
-      celle que vous avez définit lors de l'activation de l'accès <abbr title="SSH File Transfert Protocol">SFTP</abbr>
-    </dd>
-
-    <dt>Serveur</dt>
-    <dd>
-      <code>sftp.niver.atope.art</code>
-    </dd>
-
-    <dt>Port</dt>
-    <dd>
-      <code>22</code> (par défaut)
-    </dd>
-
-    <dt>Dossier</dt>
-    <dd>
-      <code>/</code>
-    </dd>
-  </dl>
-
-  <div>
-    <a href="sftp://<?= $_SESSION['username'] ?>@sftp.niver.atope.art/">sftp://<?= $_SESSION['username'] ?>@sftp.niver.atope.art/</a>
-  </div>
-
-  <p>
-    L'accès n'est disponible qu'en IPv4.
-  </p>
+  Vous avez désormais accès à un espace <abbr title="SSH File Transfert Protocol">SFTP</abbr>. Vous pouvez téléverser vos sites dans <code>/ht/&lt;nom du site&gt;/*</code>.
+  <br>
+  <section>
+    <h2>Quota</h2>
+    L'espace est limité au total à 10Kio de stockage et 10 fichiers/dossiers.
+  </section>
+  <section>
+    <h2>Clients SFTP</h2>
+    <strong>Dolphin</strong> et <strong>GNOME Fichiers</strong> (<em>Nautilus</em>) sont disponibles sur la plupart des distributions GNU et sont installés par défaut respectivement sur les environnements de bureau KDE et GNOME. <a href="https://filezilla-project.org/"><strong>FileZilla</strong></a> est disponible aussi pour les autres systèmes d'exploitation de bureau.
+    <br>
+    C'est aussi possible d'utiliser le client <code>sftp</code> en ligne de commande.
+  </section>
+  <section>
+    <h2>Informations de connexion</h2>
+
+    <div>
+      <a href="sftp://<?= $_SESSION['username'] ?>@sftp.niver.4.niv.re/">sftp://<?= $_SESSION['username'] ?>@sftp.niver.4.niv.re/</a>
+    </div>
+
+    Indiquez les données ci-dessous à votre client <abbr title="SSH File Transfert Protocol">SFTP</abbr> pour y accéder.
+
+    <dl>
+      <dt>Utilisataire</dt>
+      <dd>
+        <code><?= $_SESSION['username'] ?></code>
+      </dd>
+
+      <dt>Clé de passe</dt>
+      <dd>
+        celle que vous avez définit lors de l'activation de l'accès <abbr title="SSH File Transfert Protocol">SFTP</abbr>
+      </dd>
+
+      <dt>Serveur</dt>
+      <dd>
+        <code>sftp.niver.4.niv.re</code>
+      </dd>
+
+      <dt>Port</dt>
+      <dd>
+        <code>22</code> (par défaut)
+      </dd>
+
+      <dt>Dossier</dt>
+      <dd>
+        <code>/</code>
+      </dd>
+    </dl>
+
+  </section>
+
 
   <section>
     <h2>Vérifier la connexion</h2>
@@ -71,12 +86,12 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
       <ul>
         <li>
           <code class="breakable">
-            SHA256:PfpB9Kk0HsOs1tWTcEu9UrPZfBXIFmdtpYOzGisGIxU
+            SHA256:k5gzcFr5BbOhNUgS6Nbyy15dXPpw6pmTo8OLZ5mLRmA
           </code>
         </li>
         <li>
           <code class="breakable">
-            AAAAC3NzaC1lZDI1NTE5AAAAIMpq93hAU4YKOLIXg601bZVCxwqZFZRnaQlv6gAMdfXV
+            AAAAC3NzaC1lZDI1NTE5AAAAIF3RT3r6bYGw88TQ190PIZz1UUVV3Xt5SLOo39G+ShjR
           </code>
         </li>
         <li>
@@ -85,15 +100,15 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
             <samp>
               <pre>
 +--[ED25519 256]--+
-|      E     ..o++|
-|       .     =oo+|
-|      .   . = =+o|
-|     .   = . O.=B|
-|    . o S % =.=++|
-|     . o B @  ...|
-|        * B      |
-|       o o .     |
-|          .      |
+|   .oo..*        |
+|  .  ..+ *       |
+| . .. = . . .    |
+|  + E= + + o     |
+| . +..= S = .    |
+|    . .+ o =     |
+|   . o...o...    |
+|    o..oB.+o     |
+|   ...oo+=+o     |
 +----[SHA256]-----+
               </pre>
             </samp>
@@ -106,14 +121,14 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
       <ul>
         <li>
           <code class="breakable">
-            SHA256:HL4+Jq9TqE8ZLkW/2oqUvpPuz5kFkewK0hvtcaGvhH8
+            SHA256:yu9PGTGpeCyjaDDG0RiInsMIa1w6t2c6Gv6oemzeFN4
           </code>
         </li>
         <li>
           <details>
             <summary>Clé publique</summary>
             <code class="breakable">
-              AAAAB3NzaC1yc2EAAAADAQABAAABgQCicjbcL33w1RLUvtgMQjsuMCImp+ZNhYz24RcEO4OzBjDaHg0viQMXgkE9y68J0XVSRKMOQDaPHl6z+Q0xa9P0lnPZxSD+mhmGxjNtOPMoPueidEonvfc48MFgHL8nErvX5+hf9hLROPPBYMlMF2GgK4X/VT6AtIQWuU9E3Wm67+VBH31CCzVh2YUG7FJCQK/AwIsOcDC4ZDOorLu7NXd+bcuqdrleYJsqrirVTQh4zXe3hFdzZepgB44hyKd5YpWIVv6eCVfWNCjFG5D3+I5f8ivsNl9gh5DCLQY+iudl+j5pzImSZVC1Rogn42l8cG5Bg6fqyugWAvIwSUiajB9d2wCidL0o+HpdpHh1gOC08/G9DFj6gtNhaerEitRAGAYVZu1IGVJqaJyG8TGByoDoNVKh7zQu7B7lyy+yDa3Y9LpLoA1Mdux22zDQXkM99C/Q7XBlHSCC/STx0ugO8H5Nbjr9eIK0FBt3UI2Y29SOU5YxoOCx4i3c7k61Jy9NnF0=
+              AAAAB3NzaC1yc2EAAAADAQABAAABgQC5Zj5nghhFpdFsyxS6LZd+cYejGR82kow2UsnoRtQ20SU6ro36f4HnFkRcJyY4uPeTyUECX9uBircpKsizfkdfzJf3sTtjrAwghVVdH8EXsK1UjWTt4rRaav3F+g86DEcx7mqMva6zpnoxONjzA+Inm3SD89VuvSl1ZmZBBEEsqsIifNPYVPG1LQg62OEY1gpe89w92CXeEM7rGarp04ux76ORxN93BwnH27q9yjyBensZ/AjL6OmTtDHD8wWG0G6E3gqsyVUiELysyvwW4z3bfSOLRTwtwFaHe7WRjf9iy53h+ZcYZeA+Xe1eTffj0JGtNX2Fh6DWgso1yOeVV0Nziw4wI3Cpr2iO1x4oxeT8qwgklYMuJTAlNaahLXmENtmeq7BkaDKVZb/IW+uLj517c7WnOEUtr1xUcw4yuXXFVRBspmHzkwEvHsix/ZNmofkqo7ZZv5MIoRW1ad6peb8ApkxZ8UNVGcxmJgZmOrW1GBlCpyJdwwSMrLfQH5Zw8dk=
             </code>
           </details>
         </li>
@@ -123,15 +138,15 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
             <samp>
               <pre>
 +---[RSA 3072]----+
-|                 |
-|     . .         |
-|      * .        |
-| . . + * .       |
-|. + + *.S        |
-| . * O.+.o       |
-|  o Bo=.+        |
-|   =+*EBo        |
-|   oO*XB+.       |
+|o.               |
+|+ +.       .     |
+|*++.      +      |
+|+X..   o . o     |
+|+o+ o + S .      |
+|.o + B =   o     |
+| oo B E   o      |
+|..*=   . .       |
+|=B+.o  .o..      |
 +----[SHA256]-----+
               </pre>
             </samp>
@@ -139,7 +154,7 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
         </li>
       </ul>
     </section>
-    N'acceptez la connexion que si votre client vous montre les mêmes !
+    N'acceptez la connexion que si votre client vous montre l'une de ces signatures !
   </section>
   <br>
 <?php

+ 150 - 0
inc/const.inc.php

@@ -0,0 +1,150 @@
+<?php
+if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
+  exit("This file is meant to be included.");
+
+// --- Constants definitions ---
+
+// Public IP adresses (shown on the interface)
+define("IPV4_ADDRESS", "82.66.61.19");
+define("IPV6_ADDRESS", "2a01:e0a:15c:2e40:acab:3:3:3");
+//define("IPV6_ADDRESS", "2a01:e0a:15c:2e40:acab:4c4b:1312:fed1");
+
+// Custom Niver paths
+define("PREFIX", "/motrig"); // Prefix in URL, if any
+define("ROOT_PATH", "/var/www/niver" . PREFIX); // Niver's directory
+define("SERVICE", substr(dirname($_SERVER['PHP_SELF']), strlen(PREFIX) + 1));
+define("PAGE", basename($_SERVER['PHP_SELF'], '.php'));
+define("DB_PATH", ROOT_PATH . "/db/niver.db"); // Niver's SQLite database
+define("NIVER_TEMPLATE_PATH", "/usr/local/share/niver"); // Templates directory (skel, nginx, knot...)
+define("MANIVER_PATH", "/usr/local/bin/maniver"); // Executable file
+define("HT_PATH", "/srv/ht"); // The mountpoint of the hypertext storage partition (that will be accessed over SFTP)
+// Nginx
+define("NGINX_CONFIG_PATH", "/etc/nginx/ht"); // Nginx configuration directory
+// Tor
+define("TOR_CONFIG_PATH", "/etc/tor/instances/niver/torrc"); // Tor configuration file
+define("TOR_KEYS_PATH", "/var/lib/tor-instances/niver/keys"); // Tor keys directory
+// Knot
+define("KNOT_ZONES_PATH", "/var/lib/knot/zones"); // Knot zones directory
+// Executable files (you can get the full path of a command with $ which <command>)
+define("KNOTC_PATH", "/usr/sbin/knotc");
+define("KEYMGR_PATH", "/usr/sbin/keymgr");
+define("SUDO_PATH", "/usr/bin/sudo");
+define("LS_PATH", "/usr/bin/ls");
+
+// Both frontend and backend regexes
+define("USERNAME_REGEX", "^[a-z]{4,32}$");
+define("PASSWORD_REGEX", "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])[a-zA-Z0-9]{8,1024}|.{10,1024}$");
+define("SUBDOMAIN_REGEX", "^[a-z]{4,63}$");
+
+// Color scheme
+define("THEME", array(
+  'htColor' => "#FF0000",
+  'regColor' => "#DA03E5",
+  'authColor' => "#00FF00",
+  'nsColor' => "#00A5A5",//00c4c4
+  'lightColor' => '#FFFFFF',
+  'darkColor' => '#2a2a2a',
+));
+
+// Public suffixes
+define("SUFFIXES", array(
+  "4.niv.re.",
+
+  "asso.4.niv.re.",
+  "org.4.niv.re.",
+  "perso.4.niv.re.",
+  "blog.4.niv.re.",
+  "me.4.niv.re.",
+
+  "edu.4.niv.re.",
+  "info.4.niv.re.",
+  "wiki.4.niv.re.",
+  "sci.4.niv.re.",
+
+  "pol.4.niv.re.",
+  "libre.4.niv.re.",
+  "fem.4.niv.re.",
+  "eco.4.niv.re.",
+  "veg.4.niv.re.",
+  "bio.4.niv.re.",
+  "anar.4.niv.re.",
+  "ancom.4.niv.re.",
+  "acab.4.niv.re.",
+  "handi.4.niv.re.",
+
+  "queer.4.niv.re.",
+  "gay.4.niv.re.",
+  "enby.4.niv.re.",
+  "trans.4.niv.re.",
+
+  "net.4.niv.re.",
+  "tech.4.niv.re.",
+  "io.4.niv.re.",
+  "sec.4.niv.re.",
+  "cyber.4.niv.re.",
+  "dev.4.niv.re.",
+  "geek.4.niv.re.",
+  "fs.4.niv.re.",
+  "ht.4.niv.re.",
+  "hyper.4.niv.re.",
+  "git.4.niv.re.",
+  "forge.4.niv.re.",
+  "code.4.niv.re.",
+  "lab.4.niv.re.",
+  "labs.4.niv.re.",
+  "gemini.4.niv.re.",
+  "gmi.4.niv.re.",
+  "gemlog.4.niv.re.",
+  "mail.4.niv.re.",
+  "ynh.4.niv.re.",
+  "yuno.4.niv.re.",
+  "sys.4.niv.re.",
+
+  "fed.4.niv.re.",
+  "fedi.4.niv.re.",
+  "soc.4.niv.re.",
+  "masto.4.niv.re.",
+  "plero.4.niv.re.",
+  "pix.4.niv.re.",
+  "mobi.4.niv.re.",
+
+  "art.4.niv.re.",
+  "music.4.niv.re.",
+  "video.4.niv.re.",
+  "draw.4.niv.re.",
+  "audio.4.niv.re.",
+  "ink.4.niv.re.",
+
+  "na.4.niv.re.",
+  "psy.4.niv.re.",
+  "neuro.4.niv.re.",
+  "auti.4.niv.re.",
+  "plur.4.niv.re.",
+
+  "blue.4.niv.re.",
+  "red.4.niv.re.",
+  "pink.4.niv.re.",
+  "green.4.niv.re.",
+  "black.4.niv.re.",
+
+  "city.4.niv.re.",
+  "town.4.niv.re.",
+  "cafe.4.niv.re.",
+  "home.4.niv.re.",
+  "forum.4.niv.re.",
+
+  "dream.4.niv.re.",
+  "space.4.niv.re.",
+  "forest.4.niv.re.",
+  "rain.4.niv.re.",
+  "snow.4.niv.re.",
+  "sun.4.niv.re.",
+  "earth.4.niv.re.",
+  "world.4.niv.re.",
+  "soft.4.niv.re.",
+  "cute.4.niv.re.",
+  "cutie.4.niv.re.",
+  "fun.4.niv.re.",
+  "play.4.niv.re.",
+  "game.4.niv.re.",
+));

+ 46 - 33
inc/form/form.ns.inc.php

@@ -5,42 +5,55 @@
 </select>
 <br>
 
-<label for="zone">Zone</label>
-<br>
-<select required="" name="zone" id="zone">
-  <option value="" disabled="" selected="">-</option>
+<fieldset>
+  <legend>Domaine</legend>
+  <div class="elForm">
+    <label for="subdomain">Sous-domaine</label>
+    <br>
+    <input id="subdomain" size="16" placeholder="www" pattern="^(([a-z0-9]{1,63}\.?){1,127})|(@){1}$" name="subdomain" type="text">
+  </div>
+  <div class="elForm">
+    <label for="zone">Zone</label>
+    <br>
+    <select required="" name="zone" id="zone">
+      <option value="" disabled="" selected="">-</option>
 
-  <?php
-  $zones = nsListUserZones($_SESSION['username']);
+      <?php
+      $zones = nsListUserZones($_SESSION['username']);
 
-  foreach ($zones as $zone) {
-    echo "<option value='" . $zone . "'>" . $zone . "</option>";
-  }
-  ?>
-</select>
+      if (!empty($zones)) {
+        foreach ($zones as $zone)
+          echo "<option value='" . $zone . "'>" . $zone . "</option>";
+      }
+      ?>
+    </select>
+  </div>
+</fieldset>
 
 <fieldset>
   <legend><abbr title="Time To Live">TTL</abbr></legend>
-
-  <input id="ttl-value" list="ttls" name="ttl-value" size="6" type="number" min="1" max="432000" value="3600" placeholder="3600">
-  <datalist id="ttls">
-    <option value="900">
-    <option value="1800">
-    <option value="3600">
-    <option value="10800">
-    <option value="21600">
-    <option value="86400">
-    <option value="432000">
-  </datalist>
-
-  <select name="ttl-multiplier" id="ttl-multiplier">
-    <option value="1">seconde</option>
-    <option value="60">minute</option>
-    <option value="3600">heure</option>
-    <option value="86400">jour</option>
-  </select>
+  <div class="elForm">
+    <label for="ttl-value">Valeur</label>
+    <br>
+    <input required="" id="ttl-value" list="ttls" name="ttl-value" size="6" type="number" min="1" max="432000" value="3600" placeholder="3600">
+    <datalist id="ttls">
+      <option value="900">
+      <option value="1800">
+      <option value="3600">
+      <option value="10800">
+      <option value="21600">
+      <option value="86400">
+      <option value="432000">
+    </datalist>
+  </div>
+  <div class="elForm">
+    <label for="ttl-multiplier">Unité</label>
+    <br>
+    <select required="" name="ttl-multiplier" id="ttl-multiplier">
+      <option value="1">seconde</option>
+      <option value="60">minute</option>
+      <option value="3600">heure</option>
+      <option value="86400">jour</option>
+    </select>
+  </div>
 </fieldset>
-
-<label for="domain">Domaine</label>
-<br>
-<input id="domain" placeholder="exemple." name="domain" type="text">

+ 1 - 1
inc/ht.inc.php

@@ -3,7 +3,7 @@ if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
   exit("This file is meant to be included.");
 
 function listFsDirs($username) {
-  exec(LS_PATH . " ls --format=single-column -d /srv/hyper/" . $username . "/hyper/*/", $absoluteDirs);
+  exec(LS_PATH . " --format=single-column -d " . HT_PATH . "/" . $username . "/ht/*/", $absoluteDirs);
   $relativeDirs = false;
   foreach ($absoluteDirs as $i => $absoluteDir) {
     $tree = explode("/", $absoluteDir); // The last key is NULL

+ 0 - 15
inc/html/ttl.ns.inc.php

@@ -1,15 +0,0 @@
-<fieldset>
-  <legend><abbr title="Time To Live">TTL</abbr></legend>
-  <label for="ttl-value">Valeur</label>
-  <br>
-  <input id="ttl-value" list="ttls" name="ttl-value" size="10" type="number" min="300" max="604800" value="3600" placeholder="3600">
-  <br>
-  <label for="ttl-multiplier">Unité</label>
-  <br>
-  <select name="ttl-multiplier" id="ttl-multiplier">
-    <option value="1">seconde</option>
-    <option value="60">minute</option>
-    <option value="3600">heure</option>
-    <option value="86400">jour</option>
-  </select>
-</fieldset>

+ 6 - 2
inc/ns.inc.php

@@ -5,7 +5,6 @@ if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
 function nsCommonRequirements() {
   if (isset($_POST['action'])
     AND isset($_POST['zone'])
-    AND isset($_POST['domain'])
     AND isset($_POST['ttl-value'])
     AND isset($_POST['ttl-multiplier'])
     AND isset($_SESSION['username'])
@@ -18,7 +17,12 @@ function nsParseCommonRequirements() {
   $values['action'] = checkAction($_POST['action']);
 
   nsCheckZonePossession($_POST['zone']);
-  checkAbsoluteDomainFormat($_POST['domain']);
+
+  if (($_POST['subdomain'] === "") OR ($_POST['subdomain'] === "@"))
+    $values['domain'] = $_POST['zone'];
+  else
+    $values['domain'] = $_POST['subdomain'] . "." . $_POST['zone'];
+  checkAbsoluteDomainFormat($values['domain']);
 
   $values['ttl'] = $_POST['ttl-value'] * $_POST['ttl-multiplier'];
 

+ 2 - 2
inc/pages.inc.php

@@ -38,7 +38,7 @@ switch (SERVICE) {
         $page['title'] = "Enregistrement TLSA";
       break;
       case "zone":
-        $page['title'] = "Ajouter une zone";
+        $page['title'] = "Gérer ses zones";
       break;
     }
   break;
@@ -53,7 +53,7 @@ switch (SERVICE) {
         $page['title'] = "Ajouter un enregistrement NS";
       break;
       case "register":
-        $page['title'] = "Enregistrer un nouveau nom de domaine";
+        $page['title'] = "Enregistrer un nouveau domaine";
       break;
       case "glue":
         $page['title'] = "Créer un Glue Record";

+ 2 - 103
inc/reg.inc.php

@@ -2,7 +2,8 @@
 if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
   exit("This file is meant to be included.");
 
-function regGetSuffix($domain) {
+function regGetUpperDomain($domain) {
+  // Remove anything before the first dot and the first dot itself
   return preg_replace("/^[^.]+\./", "", $domain);
 }
 
@@ -75,105 +76,3 @@ function regIsFree($domain) {
   }
 
 }
-
-$suffixes = array(
-  "atope.art.",
-
-  "asso.atope.art.",
-  "org.atope.art.",
-  "perso.atope.art.",
-  "blog.atope.art.",
-  "me.atope.art.",
-
-  "edu.atope.art.",
-  "info.atope.art.",
-  "wiki.atope.art.",
-  "sci.atope.art.",
-
-  "pol.atope.art.",
-  "libre.atope.art.",
-  "fem.atope.art.",
-  "eco.atope.art.",
-  "veg.atope.art.",
-  "bio.atope.art.",
-  "anar.atope.art.",
-  "ancom.atope.art.",
-  "acab.atope.art.",
-  "handi.atope.art.",
-
-  "queer.atope.art.",
-  "gay.atope.art.",
-  "enby.atope.art.",
-  "trans.atope.art.",
-
-  "net.atope.art.",
-  "tech.atope.art.",
-  "io.atope.art.",
-  "sec.atope.art.",
-  "cyber.atope.art.",
-  "dev.atope.art.",
-  "geek.atope.art.",
-  "fs.atope.art.",
-  "ht.atope.art.",
-  "hyper.atope.art.",
-  "git.atope.art.",
-  "forge.atope.art.",
-  "code.atope.art.",
-  "lab.atope.art.",
-  "labs.atope.art.",
-  "gemini.atope.art.",
-  "gmi.atope.art.",
-  "gemlog.atope.art.",
-  "mail.atope.art.",
-  "ynh.atope.art.",
-  "yuno.atope.art.",
-  "sys.atope.art.",
-
-  "fed.atope.art.",
-  "fedi.atope.art.",
-  "soc.atope.art.",
-  "masto.atope.art.",
-  "plero.atope.art.",
-  "pix.atope.art.",
-  "mobi.atope.art.",
-
-  "art.atope.art.",
-  "music.atope.art.",
-  "video.atope.art.",
-  "draw.atope.art.",
-  "audio.atope.art.",
-  "ink.atope.art.",
-
-  "na.atope.art.",
-  "psy.atope.art.",
-  "neuro.atope.art.",
-  "auti.atope.art.",
-  "plur.atope.art.",
-
-  "blue.atope.art.",
-  "red.atope.art.",
-  "pink.atope.art.",
-  "green.atope.art.",
-  "black.atope.art.",
-
-  "city.atope.art.",
-  "town.atope.art.",
-  "cafe.atope.art.",
-  "home.atope.art.",
-  "forum.atope.art.",
-
-  "dream.atope.art.",
-  "space.atope.art.",
-  "forest.atope.art.",
-  "rain.atope.art.",
-  "snow.atope.art.",
-  "sun.atope.art.",
-  "earth.atope.art.",
-  "world.atope.art.",
-  "soft.atope.art.",
-  "cute.atope.art.",
-  "cutie.atope.art.",
-  "fun.atope.art.",
-  "play.atope.art.",
-  "game.atope.art.",
-);

+ 4 - 4
index.php

@@ -1,17 +1,17 @@
 <?php require "top.inc.php"; ?>
 
 <dl>
-  <dt><a class="regButton" href="reg">Registre atope.art</a></dt>
+  <dt><a class="regButton" href="reg">Registre 4.niv.re.</a></dt>
   <dd>
-    Demander l'attribution d'un sous-domaine d'atope.art
+    Demander l'attribution d'un sous-domaine de <code>4.niv.re.</code>
   </dd>
   <dt><a class="nsButton" href="ns">Serveurs de noms</a></dt>
   <dd>
-    Utiliser les serveurs ns*.atope.art pour héberger ses zones de domaines
+    Utiliser le serveur de noms de Niver pour héberger ses zones
   </dd>
   <dt><a class="htButton" href="ht">Hypertexte</a></dt>
   <dd>
-    Mettre en ligne son site statique sur un espace <abbr title="SSH File Transfert Protocol">SFTP</abbr>, et le faire répondre en <abbr title="HyperText Transfert Protocol">HTTP</abbr> sur des domaines ou par Tor
+    Mettre en ligne son site statique sur un espace <abbr title="SSH File Transfert Protocol">SFTP</abbr>, et le faire répondre en <abbr title="HyperText Transfert Protocol">HTTP</abbr> ou Gemini par le DNS ou Tor
   </dd>
   <dt><a class="authButton" href="auth">Authentification</a></dt>
   <dd>

+ 25 - 15
less/form.less

@@ -12,7 +12,6 @@ input, select {
   border-radius: 12px;
   font-size: @fontSize;
   margin: 5px;
-  height: 100%;
   padding: 10px;
   border-style: solid;
   border-width: 2px;
@@ -48,6 +47,10 @@ input[type=submit] {
   margin: 22px;
 }
 
+input#subdomain, input#ttl-value {
+  text-align: right;
+}
+
 #password {
   width: 24ch;
 }
@@ -65,7 +68,7 @@ input:invalid+span::after {
 }
 
 input:valid+span::after {
-  content: '';
+  content: ''; // ✓
 }
 
 input+span::after {
@@ -76,21 +79,28 @@ input+span::after {
   font-family: monospace;
 }
 
-label+input[required]::after {
-  content: '*';
+label.aboutInputCondition {
+  display: block;
+  font-size: @fontSize - 10%;
 }
 
-/*
-input:valid+span:after {
-  content: '✓';
-  padding-left: 10px;
-}
-*/
-label {
-  padding-top: 10px;
+fieldset {
+  border-radius: 20px;
+  border-width: 2px;
+  border-style: solid;
+  display: flex;
+  flex-direction: row;
+  justify-content: center;
+
+  @media @light {
+    border-color: @darkColor;
+  }
+
+  @media @dark {
+    border-color: @lightColor;
+  }
 }
 
-label.aboutInputCondition {
-  display: block;
-  font-size: @fontSize - 10%;
+.elForm {
+  flex-direction: column;
 }

+ 5 - 25
less/main.less

@@ -14,8 +14,12 @@ h1 {
 }
 
 body {
+  margin: 0px;
   font-family: system-ui, sans-serif;
   font-size: @fontSize;
+}
+
+header, main, footer {
   margin-left: 20%;
   margin-right: 20%;
   @media (max-width: 500px) {
@@ -40,17 +44,9 @@ a {
   color: @authColor;
 }
 
-footer {
-  margin-left: 20%;
-  margin-right: 20%;
-  @media (max-width: 500px) {
-    margin-left: 0px;
-    margin-right: 0px;
-  }
-}
-
 header {
   text-align: center;
+  margin-top: 20px;
 }
 
 p {
@@ -90,19 +86,3 @@ h2 {
     color: @darkColor;
   }
 }
-
-/*
-.prideFlag {
-  bottom: 0px;
-  margin: 0px;
-  margin-bottom: 12px;
-  border-color: red;
-	background-color: rgba(0, 0, 0, 0);
-	background-image: linear-gradient(to right, rgb(52, 0, 60) 0%, rgb(52, 0, 60) 17%, rgb(0, 40, 137) 17%, rgb(0, 40, 137) 33%, rgb(15, 81, 33) 33%, rgb(15, 81, 33) 50%, rgb(189, 179, 61) 50%, rgb(189, 179, 61) 66%, rgb(169, 105, 34) 66%, rgb(169, 105, 34) 83%, rgb(117, 0, 0) 83%, rgb(117, 0, 0) 100%);
-	border: 0;
-	height: 16px;
-	background: #087F28;
-  background: linear-gradient(to right, #740D85 0%, #740D85 17%, #064DFE 17%, #064DFE 33%, #087F28 33%, #087F28 50%, #FEEC1A 50%, #FEEC1A 66%, #FE8B0B 66%, #FE8B0B 83%, #E20706 83%, #E20706 100% );
-  width: 100%;
-}
-*/

+ 350 - 1
niver.log

@@ -99,10 +99,359 @@
  status: exit code: 1
  stdout:
  stderr: useradd: cannot lock /etc/passwd; try again later.
- 
+
 
 2021-05-17 13:09:55 pale enabled SFTP on their account
  status: exit code: 1
  stdout:
  stderr: useradd: cannot lock /etc/passwd; try again later.
+
+
+2021-05-26 09:19:38 coco enabled SFTP on their account
+ status: exit code: 1
+ stdout:
+ stderr: useradd: cannot lock /etc/passwd; try again later.
+
+2021-05-28 15:01:47 cray enabled SFTP on their account
+ status: exit code: 1
+ stdout:
+ stderr: useradd: cannot lock /etc/passwd; try again later.
+
+
+2021-05-28 15:09:00 goule enabled SFTP on their account
+ status: exit code: 1
+ stdout:
+ stderr: useradd: cannot lock /etc/passwd; try again later.
+
+2021-05-28 15:18:24 fatfat enabled SFTP on their account
+ status: exit code: 1
+ stdout:
+ stderr: useradd: cannot lock /etc/passwd; try again later.
+
+2021-07-06 01:07:28 miraaty enabled SFTP on their account
+
+2021-07-08 21:47:43 testdeux enabled SFTP on their account
+ status: exit status: 0
+ stdout:
+ stderr:
+ sent username:password to chpasswd
+ chpasswd responded with:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-08 23:24:50 testtrois enabled SFTP on their account
+ status: exit status: 0
+ stdout:
+ stderr:
+ sent username:password to chpasswd
+ chpasswd responded with:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-08 23:51:52 testquatre enabled SFTP on their account
+ status: exit status: 0
+ stdout:
+ stderr:
+ sent username:password to chpasswd
+ chpasswd responded with:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-10 19:47:47 Tor reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-10 19:47:47 Tor data exported by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-10 19:47:47 Nginx reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 1
+ stdout:
+ stderr: Job for nginx.service failed.
+ See "systemctl status nginx.service" and "journalctl -xe" for details.
  
+
+2021-07-10 19:52:25 Tor reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-10 19:52:25 Tor data exported by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-10 19:52:25 Nginx reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 1
+ stdout:
+ stderr: Job for nginx.service failed.
+ See "systemctl status nginx.service" and "journalctl -xe" for details.
+ 
+
+2021-07-10 20:17:00 Tor reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-10 20:17:00 Tor data exported by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-10 20:17:00 Nginx reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 1
+ stdout:
+ stderr: Job for nginx.service failed.
+ See "systemctl status nginx.service" and "journalctl -xe" for details.
+ 
+
+2021-07-10 23:25:42 Tor reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-10 23:25:42 Tor data exported by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-10 23:25:42 Nginx reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 1
+ stdout:
+ stderr: Job for nginx.service failed.
+ See "systemctl status nginx.service" and "journalctl -xe" for details.
+ 
+
+2021-07-11 00:57:45 Tor reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-11 00:57:45 Tor data exported by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-11 00:57:45 Nginx reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 1
+ stdout:
+ stderr: Job for nginx.service failed.
+ See "systemctl status nginx.service" and "journalctl -xe" for details.
+ 
+
+2021-07-11 01:02:36 Tor reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-11 01:02:36 Tor data exported by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-11 01:02:39 Nginx reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 1
+ stdout:
+ stderr: Job for nginx.service failed.
+ See "systemctl status nginx.service" and "journalctl -xe" for details.
+ 
+
+2021-07-11 01:10:38 Tor reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-11 01:10:38 Tor data exported by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-11 01:10:39 Nginx reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 1
+ stdout:
+ stderr: Job for nginx.service failed.
+ See "systemctl status nginx.service" and "journalctl -xe" for details.
+ 
+
+2021-07-14 23:58:48 Tor reloaded by testquatre
+ status: exit status: 1
+ stdout:
+ stderr: Job for tor@niver.service failed because the control process exited with error code.
+ See "systemctl status tor@niver.service" and "journalctl -xe" for details.
+ 
+
+2021-07-14 23:58:48 Tor data exported by testquatre
+ status: exit status: 1
+ stdout:
+ stderr: Job for tor@niver.service failed because the control process exited with error code.
+ See "systemctl status tor@niver.service" and "journalctl -xe" for details.
+ 
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-15 00:01:27 Tor reloaded by testquatre
+ status: exit status: 1
+ stdout:
+ stderr: tor@niver.service is not active, cannot reload.
+ 
+
+2021-07-15 00:01:27 Tor data exported by testquatre
+ status: exit status: 1
+ stdout:
+ stderr: tor@niver.service is not active, cannot reload.
+ 
+
+2021-07-15 00:09:31 Tor reloaded by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-15 00:09:31 Tor data exported by testquatre
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-15 03:44:46 Tor reloaded by testquatre
+ status: exit status: 1
+ stdout:
+ stderr: Job for tor@niver.service failed because the control process exited with error code.
+ See "systemctl status tor@niver.service" and "journalctl -xe" for details.
+ 
+
+2021-07-15 03:44:46 Tor data exported by testquatre
+ status: exit status: 1
+ stdout:
+ stderr: Job for tor@niver.service failed because the control process exited with error code.
+ See "systemctl status tor@niver.service" and "journalctl -xe" for details.
+ 
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+
+2021-07-15 03:44:47 Nginx reloaded by testquatre
+ status: exit status: 1
+ stdout:
+ stderr: Job for tor@niver.service failed because the control process exited with error code.
+ See "systemctl status tor@niver.service" and "journalctl -xe" for details.
+ 
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:
+ status: exit status: 0
+ stdout:
+ stderr:

+ 1 - 1
ns/caa.php

@@ -40,7 +40,7 @@ if (nsCommonRequirements()
     exit("ERROR: Wrong value for value");
 
   exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
-  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " IN CAA " . $_POST['flag'] . " " . $_POST['tag'] . " " . $_POST['value']);
+  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN CAA " . $_POST['flag'] . " " . $_POST['tag'] . " " . $_POST['value']);
   exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
   echo "Enregistrement ajouté";
 }

+ 41 - 4
ns/dnssec.php

@@ -1,5 +1,7 @@
 <?php require "../top.inc.php"; ?>
 
+Afin d'activer DNSSEC, vous devez indiquer un enregistrement DS à la zone parente.
+
 <form method="post">
   <select required="" name="zone" id="zone">
     <option value="" disabled="" selected="">---</option>
@@ -23,14 +25,49 @@
 
 if (isset($_POST['zone']) AND isset($_SESSION['username'])) {
 
+  nsCheckZonePossession($_POST['zone']);
+
   exec(KEYMGR_PATH . " " . $_POST['zone'] . " ds", $output);
 
-  echo "Voici les enregistrements DNS à indiquer à la zone parente<br>";
+  $l0 = explode(" ", $output[0]);
+  $l1 = explode(" ", $output[1]);
+
+  ?>
+
+  <dl>
+
+    <dt>Zone</dt>
+    <dd>
+      <code><?= $_POST['zone'] ?></code>
+    </dd>
+
+    <dt>Tag</dt>
+    <dd>
+      <code><?= $l0[2] ?></code>
+    </dd>
+
+    <dt>Algorithme</dt>
+    <dd>
+      <code>15</code> (Ed25519)
+    </dd>
+
+    <dt>Condensat de type <code>2</code> (SHA-256)</dt>
+    <dd>
+      <code><?= $l0[5] ?></code>
+    </dd>
+
+    <dt>Condensat de type <code>4</code> (SHA-384 ; optionnel)</dt>
+    <dd>
+      <code><?= $l1[5] ?></code>
+    </dd>
 
-  echo "<code>" . $output[0] . "</code><br><code>" . $output[1] . "</code>";
+  </dl>
 
-}
+  <details>
+    <summary>Données brutes</summary>
+    <code><?= $output[0] ?></code><br><code><?= $output[1] ?></code>
+  </details>
 
-?>
+<?php } ?>
 
 <?php require "../bottom.inc.php"; ?>

+ 10 - 9
ns/index.php

@@ -1,9 +1,9 @@
 <?php require "../top.inc.php"; ?>
 
 <dl>
-  <dt><a class="nsButton" href="zone">Ajouter une zone</a></dt>
+  <dt><a class="nsButton" href="zone">Gérer ses zones</a></dt>
   <dd>
-    Pour qu'elle soit gérée par le serveur de noms ns1.atope.art
+    Pour qu'elle soit gérée par le serveur de noms de Niver
   </dd>
   <dt><a class="nsButton" href="dnssec">Obtenir les enregistrements <abbr title="Delegation Signer">DS</abbr></a></dt>
   <dd>
@@ -30,23 +30,24 @@
   <dd>
     Indiquer le serveur mail pour un domaine
   </dd>
-  <dt><a class="nsButton" href="sshfp">Enregistrement <abbr title="Secure SHell FingerPrint">SSHFP</abbr></a></dt>
+  <dt><a class="nsButton" href="caa">Enregistrement <abbr title="Certification Authority Authorization">CAA</abbr></a></dt>
   <dd>
-    Indiquer les empreintes de clés <abbr title="Secure SHell">SSH</abbr> d'un domaine
+    Indiquer les seules autorités de certifications autorisée à signer les domaines
   </dd>
   <dt><a class="nsButton" href="tlsa">Enregistrement <abbr title="Transport Layer Security Association">TLSA</abbr></a></dt>
   <dd>
     Mettre en place <abbr title="DNS-based Authentication of Named Entities">DANE</abbr> en indiquant l'empreinte d'un certificat <abbr title="Transport Layer Security">TLS</abbr>
   </dd>
-  <dt><a class="nsButton" href="caa">Enregistrement <abbr title="Certification Authority Authorization">CAA</abbr></a></dt>
+  <dt><a class="nsButton" href="sshfp">Enregistrement <abbr title="Secure SHell FingerPrint">SSHFP</abbr></a></dt>
   <dd>
-    Indiquer les seules autorités de certifications autorisée à signer les domaines
+    Indiquer les empreintes de clés <abbr title="Secure SHell">SSH</abbr> d'un domaine
   </dd>
-  <!--
-  <dt><a class="nsButton" href="loc">Enregistrement LOC</a></dt>
+  <dt><a class="nsButton" href="loc">NOT DONE : Enregistrement LOC</a></dt>
   <dd>
-    Indiquer la localisation physique d'un domaine
+    Indiquer des coordonnées géographiques
   </dd>
+
+  <!--
   <dt><a class="nsButton" href="cname">Enregistrement <abbr title="Canonical NAME">CNAME</abbr></a></dt>
   <dd>
     Définir un domaine comme étant l'alias d'un autre

+ 6 - 7
ns/ip.php

@@ -1,17 +1,16 @@
 <?php require "../top.inc.php"; ?>
 
 <p>
-  Ici vous pouvez ajouter ou enlever des adresses IP dans une zone déjà enregistrée sur le serveur ns1.atope.art
-  <br>Le format IPv4 (A) ou IPv6 (AAAA) sera détecté automatiquement.
+  Ici vous pouvez ajouter ou enlever des adresses IP dans une zone déjà enregistrée sur le serveur de noms de Niver
+  <br>Le format IPv4 (<code>A</code>) ou IPv6 (<code>AAAA</code>) sera détecté automatiquement.
   <br>Si vous souhaitez utiliser un service d'hébergement hypertexte de Niver, voici les adresses à renseigner :
-  <br>IPv4 : 45.13.104.169
-  <br>IPv6 : 2a0b:cbc0:1103:2::106f
+  <br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
+  <br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
 </p>
 
 <form method="post">
   <?php require "../inc/form/form.ns.inc.php"; ?>
-  <br>
-  <label for="ip">IP</label><br>
+  <label for="ip">Adresse IP</label><br>
   <input required="" pattern="^[a-f0-9:.]+$" id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="2a0b:cbc0:1103:2::106f ou 45.13.104.169"><br>
   <input value="Valider" type="submit">
 </form>
@@ -33,7 +32,7 @@ if (nsCommonRequirements()
     exit("ERROR: unknown IP format");
 
   exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
-  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " " . $record . " " . $_POST['ip']);
+  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " " . $record . " " . $_POST['ip']);
   exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
 
   echo "Enregistrement ajouté";

+ 52 - 0
ns/loc.php

@@ -0,0 +1,52 @@
+<?php include "../top.inc.php"; ?>
+
+<form method="post">
+
+  <?php require "../inc/form/form.ns.inc.php"; ?>
+
+  <br>
+  <label for="flag">Flag</label>
+  <br>
+  <input id="flag" min="0" max="127" placeholder="0" name="flag" type="number">
+  <br>
+  <label for="tag">Tag</label>
+  <br>
+  <input id="tag" minlenght="1" maxlength="128" pattern="^[a-z]{1,128}$" placeholder="issue" name="tag" type="text">
+  <br>
+  <label for="value">Valeur</label>
+  <br>
+  <input id="value" minlenght="3" maxlength="1024" pattern="^[a-z0-9.-]{3,1024}$" placeholder="letsencrypt.org" name="value" type="text">
+  <br>
+  <input value="Valider" type="submit">
+</form>
+
+<?php
+
+if (nsCommonRequirements()
+    AND isset($_POST['flag'])
+    AND isset($_POST['tag'])
+    AND isset($_POST['value'])
+  ) {
+
+  $values = nsParseCommonRequirements();
+
+  if (!($_POST['flag'] >= 0 AND $_POST['flag'] <= 255))
+    exit("ERROR: Wrong value for flag");
+
+  if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
+    exit("ERROR: Wrong value for tag");
+
+  if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
+    exit("ERROR: Wrong value for value");
+
+  exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
+  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN CAA " . $_POST['flag'] . " " . $_POST['tag'] . " " . $_POST['value']);
+  exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
+  echo "Enregistrement ajouté";
+}
+
+
+
+?>
+
+<?php include "../bottom.inc.php"; ?>

+ 1 - 1
ns/mx.php

@@ -35,7 +35,7 @@ if (nsCommonRequirements()
   checkAbsoluteDomainFormat($_POST['host']);
 
   exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
-  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " IN MX " . $_POST['priority'] . " " . $_POST['host']);
+  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN MX " . $_POST['priority'] . " " . $_POST['host']);
   exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
   echo "Enregistrement ajouté";
 }

+ 2 - 2
ns/ns.php

@@ -7,7 +7,7 @@
   <br>
   <input id="ns" placeholder="ns1.atope.art." name="ns" type="text">
   <br>
-  <input value="Valider" type="submit">
+  <input value="Procéder" type="submit">
 </form>
 
 <?php
@@ -20,7 +20,7 @@ if (nsCommonRequirements()
   checkAbsoluteDomainFormat($_POST['ns']);
 
   exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
-  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . "  " . $_POST['domain'] . " " . $values['ttl'] . " IN NS " . $_POST['ns']);
+  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . "  " . $values['domain'] . " " . $values['ttl'] . " IN NS " . $_POST['ns']);
   exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
   echo "Enregistrement ajouté";
 }

+ 1 - 1
ns/srv.php

@@ -55,7 +55,7 @@ if (nsCommonRequirements()
   checkAbsoluteDomainFormat($_POST['target']);
 
   exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
-  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " IN SRV " . $_POST['priority'] . " " . $_POST['weight'] . " " . $_POST['port'] . " " . $_POST['target']);
+  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN SRV " . $_POST['priority'] . " " . $_POST['weight'] . " " . $_POST['port'] . " " . $_POST['target']);
   exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
   echo "Enregistrement ajouté";
 }

+ 1 - 1
ns/sshfp.php

@@ -52,7 +52,7 @@ if (nsCommonRequirements()
     exit("ERROR: Wrong value for fp");
 
   exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
-  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " IN SSHFP " . $_POST['algo'] . " " . $_POST['type'] . " " . $_POST['fp']);
+  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN SSHFP " . $_POST['algo'] . " " . $_POST['type'] . " " . $_POST['fp']);
   exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
   echo "Enregistrement ajouté";
 }

+ 1 - 1
ns/tlsa.php

@@ -66,7 +66,7 @@ if (nsCommonRequirements()
     exit("ERROR: Wrong value for content");
 
   exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
-  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " IN TLSA " . $_POST['use'] . " " . $_POST['selector'] .  " " . $_POST['type'] . " " . $_POST['content']);
+  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN TLSA " . $_POST['use'] . " " . $_POST['selector'] .  " " . $_POST['type'] . " " . $_POST['content']);
   exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
   echo "Enregistrement ajouté";
 }

+ 1 - 1
ns/txt.php

@@ -21,7 +21,7 @@ if (nsCommonRequirements()
     exit("ERROR : Wrong caracter or wrong caracter quantity");
 
   exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
-  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['txt'] . ' IN TXT \"' . $_POST['txt'] . '\"');
+  exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . ' IN TXT \"' . $_POST['txt'] . '\"');
   exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
   echo "Enregistrement ajouté";
 }

+ 48 - 14
ns/zone.php

@@ -1,9 +1,10 @@
 <?php require "../top.inc.php"; ?>
 
 <form method="post">
+  <h2>Ajouter une zone</h2>
   <label for="domain">Domaine</label><br>
-  <input required="" placeholder="niver.atope.art." id="domain" name="domain" type="text"><br>
-  <input value="Valider" type="submit">
+  <input required="" placeholder="niver.4.niv.re." id="domain" name="domain" type="text"><br>
+  <input value="Ajouter" type="submit">
 </form>
 
 <?php
@@ -20,28 +21,61 @@ if (isset($_POST['domain']) AND isset($_SESSION['username'])) {
 
   $stmt->execute();
 
-  $knotConf = file_get_contents(NIVER_TEMPLATE_PATH . "/knot.template");
-  $knotConf = preg_replace("/DOMAIN/", $_POST['domain'], $knotConf);
-  file_put_contents(KNOT_ZONES_PATH . "/" . $_POST['domain'] . "zone", $knotConf);
+  $knotZonePath = KNOT_ZONES_PATH . "/" . $_POST['domain'] . "zone";
+  $knotZone = file_get_contents(NIVER_TEMPLATE_PATH . "/knot.template");
+  $knotZone = preg_replace("/DOMAIN/", $_POST['domain'], $knotZone);
 
-  // Previous system
-  //exec("cp /var/lib/knot/zones/template /var/lib/knot/zones/" . $_POST['domain'] . "zone");
-  //exec("sed -i 's/DOMAIN/" . $_POST['domain'] . "/g' /var/lib/knot/zones/" . $_POST['domain'] . "zone");
+  file_put_contents($knotZonePath, $knotZone);
+  chmod($knotZonePath, 0660);
 
   exec(KNOTC_PATH . " conf-begin");
   exec(KNOTC_PATH . " conf-set 'zone[" . $_POST['domain'] . "]'");
   exec(KNOTC_PATH . " conf-set 'zone[" . $_POST['domain'] . "].template' 'niver'");
   exec(KNOTC_PATH . " conf-commit");
-/*
-  exec("/usr/sbin/knotc conf-begin");
-  exec("/usr/sbin/knotc conf-set 'zone[gaalde.atope.art.]'");
-  exec("/usr/sbin/knotc conf-set 'zone[gaalde.atope.art.].template' 'niver'");
-  exec("/usr/sbin/knotc conf-commit");
-*/
+
   echo "La requête a été traitée.";
 
 }
 
 ?>
 
+<form method="post">
+  <h2>Supprimer une zone</h2>
+  <label for="zone">Zone</label>
+  <select required="" name="zone" id="zone">
+    <option value="" disabled="" selected="">-</option><?php
+    $zones = nsListUserZones($_SESSION['username']);
+
+    if (!empty($zones)) {
+      foreach ($zones as $zone)
+        echo "<option value='" . $zone . "'>" . $zone . "</option>";
+    }
+?>
+  </select>
+  <br>
+  <input value="Supprimer toutes les données liées à cette zone" type="submit">
+</form>
+
+<?php
+
+if (isset($_POST['zone']) AND isset($_SESSION['username'])) {
+
+  nsCheckZonePossession($_POST['zone']);
+
+  $knotZonePath = KNOT_ZONES_PATH . "/" . $_POST['zone'] . "zone";
+  unlink($knotZonePath);
+
+  $db = new PDO('sqlite:' . DB_PATH);
+  $stmt = $db->prepare("DELETE FROM zones WHERE zone = :zone AND username = :username");
+
+  $stmt->bindParam(':zone', $_POST['zone']);
+  $stmt->bindParam(':username', $_SESSION['username']);
+
+  $stmt->execute();
+
+  echo "La requête a été traitée.";
+}
+
+?>
+
 <?php require "../bottom.inc.php"; ?>

+ 2 - 2
reg/ds.php

@@ -42,7 +42,7 @@
     <option value="16">16 (ED448)</option>
   </select>
   <br>
-  <label for="dt">Digest Type</label>
+  <label for="dt">Type de condensat</label>
   <br>
   <select required="" name="dt" id="dt">
     <!-- RFC 8624 : Algorithm Implementation Requirements and Usage Guidance for DNSSEC > Algorithm Selection > DS and CDS Algorithms -->
@@ -83,7 +83,7 @@ if (isset($_POST['zone']) AND isset($_POST['keytag']) AND isset($_POST['algo'])
   nsCheckZonePossession($_POST['zone']);
   regCheckDomainPossession($_POST['zone']);
 
-  $suffix = regGetSuffix($_POST['zone']);
+  $suffix = regGetUpperDomain($_POST['zone']);
 
   exec(KNOTC_PATH . " zone-begin " . $suffix);
   exec(KNOTC_PATH . " zone-set " . $suffix . " " . $_POST['zone'] . " 86400 DS " . $_POST['keytag'] . " " . $_POST['algo'] . " " . $_POST['dt'] . " " . $_POST['key']);

+ 21 - 26
reg/glue.php

@@ -6,24 +6,25 @@
     <option value="add">Ajouter</option>
     <option value="delete">Retirer</option>
   </select>
-  <br>
-  <input required="" id="subdomain" placeholder="ns1" name="subdomain" type="text">
-  <select required="" name="suffix" id="suffix">
-    <option value="" disabled="" selected="">---</option>
+  <fieldset>
+    <legend>Domaine</legend>
+    <input required="" id="subdomain" placeholder="ns1" name="subdomain" type="text">
+    <select required="" name="suffix" id="suffix">
+      <option value="" disabled="" selected="">---</option>
 
-    <?php
+      <?php
 
-    $domains = regListUserDomains($_SESSION['username']);
+      $suffixes = regListUserDomains($_SESSION['username']);
 
-    if ($domains) {
-      foreach($domains as $domain) {
-        echo "<option value='" . $domain . "'>." . $domain . "</option>";
+      if ($suffixes) {
+        foreach($suffixes as $suffix) {
+          echo "<option value='" . $suffix . "'>." . $suffix . "</option>";
+        }
       }
-    }
 
-    ?>
-  </select>
-  <br>
+      ?>
+    </select>
+  </fieldset>
   <label for="ip">IP</label><br>
   <input required="" pattern="^[a-f0-9:.]+$" id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="2a0b:cbc0:1103:2::106f ou 45.13.104.169">
   <br>
@@ -34,16 +35,11 @@
 
 if (isset($_POST['action']) AND isset($_POST['subdomain']) AND isset($_POST['suffix']) AND isset($_POST['ip'])) {
 
-  if ($domains) {
-    foreach($domains as $domain) {
-      if ($_POST['suffix'] == $domain) goto ownedSuffix;
-    }
-    exit("ERROR : You don't own this suffix");
-  } else {
+  if (!$suffixes)
     exit("ERROR : You don't own any domain");
-  }
 
-  ownedSuffix:
+  if (!in_array($_POST['suffix'], $suffixes))
+    exit("ERROR : You don't own this suffix");
 
   $domain = $_POST['subdomain'] . "." . $_POST['suffix'];
 
@@ -60,12 +56,11 @@ if (isset($_POST['action']) AND isset($_POST['subdomain']) AND isset($_POST['suf
 
   $action = checkAction($_POST['action']);
 
-  // Remove anything before the first dot and the first dot itself
-  $suffix = regGetSuffix($_POST['suffix']);
+  $publicSuffix = regGetUpperDomain($_POST['suffix']);
 
-  exec(KNOTC_PATH . " zone-begin " . $suffix);
-  exec(KNOTC_PATH . " zone-" . $action . "set " . $suffix . " " . $_POST['subdomain'] . " 86400 " . $record . " " . $_POST['ip']);
-  exec(KNOTC_PATH . " zone-commit " . $suffix);
+  exec(KNOTC_PATH . " zone-begin " . $publicSuffix);
+  exec(KNOTC_PATH . " zone-" . $action . "set " . $publicSuffix . " " . $domain . " 86400 " . $record . " " . $_POST['ip']);
+  exec(KNOTC_PATH . " zone-commit " . $publicSuffix);
   echo "Glue record ajouté";
 }
 

+ 4 - 4
reg/index.php

@@ -1,13 +1,13 @@
 <?php include "../top.inc.php"; ?>
 
 <dl>
-  <dt><a class="regButton" href="register">Enregistrer un nouveau nom de domaine</a></dt>
+  <dt><a class="regButton" href="register">Enregistrer un nouveau domaine</a></dt>
   <dd>
-    Prendre possession d'un sous-domaine d'atope.art
+    Prendre possession d'un sous-domaine de 4.niv.re.
   </dd>
   <dt><a class="regButton" href="ns">Enregistrement <abbr title="Name Server">NS</abbr></a></dt>
   <dd>
-    Indiquer les serveurs de noms de son sous-domaine d'atope.art
+    Indiquer les serveurs de noms de son sous-domaine de 4.niv.re.
   </dd>
   <dt><a class="regButton" href="ds">Enregistrement <abbr title="Delegation Signer">DS</abbr></a></dt>
   <dd>
@@ -15,7 +15,7 @@
   </dd>
   <dt><a class="regButton" href="glue">Glue Record</a></dt>
   <dd>
-    Indiquer les IP de ses serveurs de noms de son sous-domaine d'atope.art dont les adresses se trouvent sur ce même sous-domaine
+    Indiquer les IP de ses serveurs de noms de son sous-domaine de 4.niv.re. dont les adresses se trouvent sur ce même sous-domaine
   </dd>
 </dl>
 

+ 1 - 1
reg/ns.php

@@ -41,7 +41,7 @@ if (isset($_POST['domain']) AND isset($_POST['action']) AND isset($_POST['ns'])
 
   $action = checkAction($_POST['action']);
 
-  $suffix = regGetSuffix($_POST['domain']);
+  $suffix = regGetUpperDomain($_POST['domain']);
 
   exec(KNOTC_PATH . " zone-begin " . $suffix);
   exec(KNOTC_PATH . " zone-" . $action . "set " . $suffix . " " . $_POST['domain'] . " 86400 NS " . $_POST['ns']);

+ 129 - 122
reg/register.php

@@ -1,129 +1,136 @@
 <?php include "../top.inc.php"; ?>
 
-Enregistrer la possession d'un domaine sur son compte<br>
-Doit être composé uniquement de lettres latines non accentuées, au moins 4
+Enregistrer la possession d'un domaine sur son compte.<br>
+Ce domaine doit être composé uniquement d'au moins 4 lettres latines non accentuées.
 <br>
 <br>
 <form method="post">
   <fieldset>
     <legend>Domaine</legend>
-    <input id="subdomain" pattern="<?= SUBDOMAIN_REGEX ?>" required="" placeholder="niver" name="subdomain" type="text">
-    .
-    <select required="" id="label" name="suffix">
-      <option selected="" value="atope.art.">atope.art.</option>
-      <optgroup label="Organisations">
-        <option value="asso.atope.art.">asso.atope.art.</option>
-        <option value="org.atope.art.">org.atope.art.</option>
-      </optgroup>
-      <optgroup label="Personnels">
-        <option value="perso.atope.art.">perso.atope.art.</option>
-        <option value="blog.atope.art.">blog.atope.art.</option>
-        <option value="me.atope.art.">me.atope.art.</option>
-      </optgroup>
-      <optgroup label="Connaissance">
-        <option value="edu.atope.art.">edu.atope.art.</option>
-        <option value="info.atope.art.">info.atope.art.</option>
-        <option value="wiki.atope.art.">wiki.atope.art.</option>
-        <option value="sci.atope.art.">sci.atope.art.</option>
-      </optgroup>
-      <optgroup label="Politique">
-        <option value="pol.atope.art.">pol.atope.art.</option>
-        <option value="libre.atope.art.">libre.atope.art.</option>
-        <option value="fem.atope.art.">fem.atope.art.</option>
-        <option value="eco.atope.art.">eco.atope.art.</option>
-        <option value="veg.atope.art.">veg.atope.art.</option>
-        <option value="bio.atope.art.">bio.atope.art.</option>
-        <option value="anar.atope.art.">anar.atope.art.</option>
-        <option value="ancom.atope.art.">ancom.atope.art.</option>
-        <option value="acab.atope.art.">acab.atope.art.</option>
-        <option value="handi.atope.art.">handi.atope.art.</option>
-      </optgroup>
-      <optgroup label="LGBT+">
-        <option value="queer.atope.art.">queer.atope.art.</option>
-        <option value="gay.atope.art.">gay.atope.art.</option>
-        <option value="enby.atope.art.">enby.atope.art.</option>
-        <option value="trans.atope.art.">trans.atope.art.</option>
-      </optgroup>
-      <optgroup label="Technologie">
-        <option value="net.atope.art.">net.atope.art.</option>
-        <option value="tech.atope.art.">tech.atope.art.</option>
-        <option value="io.atope.art.">io.atope.art.</option>
-        <option value="sec.atope.art.">sec.atope.art.</option>
-        <option value="cyber.atope.art.">cyber.atope.art.</option>
-        <option value="dev.atope.art.">dev.atope.art.</option>
-        <option value="geek.atope.art.">geek.atope.art.</option>
-        <option value="fs.atope.art.">fs.atope.art.</option>
-        <option value="ht.atope.art.">ht.atope.art.</option>
-        <option value="hyper.atope.art.">hyper.atope.art.</option>
-        <option value="git.atope.art.">git.atope.art.</option>
-        <option value="forge.atope.art.">forge.atope.art.</option>
-        <option value="code.atope.art.">code.atope.art.</option>
-        <option value="lab.atope.art.">lab.atope.art.</option>
-        <option value="labs.atope.art.">labs.atope.art.</option>
-        <option value="gemini.atope.art.">gemini.atope.art.</option>
-        <option value="gmi.atope.art.">gmi.atope.art.</option>
-        <option value="gemlog.atope.art.">gemlog.atope.art.</option>
-        <option value="mail.atope.art.">mail.atope.art.</option>
-        <option value="ynh.atope.art.">ynh.atope.art.</option>
-        <option value="yuno.atope.art.">yuno.atope.art.</option>
-        <option value="sys.atope.art.">sys.atope.art.</option>
-      </optgroup>
-      <optgroup label="Fédiverse">
-        <option value="fed.atope.art.">fed.atope.art.</option>
-        <option value="fedi.atope.art.">fedi.atope.art.</option>
-        <option value="soc.atope.art.">soc.atope.art.</option>
-        <option value="masto.atope.art.">masto.atope.art.</option>
-        <option value="plero.atope.art.">plero.atope.art.</option>
-        <option value="pix.atope.art.">pix.atope.art.</option>
-        <option value="mobi.atope.art.">mobi.atope.art.</option>
-      </optgroup>
-      <optgroup label="Arts">
-        <option value="art.atope.art.">art.atope.art.</option>
-        <option value="music.atope.art.">music.atope.art.</option>
-        <option value="video.atope.art.">video.atope.art.</option>
-        <option value="draw.atope.art.">draw.atope.art.</option>
-        <option value="audio.atope.art.">audio.atope.art.</option>
-        <option value="ink.atope.art.">ink.atope.art.</option>
-      </optgroup>
-      <optgroup label="Neurodiversité">
-        <option value="na.atope.art.">na.atope.art.</option>
-        <option value="psy.atope.art.">psy.atope.art.</option>
-        <option value="neuro.atope.art.">neuro.atope.art.</option>
-        <option value="auti.atope.art.">auti.atope.art.</option>
-        <option value="plur.atope.art.">plur.atope.art.</option>
-      </optgroup>
-      <optgroup label="Couleurs">
-        <option value="blue.atope.art.">blue.atope.art.</option>
-        <option value="red.atope.art.">red.atope.art.</option>
-        <option value="pink.atope.art.">pink.atope.art.</option>
-        <option value="green.atope.art.">green.atope.art.</option>
-        <option value="black.atope.art.">black.atope.art.</option>
-      </optgroup>
-      <optgroup label="Communauté">
-        <option value="city.atope.art.">city.atope.art.</option>
-        <option value="town.atope.art.">town.atope.art.</option>
-        <option value="cafe.atope.art.">cafe.atope.art.</option>
-        <option value="home.atope.art.">home.atope.art.</option>
-        <option value="forum.atope.art.">forum.atope.art.</option>
-      </optgroup>
-      <optgroup label="Divers">
-        <option value="dream.atope.art.">dream.atope.art.</option>
-        <option value="space.atope.art.">space.atope.art.</option>
-        <option value="forest.atope.art.">forest.atope.art.</option>
-        <option value="rain.atope.art.">rain.atope.art.</option>
-        <option value="snow.atope.art.">snow.atope.art.</option>
-        <option value="sun.atope.art.">sun.atope.art.</option>
-        <option value="earth.atope.art.">earth.atope.art.</option>
-        <option value="world.atope.art.">world.atope.art.</option>
-        <option value="soft.atope.art.">soft.atope.art.</option>
-        <option value="cute.atope.art.">cute.atope.art.</option>
-        <option value="cutie.atope.art.">cutie.atope.art.</option>
-        <option value="fun.atope.art.">fun.atope.art.</option>
-        <option value="play.atope.art.">play.atope.art.</option>
-        <option value="game.atope.art.">game.atope.art.</option>
-      </optgroup>
+    <div class="elForm">
+      <label for="subdomain">Sous-domaine</label>
+      <br>
+      <input id="subdomain" pattern="<?= SUBDOMAIN_REGEX ?>" required="" placeholder="niver" name="subdomain" type="text">
+    </div class="elForm">
+    <div class="elForm">
+      <label for="suffix">Suffixe</label>
+      <br>
+      <select required="" id="suffix" name="suffix">
+        <option selected="" value="4.niv.re.">.4.niv.re.</option>
+        <optgroup label="Organisations">
+          <option value="asso.4.niv.re.">.asso.4.niv.re.</option>
+          <option value="org.4.niv.re.">.org.4.niv.re.</option>
+        </optgroup>
+        <optgroup label="Personnels">
+          <option value="perso.4.niv.re.">.perso.4.niv.re.</option>
+          <option value="blog.4.niv.re.">.blog.4.niv.re.</option>
+          <option value="me.4.niv.re.">.me.4.niv.re.</option>
+        </optgroup>
+        <optgroup label="Connaissance">
+          <option value="edu.4.niv.re.">.edu.4.niv.re.</option>
+          <option value="info.4.niv.re.">.info.4.niv.re.</option>
+          <option value="wiki.4.niv.re.">.wiki.4.niv.re.</option>
+          <option value="sci.4.niv.re.">.sci.4.niv.re.</option>
+        </optgroup>
+        <optgroup label="Politique">
+          <option value="pol.4.niv.re.">.pol.4.niv.re.</option>
+          <option value="libre.4.niv.re.">.libre.4.niv.re.</option>
+          <option value="fem.4.niv.re.">.fem.4.niv.re.</option>
+          <option value="eco.4.niv.re.">.eco.4.niv.re.</option>
+          <option value="veg.4.niv.re.">.veg.4.niv.re.</option>
+          <option value="bio.4.niv.re.">.bio.4.niv.re.</option>
+          <option value="anar.4.niv.re.">.anar.4.niv.re.</option>
+          <option value="ancom.4.niv.re.">.ancom.4.niv.re.</option>
+          <option value="acab.4.niv.re.">.acab.4.niv.re.</option>
+          <option value="handi.4.niv.re.">.handi.4.niv.re.</option>
+        </optgroup>
+        <optgroup label="LGBT+">
+          <option value="queer.4.niv.re.">.queer.4.niv.re.</option>
+          <option value="gay.4.niv.re.">.gay.4.niv.re.</option>
+          <option value="enby.4.niv.re.">.enby.4.niv.re.</option>
+          <option value="trans.4.niv.re.">.trans.4.niv.re.</option>
+        </optgroup>
+        <optgroup label="Technologie">
+          <option value="net.4.niv.re.">.net.4.niv.re.</option>
+          <option value="tech.4.niv.re.">.tech.4.niv.re.</option>
+          <option value="io.4.niv.re.">.io.4.niv.re.</option>
+          <option value="sec.4.niv.re.">.sec.4.niv.re.</option>
+          <option value="cyber.4.niv.re.">.cyber.4.niv.re.</option>
+          <option value="dev.4.niv.re.">.dev.4.niv.re.</option>
+          <option value="geek.4.niv.re.">.geek.4.niv.re.</option>
+          <option value="fs.4.niv.re.">.fs.4.niv.re.</option>
+          <option value="ht.4.niv.re.">.ht.4.niv.re.</option>
+          <option value="hyper.4.niv.re.">.hyper.4.niv.re.</option>
+          <option value="git.4.niv.re.">.git.4.niv.re.</option>
+          <option value="forge.4.niv.re.">.forge.4.niv.re.</option>
+          <option value="code.4.niv.re.">.code.4.niv.re.</option>
+          <option value="lab.4.niv.re.">.lab.4.niv.re.</option>
+          <option value="labs.4.niv.re.">.labs.4.niv.re.</option>
+          <option value="gemini.4.niv.re.">.gemini.4.niv.re.</option>
+          <option value="gmi.4.niv.re.">.gmi.4.niv.re.</option>
+          <option value="gemlog.4.niv.re.">.gemlog.4.niv.re.</option>
+          <option value="mail.4.niv.re.">.mail.4.niv.re.</option>
+          <option value="ynh.4.niv.re.">.ynh.4.niv.re.</option>
+          <option value="yuno.4.niv.re.">.yuno.4.niv.re.</option>
+          <option value="sys.4.niv.re.">.sys.4.niv.re.</option>
+        </optgroup>
+        <optgroup label="Fédiverse">
+          <option value="fed.4.niv.re.">.fed.4.niv.re.</option>
+          <option value="fedi.4.niv.re.">.fedi.4.niv.re.</option>
+          <option value="soc.4.niv.re.">.soc.4.niv.re.</option>
+          <option value="masto.4.niv.re.">.masto.4.niv.re.</option>
+          <option value="plero.4.niv.re.">.plero.4.niv.re.</option>
+          <option value="pix.4.niv.re.">.pix.4.niv.re.</option>
+          <option value="mobi.4.niv.re.">.mobi.4.niv.re.</option>
+        </optgroup>
+        <optgroup label="Arts">
+          <option value="art.4.niv.re.">.art.4.niv.re.</option>
+          <option value="music.4.niv.re.">.music.4.niv.re.</option>
+          <option value="video.4.niv.re.">.video.4.niv.re.</option>
+          <option value="draw.4.niv.re.">.draw.4.niv.re.</option>
+          <option value="audio.4.niv.re.">.audio.4.niv.re.</option>
+          <option value="ink.4.niv.re.">.ink.4.niv.re.</option>
+        </optgroup>
+        <optgroup label="Neurodiversité">
+          <option value="na.4.niv.re.">.na.4.niv.re.</option>
+          <option value="psy.4.niv.re.">.psy.4.niv.re.</option>
+          <option value="neuro.4.niv.re.">.neuro.4.niv.re.</option>
+          <option value="auti.4.niv.re.">.auti.4.niv.re.</option>
+          <option value="plur.4.niv.re.">.plur.4.niv.re.</option>
+        </optgroup>
+        <optgroup label="Couleurs">
+          <option value="blue.4.niv.re.">.blue.4.niv.re.</option>
+          <option value="red.4.niv.re.">.red.4.niv.re.</option>
+          <option value="pink.4.niv.re.">.pink.4.niv.re.</option>
+          <option value="green.4.niv.re.">.green.4.niv.re.</option>
+          <option value="black.4.niv.re.">.black.4.niv.re.</option>
+        </optgroup>
+        <optgroup label="Communauté">
+          <option value="city.4.niv.re.">.city.4.niv.re.</option>
+          <option value="town.4.niv.re.">.town.4.niv.re.</option>
+          <option value="cafe.4.niv.re.">.cafe.4.niv.re.</option>
+          <option value="home.4.niv.re.">.home.4.niv.re.</option>
+          <option value="forum.4.niv.re.">.forum.4.niv.re.</option>
+        </optgroup>
+        <optgroup label="Divers">
+          <option value="dream.4.niv.re.">.dream.4.niv.re.</option>
+          <option value="space.4.niv.re.">.space.4.niv.re.</option>
+          <option value="forest.4.niv.re.">.forest.4.niv.re.</option>
+          <option value="rain.4.niv.re.">.rain.4.niv.re.</option>
+          <option value="snow.4.niv.re.">.snow.4.niv.re.</option>
+          <option value="sun.4.niv.re.">.sun.4.niv.re.</option>
+          <option value="earth.4.niv.re.">.earth.4.niv.re.</option>
+          <option value="world.4.niv.re.">.world.4.niv.re.</option>
+          <option value="soft.4.niv.re.">.soft.4.niv.re.</option>
+          <option value="cute.4.niv.re.">.cute.4.niv.re.</option>
+          <option value="cutie.4.niv.re.">.cutie.4.niv.re.</option>
+          <option value="fun.4.niv.re.">.fun.4.niv.re.</option>
+          <option value="play.4.niv.re.">.play.4.niv.re.</option>
+          <option value="game.4.niv.re.">.game.4.niv.re.</option>
+        </optgroup>
 
-    </select>
+      </select>
+    </div>
   </fieldset>
   <br>
   <input value="Valider" type="submit">
@@ -131,10 +138,10 @@ Doit être composé uniquement de lettres latines non accentuées, au moins 4
 
 <?php
 
-if (isset($_POST['subdomain']) AND isset($_SESSION['username'])) {
+if (isset($_POST['subdomain']) AND isset($_POST['suffix']) AND isset($_SESSION['username'])) {
   if (preg_match("/" . SUBDOMAIN_REGEX . "/", $_POST['subdomain'])) {
 
-    if (!in_array($_POST['suffix'], $suffixes))
+    if (!in_array($_POST['suffix'], SUFFIXES))
       exit("Wrong value for suffix");
 
     $domain = $_POST['subdomain'] . "." . $_POST['suffix'];
@@ -157,10 +164,10 @@ if (isset($_POST['subdomain']) AND isset($_SESSION['username'])) {
       echo "Nouveau domaine enregistré";
 
     } else {
-      echo "Le domaine " . $domain . " est déjà utilisé.";
+      echo "Le domaine " . $domain . " n'est pas disponible à l'enregistrement. Il est réservé ou déjà enregistré.";
     }
   } else {
-    echo "Erreur : Le nom de domaine doit être composé d'entre 4 et 63 lettres minuscules (a-z)";
+    echo "Erreur : Le nom de domaine doit être composé uniquement d'entre 4 et 63 lettres minuscules (a-z)";
   }
 }
 

+ 21 - 62
top.inc.php

@@ -2,42 +2,18 @@
 if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
   exit("This file is meant to be included.");
 
-// Définition de constantes
-
-define("USERNAME_REGEX", "^[a-z]{4,32}$");
-define("PASSWORD_REGEX", "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])[a-zA-Z0-9]{8,1024}|.{10,1024}$");
-define("SUBDOMAIN_REGEX", "^[a-z]{4,63}$");
-
-define("PREFIX", "/pmkdel"); // Prefix in the URL, if any
-define("ROOT_PATH", "/srv/http/niver" . PREFIX); // Niver directory
-define("DB_PATH", ROOT_PATH . "/db/niver.db"); // Niver SQLite database
-define("KNOTC_PATH", "/usr/sbin/knotc"); // Binary file
-define("KEYMGR_PATH", "/usr/sbin/keymgr"); // Binary file
-define("NGINX_CONFIG_PATH", "/etc/nginx/hyper"); // Config directory
-define("TOR_CONFIG_PATH", "/etc/tor/torrc"); // Config file
-define("KNOT_ZONES_PATH", "/var/lib/knot/zones"); // Zones directory
-define("TOR_KEYS_PATH", "/var/lib/tor/niver"); // Keys directory
-define("SUDO_PATH", "/usr/bin/sudo"); // Binary file
-define("LS_PATH", "/usr/bin/ls"); // Binary file
-define("NIVER_TEMPLATE_PATH", "/usr/local/share/niver"); // Templates directory (skel, nginx, knot...)
-define("MANIVER_PATH", "/usr/local/bin/maniver"); // Binary file
-// The mountpoint of the hypertext storage partition (that will be accessed over SFTP)
-define("HT_PATH", "/srv/ht");
-
-define("SERVICE", substr(dirname($_SERVER['PHP_SELF']), strlen(PREFIX) + 1));
-define("PAGE", basename($_SERVER['PHP_SELF'], '.php'));
-
-define("THEME", array(
-  'htColor' => "#FF0000",
-  'regColor' => "#DA03E5",
-  'authColor' => "#00FF00",
-  'nsColor' => "#00c4c4",
-  'lightColor' => '#FFFFFF',
-  'darkColor' => '#2a2a2a',
-));
-
-// Initialisation de la session (avec des cookies)
+require "inc/const.inc.php";
+// Functions usefull everywhere
+require "inc/all.inc.php";
+require "inc/format.inc.php";
+// Service-specific functions
+require "inc/ht.inc.php";
+require "inc/ns.inc.php";
+require "inc/reg.inc.php";
+// Page titles definition
+require "inc/pages.inc.php";
 
+// Session initialisation (with cookies)
 session_start([
   'name' => 'niver',
   'sid_length' => 64,
@@ -52,44 +28,34 @@ session_start([
   'use_only_cookies' => true,
 ]);
 
-// Redirige vers la page de connexion si pas connecté·e
+// Redirect to the login page if not logged in
 if (SERVICE != "auth" AND !isset($_SESSION['username'])) {
   header('Location: ' . PREFIX . '/auth/login?redir=' . SERVICE . "/" . PAGE, true, 302);
   exit;
 }
 
-// Enlève .php de l'URL (si jamais)
+// Remove .php from URL (if any)
 if (substr($_SERVER['REQUEST_URI'], -4) == ".php") {
   header("Location: " . PREFIX . "/" . SERVICE . "/" . PAGE, true, 301); // 301 Moved Permanently
   exit;
 }
 
-// Fonctions utiles partout
-require "inc/all.inc.php";
-require "inc/format.inc.php";
-// Fonctions specifiques à un service
-require "inc/ht.inc.php";
-require "inc/ns.inc.php";
-require "inc/reg.inc.php";
-// Définitions des titres de pages
-require "inc/pages.inc.php";
-
-// Compilation du Less vers le CSS
+// Less > CSS compilation
 
 require_once 'lessphp/lib/Less/Autoloader.php';
 Less_Autoloader::register();
 
-// Liste les fichiers dans le dossier less/
+// List files in less/
 $relativeLessFiles = array_diff(scandir(ROOT_PATH . "/less"), array('..', '.'));
-// Remplace les clés par les valeurs, et les valeurs par les clés
+// Replace keys by values, and values by keys
 $relativeLessFiles = array_flip($relativeLessFiles);
 
-// Transforme les chemins relatifs en chemins absolus
+// Change relative paths into absolute paths
 foreach ($relativeLessFiles as $relativeLessFile => $nothing) {
   $absoluteLessFiles[ROOT_PATH . "/less/" . $relativeLessFile] = "";
 }
 
-// Génère un seul fichier CSS minimifié dans css/ à partir des sources dans less/
+// Generate one minified CSS file into css/ from sources in less/
 $options = array(
   'cache_dir' => ROOT_PATH . '/css/',
   'compress' => true
@@ -112,22 +78,15 @@ $cssFileName = Less_Cache::Get($absoluteLessFiles, $options, THEME);
   </head>
 
   <body>
-
     <header>
 
       <nav>
         <a href="<?= PREFIX ?>">Niver</a><?php
-        $homepage = (PAGE != "index");
         if (isset($page['service'])) {
-          echo ' > ';
-          if ($homepage)
-            echo '<a href="./">';
-          echo $page['service'];
-          if ($homepage)
-            echo '</a>';
+          echo ' > <a href="./">' . $page['service'] . '</a>';
         }
-        if ($homepage)
-          echo " > " . $page['title'];
+        if (PAGE != "index")
+          echo ' > <a href="' . PAGE . '">' . $page['title'] . "</a>";
         ?>
       </nav>