0ct0pu5/servnest
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Reinstall on Debian 11 (and lots of small changes)

Browse source
This commit is contained in:
Miraty 2021-07-15 15:36:34 +02:00
parent c023674fd0
commit 131f92b56c
40 changed files with 1041 additions and 695 deletions

1
.gitignore vendored
View file

@ -1,3 +1,4 @@
css/
niver.log
db/niver.db
cmds

149
admin/reg.php
View file

@ -1,149 +0,0 @@
<?php
exit();
define("PREFIX", "/malaxe");
define("ROOT_PATH", "/var/www/niver" . PREFIX);
define("DB_PATH", ROOT_PATH . "/db/auth.db");
$suffixes = array(
/* "atope.art.", */
"asso.atope.art.",
"org.atope.art.",
"perso.atope.art.",
"blog.atope.art.",
"me.atope.art.",
"edu.atope.art.",
"info.atope.art.",
"wiki.atope.art.",
"sci.atope.art.",
"pol.atope.art.",
"libre.atope.art.",
"fem.atope.art.",
"eco.atope.art.",
"veg.atope.art.",
"bio.atope.art.",
"anar.atope.art.",
"ancom.atope.art.",
"acab.atope.art.",
"handi.atope.art.",
"queer.atope.art.",
"gay.atope.art.",
"enby.atope.art.",
"trans.atope.art.",
"net.atope.art.",
"tech.atope.art.",
"io.atope.art.",
"sec.atope.art.",
"cyber.atope.art.",
"dev.atope.art.",
"geek.atope.art.",
"fs.atope.art.",
"ht.atope.art.",
"hyper.atope.art.",
"git.atope.art.",
"forge.atope.art.",
"code.atope.art.",
"lab.atope.art.",
"labs.atope.art.",
"gemini.atope.art.",
"gmi.atope.art.",
"gemlog.atope.art.",
"mail.atope.art.",
"ynh.atope.art.",
"yuno.atope.art.",
"sys.atope.art.",
"fed.atope.art.",
"fedi.atope.art.",
"soc.atope.art.",
"masto.atope.art.",
"plero.atope.art.",
"pix.atope.art.",
"mobi.atope.art.",
"art.atope.art.",
"music.atope.art.",
"video.atope.art.",
"draw.atope.art.",
"audio.atope.art.",
"ink.atope.art.",
"na.atope.art.",
"psy.atope.art.",
"neuro.atope.art.",
"auti.atope.art.",
"plur.atope.art.",
"blue.atope.art.",
"red.atope.art.",
"pink.atope.art.",
"green.atope.art.",
"black.atope.art.",
"city.atope.art.",
"town.atope.art.",
"cafe.atope.art.",
"home.atope.art.",
"forum.atope.art.",
"dream.atope.art.",
"space.atope.art.",
"forest.atope.art.",
"rain.atope.art.",
"snow.atope.art.",
"sun.atope.art.",
"earth.atope.art.",
"world.atope.art.",
"soft.atope.art.",
"cute.atope.art.",
"cutie.atope.art.",
"fun.atope.art.",
"play.atope.art.",
"game.atope.art.",
);
foreach ($suffixes as $extension) {
/*
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO registry(domain, username, last_renewal) VALUES(:domain, :username, :last_renewal)");
$time = date("Y-m-d H:i:s");
$username = "niver";
$stmt->bindParam(':domain', $extension);
$stmt->bindParam(':username', $username);
$stmt->bindParam(':last_renewal', $time);
$stmt->execute();
echo $extension . "\n";
exec("cp /var/lib/knot/zones/template /var/lib/knot/zones/" . $extension . "zone");
exec("sed -i 's/maison.atope.art./" . $extension . "/g' /var/lib/knot/zones/" . $extension . "zone");
exec("knotc zone-begin atope.art.");
exec("knotc zone-set atope.art. " . $extension . " 86400 IN NS ns1.atope.art.");
exec("knotc zone-set atope.art. " . $extension . " 86400 IN NS ns6.gandi.net.");
exec("knotc zone-commit atope.art.");
exec("knotc conf-begin");
exec("knotc conf-set 'zone[" . $extension . "]'");
exec("knotc conf-set 'zone[" . $extension . "].file' '" . $extension . "zone'");
exec("knotc conf-commit");
exec("knotc zone-begin " . $extension);
exec("knotc zone-set " . $extension . " " . $extension . " 86400 IN NS ns1.atope.art.");
exec("knotc zone-set " . $extension . " " . $extension . " 86400 IN NS ns6.gandi.net.");
exec("knotc zone-commit " . $extension);
*/
unset($output);
exec("/usr/sbin/keymgr " . $extension . " ds", $output);
$dsRecord = preg_replace("/DS/", "86400 DS", $output[0]);
exec("knotc zone-begin atope.art.");
exec("knotc zone-set atope.art. " . $dsRecord);
exec("knotc zone-commit atope.art.");
}

6
admin/sftp.php
View file

@ -1,6 +0,0 @@
<?php
$username = "castux";
$password = $username . $username;
//passthru("/usr/bin/sudo /usr/local/bin/maniver reload-nginx", $output);
passthru("/usr/bin/sudo /usr/local/bin/maniver setup-user " . $username . " " . $password, $output);
var_dump($output);

4
auth/login.php
View file

@ -2,11 +2,11 @@
<form method="post">
<label for="username">Identifiant</label><br>
<input required="" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" id="username" name="username" type="text" placeholder="proudhon">
<input required="" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" id="username" name="username" type="text" placeholder="lain">
<br>
<label for="password">Clé de passe</label><br>
<input required="" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="password" name="password" type="password" placeholder="************">
<input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="password" name="password" type="password" placeholder="************">
<br>
<input type="submit">

4
auth/password.php
View file

@ -6,10 +6,10 @@
<form method="post">
<label for="currentPassword">Mot de passe actuel</label><br>
<input required="" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="currentPassword" name="currentPassword" type="password" placeholder="************"><br>
<input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="currentPassword" name="currentPassword" type="password" placeholder="************"><br>
<label for="newPassword">Nouveau mot de passe</label><br>
<input required="" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="newPassword" name="newPassword" type="password" placeholder="************"><br>
<input required="" autocomplete="new-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="newPassword" name="newPassword" type="password" placeholder="************"><br>
<input type="submit">
</form>

15
auth/register.php
View file

@ -39,20 +39,25 @@ if (isset($_POST['username']) AND isset($_POST['password'])) {
?>
<form method="post">
<label for="username">Identifiant</label><br>
<input id="username" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" required="" name="username" type="text" placeholder="proudhon"><span></span><br>
<label for="username">
<details>
<summary>Identifiant</summary>
Uniquement composé de lettres minuscules.
</details>
<input id="username" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" required="" name="username" type="text" placeholder="lain"><span></span><br>
</label>
<?php
if (isset($userExist) AND $userExist == true) {
echo "Cet identifiant est déjà utilisé. Choisissez-en un autre.";
echo "<br>Cet identifiant est déjà utilisé. Choisissez-en un autre.";
}
?>
<label for="password">
<details>
<summary>Clé de passe</summary>
Minimum 10 caractères ou minimum 8 caractères s'il contient minuscule, majuscule et chiffre
Minimum 8 caractères si elle contient minuscule, majuscule et chiffre, ou minimum 10 caractères sinon.
</details>
<input id="password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" required="" name="password" type="password" placeholder="************"><span title="Le format nest pas valide"></span><br>
<input autocomplete="new-password" id="password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" required="" name="password" type="password" placeholder="************"><span title="Le format nest pas valide"></span><br>
</label>

8
ht/gemini-domain.php
View file

@ -2,9 +2,9 @@
<p>
Ajouter un domaine sur un dossier de site<br>
Le domaine doit pointer vers ces adresses IP :<br>
IPv4 : 45.13.104.169<br>
IPv6 : 2a0b:cbc0:1103:2::106f
Le domaine doit pointer vers ces adresses IP :
<br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
<br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
</p>
<form method="post">
@ -64,7 +64,7 @@ if (isset($_POST['domain']) AND isset($_POST['dir']) AND isset($_SESSION['userna
$conf = "# START NIVERSITE
[" . $_POST['domain'] . "]
root=/srv/hyper/" . $_SESSION['username'] . "/hyper/" . $_POST['dir'] . "
root=" . HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'] . "
# STOP NIVERSITE
";
file_put_contents("/etc/gmnisrv.ini", $conf, FILE_APPEND);

14
ht/gemini-onion.php
View file

@ -64,17 +64,19 @@ if (isset($_POST['dir']) AND isset($_SESSION['username'])) {
exec(SUDO_PATH . " " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
addNiverLog("Tor data exported by " . $_SESSION['username'], $output);
// Wait
sleep(1);
// Get the address generated by Tor
$onion = file_get_contents("/srv/hyper/" . $_SESSION['username'] . "/hyper/" . $_POST['dir'] . "/hostname");
$onion = str_replace(array("\r","\n"), "", $onion);
$onion = file_get_contents(HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'] . "/hostname");
$onion = str_replace(array("\r", "\n"), "", $onion);
// Store it in the database
addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "gemini");
$conf = "# START NIVERSITE
$conf = "
[" . $onion . "]
root=/srv/hyper/" . $_SESSION['username'] . "/hyper/" . $_POST['dir'] . "
# STOP NIVERSITE
root=" . HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'] . "
";
file_put_contents("/etc/gmnisrv.ini", $conf, FILE_APPEND);
@ -82,7 +84,7 @@ root=/srv/hyper/" . $_SESSION['username'] . "/hyper/" . $_POST['dir'] . "
exec(SUDO_PATH . " " . MANIVER_PATH . " restart-gmnisrv");
// Tell the user their site address
echo "<p>L'adresse de votre capsule Onion Gemini est :<br><a href='http://" . $onion . "'<code>http://" . $onion . "</code></a></p>";
echo "<p>L'adresse de votre capsule Onion Gemini est : <br><a href='http://" . $onion . "'<code>http://" . $onion . "</code></a></p>";
}

10
ht/http-onion.php
View file

@ -64,9 +64,12 @@ if (isset($_POST['dir']) AND isset($_SESSION['username'])) {
exec(SUDO_PATH . " " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
addNiverLog("Tor data exported by " . $_SESSION['username'], $output);
// Wait
sleep(1);
// Get the address generated by Tor
$onion = file_get_contents("/srv/hyper/" . $_SESSION['username'] . "/hyper/" . $_POST['dir'] . "/hostname");
$onion = str_replace(array("\r","\n"), "", $onion);
$onion = file_get_contents(HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'] . "/hostname");
$onion = str_replace(array("\r", "\n"), "", $onion);
// Store it in the database
addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "http");
@ -79,7 +82,8 @@ if (isset($_POST['dir']) AND isset($_SESSION['username'])) {
file_put_contents(NGINX_CONFIG_PATH . "/" . $_POST['dir'] . ".conf", $nginxConf);
// Reload Nginx
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-nginx");
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-nginx", $output);
addNiverLog("Nginx reloaded by " . $_SESSION['username'], $output);
// Tell the user their site address
echo "<p>L'adresse de votre site Onion HTTP est :<br><a href='http://" . $onion . "'<code>http://" . $onion . "</code></a></p>";

6
ht/https-domain.php
View file

@ -2,9 +2,9 @@
<p>
Ajouter un domaine sur un dossier de site<br>
Le domaine doit pointer vers ces adresses IP :<br>
IPv4 : 45.13.104.169<br>
IPv6 : 2a0b:cbc0:1103:2::106f
Le domaine doit pointer vers ces adresses IP :
<br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
<br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
</p>
<form method="post">

121
ht/sftp.php
View file

@ -4,7 +4,7 @@
if ($_SESSION['sftp_enabled'] == false) { ?>
<p>
Pour que vous puissiez mettre en ligne votre site via <abbr title="SSH File Transfert Protocol">SFTP</abbr>, veuillez définir un mot de passe.
<br>Il sera loggué en clair dans le systèmee et il ne pourra pas être modifié.
<br>Il sera loggué en clair dans le système et il ne pourra pas être modifié.
</p>
<form method="post">
@ -28,41 +28,56 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
}
} else if ($_SESSION['sftp_enabled'] == true) { ?>
Indiquez les données ci-dessous à votre client <abbr title="SSH File Transfert Protocol">SFTP</abbr> pour accéder à vos sites.
<dl>
<dt>Utilisataire</dt>
<dd>
<code><?= $_SESSION['username'] ?></code>
</dd>
Vous avez désormais accès à un espace <abbr title="SSH File Transfert Protocol">SFTP</abbr>. Vous pouvez téléverser vos sites dans <code>/ht/&lt;nom du site&gt;/*</code>.
<br>
<section>
<h2>Quota</h2>
L'espace est limité au total à 10Kio de stockage et 10 fichiers/dossiers.
</section>
<section>
<h2>Clients SFTP</h2>
<strong>Dolphin</strong> et <strong>GNOME Fichiers</strong> (<em>Nautilus</em>) sont disponibles sur la plupart des distributions GNU et sont installés par défaut respectivement sur les environnements de bureau KDE et GNOME. <a href="https://filezilla-project.org/"><strong>FileZilla</strong></a> est disponible aussi pour les autres systèmes d'exploitation de bureau.
<br>
C'est aussi possible d'utiliser le client <code>sftp</code> en ligne de commande.
</section>
<section>
<h2>Informations de connexion</h2>
<dt>Clé de passe</dt>
<dd>
celle que vous avez définit lors de l'activation de l'accès <abbr title="SSH File Transfert Protocol">SFTP</abbr>
</dd>
<div>
<a href="sftp://<?= $_SESSION['username'] ?>@sftp.niver.4.niv.re/">sftp://<?= $_SESSION['username'] ?>@sftp.niver.4.niv.re/</a>
</div>
<dt>Serveur</dt>
<dd>
<code>sftp.niver.atope.art</code>
</dd>
Indiquez les données ci-dessous à votre client <abbr title="SSH File Transfert Protocol">SFTP</abbr> pour y accéder.
<dt>Port</dt>
<dd>
<code>22</code> (par défaut)
</dd>
<dl>
<dt>Utilisataire</dt>
<dd>
<code><?= $_SESSION['username'] ?></code>
</dd>
<dt>Dossier</dt>
<dd>
<code>/</code>
</dd>
</dl>
<dt>Clé de passe</dt>
<dd>
celle que vous avez définit lors de l'activation de l'accès <abbr title="SSH File Transfert Protocol">SFTP</abbr>
</dd>
<div>
<a href="sftp://<?= $_SESSION['username'] ?>@sftp.niver.atope.art/">sftp://<?= $_SESSION['username'] ?>@sftp.niver.atope.art/</a>
</div>
<dt>Serveur</dt>
<dd>
<code>sftp.niver.4.niv.re</code>
</dd>
<dt>Port</dt>
<dd>
<code>22</code> (par défaut)
</dd>
<dt>Dossier</dt>
<dd>
<code>/</code>
</dd>
</dl>
</section>
<p>
L'accès n'est disponible qu'en IPv4.
</p>
<section>
<h2>Vérifier la connexion</h2>
@ -71,12 +86,12 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
<ul>
<li>
<code class="breakable">
SHA256:PfpB9Kk0HsOs1tWTcEu9UrPZfBXIFmdtpYOzGisGIxU
SHA256:k5gzcFr5BbOhNUgS6Nbyy15dXPpw6pmTo8OLZ5mLRmA
</code>
</li>
<li>
<code class="breakable">
AAAAC3NzaC1lZDI1NTE5AAAAIMpq93hAU4YKOLIXg601bZVCxwqZFZRnaQlv6gAMdfXV
AAAAC3NzaC1lZDI1NTE5AAAAIF3RT3r6bYGw88TQ190PIZz1UUVV3Xt5SLOo39G+ShjR
</code>
</li>
<li>
@ -85,15 +100,15 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
<samp>
<pre>
+--[ED25519 256]--+
| E ..o++|
| . =oo+|
| . . = =+o|
| . = . O.=B|
| . o S % =.=++|
| . o B @ ...|
| * B |
| o o . |
| . |
| .oo..* |
| . ..+ * |
| . .. = . . . |
| + E= + + o |
| . +..= S = . |
| . .+ o = |
| . o...o... |
| o..oB.+o |
| ...oo+=+o |
+----[SHA256]-----+
</pre>
</samp>
@ -106,14 +121,14 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
<ul>
<li>
<code class="breakable">
SHA256:HL4+Jq9TqE8ZLkW/2oqUvpPuz5kFkewK0hvtcaGvhH8
SHA256:yu9PGTGpeCyjaDDG0RiInsMIa1w6t2c6Gv6oemzeFN4
</code>
</li>
<li>
<details>
<summary>Clé publique</summary>
<code class="breakable">
AAAAB3NzaC1yc2EAAAADAQABAAABgQCicjbcL33w1RLUvtgMQjsuMCImp+ZNhYz24RcEO4OzBjDaHg0viQMXgkE9y68J0XVSRKMOQDaPHl6z+Q0xa9P0lnPZxSD+mhmGxjNtOPMoPueidEonvfc48MFgHL8nErvX5+hf9hLROPPBYMlMF2GgK4X/VT6AtIQWuU9E3Wm67+VBH31CCzVh2YUG7FJCQK/AwIsOcDC4ZDOorLu7NXd+bcuqdrleYJsqrirVTQh4zXe3hFdzZepgB44hyKd5YpWIVv6eCVfWNCjFG5D3+I5f8ivsNl9gh5DCLQY+iudl+j5pzImSZVC1Rogn42l8cG5Bg6fqyugWAvIwSUiajB9d2wCidL0o+HpdpHh1gOC08/G9DFj6gtNhaerEitRAGAYVZu1IGVJqaJyG8TGByoDoNVKh7zQu7B7lyy+yDa3Y9LpLoA1Mdux22zDQXkM99C/Q7XBlHSCC/STx0ugO8H5Nbjr9eIK0FBt3UI2Y29SOU5YxoOCx4i3c7k61Jy9NnF0=
AAAAB3NzaC1yc2EAAAADAQABAAABgQC5Zj5nghhFpdFsyxS6LZd+cYejGR82kow2UsnoRtQ20SU6ro36f4HnFkRcJyY4uPeTyUECX9uBircpKsizfkdfzJf3sTtjrAwghVVdH8EXsK1UjWTt4rRaav3F+g86DEcx7mqMva6zpnoxONjzA+Inm3SD89VuvSl1ZmZBBEEsqsIifNPYVPG1LQg62OEY1gpe89w92CXeEM7rGarp04ux76ORxN93BwnH27q9yjyBensZ/AjL6OmTtDHD8wWG0G6E3gqsyVUiELysyvwW4z3bfSOLRTwtwFaHe7WRjf9iy53h+ZcYZeA+Xe1eTffj0JGtNX2Fh6DWgso1yOeVV0Nziw4wI3Cpr2iO1x4oxeT8qwgklYMuJTAlNaahLXmENtmeq7BkaDKVZb/IW+uLj517c7WnOEUtr1xUcw4yuXXFVRBspmHzkwEvHsix/ZNmofkqo7ZZv5MIoRW1ad6peb8ApkxZ8UNVGcxmJgZmOrW1GBlCpyJdwwSMrLfQH5Zw8dk=
</code>
</details>
</li>
@ -123,15 +138,15 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
<samp>
<pre>
+---[RSA 3072]----+
| |
| . . |
| * . |
| . . + * . |
|. + + *.S |
| . * O.+.o |
| o Bo=.+ |
| =+*EBo |
| oO*XB+. |
|o. |
|+ +. . |
|*++. + |
|+X.. o . o |
|+o+ o + S . |
|.o + B = o |
| oo B E o |
|..*= . . |
|=B+.o .o.. |
+----[SHA256]-----+
</pre>
</samp>
@ -139,7 +154,7 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
</li>
</ul>
</section>
N'acceptez la connexion que si votre client vous montre les mêmes !
N'acceptez la connexion que si votre client vous montre l'une de ces signatures !
</section>
<br>
<?php

150
inc/const.inc.php Normal file
View file

@ -0,0 +1,150 @@
<?php
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
// --- Constants definitions ---
// Public IP adresses (shown on the interface)
define("IPV4_ADDRESS", "82.66.61.19");
define("IPV6_ADDRESS", "2a01:e0a:15c:2e40:acab:3:3:3");
//define("IPV6_ADDRESS", "2a01:e0a:15c:2e40:acab:4c4b:1312:fed1");
// Custom Niver paths
define("PREFIX", "/motrig"); // Prefix in URL, if any
define("ROOT_PATH", "/var/www/niver" . PREFIX); // Niver's directory
define("SERVICE", substr(dirname($_SERVER['PHP_SELF']), strlen(PREFIX) + 1));
define("PAGE", basename($_SERVER['PHP_SELF'], '.php'));
define("DB_PATH", ROOT_PATH . "/db/niver.db"); // Niver's SQLite database
define("NIVER_TEMPLATE_PATH", "/usr/local/share/niver"); // Templates directory (skel, nginx, knot...)
define("MANIVER_PATH", "/usr/local/bin/maniver"); // Executable file
define("HT_PATH", "/srv/ht"); // The mountpoint of the hypertext storage partition (that will be accessed over SFTP)
// Nginx
define("NGINX_CONFIG_PATH", "/etc/nginx/ht"); // Nginx configuration directory
// Tor
define("TOR_CONFIG_PATH", "/etc/tor/instances/niver/torrc"); // Tor configuration file
define("TOR_KEYS_PATH", "/var/lib/tor-instances/niver/keys"); // Tor keys directory
// Knot
define("KNOT_ZONES_PATH", "/var/lib/knot/zones"); // Knot zones directory
// Executable files (you can get the full path of a command with $ which <command>)
define("KNOTC_PATH", "/usr/sbin/knotc");
define("KEYMGR_PATH", "/usr/sbin/keymgr");
define("SUDO_PATH", "/usr/bin/sudo");
define("LS_PATH", "/usr/bin/ls");
// Both frontend and backend regexes
define("USERNAME_REGEX", "^[a-z]{4,32}$");
define("PASSWORD_REGEX", "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])[a-zA-Z0-9]{8,1024}|.{10,1024}$");
define("SUBDOMAIN_REGEX", "^[a-z]{4,63}$");
// Color scheme
define("THEME", array(
'htColor' => "#FF0000",
'regColor' => "#DA03E5",
'authColor' => "#00FF00",
'nsColor' => "#00A5A5",//00c4c4
'lightColor' => '#FFFFFF',
'darkColor' => '#2a2a2a',
));
// Public suffixes
define("SUFFIXES", array(
"4.niv.re.",
"asso.4.niv.re.",
"org.4.niv.re.",
"perso.4.niv.re.",
"blog.4.niv.re.",
"me.4.niv.re.",
"edu.4.niv.re.",
"info.4.niv.re.",
"wiki.4.niv.re.",
"sci.4.niv.re.",
"pol.4.niv.re.",
"libre.4.niv.re.",
"fem.4.niv.re.",
"eco.4.niv.re.",
"veg.4.niv.re.",
"bio.4.niv.re.",
"anar.4.niv.re.",
"ancom.4.niv.re.",
"acab.4.niv.re.",
"handi.4.niv.re.",
"queer.4.niv.re.",
"gay.4.niv.re.",
"enby.4.niv.re.",
"trans.4.niv.re.",
"net.4.niv.re.",
"tech.4.niv.re.",
"io.4.niv.re.",
"sec.4.niv.re.",
"cyber.4.niv.re.",
"dev.4.niv.re.",
"geek.4.niv.re.",
"fs.4.niv.re.",
"ht.4.niv.re.",
"hyper.4.niv.re.",
"git.4.niv.re.",
"forge.4.niv.re.",
"code.4.niv.re.",
"lab.4.niv.re.",
"labs.4.niv.re.",
"gemini.4.niv.re.",
"gmi.4.niv.re.",
"gemlog.4.niv.re.",
"mail.4.niv.re.",
"ynh.4.niv.re.",
"yuno.4.niv.re.",
"sys.4.niv.re.",
"fed.4.niv.re.",
"fedi.4.niv.re.",
"soc.4.niv.re.",
"masto.4.niv.re.",
"plero.4.niv.re.",
"pix.4.niv.re.",
"mobi.4.niv.re.",
"art.4.niv.re.",
"music.4.niv.re.",
"video.4.niv.re.",
"draw.4.niv.re.",
"audio.4.niv.re.",
"ink.4.niv.re.",
"na.4.niv.re.",
"psy.4.niv.re.",
"neuro.4.niv.re.",
"auti.4.niv.re.",
"plur.4.niv.re.",
"blue.4.niv.re.",
"red.4.niv.re.",
"pink.4.niv.re.",
"green.4.niv.re.",
"black.4.niv.re.",
"city.4.niv.re.",
"town.4.niv.re.",
"cafe.4.niv.re.",
"home.4.niv.re.",
"forum.4.niv.re.",
"dream.4.niv.re.",
"space.4.niv.re.",
"forest.4.niv.re.",
"rain.4.niv.re.",
"snow.4.niv.re.",
"sun.4.niv.re.",
"earth.4.niv.re.",
"world.4.niv.re.",
"soft.4.niv.re.",
"cute.4.niv.re.",
"cutie.4.niv.re.",
"fun.4.niv.re.",
"play.4.niv.re.",
"game.4.niv.re.",
));

79
inc/form/form.ns.inc.php
View file

@ -5,42 +5,55 @@
</select>
<br>
<label for="zone">Zone</label>
<br>
<select required="" name="zone" id="zone">
<option value="" disabled="" selected="">-</option>
<fieldset>
<legend>Domaine</legend>
<div class="elForm">
<label for="subdomain">Sous-domaine</label>
<br>
<input id="subdomain" size="16" placeholder="www" pattern="^(([a-z0-9]{1,63}\.?){1,127})|(@){1}$" name="subdomain" type="text">
</div>
<div class="elForm">
<label for="zone">Zone</label>
<br>
<select required="" name="zone" id="zone">
<option value="" disabled="" selected="">-</option>
<?php
$zones = nsListUserZones($_SESSION['username']);
<?php
$zones = nsListUserZones($_SESSION['username']);
foreach ($zones as $zone) {
echo "<option value='" . $zone . "'>" . $zone . "</option>";
}
?>
</select>
if (!empty($zones)) {
foreach ($zones as $zone)
echo "<option value='" . $zone . "'>" . $zone . "</option>";
}
?>
</select>
</div>
</fieldset>
<fieldset>
<legend><abbr title="Time To Live">TTL</abbr></legend>
<input id="ttl-value" list="ttls" name="ttl-value" size="6" type="number" min="1" max="432000" value="3600" placeholder="3600">
<datalist id="ttls">
<option value="900">
<option value="1800">
<option value="3600">
<option value="10800">
<option value="21600">
<option value="86400">
<option value="432000">
</datalist>
<select name="ttl-multiplier" id="ttl-multiplier">
<option value="1">seconde</option>
<option value="60">minute</option>
<option value="3600">heure</option>
<option value="86400">jour</option>
</select>
<div class="elForm">
<label for="ttl-value">Valeur</label>
<br>
<input required="" id="ttl-value" list="ttls" name="ttl-value" size="6" type="number" min="1" max="432000" value="3600" placeholder="3600">
<datalist id="ttls">
<option value="900">
<option value="1800">
<option value="3600">
<option value="10800">
<option value="21600">
<option value="86400">
<option value="432000">
</datalist>
</div>
<div class="elForm">
<label for="ttl-multiplier">Unité</label>
<br>
<select required="" name="ttl-multiplier" id="ttl-multiplier">
<option value="1">seconde</option>
<option value="60">minute</option>
<option value="3600">heure</option>
<option value="86400">jour</option>
</select>
</div>
</fieldset>
<label for="domain">Domaine</label>
<br>
<input id="domain" placeholder="exemple." name="domain" type="text">

2
inc/ht.inc.php
View file

@ -3,7 +3,7 @@ if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
function listFsDirs($username) {
exec(LS_PATH . " ls --format=single-column -d /srv/hyper/" . $username . "/hyper/*/", $absoluteDirs);
exec(LS_PATH . " --format=single-column -d " . HT_PATH . "/" . $username . "/ht/*/", $absoluteDirs);
$relativeDirs = false;
foreach ($absoluteDirs as $i => $absoluteDir) {
$tree = explode("/", $absoluteDir); // The last key is NULL

15
inc/html/ttl.ns.inc.php
View file

@ -1,15 +0,0 @@
<fieldset>
<legend><abbr title="Time To Live">TTL</abbr></legend>
<label for="ttl-value">Valeur</label>
<br>
<input id="ttl-value" list="ttls" name="ttl-value" size="10" type="number" min="300" max="604800" value="3600" placeholder="3600">
<br>
<label for="ttl-multiplier">Unité</label>
<br>
<select name="ttl-multiplier" id="ttl-multiplier">
<option value="1">seconde</option>
<option value="60">minute</option>
<option value="3600">heure</option>
<option value="86400">jour</option>
</select>
</fieldset>

8
inc/ns.inc.php
View file

@ -5,7 +5,6 @@ if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
function nsCommonRequirements() {
if (isset($_POST['action'])
AND isset($_POST['zone'])
AND isset($_POST['domain'])
AND isset($_POST['ttl-value'])
AND isset($_POST['ttl-multiplier'])
AND isset($_SESSION['username'])
@ -18,7 +17,12 @@ function nsParseCommonRequirements() {
$values['action'] = checkAction($_POST['action']);
nsCheckZonePossession($_POST['zone']);
checkAbsoluteDomainFormat($_POST['domain']);
if (($_POST['subdomain'] === "") OR ($_POST['subdomain'] === "@"))
$values['domain'] = $_POST['zone'];
else
$values['domain'] = $_POST['subdomain'] . "." . $_POST['zone'];
checkAbsoluteDomainFormat($values['domain']);
$values['ttl'] = $_POST['ttl-value'] * $_POST['ttl-multiplier'];

4
inc/pages.inc.php
View file

@ -38,7 +38,7 @@ switch (SERVICE) {
$page['title'] = "Enregistrement TLSA";
break;
case "zone":
$page['title'] = "Ajouter une zone";
$page['title'] = "Gérer ses zones";
break;
}
break;
@ -53,7 +53,7 @@ switch (SERVICE) {
$page['title'] = "Ajouter un enregistrement NS";
break;
case "register":
$page['title'] = "Enregistrer un nouveau nom de domaine";
$page['title'] = "Enregistrer un nouveau domaine";
break;
case "glue":
$page['title'] = "Créer un Glue Record";

105
inc/reg.inc.php
View file

@ -2,7 +2,8 @@
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
function regGetSuffix($domain) {
function regGetUpperDomain($domain) {
// Remove anything before the first dot and the first dot itself
return preg_replace("/^[^.]+\./", "", $domain);
}
@ -75,105 +76,3 @@ function regIsFree($domain) {
}
}
$suffixes = array(
"atope.art.",
"asso.atope.art.",
"org.atope.art.",
"perso.atope.art.",
"blog.atope.art.",
"me.atope.art.",
"edu.atope.art.",
"info.atope.art.",
"wiki.atope.art.",
"sci.atope.art.",
"pol.atope.art.",
"libre.atope.art.",
"fem.atope.art.",
"eco.atope.art.",
"veg.atope.art.",
"bio.atope.art.",
"anar.atope.art.",
"ancom.atope.art.",
"acab.atope.art.",
"handi.atope.art.",
"queer.atope.art.",
"gay.atope.art.",
"enby.atope.art.",
"trans.atope.art.",
"net.atope.art.",
"tech.atope.art.",
"io.atope.art.",
"sec.atope.art.",
"cyber.atope.art.",
"dev.atope.art.",
"geek.atope.art.",
"fs.atope.art.",
"ht.atope.art.",
"hyper.atope.art.",
"git.atope.art.",
"forge.atope.art.",
"code.atope.art.",
"lab.atope.art.",
"labs.atope.art.",
"gemini.atope.art.",
"gmi.atope.art.",
"gemlog.atope.art.",
"mail.atope.art.",
"ynh.atope.art.",
"yuno.atope.art.",
"sys.atope.art.",
"fed.atope.art.",
"fedi.atope.art.",
"soc.atope.art.",
"masto.atope.art.",
"plero.atope.art.",
"pix.atope.art.",
"mobi.atope.art.",
"art.atope.art.",
"music.atope.art.",
"video.atope.art.",
"draw.atope.art.",
"audio.atope.art.",
"ink.atope.art.",
"na.atope.art.",
"psy.atope.art.",
"neuro.atope.art.",
"auti.atope.art.",
"plur.atope.art.",
"blue.atope.art.",
"red.atope.art.",
"pink.atope.art.",
"green.atope.art.",
"black.atope.art.",
"city.atope.art.",
"town.atope.art.",
"cafe.atope.art.",
"home.atope.art.",
"forum.atope.art.",
"dream.atope.art.",
"space.atope.art.",
"forest.atope.art.",
"rain.atope.art.",
"snow.atope.art.",
"sun.atope.art.",
"earth.atope.art.",
"world.atope.art.",
"soft.atope.art.",
"cute.atope.art.",
"cutie.atope.art.",
"fun.atope.art.",
"play.atope.art.",
"game.atope.art.",
);

8
index.php
View file

@ -1,17 +1,17 @@
<?php require "top.inc.php"; ?>
<dl>
<dt><a class="regButton" href="reg">Registre atope.art</a></dt>
<dt><a class="regButton" href="reg">Registre 4.niv.re.</a></dt>
<dd>
Demander l'attribution d'un sous-domaine d'atope.art
Demander l'attribution d'un sous-domaine de <code>4.niv.re.</code>
</dd>
<dt><a class="nsButton" href="ns">Serveurs de noms</a></dt>
<dd>
Utiliser les serveurs ns*.atope.art pour héberger ses zones de domaines
Utiliser le serveur de noms de Niver pour héberger ses zones
</dd>
<dt><a class="htButton" href="ht">Hypertexte</a></dt>
<dd>
Mettre en ligne son site statique sur un espace <abbr title="SSH File Transfert Protocol">SFTP</abbr>, et le faire répondre en <abbr title="HyperText Transfert Protocol">HTTP</abbr> sur des domaines ou par Tor
Mettre en ligne son site statique sur un espace <abbr title="SSH File Transfert Protocol">SFTP</abbr>, et le faire répondre en <abbr title="HyperText Transfert Protocol">HTTP</abbr> ou Gemini par le DNS ou Tor
</dd>
<dt><a class="authButton" href="auth">Authentification</a></dt>
<dd>

42
less/form.less
View file

@ -12,7 +12,6 @@ input, select {
border-radius: 12px;
font-size: @fontSize;
margin: 5px;
height: 100%;
padding: 10px;
border-style: solid;
border-width: 2px;
@ -48,6 +47,10 @@ input[type=submit] {
margin: 22px;
}
input#subdomain, input#ttl-value {
text-align: right;
}
#password {
width: 24ch;
}
@ -65,7 +68,7 @@ input:invalid+span::after {
}
input:valid+span::after {
content: '';
content: ''; // ✓
}
input+span::after {
@ -76,21 +79,28 @@ input+span::after {
font-family: monospace;
}
label+input[required]::after {
content: '*';
}
/*
input:valid+span:after {
content: '✓';
padding-left: 10px;
}
*/
label {
padding-top: 10px;
}
label.aboutInputCondition {
display: block;
font-size: @fontSize - 10%;
}
fieldset {
border-radius: 20px;
border-width: 2px;
border-style: solid;
display: flex;
flex-direction: row;
justify-content: center;
@media @light {
border-color: @darkColor;
}
@media @dark {
border-color: @lightColor;
}
}
.elForm {
flex-direction: column;
}

30
less/main.less
View file

@ -14,8 +14,12 @@ h1 {
}
body {
margin: 0px;
font-family: system-ui, sans-serif;
font-size: @fontSize;
}
header, main, footer {
margin-left: 20%;
margin-right: 20%;
@media (max-width: 500px) {
@ -40,17 +44,9 @@ a {
color: @authColor;
}
footer {
margin-left: 20%;
margin-right: 20%;
@media (max-width: 500px) {
margin-left: 0px;
margin-right: 0px;
}
}
header {
text-align: center;
margin-top: 20px;
}
p {
@ -90,19 +86,3 @@ h2 {
color: @darkColor;
}
}
/*
.prideFlag {
bottom: 0px;
margin: 0px;
margin-bottom: 12px;
border-color: red;
background-color: rgba(0, 0, 0, 0);
background-image: linear-gradient(to right, rgb(52, 0, 60) 0%, rgb(52, 0, 60) 17%, rgb(0, 40, 137) 17%, rgb(0, 40, 137) 33%, rgb(15, 81, 33) 33%, rgb(15, 81, 33) 50%, rgb(189, 179, 61) 50%, rgb(189, 179, 61) 66%, rgb(169, 105, 34) 66%, rgb(169, 105, 34) 83%, rgb(117, 0, 0) 83%, rgb(117, 0, 0) 100%);
border: 0;
height: 16px;
background: #087F28;
background: linear-gradient(to right, #740D85 0%, #740D85 17%, #064DFE 17%, #064DFE 33%, #087F28 33%, #087F28 50%, #FEEC1A 50%, #FEEC1A 66%, #FE8B0B 66%, #FE8B0B 83%, #E20706 83%, #E20706 100% );
width: 100%;
}
*/

351
niver.log
View file

@ -99,10 +99,359 @@
status: exit code: 1
stdout:
stderr: useradd: cannot lock /etc/passwd; try again later.
2021-05-17 13:09:55 pale enabled SFTP on their account
status: exit code: 1
stdout:
stderr: useradd: cannot lock /etc/passwd; try again later.
2021-05-26 09:19:38 coco enabled SFTP on their account
status: exit code: 1
stdout:
stderr: useradd: cannot lock /etc/passwd; try again later.
2021-05-28 15:01:47 cray enabled SFTP on their account
status: exit code: 1
stdout:
stderr: useradd: cannot lock /etc/passwd; try again later.
2021-05-28 15:09:00 goule enabled SFTP on their account
status: exit code: 1
stdout:
stderr: useradd: cannot lock /etc/passwd; try again later.
2021-05-28 15:18:24 fatfat enabled SFTP on their account
status: exit code: 1
stdout:
stderr: useradd: cannot lock /etc/passwd; try again later.
2021-07-06 01:07:28 miraaty enabled SFTP on their account
2021-07-08 21:47:43 testdeux enabled SFTP on their account
status: exit status: 0
stdout:
stderr:
sent username:password to chpasswd
chpasswd responded with:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
2021-07-08 23:24:50 testtrois enabled SFTP on their account
status: exit status: 0
stdout:
stderr:
sent username:password to chpasswd
chpasswd responded with:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
2021-07-08 23:51:52 testquatre enabled SFTP on their account
status: exit status: 0
stdout:
stderr:
sent username:password to chpasswd
chpasswd responded with:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
2021-07-10 19:47:47 Tor reloaded by testquatre
status: exit status: 0
stdout:
stderr:
2021-07-10 19:47:47 Tor data exported by testquatre
status: exit status: 0
stdout:
stderr:
2021-07-10 19:47:47 Nginx reloaded by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 1
stdout:
stderr: Job for nginx.service failed.
See "systemctl status nginx.service" and "journalctl -xe" for details.
2021-07-10 19:52:25 Tor reloaded by testquatre
status: exit status: 0
stdout:
stderr:
2021-07-10 19:52:25 Tor data exported by testquatre
status: exit status: 0
stdout:
stderr:
2021-07-10 19:52:25 Nginx reloaded by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 1
stdout:
stderr: Job for nginx.service failed.
See "systemctl status nginx.service" and "journalctl -xe" for details.
2021-07-10 20:17:00 Tor reloaded by testquatre
status: exit status: 0
stdout:
stderr:
2021-07-10 20:17:00 Tor data exported by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
2021-07-10 20:17:00 Nginx reloaded by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 1
stdout:
stderr: Job for nginx.service failed.
See "systemctl status nginx.service" and "journalctl -xe" for details.
2021-07-10 23:25:42 Tor reloaded by testquatre
status: exit status: 0
stdout:
stderr:
2021-07-10 23:25:42 Tor data exported by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
2021-07-10 23:25:42 Nginx reloaded by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 1
stdout:
stderr: Job for nginx.service failed.
See "systemctl status nginx.service" and "journalctl -xe" for details.
2021-07-11 00:57:45 Tor reloaded by testquatre
status: exit status: 0
stdout:
stderr:
2021-07-11 00:57:45 Tor data exported by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
2021-07-11 00:57:45 Nginx reloaded by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 1
stdout:
stderr: Job for nginx.service failed.
See "systemctl status nginx.service" and "journalctl -xe" for details.
2021-07-11 01:02:36 Tor reloaded by testquatre
status: exit status: 0
stdout:
stderr:
2021-07-11 01:02:36 Tor data exported by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
2021-07-11 01:02:39 Nginx reloaded by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 1
stdout:
stderr: Job for nginx.service failed.
See "systemctl status nginx.service" and "journalctl -xe" for details.
2021-07-11 01:10:38 Tor reloaded by testquatre
status: exit status: 0
stdout:
stderr:
2021-07-11 01:10:38 Tor data exported by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
2021-07-11 01:10:39 Nginx reloaded by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 1
stdout:
stderr: Job for nginx.service failed.
See "systemctl status nginx.service" and "journalctl -xe" for details.
2021-07-14 23:58:48 Tor reloaded by testquatre
status: exit status: 1
stdout:
stderr: Job for tor@niver.service failed because the control process exited with error code.
See "systemctl status tor@niver.service" and "journalctl -xe" for details.
2021-07-14 23:58:48 Tor data exported by testquatre
status: exit status: 1
stdout:
stderr: Job for tor@niver.service failed because the control process exited with error code.
See "systemctl status tor@niver.service" and "journalctl -xe" for details.
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
2021-07-15 00:01:27 Tor reloaded by testquatre
status: exit status: 1
stdout:
stderr: tor@niver.service is not active, cannot reload.
2021-07-15 00:01:27 Tor data exported by testquatre
status: exit status: 1
stdout:
stderr: tor@niver.service is not active, cannot reload.
2021-07-15 00:09:31 Tor reloaded by testquatre
status: exit status: 0
stdout:
stderr:
2021-07-15 00:09:31 Tor data exported by testquatre
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
2021-07-15 03:44:46 Tor reloaded by testquatre
status: exit status: 1
stdout:
stderr: Job for tor@niver.service failed because the control process exited with error code.
See "systemctl status tor@niver.service" and "journalctl -xe" for details.
2021-07-15 03:44:46 Tor data exported by testquatre
status: exit status: 1
stdout:
stderr: Job for tor@niver.service failed because the control process exited with error code.
See "systemctl status tor@niver.service" and "journalctl -xe" for details.
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
2021-07-15 03:44:47 Nginx reloaded by testquatre
status: exit status: 1
stdout:
stderr: Job for tor@niver.service failed because the control process exited with error code.
See "systemctl status tor@niver.service" and "journalctl -xe" for details.
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:
status: exit status: 0
stdout:
stderr:

2
ns/caa.php
View file

@ -40,7 +40,7 @@ if (nsCommonRequirements()
exit("ERROR: Wrong value for value");
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " IN CAA " . $_POST['flag'] . " " . $_POST['tag'] . " " . $_POST['value']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN CAA " . $_POST['flag'] . " " . $_POST['tag'] . " " . $_POST['value']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}

45
ns/dnssec.php
View file

@ -1,5 +1,7 @@
<?php require "../top.inc.php"; ?>
Afin d'activer DNSSEC, vous devez indiquer un enregistrement DS à la zone parente.
<form method="post">
<select required="" name="zone" id="zone">
<option value="" disabled="" selected="">---</option>
@ -23,14 +25,49 @@
if (isset($_POST['zone']) AND isset($_SESSION['username'])) {
nsCheckZonePossession($_POST['zone']);
exec(KEYMGR_PATH . " " . $_POST['zone'] . " ds", $output);
echo "Voici les enregistrements DNS à indiquer à la zone parente<br>";
$l0 = explode(" ", $output[0]);
$l1 = explode(" ", $output[1]);
echo "<code>" . $output[0] . "</code><br><code>" . $output[1] . "</code>";
?>
}
<dl>
?>
<dt>Zone</dt>
<dd>
<code><?= $_POST['zone'] ?></code>
</dd>
<dt>Tag</dt>
<dd>
<code><?= $l0[2] ?></code>
</dd>
<dt>Algorithme</dt>
<dd>
<code>15</code> (Ed25519)
</dd>
<dt>Condensat de type <code>2</code> (SHA-256)</dt>
<dd>
<code><?= $l0[5] ?></code>
</dd>
<dt>Condensat de type <code>4</code> (SHA-384 ; optionnel)</dt>
<dd>
<code><?= $l1[5] ?></code>
</dd>
</dl>
<details>
<summary>Données brutes</summary>
<code><?= $output[0] ?></code><br><code><?= $output[1] ?></code>
</details>
<?php } ?>
<?php require "../bottom.inc.php"; ?>

21
ns/index.php
View file

@ -1,9 +1,9 @@
<?php require "../top.inc.php"; ?>
<dl>
<dt><a class="nsButton" href="zone">Ajouter une zone</a></dt>
<dt><a class="nsButton" href="zone">Gérer ses zones</a></dt>
<dd>
Pour qu'elle soit gérée par le serveur de noms ns1.atope.art
Pour qu'elle soit gérée par le serveur de noms de Niver
</dd>
<dt><a class="nsButton" href="dnssec">Obtenir les enregistrements <abbr title="Delegation Signer">DS</abbr></a></dt>
<dd>
@ -30,23 +30,24 @@
<dd>
Indiquer le serveur mail pour un domaine
</dd>
<dt><a class="nsButton" href="sshfp">Enregistrement <abbr title="Secure SHell FingerPrint">SSHFP</abbr></a></dt>
<dt><a class="nsButton" href="caa">Enregistrement <abbr title="Certification Authority Authorization">CAA</abbr></a></dt>
<dd>
Indiquer les empreintes de clés <abbr title="Secure SHell">SSH</abbr> d'un domaine
Indiquer les seules autorités de certifications autorisée à signer les domaines
</dd>
<dt><a class="nsButton" href="tlsa">Enregistrement <abbr title="Transport Layer Security Association">TLSA</abbr></a></dt>
<dd>
Mettre en place <abbr title="DNS-based Authentication of Named Entities">DANE</abbr> en indiquant l'empreinte d'un certificat <abbr title="Transport Layer Security">TLS</abbr>
</dd>
<dt><a class="nsButton" href="caa">Enregistrement <abbr title="Certification Authority Authorization">CAA</abbr></a></dt>
<dt><a class="nsButton" href="sshfp">Enregistrement <abbr title="Secure SHell FingerPrint">SSHFP</abbr></a></dt>
<dd>
Indiquer les seules autorités de certifications autorisée à signer les domaines
Indiquer les empreintes de clés <abbr title="Secure SHell">SSH</abbr> d'un domaine
</dd>
<dt><a class="nsButton" href="loc">NOT DONE : Enregistrement LOC</a></dt>
<dd>
Indiquer des coordonnées géographiques
</dd>
<!--
<dt><a class="nsButton" href="loc">Enregistrement LOC</a></dt>
<dd>
Indiquer la localisation physique d'un domaine
</dd>
<dt><a class="nsButton" href="cname">Enregistrement <abbr title="Canonical NAME">CNAME</abbr></a></dt>
<dd>
Définir un domaine comme étant l'alias d'un autre

13
ns/ip.php
View file

@ -1,17 +1,16 @@
<?php require "../top.inc.php"; ?>
<p>
Ici vous pouvez ajouter ou enlever des adresses IP dans une zone déjà enregistrée sur le serveur ns1.atope.art
<br>Le format IPv4 (A) ou IPv6 (AAAA) sera détecté automatiquement.
Ici vous pouvez ajouter ou enlever des adresses IP dans une zone déjà enregistrée sur le serveur de noms de Niver
<br>Le format IPv4 (<code>A</code>) ou IPv6 (<code>AAAA</code>) sera détecté automatiquement.
<br>Si vous souhaitez utiliser un service d'hébergement hypertexte de Niver, voici les adresses à renseigner :
<br>IPv4 : 45.13.104.169
<br>IPv6 : 2a0b:cbc0:1103:2::106f
<br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
<br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
</p>
<form method="post">
<?php require "../inc/form/form.ns.inc.php"; ?>
<br>
<label for="ip">IP</label><br>
<label for="ip">Adresse IP</label><br>
<input required="" pattern="^[a-f0-9:.]+$" id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="2a0b:cbc0:1103:2::106f ou 45.13.104.169"><br>
<input value="Valider" type="submit">
</form>
@ -33,7 +32,7 @@ if (nsCommonRequirements()
exit("ERROR: unknown IP format");
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " " . $record . " " . $_POST['ip']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " " . $record . " " . $_POST['ip']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";

52
ns/loc.php Normal file
View file

@ -0,0 +1,52 @@
<?php include "../top.inc.php"; ?>
<form method="post">
<?php require "../inc/form/form.ns.inc.php"; ?>
<br>
<label for="flag">Flag</label>
<br>
<input id="flag" min="0" max="127" placeholder="0" name="flag" type="number">
<br>
<label for="tag">Tag</label>
<br>
<input id="tag" minlenght="1" maxlength="128" pattern="^[a-z]{1,128}$" placeholder="issue" name="tag" type="text">
<br>
<label for="value">Valeur</label>
<br>
<input id="value" minlenght="3" maxlength="1024" pattern="^[a-z0-9.-]{3,1024}$" placeholder="letsencrypt.org" name="value" type="text">
<br>
<input value="Valider" type="submit">
</form>
<?php
if (nsCommonRequirements()
AND isset($_POST['flag'])
AND isset($_POST['tag'])
AND isset($_POST['value'])
) {
$values = nsParseCommonRequirements();
if (!($_POST['flag'] >= 0 AND $_POST['flag'] <= 255))
exit("ERROR: Wrong value for flag");
if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
exit("ERROR: Wrong value for tag");
if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
exit("ERROR: Wrong value for value");
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN CAA " . $_POST['flag'] . " " . $_POST['tag'] . " " . $_POST['value']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}
?>
<?php include "../bottom.inc.php"; ?>

2
ns/mx.php
View file

@ -35,7 +35,7 @@ if (nsCommonRequirements()
checkAbsoluteDomainFormat($_POST['host']);
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " IN MX " . $_POST['priority'] . " " . $_POST['host']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN MX " . $_POST['priority'] . " " . $_POST['host']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}

4
ns/ns.php
View file

@ -7,7 +7,7 @@
<br>
<input id="ns" placeholder="ns1.atope.art." name="ns" type="text">
<br>
<input value="Valider" type="submit">
<input value="Procéder" type="submit">
</form>
<?php
@ -20,7 +20,7 @@ if (nsCommonRequirements()
checkAbsoluteDomainFormat($_POST['ns']);
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " IN NS " . $_POST['ns']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN NS " . $_POST['ns']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}

2
ns/srv.php
View file

@ -55,7 +55,7 @@ if (nsCommonRequirements()
checkAbsoluteDomainFormat($_POST['target']);
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " IN SRV " . $_POST['priority'] . " " . $_POST['weight'] . " " . $_POST['port'] . " " . $_POST['target']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN SRV " . $_POST['priority'] . " " . $_POST['weight'] . " " . $_POST['port'] . " " . $_POST['target']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}

2
ns/sshfp.php
View file

@ -52,7 +52,7 @@ if (nsCommonRequirements()
exit("ERROR: Wrong value for fp");
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " IN SSHFP " . $_POST['algo'] . " " . $_POST['type'] . " " . $_POST['fp']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN SSHFP " . $_POST['algo'] . " " . $_POST['type'] . " " . $_POST['fp']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}

2
ns/tlsa.php
View file

@ -66,7 +66,7 @@ if (nsCommonRequirements()
exit("ERROR: Wrong value for content");
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['ttl'] . " IN TLSA " . $_POST['use'] . " " . $_POST['selector'] . " " . $_POST['type'] . " " . $_POST['content']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN TLSA " . $_POST['use'] . " " . $_POST['selector'] . " " . $_POST['type'] . " " . $_POST['content']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}

2
ns/txt.php
View file

@ -21,7 +21,7 @@ if (nsCommonRequirements()
exit("ERROR : Wrong caracter or wrong caracter quantity");
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $_POST['domain'] . " " . $values['txt'] . ' IN TXT \"' . $_POST['txt'] . '\"');
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . ' IN TXT \"' . $_POST['txt'] . '\"');
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}

62
ns/zone.php
View file

@ -1,9 +1,10 @@
<?php require "../top.inc.php"; ?>
<form method="post">
<h2>Ajouter une zone</h2>
<label for="domain">Domaine</label><br>
<input required="" placeholder="niver.atope.art." id="domain" name="domain" type="text"><br>
<input value="Valider" type="submit">
<input required="" placeholder="niver.4.niv.re." id="domain" name="domain" type="text"><br>
<input value="Ajouter" type="submit">
</form>
<?php
@ -20,28 +21,61 @@ if (isset($_POST['domain']) AND isset($_SESSION['username'])) {
$stmt->execute();
$knotConf = file_get_contents(NIVER_TEMPLATE_PATH . "/knot.template");
$knotConf = preg_replace("/DOMAIN/", $_POST['domain'], $knotConf);
file_put_contents(KNOT_ZONES_PATH . "/" . $_POST['domain'] . "zone", $knotConf);
$knotZonePath = KNOT_ZONES_PATH . "/" . $_POST['domain'] . "zone";
$knotZone = file_get_contents(NIVER_TEMPLATE_PATH . "/knot.template");
$knotZone = preg_replace("/DOMAIN/", $_POST['domain'], $knotZone);
// Previous system
//exec("cp /var/lib/knot/zones/template /var/lib/knot/zones/" . $_POST['domain'] . "zone");
//exec("sed -i 's/DOMAIN/" . $_POST['domain'] . "/g' /var/lib/knot/zones/" . $_POST['domain'] . "zone");
file_put_contents($knotZonePath, $knotZone);
chmod($knotZonePath, 0660);
exec(KNOTC_PATH . " conf-begin");
exec(KNOTC_PATH . " conf-set 'zone[" . $_POST['domain'] . "]'");
exec(KNOTC_PATH . " conf-set 'zone[" . $_POST['domain'] . "].template' 'niver'");
exec(KNOTC_PATH . " conf-commit");
/*
exec("/usr/sbin/knotc conf-begin");
exec("/usr/sbin/knotc conf-set 'zone[gaalde.atope.art.]'");
exec("/usr/sbin/knotc conf-set 'zone[gaalde.atope.art.].template' 'niver'");
exec("/usr/sbin/knotc conf-commit");
*/
echo "La requête a été traitée.";
}
?>
<form method="post">
<h2>Supprimer une zone</h2>
<label for="zone">Zone</label>
<select required="" name="zone" id="zone">
<option value="" disabled="" selected="">-</option><?php
$zones = nsListUserZones($_SESSION['username']);
if (!empty($zones)) {
foreach ($zones as $zone)
echo "<option value='" . $zone . "'>" . $zone . "</option>";
}
?>
</select>
<br>
<input value="Supprimer toutes les données liées à cette zone" type="submit">
</form>
<?php
if (isset($_POST['zone']) AND isset($_SESSION['username'])) {
nsCheckZonePossession($_POST['zone']);
$knotZonePath = KNOT_ZONES_PATH . "/" . $_POST['zone'] . "zone";
unlink($knotZonePath);
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("DELETE FROM zones WHERE zone = :zone AND username = :username");
$stmt->bindParam(':zone', $_POST['zone']);
$stmt->bindParam(':username', $_SESSION['username']);
$stmt->execute();
echo "La requête a été traitée.";
}
?>
<?php require "../bottom.inc.php"; ?>

4
reg/ds.php
View file

@ -42,7 +42,7 @@
<option value="16">16 (ED448)</option>
</select>
<br>
<label for="dt">Digest Type</label>
<label for="dt">Type de condensat</label>
<br>
<select required="" name="dt" id="dt">
<!-- RFC 8624 : Algorithm Implementation Requirements and Usage Guidance for DNSSEC > Algorithm Selection > DS and CDS Algorithms -->
@ -83,7 +83,7 @@ if (isset($_POST['zone']) AND isset($_POST['keytag']) AND isset($_POST['algo'])
nsCheckZonePossession($_POST['zone']);
regCheckDomainPossession($_POST['zone']);
$suffix = regGetSuffix($_POST['zone']);
$suffix = regGetUpperDomain($_POST['zone']);
exec(KNOTC_PATH . " zone-begin " . $suffix);
exec(KNOTC_PATH . " zone-set " . $suffix . " " . $_POST['zone'] . " 86400 DS " . $_POST['keytag'] . " " . $_POST['algo'] . " " . $_POST['dt'] . " " . $_POST['key']);

47
reg/glue.php
View file

@ -6,24 +6,25 @@
<option value="add">Ajouter</option>
<option value="delete">Retirer</option>
</select>
<br>
<input required="" id="subdomain" placeholder="ns1" name="subdomain" type="text">
<select required="" name="suffix" id="suffix">
<option value="" disabled="" selected="">---</option>
<fieldset>
<legend>Domaine</legend>
<input required="" id="subdomain" placeholder="ns1" name="subdomain" type="text">
<select required="" name="suffix" id="suffix">
<option value="" disabled="" selected="">---</option>
<?php
<?php
$domains = regListUserDomains($_SESSION['username']);
$suffixes = regListUserDomains($_SESSION['username']);
if ($domains) {
foreach($domains as $domain) {
echo "<option value='" . $domain . "'>." . $domain . "</option>";
if ($suffixes) {
foreach($suffixes as $suffix) {
echo "<option value='" . $suffix . "'>." . $suffix . "</option>";
}
}
}
?>
</select>
<br>
?>
</select>
</fieldset>
<label for="ip">IP</label><br>
<input required="" pattern="^[a-f0-9:.]+$" id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="2a0b:cbc0:1103:2::106f ou 45.13.104.169">
<br>
@ -34,16 +35,11 @@
if (isset($_POST['action']) AND isset($_POST['subdomain']) AND isset($_POST['suffix']) AND isset($_POST['ip'])) {
if ($domains) {
foreach($domains as $domain) {
if ($_POST['suffix'] == $domain) goto ownedSuffix;
}
exit("ERROR : You don't own this suffix");
} else {
if (!$suffixes)
exit("ERROR : You don't own any domain");
}
ownedSuffix:
if (!in_array($_POST['suffix'], $suffixes))
exit("ERROR : You don't own this suffix");
$domain = $_POST['subdomain'] . "." . $_POST['suffix'];
@ -60,12 +56,11 @@ if (isset($_POST['action']) AND isset($_POST['subdomain']) AND isset($_POST['suf
$action = checkAction($_POST['action']);
// Remove anything before the first dot and the first dot itself
$suffix = regGetSuffix($_POST['suffix']);
$publicSuffix = regGetUpperDomain($_POST['suffix']);
exec(KNOTC_PATH . " zone-begin " . $suffix);
exec(KNOTC_PATH . " zone-" . $action . "set " . $suffix . " " . $_POST['subdomain'] . " 86400 " . $record . " " . $_POST['ip']);
exec(KNOTC_PATH . " zone-commit " . $suffix);
exec(KNOTC_PATH . " zone-begin " . $publicSuffix);
exec(KNOTC_PATH . " zone-" . $action . "set " . $publicSuffix . " " . $domain . " 86400 " . $record . " " . $_POST['ip']);
exec(KNOTC_PATH . " zone-commit " . $publicSuffix);
echo "Glue record ajouté";
}

8
reg/index.php
View file

@ -1,13 +1,13 @@
<?php include "../top.inc.php"; ?>
<dl>
<dt><a class="regButton" href="register">Enregistrer un nouveau nom de domaine</a></dt>
<dt><a class="regButton" href="register">Enregistrer un nouveau domaine</a></dt>
<dd>
Prendre possession d'un sous-domaine d'atope.art
Prendre possession d'un sous-domaine de 4.niv.re.
</dd>
<dt><a class="regButton" href="ns">Enregistrement <abbr title="Name Server">NS</abbr></a></dt>
<dd>
Indiquer les serveurs de noms de son sous-domaine d'atope.art
Indiquer les serveurs de noms de son sous-domaine de 4.niv.re.
</dd>
<dt><a class="regButton" href="ds">Enregistrement <abbr title="Delegation Signer">DS</abbr></a></dt>
<dd>
@ -15,7 +15,7 @@
</dd>
<dt><a class="regButton" href="glue">Glue Record</a></dt>
<dd>
Indiquer les IP de ses serveurs de noms de son sous-domaine d'atope.art dont les adresses se trouvent sur ce même sous-domaine
Indiquer les IP de ses serveurs de noms de son sous-domaine de 4.niv.re. dont les adresses se trouvent sur ce même sous-domaine
</dd>
</dl>

2
reg/ns.php
View file

@ -41,7 +41,7 @@ if (isset($_POST['domain']) AND isset($_POST['action']) AND isset($_POST['ns'])
$action = checkAction($_POST['action']);
$suffix = regGetSuffix($_POST['domain']);
$suffix = regGetUpperDomain($_POST['domain']);
exec(KNOTC_PATH . " zone-begin " . $suffix);
exec(KNOTC_PATH . " zone-" . $action . "set " . $suffix . " " . $_POST['domain'] . " 86400 NS " . $_POST['ns']);

251
reg/register.php
View file

@ -1,129 +1,136 @@
<?php include "../top.inc.php"; ?>
Enregistrer la possession d'un domaine sur son compte<br>
Doit être composé uniquement de lettres latines non accentuées, au moins 4
Enregistrer la possession d'un domaine sur son compte.<br>
Ce domaine doit être composé uniquement d'au moins 4 lettres latines non accentuées.
<br>
<br>
<form method="post">
<fieldset>
<legend>Domaine</legend>
<input id="subdomain" pattern="<?= SUBDOMAIN_REGEX ?>" required="" placeholder="niver" name="subdomain" type="text">
.
<select required="" id="label" name="suffix">
<option selected="" value="atope.art.">atope.art.</option>
<optgroup label="Organisations">
<option value="asso.atope.art.">asso.atope.art.</option>
<option value="org.atope.art.">org.atope.art.</option>
</optgroup>
<optgroup label="Personnels">
<option value="perso.atope.art.">perso.atope.art.</option>
<option value="blog.atope.art.">blog.atope.art.</option>
<option value="me.atope.art.">me.atope.art.</option>
</optgroup>
<optgroup label="Connaissance">
<option value="edu.atope.art.">edu.atope.art.</option>
<option value="info.atope.art.">info.atope.art.</option>
<option value="wiki.atope.art.">wiki.atope.art.</option>
<option value="sci.atope.art.">sci.atope.art.</option>
</optgroup>
<optgroup label="Politique">
<option value="pol.atope.art.">pol.atope.art.</option>
<option value="libre.atope.art.">libre.atope.art.</option>
<option value="fem.atope.art.">fem.atope.art.</option>
<option value="eco.atope.art.">eco.atope.art.</option>
<option value="veg.atope.art.">veg.atope.art.</option>
<option value="bio.atope.art.">bio.atope.art.</option>
<option value="anar.atope.art.">anar.atope.art.</option>
<option value="ancom.atope.art.">ancom.atope.art.</option>
<option value="acab.atope.art.">acab.atope.art.</option>
<option value="handi.atope.art.">handi.atope.art.</option>
</optgroup>
<optgroup label="LGBT+">
<option value="queer.atope.art.">queer.atope.art.</option>
<option value="gay.atope.art.">gay.atope.art.</option>
<option value="enby.atope.art.">enby.atope.art.</option>
<option value="trans.atope.art.">trans.atope.art.</option>
</optgroup>
<optgroup label="Technologie">
<option value="net.atope.art.">net.atope.art.</option>
<option value="tech.atope.art.">tech.atope.art.</option>
<option value="io.atope.art.">io.atope.art.</option>
<option value="sec.atope.art.">sec.atope.art.</option>
<option value="cyber.atope.art.">cyber.atope.art.</option>
<option value="dev.atope.art.">dev.atope.art.</option>
<option value="geek.atope.art.">geek.atope.art.</option>
<option value="fs.atope.art.">fs.atope.art.</option>
<option value="ht.atope.art.">ht.atope.art.</option>
<option value="hyper.atope.art.">hyper.atope.art.</option>
<option value="git.atope.art.">git.atope.art.</option>
<option value="forge.atope.art.">forge.atope.art.</option>
<option value="code.atope.art.">code.atope.art.</option>
<option value="lab.atope.art.">lab.atope.art.</option>
<option value="labs.atope.art.">labs.atope.art.</option>
<option value="gemini.atope.art.">gemini.atope.art.</option>
<option value="gmi.atope.art.">gmi.atope.art.</option>
<option value="gemlog.atope.art.">gemlog.atope.art.</option>
<option value="mail.atope.art.">mail.atope.art.</option>
<option value="ynh.atope.art.">ynh.atope.art.</option>
<option value="yuno.atope.art.">yuno.atope.art.</option>
<option value="sys.atope.art.">sys.atope.art.</option>
</optgroup>
<optgroup label="Fédiverse">
<option value="fed.atope.art.">fed.atope.art.</option>
<option value="fedi.atope.art.">fedi.atope.art.</option>
<option value="soc.atope.art.">soc.atope.art.</option>
<option value="masto.atope.art.">masto.atope.art.</option>
<option value="plero.atope.art.">plero.atope.art.</option>
<option value="pix.atope.art.">pix.atope.art.</option>
<option value="mobi.atope.art.">mobi.atope.art.</option>
</optgroup>
<optgroup label="Arts">
<option value="art.atope.art.">art.atope.art.</option>
<option value="music.atope.art.">music.atope.art.</option>
<option value="video.atope.art.">video.atope.art.</option>
<option value="draw.atope.art.">draw.atope.art.</option>
<option value="audio.atope.art.">audio.atope.art.</option>
<option value="ink.atope.art.">ink.atope.art.</option>
</optgroup>
<optgroup label="Neurodiversité">
<option value="na.atope.art.">na.atope.art.</option>
<option value="psy.atope.art.">psy.atope.art.</option>
<option value="neuro.atope.art.">neuro.atope.art.</option>
<option value="auti.atope.art.">auti.atope.art.</option>
<option value="plur.atope.art.">plur.atope.art.</option>
</optgroup>
<optgroup label="Couleurs">
<option value="blue.atope.art.">blue.atope.art.</option>
<option value="red.atope.art.">red.atope.art.</option>
<option value="pink.atope.art.">pink.atope.art.</option>
<option value="green.atope.art.">green.atope.art.</option>
<option value="black.atope.art.">black.atope.art.</option>
</optgroup>
<optgroup label="Communauté">
<option value="city.atope.art.">city.atope.art.</option>
<option value="town.atope.art.">town.atope.art.</option>
<option value="cafe.atope.art.">cafe.atope.art.</option>
<option value="home.atope.art.">home.atope.art.</option>
<option value="forum.atope.art.">forum.atope.art.</option>
</optgroup>
<optgroup label="Divers">
<option value="dream.atope.art.">dream.atope.art.</option>
<option value="space.atope.art.">space.atope.art.</option>
<option value="forest.atope.art.">forest.atope.art.</option>
<option value="rain.atope.art.">rain.atope.art.</option>
<option value="snow.atope.art.">snow.atope.art.</option>
<option value="sun.atope.art.">sun.atope.art.</option>
<option value="earth.atope.art.">earth.atope.art.</option>
<option value="world.atope.art.">world.atope.art.</option>
<option value="soft.atope.art.">soft.atope.art.</option>
<option value="cute.atope.art.">cute.atope.art.</option>
<option value="cutie.atope.art.">cutie.atope.art.</option>
<option value="fun.atope.art.">fun.atope.art.</option>
<option value="play.atope.art.">play.atope.art.</option>
<option value="game.atope.art.">game.atope.art.</option>
</optgroup>
<div class="elForm">
<label for="subdomain">Sous-domaine</label>
<br>
<input id="subdomain" pattern="<?= SUBDOMAIN_REGEX ?>" required="" placeholder="niver" name="subdomain" type="text">
</div class="elForm">
<div class="elForm">
<label for="suffix">Suffixe</label>
<br>
<select required="" id="suffix" name="suffix">
<option selected="" value="4.niv.re.">.4.niv.re.</option>
<optgroup label="Organisations">
<option value="asso.4.niv.re.">.asso.4.niv.re.</option>
<option value="org.4.niv.re.">.org.4.niv.re.</option>
</optgroup>
<optgroup label="Personnels">
<option value="perso.4.niv.re.">.perso.4.niv.re.</option>
<option value="blog.4.niv.re.">.blog.4.niv.re.</option>
<option value="me.4.niv.re.">.me.4.niv.re.</option>
</optgroup>
<optgroup label="Connaissance">
<option value="edu.4.niv.re.">.edu.4.niv.re.</option>
<option value="info.4.niv.re.">.info.4.niv.re.</option>
<option value="wiki.4.niv.re.">.wiki.4.niv.re.</option>
<option value="sci.4.niv.re.">.sci.4.niv.re.</option>
</optgroup>
<optgroup label="Politique">
<option value="pol.4.niv.re.">.pol.4.niv.re.</option>
<option value="libre.4.niv.re.">.libre.4.niv.re.</option>
<option value="fem.4.niv.re.">.fem.4.niv.re.</option>
<option value="eco.4.niv.re.">.eco.4.niv.re.</option>
<option value="veg.4.niv.re.">.veg.4.niv.re.</option>
<option value="bio.4.niv.re.">.bio.4.niv.re.</option>
<option value="anar.4.niv.re.">.anar.4.niv.re.</option>
<option value="ancom.4.niv.re.">.ancom.4.niv.re.</option>
<option value="acab.4.niv.re.">.acab.4.niv.re.</option>
<option value="handi.4.niv.re.">.handi.4.niv.re.</option>
</optgroup>
<optgroup label="LGBT+">
<option value="queer.4.niv.re.">.queer.4.niv.re.</option>
<option value="gay.4.niv.re.">.gay.4.niv.re.</option>
<option value="enby.4.niv.re.">.enby.4.niv.re.</option>
<option value="trans.4.niv.re.">.trans.4.niv.re.</option>
</optgroup>
<optgroup label="Technologie">
<option value="net.4.niv.re.">.net.4.niv.re.</option>
<option value="tech.4.niv.re.">.tech.4.niv.re.</option>
<option value="io.4.niv.re.">.io.4.niv.re.</option>
<option value="sec.4.niv.re.">.sec.4.niv.re.</option>
<option value="cyber.4.niv.re.">.cyber.4.niv.re.</option>
<option value="dev.4.niv.re.">.dev.4.niv.re.</option>
<option value="geek.4.niv.re.">.geek.4.niv.re.</option>
<option value="fs.4.niv.re.">.fs.4.niv.re.</option>
<option value="ht.4.niv.re.">.ht.4.niv.re.</option>
<option value="hyper.4.niv.re.">.hyper.4.niv.re.</option>
<option value="git.4.niv.re.">.git.4.niv.re.</option>
<option value="forge.4.niv.re.">.forge.4.niv.re.</option>
<option value="code.4.niv.re.">.code.4.niv.re.</option>
<option value="lab.4.niv.re.">.lab.4.niv.re.</option>
<option value="labs.4.niv.re.">.labs.4.niv.re.</option>
<option value="gemini.4.niv.re.">.gemini.4.niv.re.</option>
<option value="gmi.4.niv.re.">.gmi.4.niv.re.</option>
<option value="gemlog.4.niv.re.">.gemlog.4.niv.re.</option>
<option value="mail.4.niv.re.">.mail.4.niv.re.</option>
<option value="ynh.4.niv.re.">.ynh.4.niv.re.</option>
<option value="yuno.4.niv.re.">.yuno.4.niv.re.</option>
<option value="sys.4.niv.re.">.sys.4.niv.re.</option>
</optgroup>
<optgroup label="Fédiverse">
<option value="fed.4.niv.re.">.fed.4.niv.re.</option>
<option value="fedi.4.niv.re.">.fedi.4.niv.re.</option>
<option value="soc.4.niv.re.">.soc.4.niv.re.</option>
<option value="masto.4.niv.re.">.masto.4.niv.re.</option>
<option value="plero.4.niv.re.">.plero.4.niv.re.</option>
<option value="pix.4.niv.re.">.pix.4.niv.re.</option>
<option value="mobi.4.niv.re.">.mobi.4.niv.re.</option>
</optgroup>
<optgroup label="Arts">
<option value="art.4.niv.re.">.art.4.niv.re.</option>
<option value="music.4.niv.re.">.music.4.niv.re.</option>
<option value="video.4.niv.re.">.video.4.niv.re.</option>
<option value="draw.4.niv.re.">.draw.4.niv.re.</option>
<option value="audio.4.niv.re.">.audio.4.niv.re.</option>
<option value="ink.4.niv.re.">.ink.4.niv.re.</option>
</optgroup>
<optgroup label="Neurodiversité">
<option value="na.4.niv.re.">.na.4.niv.re.</option>
<option value="psy.4.niv.re.">.psy.4.niv.re.</option>
<option value="neuro.4.niv.re.">.neuro.4.niv.re.</option>
<option value="auti.4.niv.re.">.auti.4.niv.re.</option>
<option value="plur.4.niv.re.">.plur.4.niv.re.</option>
</optgroup>
<optgroup label="Couleurs">
<option value="blue.4.niv.re.">.blue.4.niv.re.</option>
<option value="red.4.niv.re.">.red.4.niv.re.</option>
<option value="pink.4.niv.re.">.pink.4.niv.re.</option>
<option value="green.4.niv.re.">.green.4.niv.re.</option>
<option value="black.4.niv.re.">.black.4.niv.re.</option>
</optgroup>
<optgroup label="Communauté">
<option value="city.4.niv.re.">.city.4.niv.re.</option>
<option value="town.4.niv.re.">.town.4.niv.re.</option>
<option value="cafe.4.niv.re.">.cafe.4.niv.re.</option>
<option value="home.4.niv.re.">.home.4.niv.re.</option>
<option value="forum.4.niv.re.">.forum.4.niv.re.</option>
</optgroup>
<optgroup label="Divers">
<option value="dream.4.niv.re.">.dream.4.niv.re.</option>
<option value="space.4.niv.re.">.space.4.niv.re.</option>
<option value="forest.4.niv.re.">.forest.4.niv.re.</option>
<option value="rain.4.niv.re.">.rain.4.niv.re.</option>
<option value="snow.4.niv.re.">.snow.4.niv.re.</option>
<option value="sun.4.niv.re.">.sun.4.niv.re.</option>
<option value="earth.4.niv.re.">.earth.4.niv.re.</option>
<option value="world.4.niv.re.">.world.4.niv.re.</option>
<option value="soft.4.niv.re.">.soft.4.niv.re.</option>
<option value="cute.4.niv.re.">.cute.4.niv.re.</option>
<option value="cutie.4.niv.re.">.cutie.4.niv.re.</option>
<option value="fun.4.niv.re.">.fun.4.niv.re.</option>
<option value="play.4.niv.re.">.play.4.niv.re.</option>
<option value="game.4.niv.re.">.game.4.niv.re.</option>
</optgroup>
</select>
</select>
</div>
</fieldset>
<br>
<input value="Valider" type="submit">
@ -131,10 +138,10 @@ Doit être composé uniquement de lettres latines non accentuées, au moins 4
<?php
if (isset($_POST['subdomain']) AND isset($_SESSION['username'])) {
if (isset($_POST['subdomain']) AND isset($_POST['suffix']) AND isset($_SESSION['username'])) {
if (preg_match("/" . SUBDOMAIN_REGEX . "/", $_POST['subdomain'])) {
if (!in_array($_POST['suffix'], $suffixes))
if (!in_array($_POST['suffix'], SUFFIXES))
exit("Wrong value for suffix");
$domain = $_POST['subdomain'] . "." . $_POST['suffix'];
@ -157,10 +164,10 @@ if (isset($_POST['subdomain']) AND isset($_SESSION['username'])) {
echo "Nouveau domaine enregistré";
} else {
echo "Le domaine " . $domain . " est déjà utilisé.";
echo "Le domaine " . $domain . " n'est pas disponible à l'enregistrement. Il est réservé ou déjà enregistré.";
}
} else {
echo "Erreur : Le nom de domaine doit être composé d'entre 4 et 63 lettres minuscules (a-z)";
echo "Erreur : Le nom de domaine doit être composé uniquement d'entre 4 et 63 lettres minuscules (a-z)";
}
}

83
top.inc.php
View file

@ -2,42 +2,18 @@
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
// Définition de constantes
define("USERNAME_REGEX", "^[a-z]{4,32}$");
define("PASSWORD_REGEX", "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])[a-zA-Z0-9]{8,1024}|.{10,1024}$");
define("SUBDOMAIN_REGEX", "^[a-z]{4,63}$");
define("PREFIX", "/pmkdel"); // Prefix in the URL, if any
define("ROOT_PATH", "/srv/http/niver" . PREFIX); // Niver directory
define("DB_PATH", ROOT_PATH . "/db/niver.db"); // Niver SQLite database
define("KNOTC_PATH", "/usr/sbin/knotc"); // Binary file
define("KEYMGR_PATH", "/usr/sbin/keymgr"); // Binary file
define("NGINX_CONFIG_PATH", "/etc/nginx/hyper"); // Config directory
define("TOR_CONFIG_PATH", "/etc/tor/torrc"); // Config file
define("KNOT_ZONES_PATH", "/var/lib/knot/zones"); // Zones directory
define("TOR_KEYS_PATH", "/var/lib/tor/niver"); // Keys directory
define("SUDO_PATH", "/usr/bin/sudo"); // Binary file
define("LS_PATH", "/usr/bin/ls"); // Binary file
define("NIVER_TEMPLATE_PATH", "/usr/local/share/niver"); // Templates directory (skel, nginx, knot...)
define("MANIVER_PATH", "/usr/local/bin/maniver"); // Binary file
// The mountpoint of the hypertext storage partition (that will be accessed over SFTP)
define("HT_PATH", "/srv/ht");
define("SERVICE", substr(dirname($_SERVER['PHP_SELF']), strlen(PREFIX) + 1));
define("PAGE", basename($_SERVER['PHP_SELF'], '.php'));
define("THEME", array(
'htColor' => "#FF0000",
'regColor' => "#DA03E5",
'authColor' => "#00FF00",
'nsColor' => "#00c4c4",
'lightColor' => '#FFFFFF',
'darkColor' => '#2a2a2a',
));
// Initialisation de la session (avec des cookies)
require "inc/const.inc.php";
// Functions usefull everywhere
require "inc/all.inc.php";
require "inc/format.inc.php";
// Service-specific functions
require "inc/ht.inc.php";
require "inc/ns.inc.php";
require "inc/reg.inc.php";
// Page titles definition
require "inc/pages.inc.php";
// Session initialisation (with cookies)
session_start([
'name' => 'niver',
'sid_length' => 64,
@ -52,44 +28,34 @@ session_start([
'use_only_cookies' => true,
]);
// Redirige vers la page de connexion si pas connecté·e
// Redirect to the login page if not logged in
if (SERVICE != "auth" AND !isset($_SESSION['username'])) {
header('Location: ' . PREFIX . '/auth/login?redir=' . SERVICE . "/" . PAGE, true, 302);
exit;
}
// Enlève .php de l'URL (si jamais)
// Remove .php from URL (if any)
if (substr($_SERVER['REQUEST_URI'], -4) == ".php") {
header("Location: " . PREFIX . "/" . SERVICE . "/" . PAGE, true, 301); // 301 Moved Permanently
exit;
}
// Fonctions utiles partout
require "inc/all.inc.php";
require "inc/format.inc.php";
// Fonctions specifiques à un service
require "inc/ht.inc.php";
require "inc/ns.inc.php";
require "inc/reg.inc.php";
// Définitions des titres de pages
require "inc/pages.inc.php";
// Compilation du Less vers le CSS
// Less > CSS compilation
require_once 'lessphp/lib/Less/Autoloader.php';
Less_Autoloader::register();
// Liste les fichiers dans le dossier less/
// List files in less/
$relativeLessFiles = array_diff(scandir(ROOT_PATH . "/less"), array('..', '.'));
// Remplace les clés par les valeurs, et les valeurs par les clés
// Replace keys by values, and values by keys
$relativeLessFiles = array_flip($relativeLessFiles);
// Transforme les chemins relatifs en chemins absolus
// Change relative paths into absolute paths
foreach ($relativeLessFiles as $relativeLessFile => $nothing) {
$absoluteLessFiles[ROOT_PATH . "/less/" . $relativeLessFile] = "";
}
// Génère un seul fichier CSS minimifié dans css/ à partir des sources dans less/
// Generate one minified CSS file into css/ from sources in less/
$options = array(
'cache_dir' => ROOT_PATH . '/css/',
'compress' => true
@ -112,22 +78,15 @@ $cssFileName = Less_Cache::Get($absoluteLessFiles, $options, THEME);
</head>
<body>
<header>
<nav>
<a href="<?= PREFIX ?>">Niver</a><?php
$homepage = (PAGE != "index");
if (isset($page['service'])) {
echo ' > ';
if ($homepage)
echo '<a href="./">';
echo $page['service'];
if ($homepage)
echo '</a>';
echo ' > <a href="./">' . $page['service'] . '</a>';
}
if ($homepage)
echo " > " . $page['title'];
if (PAGE != "index")
echo ' > <a href="' . PAGE . '">' . $page['title'] . "</a>";
?>
</nav>