We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
servnest
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Move check.php settings to config.ini

Miraty 1 year ago
parent
bb937526a7
commit
aa91004ab5
3 changed files with 40 additions and 15 deletions
Split View Show Diff Stats
  1. 20 0
      DOCS/configuration.md
  2. 6 0
      config.template.ini
  3. 14 15
      jobs/check.php

+ 20 - 0
DOCS/configuration.md
View File 

@@ -215,3 +215,23 @@ Domain name that users need to direct their SFTP clients to. May be the same key
 
 ### `public_sftp_port`
 
 
 Network port that users need to direct their SFTP clients to. The common default port is `22`.
 
+
 
+## `[check]`
 
+
 
+This configuration section is used only when running `check.php`.
 
+
 
+### `https_port`
 
+
 
+Port where the public nginx reverse proxy can be reached. Usually `443` for production.
 
+
 
+### `sftp_path`
 
+
 
+Filesystem path to the sftp binary.
 
+
 
+### `sshpass_path`
 
+
 
+Filesystem path to the sshpass binary.
 
+
 
+### `tor_proxy`
 
+
 
+Curl's [CURLOPT_PROXY](https://curl.se/libcurl/c/CURLOPT_PROXY.html) argument, used to test onion services.

+ 6 - 0
config.template.ini
View File 

@@ -66,3 +66,9 @@ sftp_fp = "/etc/sftpgo/ed25519.fp"
 
 sftp_asciiart = "/etc/sftpgo/ed25519.asciiart"
 
 sftp_domain = "sftp.servnest.test"
 
 public_sftp_port = 2022
 
+
 
+[check]
 
+https_port = 42443
 
+sftp_path = "/usr/bin/sftp"
 
+sshpass_path = "/usr/bin/sshpass"
 
+tor_proxy = "socks5h://127.0.0.1:9050"

+ 14 - 15
jobs/check.php
View File 

@@ -3,15 +3,14 @@
 
 
 require __DIR__ . '/../init.php';
 
 
-const SFTP = '/usr/bin/sftp';
 
-const SSHPASS = '/usr/bin/sshpass';
 
-
 
 const HTTPS_PORT = '42443';
 
-const CORE_DOMAIN = 'servnest.test';
 
-const CORE_URL = 'https://' . CORE_DOMAIN . ':' . HTTPS_PORT;
 
-const SUFFIX = 'test.servnest.test.';
 
+const CORE_URL = 'https://' . CONF['common']['public_domains'][0] . ':' . CONF['check']['https_port'];
 
 
-const TOR_PROXY = 'socks5h://127.0.0.1:9050';
 
+foreach (CONF['reg']['suffixes'] as $suffix => $openness)
 
+	if ($openness === 'all')
 
+		define('SUFFIX', $suffix);
 
+if (!defined('SUFFIX'))
 
+	exit('Unable to start tests: no suffix open to registration');
 
 
 if (kdig(name: 'nlnet.nl', type: 'AAAA')['AD'] !== 1)
 
 	exit('DNS queries don\'t seem to be DNSSEC-validated.' . LF);
 
@@ -38,7 +37,7 @@ function curlTest(string $address, array $post = [], bool $tor = false): string
 
 		curl_setopt($req, CURLOPT_URL, $address);
 
 
 	if ($tor)
 
-		curl_setopt($req, CURLOPT_PROXY, TOR_PROXY);
 
+		curl_setopt($req, CURLOPT_PROXY, CONF['check']['tor_proxy']);
 
 	else
 
 		curl_setopt($req, CURLOPT_SSL_VERIFYPEER, false);
 
 
@@ -71,7 +70,7 @@ curlTest('/auth/register', [
 
 	'username' => $username . '2',
 
 	'password' => $password,
 
 ]);
 
-curlTest('/auth/logout', []);
 
+curlTest('/auth/logout');
 
 
 curlTest('/auth/login', [
 
 	'username' => $username,
 
@@ -118,14 +117,14 @@ function testReg(): string {
 
 	]);
 
 
 	{ // Domain transfer
 
-		curlTest('/auth/logout', []);
 
+		curlTest('/auth/logout');
 
 		curlTest('/auth/login', [
 
 			'username' => $username . '2',
 
 			'password' => $password,
 
 		]);
 
-		preg_match('#\<code\>(?<token>[0-9a-z-]{16,128}\._transfer-verification\.' . preg_quote(CORE_DOMAIN, '#') . '\.)\</code\>#', curlTest('/reg/transfer', []), $matches);
 
+		preg_match('#\<code\>(?<token>[0-9a-z-]{16,128}\._transfer-verification\.' . preg_quote(CONF['common']['public_domains'][0], '#') . '\.)\</code\>#', curlTest('/reg/transfer'), $matches);
 
 
-		curlTest('/auth/logout', []);
 
+		curlTest('/auth/logout');
 
 		curlTest('/auth/login', [
 
 			'username' => $username,
 
 			'password' => $password,
 
@@ -136,7 +135,7 @@ function testReg(): string {
 
 			'ns' => $matches['token'],
 
 		]);
 
 
-		curlTest('/auth/logout', []);
 
+		curlTest('/auth/logout');
 
 		curlTest('/auth/login', [
 
 			'username' => $username . '2',
 
 			'password' => $password,
 
@@ -161,7 +160,7 @@ function testNs(string $domain): void {
 
 			'ns' => $ns,
 
 		]);
 
 
-	preg_match('#\<code\>(?<token>[0-9a-z-]{16,128}\._domain-verification\.' . preg_quote(CORE_DOMAIN, '#') . '\.)\</code\>#', curlTest('/ns/zone-add', []), $matches);
 
+	preg_match('#\<code\>(?<token>[0-9a-z-]{16,128}\._domain-verification\.' . preg_quote(CONF['common']['public_domains'][0], '#') . '\.)\</code\>#', curlTest('/ns/zone-add'), $matches);
 
 	curlTest('/reg/ns', [
 
 		'action' => 'add',
 
 		'domain' => $domain,
 
@@ -214,7 +213,7 @@ put ' . sys_get_temp_dir() . '/index.html /_site0-/index.html
 
 exit
 
 ');
 
 
-	$process = proc_open(SSHPASS . ' ' . SFTP . ' -o BatchMode=no -b ' . sys_get_temp_dir() . '/exec.txt -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -P ' . CONF['ht']['public_sftp_port'] . ' ' . $username . '@' . CONF['ht']['sftp_domain'], [0 => ['pipe', 'r']], $pipes);
 
+	$process = proc_open(CONF['check']['sshpass_path'] . ' ' . CONF['check']['sftp_path'] . ' -o BatchMode=no -b ' . sys_get_temp_dir() . '/exec.txt -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -P ' . CONF['ht']['public_sftp_port'] . ' ' . $username . '@' . CONF['ht']['sftp_domain'], [0 => ['pipe', 'r']], $pipes);
 
 	if (is_resource($process) !== true)
 
 		exit('Can\'t spawn sftp with sshpass.' . LF);
 
 	fwrite($pipes[0], $password);

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5