We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
servnest
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 18d976217b
Branches Tags
servnest
/
pages
/
ht
/
add-http-dns.php

add-http-dns.php 4.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108 
  1. <?php
    2. 

  2. 

  3. if (isset($_SESSION['username']))
    4. 

  4. 	$dirsStatuses = dirsStatuses($_SESSION['username'], 'dns', 'http');
    5. 

  5. else
    6. 

  6. 	$dirsStatuses = [];
    7. 

  7. 

  8. if (processForm()) {
    9. 

  9. 	$_POST['domain'] = formatDomain($_POST['domain']);
    10. 

  10. 

  11. 	if ($dirsStatuses[$_POST['dir']] !== false)
    12. 

  12. 		output(403, 'Wrong value for <code>dir</code>.');
    13. 

  13. 

  14. 	if (query('select', 'sites', ['domain' => $_POST['domain']], 'domain') !== [])
    15. 

  15. 		output(403, 'Ce domaine existe déjà sur ce service.');
    16. 

  16. 

  17. 	$remoteAaaaRecords = dns_get_record($_POST['domain'], DNS_AAAA);
    18. 

  18. 	if (is_array($remoteAaaaRecords) !== true)
    19. 

  19. 		output(500, 'Erreur lors de la récupération de l\'enregistrement AAAA.');
    20. 

  20. 	if (equalArrays([CONF['ht']['ipv6_address']], array_column($remoteAaaaRecords, 'ipv6')) !== true)
    21. 

  21. 		output(403, 'Ce domaine doit avoir pour unique enregistrement AAAA <code>' . CONF['ht']['ipv6_address'] . '</code>.');
    22. 

  22. 

  23. 	$remoteARecords = dns_get_record($_POST['domain'], DNS_A);
    24. 

  24. 	if (is_array($remoteARecords) !== true)
    25. 

  25. 		output(500, 'Erreur lors de la récupération de l\'enregistrement A.');
    26. 

  26. 	if (equalArrays([CONF['ht']['ipv4_address']], array_column($remoteARecords, 'ip')) !== true)
    27. 

  27. 		output(403, 'Ce domaine doit avoir pour unique enregistrement A <code>' . CONF['ht']['ipv4_address'] . '</code>.');
    28. 

  28. 

  29. 	$remoteTXTRecords = dns_get_record($_POST['domain'], DNS_TXT);
    30. 

  30. 	if (is_array($remoteTXTRecords) !== true)
    31. 

  31. 		output(500, 'Erreur lors de la récupération de l\'enregistrement TXT.');
    32. 

  32. 	if (preg_match('/^auth-owner=([0-9a-f]{8})-([0-9a-f]{32})$/m', implode(LF, array_column($remoteTXTRecords, 'txt')), $matches) !== 1)
    33. 

  33. 		output(403, 'Aucun enregistrement TXT au format correct trouvé.');
    34. 

  34. 

  35. 	checkAuthToken($matches[1], $matches[2]);
    36. 

  36. 

  37. 	rateLimit();
    38. 

  38. 

  39. 	addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], 'dns', 'http');
    40. 

  40. 

  41. 	exec('2>&1 ' . CONF['ht']['sudo_path'] . ' ' . CONF['ht']['certbot_path'] . ' certonly' . (($_SESSION['type'] === 'trusted') ? '' : ' --test-cert') . ' --key-type rsa --rsa-key-size 3072 --webroot --webroot-path /srv/niver/acme --domain ' . $_POST['domain'], $output, $returnCode);
    42. 

  42. 	if ($returnCode !== 0)
    43. 

  43. 		output(500, 'Certbot failed to get a Let\'s Encrypt certificate.', $output);
    44. 

  44. 

  45. 	$nginxConf = 'server {
    46. 

  46. 	listen [' . CONF['ht']['ipv6_listen_address'] . ']:' . CONF['ht']['https_port'] . ' ssl http2;
    47. 

  47. 	listen ' . CONF['ht']['ipv4_listen_address'] . ':' . CONF['ht']['https_port'] . ' ssl http2;
    48. 

  48. 	server_name ' . $_POST['domain'] . ';
    49. 

  49. 	root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
    50. 

  50. 

  51. 	ssl_certificate /etc/letsencrypt/live/' . $_POST['domain'] . '/fullchain.pem;
    52. 

  52. 	ssl_certificate_key /etc/letsencrypt/live/' . $_POST['domain'] . '/privkey.pem;
    53. 

  53. 

  54. 	include inc/ht-tls.conf;
    55. 

  55. }
    56. 

  56. ';
    57. 

  57. 	if (file_put_contents(CONF['ht']['nginx_config_path'] . '/' . $_POST['domain'] . '.conf', $nginxConf) === false)
    58. 

  58. 		output(500, 'Failed to write Nginx configuration.');
    59. 

  59. 

  60. 	// Reload Nginx
    61. 

  61. 	exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['systemctl_path'] . ' reload nginx', result_code: $code);
    62. 

  62. 	if ($code !== 0)
    63. 

  63. 		output(500, 'Failed to reload Nginx.');
    64. 

  64. 

  65. 	output(200, 'Accès HTTP par domaine ajouté sur ce dossier !');
    66. 

  66. }
    67. 

  67. 

  68. $proof = getAuthToken();
    69. 

  69. 

  70. ?>
    71. 

  71. 

  72. <p>
    73. 

  73. 	Ajouter sur un dossier de site un accès <?= linkToDocs('http', 'HTTP') ?> par <?= linkToDocs('dns', 'DNS') ?> et <?= linkToDocs('tls', 'TLS') ?> <?= linkToDocs('ca', 'authentifié par <em>Let\'s Encrypt</em>') ?>.
    74. 

  74. </p>
    75. 

  75. 

  76. <p>
    77. 

  77. 	La présence des enregistrements ci-après sera vérifiée lors du traitement de ce formulaire.
    78. 

  78. </p>
    79. 

  79. 

  80. <dl>
    81. 

  81. 	<dt><code>AAAA</code></dt>
    82. 

  82. 	<dd>
    83. 

  83. 		<code><?= CONF['ht']['ipv6_address'] ?></code>
    84. 

  84. 	</dd>
    85. 

  85. 	<dt><code>A</code></dt>
    86. 

  86. 	<dd>
    87. 

  87. 		<code><?= CONF['ht']['ipv4_address'] ?></code>
    88. 

  88. 	</dd>
    89. 

  89. 	<dt><code>TXT</code></dt>
    90. 

  90. 	<dd>
    91. 

  91. 		<code>auth-owner=<?= $proof ?></code>
    92. 

  92. 	</dd>
    93. 

  93. </dl>
    94. 

  94. 

  95. <form method="post">
    96. 

  96. 	<label for="domain">Domaine sur lequel répondre</label><br>
    97. 

  97. 	<input required="" placeholder="site.<?= PLACEHOLDER_DOMAIN ?>" id="domain" name="domain" type="text"><br>
    98. 

  98. 	<label for="dir">Dossier ciblé</label><br>
    99. 

  99. 	<select required="" name="dir" id="dir">
    100. 

  100. 		<option value="" disabled="" selected="">---</option>
    101. 

  101. <?php
    102. 

  102. foreach ($dirsStatuses as $dir => $alreadyEnabled)
    103. 

  103. 	echo '		<option' . ($alreadyEnabled ? ' disabled=""' : '') . ' value="' . $dir . '">' . $dir . '</option>' . LF;
    104. 

  104. ?>
    105. 

  105. 	</select>
    106. 

  106. 	<br>
    107. 

  107. 	<input value="Valider" type="submit">
    108. 

  108. </form>
    109.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5