servnest/public/ht/add-http-dns.php

<?php require "../../common/html.php"; ?>

<p>
	Ajouter un domaine sur un dossier de site<br>
	Le domaine doit pointer vers ces adresses IP :
	<br>IPv4 : <code><?= CONF['ht']['ipv4_address'] ?></code>
	<br>IPv6 : <code><?= CONF['ht']['ipv6_address'] ?></code>
</p>

<form method="post">
	<label for="domain">Domaine sur lequel répondre</label><br>
	<input required="" placeholder="site.<?= PLACEHOLDER_DOMAIN ?>" id="domain" name="domain" type="text"><br>
	<label for="dir">Dossier ciblé</label><br>
	<select required="" name="dir" id="dir">
		<option value="" disabled="" selected="">---</option>

<?php

if (isset($_SESSION['username'])) {
	$dirsStatuses = dirsStatuses($_SESSION['username'], "dns", "http");

	foreach ($dirsStatuses as $dir => $alreadyEnabled) {
		$disabled = $alreadyEnabled ? " disabled=''" : "";
		echo "		<option" . $disabled . " value='" . $dir . "'>" . $dir . "</option>";
	}
}

?>

	</select>
	<br>
	<input value="Valider" type="submit">
</form>

<?php

switchToFormProcess();

checkDomainFormat($_POST['domain']);

if ($dirsStatuses[$_POST['dir']] !== false)
	userError("Wrong value for <code>dir</code>.");

if (query('select', 'sites', ['domain' => $_POST['domain']], 'domain') !== [])
	userError("Ce domaine existe déjà sur ce service.");

$remoteAaaaRecords = array_column(dns_get_record($_POST['domain'], DNS_AAAA), 'ipv6');
if (array_merge(array_diff($remoteAaaaRecords, [CONF['ht']['ipv6_address']]), array_diff([CONF['ht']['ipv6_address']], $remoteAaaaRecords)) !== [])
	userError("Ce domaine doit avoir pour enregistrement AAAA <code>" . CONF['ht']['ipv6_address'] . "</code>.");

$remoteARecords = array_column(dns_get_record($_POST['domain'], DNS_A), 'ip');
if (array_merge(array_diff($remoteARecords, [CONF['ht']['ipv4_address']]), array_diff([CONF['ht']['ipv4_address']], $remoteARecords)) !== [])
	userError("Ce domaine doit avoir pour enregistrement A <code>" . CONF['ht']['ipv4_address'] . "</code>.");

addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");

$nginxConf = 'server {
	listen [::1]:' . CONF['ht']['https_port'] . ' ssl http2;
	listen 127.0.0.1:' . CONF['ht']['https_port'] . ' ssl http2;
	server_name ' . $_POST['domain'] . ';
	root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';

	ssl_certificate /etc/ssl/certs/niver.crt;
	ssl_certificate_key /etc/ssl/private/niver.key;

	include inc/ht-tls.conf;
}
';
if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $nginxConf) === false)
	serverError("Failed to write Nginx configuration.");

// Reload Nginx
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
if ($code !== 0)
	serverError("Failed to reload Nginx.");

success("Accès HTTP par domaine ajouté sur ce dossier !");