We use cookies to ensure you get the best experience on our website
Accueil Explorer Aide
S'inscrire Connexion
0ct0pu5
/
servnest
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Branche: dev
Branches Tags
servnest
/
pg-act
/
ns
/
zone-add.php

zone-add.php 2.2 KB
Lien permanent Historique Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 
  1. <?php declare(strict_types=1);
    2. 

  2. 

  3. $domain = formatAbsoluteDomain($_POST['domain']);
    4. 

  4. 

  5. if (query('select', 'zones', ['zone' => $domain], ['zone']) !== [])
    6. 

  6. 	output(403, _('This zone already exists on the service.'));
    7. 

  7. 

  8. $parent_domain = ltrim(strstr($domain, '.'), '.');
    9. 

  9. $parent_authoritatives = array_column(kdig(name: $parent_domain, type: 'NS', server: (CONF['ns']['local_only_check'] ? CONF['reg']['address'] : NULL))['answerRRs'] ?? [], 'rdataNS');
    10. 

  10. if ($parent_authoritatives === [])
    11. 

  11. 	output(403, _('Parent zone\'s name servers not found.'));
    12. 

  12. foreach ($parent_authoritatives as $parent_authoritative)
    13. 

  13. 	checkAbsoluteDomainFormat($parent_authoritative);
    14. 

  14. 

  15. foreach ($parent_authoritatives as $i => $parent_authoritative) {
    16. 

  16. 	if ($i === 3)
    17. 

  17. 		output(403, sprintf(_('The %s first tried name servers failed to answer.'), $i));
    18. 

  18. 	try {
    19. 

  19. 		$results = kdig(name: $domain, type: 'NS', server: (CONF['ns']['local_only_check'] ? CONF['reg']['address'] : $parent_authoritative));
    20. 

  20. 	} catch (KdigException) {
    21. 

  21. 		continue;
    22. 

  22. 	}
    23. 

  23. 	break;
    24. 

  24. }
    25. 

  25. $ns_records = array_column($results['authorityRRs'] ?? [], 'rdataNS');
    26. 

  26. if (preg_match('/^(?<salt>[0-9a-f]{8})-(?<hash>[0-9a-f]{32})\._domain-verification\.' . preg_quote(SERVER_NAME, '/') . '\.$/Dm', implode(LF, $ns_records), $matches) !== 1)
    27. 

  27. 	output(403, _('NS authentication record not found.'));
    28. 

  28. 

  29. checkAuthToken($matches['salt'], $matches['hash']);
    30. 

  30. 

  31. rateLimit();
    32. 

  32. 

  33. insert('zones', [
    34. 

  34. 	'zone' => $domain,
    35. 

  35. 	'username' => $_SESSION['id'],
    36. 

  36. ]);
    37. 

  37. 

  38. $zone_path = CONF['ns']['knot_zones_path'] . '/' . $domain . 'zone';
    39. 

  39. $zone_content = implode(' ', [
    40. 

  40. 	$domain,
    41. 

  41. 	NS_SOA_VALUES['ttl'],
    42. 

  42. 	'SOA',
    43. 

  43. 	CONF['ns']['servers'][0],
    44. 

  44. 	NS_SOA_VALUES['email'],
    45. 

  45. 	1,
    46. 

  46. 	NS_SOA_VALUES['refresh'],
    47. 

  47. 	NS_SOA_VALUES['retry'],
    48. 

  48. 	NS_SOA_VALUES['expire'],
    49. 

  49. 	NS_SOA_VALUES['negative'],
    50. 

  50. ]) . LF;
    51. 

  51. foreach (CONF['ns']['servers'] as $server)
    52. 

  52. 	$zone_content .= $domain . ' 86400 NS ' . $server . LF;
    53. 

  53. $zone_content .= $domain . ' 86400 CSYNC 0 1 NS' . LF;
    54. 

  54. if (file_put_contents($zone_path, $zone_content) === false)
    55. 

  55. 	output(500, 'Failed to write new zone file.');
    56. 

  56. if (chmod($zone_path, 0660) !== true)
    57. 

  57. 	output(500, 'Failed to chmod new zone file.');
    58. 

  58. 

  59. knotcConfExec([
    60. 

  60. 	['conf-set', 'zone[' . $domain . ']'],
    61. 

  61. 	['conf-set', 'zone[' . $domain . '].template', 'servnest'],
    62. 

  62. ]);
    63. 

  63. 

  64. output(200, _('Zone created.'));
    65.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5