We use cookies to ensure you get the best experience on our website
首頁 探索 說明
註冊 登入
0ct0pu5
/
servnest
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
目錄樹: f15681999b
分支列表 標籤列表
servnest
/
pages
/
ht
/
add-http-dns.php

add-http-dns.php 4.2 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 
  1. <?php
    2. 

  2. 

  3. if (processForm()) {
    4. 

  4. 	$_POST['domain'] = formatDomain($_POST['domain']);
    5. 

  5. 

  6. 	if (dirsStatuses('dns', 'http')[$_POST['dir']] !== false)
    7. 

  7. 		output(403, 'Wrong value for <code>dir</code>.');
    8. 

  8. 

  9. 	if (query('select', 'sites', ['domain' => $_POST['domain']], 'domain') !== [])
    10. 

  10. 		output(403, 'Ce domaine existe déjà sur ce service.');
    11. 

  11. 

  12. 	$remoteAaaaRecords = dns_get_record($_POST['domain'], DNS_AAAA);
    13. 

  13. 	if (is_array($remoteAaaaRecords) !== true)
    14. 

  14. 		output(500, 'Erreur lors de la récupération de l\'enregistrement AAAA.');
    15. 

  15. 	if (equalArrays([CONF['ht']['ipv6_address']], array_column($remoteAaaaRecords, 'ipv6')) !== true)
    16. 

  16. 		output(403, 'Ce domaine doit avoir pour unique enregistrement AAAA <code>' . CONF['ht']['ipv6_address'] . '</code>.');
    17. 

  17. 

  18. 	$remoteARecords = dns_get_record($_POST['domain'], DNS_A);
    19. 

  19. 	if (is_array($remoteARecords) !== true)
    20. 

  20. 		output(500, 'Erreur lors de la récupération de l\'enregistrement A.');
    21. 

  21. 	if (equalArrays([CONF['ht']['ipv4_address']], array_column($remoteARecords, 'ip')) !== true)
    22. 

  22. 		output(403, 'Ce domaine doit avoir pour unique enregistrement A <code>' . CONF['ht']['ipv4_address'] . '</code>.');
    23. 

  23. 

  24. 	$remoteTXTRecords = dns_get_record($_POST['domain'], DNS_TXT);
    25. 

  25. 	if (is_array($remoteTXTRecords) !== true)
    26. 

  26. 		output(500, 'Erreur lors de la récupération de l\'enregistrement TXT.');
    27. 

  27. 	if (preg_match('/^' . preg_quote(SERVER_NAME, '/') . '_domain-verification=([0-9a-f]{8})-([0-9a-f]{32})$/Dm', implode(LF, array_column($remoteTXTRecords, 'txt')), $matches) !== 1)
    28. 

  28. 		output(403, 'Aucun enregistrement TXT au format correct trouvé.');
    29. 

  29. 

  30. 	checkAuthToken($matches[1], $matches[2]);
    31. 

  31. 

  32. 	rateLimit();
    33. 

  33. 

  34. 	addSite($_SESSION['id'], $_POST['dir'], $_POST['domain'], 'dns', 'http');
    35. 

  35. 

  36. 	exec('2>&1 ' . CONF['ht']['sudo_path'] . ' ' . CONF['ht']['certbot_path'] . ' certonly' . (($_SESSION['type'] === 'trusted') ? '' : ' --test-cert') . ' --key-type rsa --rsa-key-size 3072 --webroot --webroot-path /srv/niver/acme --domain ' . $_POST['domain'], $output, $returnCode);
    37. 

  37. 	if ($returnCode !== 0)
    38. 

  38. 		output(500, 'Certbot failed to get a Let\'s Encrypt certificate.', $output);
    39. 

  39. 

  40. 	$nginxConf = 'server {
    41. 

  41. 	listen [' . CONF['ht']['ipv6_listen_address'] . ']:' . CONF['ht']['https_port'] . ' ssl http2;
    42. 

  42. 	listen ' . CONF['ht']['ipv4_listen_address'] . ':' . CONF['ht']['https_port'] . ' ssl http2;
    43. 

  43. 	server_name ' . $_POST['domain'] . ';
    44. 

  44. 	root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['id'] . '/' . $_POST['dir'] . ';
    45. 

  45. 

  46. 	ssl_certificate /etc/letsencrypt/live/' . $_POST['domain'] . '/fullchain.pem;
    47. 

  47. 	ssl_certificate_key /etc/letsencrypt/live/' . $_POST['domain'] . '/privkey.pem;
    48. 

  48. 

  49. 	include inc/ht-tls.conf;
    50. 

  50. }
    51. 

  51. ';
    52. 

  52. 	if (file_put_contents(CONF['ht']['nginx_config_path'] . '/' . $_POST['domain'] . '.conf', $nginxConf) === false)
    53. 

  53. 		output(500, 'Failed to write Nginx configuration.');
    54. 

  54. 

  55. 	// Reload Nginx
    56. 

  56. 	exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['nginx_reload_cmd'], result_code: $code);
    57. 

  57. 	if ($code !== 0)
    58. 

  58. 		output(500, 'Failed to reload Nginx.');
    59. 

  59. 

  60. 	output(200, 'Accès HTTP par domaine ajouté sur ce dossier !');
    61. 

  61. }
    62. 

  62. 

  63. $dirsStatuses = dirsStatuses('onion', 'http');
    64. 

  64. 

  65. $proof = getAuthToken();
    66. 

  66. 

  67. ?>
    68. 

  68. 

  69. <p>
    70. 

  70. 	Ajouter sur un dossier de site un accès <?= linkToDocs('http', 'HTTP') ?> par <?= linkToDocs('dns', 'DNS') ?> et <?= linkToDocs('tls', 'TLS') ?> <?= linkToDocs('ca', 'authentifié par <em>Let\'s Encrypt</em>') ?>.
    71. 

  71. </p>
    72. 

  72. 

  73. <p>
    74. 

  74. 	La présence des enregistrements ci-après sera vérifiée lors du traitement de ce formulaire.
    75. 

  75. </p>
    76. 

  76. 

  77. <dl>
    78. 

  78. 	<dt><code>AAAA</code></dt>
    79. 

  79. 	<dd>
    80. 

  80. 		<code><?= CONF['ht']['ipv6_address'] ?></code>
    81. 

  81. 	</dd>
    82. 

  82. 	<dt><code>A</code></dt>
    83. 

  83. 	<dd>
    84. 

  84. 		<code><?= CONF['ht']['ipv4_address'] ?></code>
    85. 

  85. 	</dd>
    86. 

  86. 	<dt><code>TXT</code></dt>
    87. 

  87. 	<dd>
    88. 

  88. 		<code><?= SERVER_NAME ?>_domain-verification=<?= $proof ?></code>
    89. 

  89. 	</dd>
    90. 

  90. </dl>
    91. 

  91. 

  92. <form method="post">
    93. 

  93. 	<label for="domain">Domaine sur lequel répondre</label><br>
    94. 

  94. 	<input required="" placeholder="site.<?= PLACEHOLDER_DOMAIN ?>" id="domain" name="domain" type="text"><br>
    95. 

  95. 	<label for="dir">Dossier ciblé</label><br>
    96. 

  96. 	<select required="" name="dir" id="dir">
    97. 

  97. 		<option value="" disabled="" selected="">---</option>
    98. 

  98. <?php
    99. 

  99. foreach ($dirsStatuses as $dir => $alreadyEnabled)
    100. 

  100. 	echo '		<option' . ($alreadyEnabled ? ' disabled=""' : '') . ' value="' . $dir . '">' . $dir . '</option>' . LF;
    101. 

  101. ?>
    102. 

  102. 	</select>
    103. 

  103. 	<br>
    104. 

  104. 	<input value="Valider" type="submit">
    105. 

  105. </form>
    106.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5