2023-07-17 19:15:18 +00:00
|
|
|
<?php declare(strict_types=1);
|
2022-12-20 20:17:03 +00:00
|
|
|
|
|
|
|
$_POST['domain'] = formatDomain($_POST['domain']);
|
|
|
|
|
2022-12-22 00:44:57 +00:00
|
|
|
if (dirsStatuses('dns')[$_POST['dir']] !== false)
|
2022-12-20 20:17:03 +00:00
|
|
|
output(403, 'Wrong value for <code>dir</code>.');
|
|
|
|
|
2023-04-23 22:53:54 +00:00
|
|
|
if (query('select', 'sites', ['address' => $_POST['domain']], 'address') !== [])
|
2023-04-09 22:50:42 +00:00
|
|
|
output(403, _('This domain already exists on this service. Use another one.'));
|
2022-12-20 20:17:03 +00:00
|
|
|
|
|
|
|
$remoteAaaaRecords = dns_get_record($_POST['domain'], DNS_AAAA);
|
|
|
|
if (is_array($remoteAaaaRecords) !== true)
|
2023-04-09 22:50:42 +00:00
|
|
|
output(500, sprintf(_('Can\'t retrieve the %s record.'), 'AAAA'));
|
2022-12-20 20:17:03 +00:00
|
|
|
if (equalArrays([CONF['ht']['ipv6_address']], array_column($remoteAaaaRecords, 'ipv6')) !== true)
|
2023-01-21 00:27:52 +00:00
|
|
|
output(403, sprintf(_('This domain must have %2$s as its only %1$s record.'), 'AAAA', '<code>' . CONF['ht']['ipv6_address'] . '</code>'));
|
2022-12-20 20:17:03 +00:00
|
|
|
|
|
|
|
$remoteARecords = dns_get_record($_POST['domain'], DNS_A);
|
|
|
|
if (is_array($remoteARecords) !== true)
|
2023-04-09 22:50:42 +00:00
|
|
|
output(500, sprintf(_('Can\'t retrieve the %s record.'), 'A'));
|
2022-12-20 20:17:03 +00:00
|
|
|
if (equalArrays([CONF['ht']['ipv4_address']], array_column($remoteARecords, 'ip')) !== true)
|
2023-01-21 00:27:52 +00:00
|
|
|
output(403, sprintf(_('This domain must have %2$s as its only %1$s record.'), 'A', '<code>' . CONF['ht']['ipv4_address'] . '</code>'));
|
2022-12-20 20:17:03 +00:00
|
|
|
|
|
|
|
$remoteTXTRecords = dns_get_record($_POST['domain'], DNS_TXT);
|
|
|
|
if (is_array($remoteTXTRecords) !== true)
|
2023-04-09 22:50:42 +00:00
|
|
|
output(500, sprintf(_('Can\'t retrieve the %s record.'), 'TXT'));
|
2022-12-20 20:17:03 +00:00
|
|
|
if (preg_match('/^' . preg_quote(SERVER_NAME, '/') . '_domain-verification=([0-9a-f]{8})-([0-9a-f]{32})$/Dm', implode(LF, array_column($remoteTXTRecords, 'txt')), $matches) !== 1)
|
2023-01-21 00:27:52 +00:00
|
|
|
output(403, _('No TXT record with the expected format has been found.'));
|
2022-12-20 20:17:03 +00:00
|
|
|
|
|
|
|
checkAuthToken($matches[1], $matches[2]);
|
|
|
|
|
|
|
|
rateLimit();
|
|
|
|
|
2023-06-19 00:15:43 +00:00
|
|
|
exescape([
|
|
|
|
CONF['ht']['sudo_path'],
|
|
|
|
CONF['ht']['certbot_path'],
|
|
|
|
'certonly',
|
|
|
|
'--domain',
|
|
|
|
$_POST['domain'],
|
|
|
|
...(($_SESSION['type'] === 'approved') ? [] : ['--test-cert']),
|
|
|
|
], $output, $returnCode);
|
2022-12-20 20:17:03 +00:00
|
|
|
if ($returnCode !== 0)
|
|
|
|
output(500, 'Certbot failed to get a Let\'s Encrypt certificate.', $output);
|
|
|
|
|
2023-05-04 00:20:29 +00:00
|
|
|
addSite($_SESSION['id'], $_POST['dir'], $_POST['domain'], 'dns');
|
|
|
|
|
2023-04-09 22:50:42 +00:00
|
|
|
htRelativeSymlink('../fs/' . $_SESSION['id'] . '/' . $_POST['dir'], CONF['ht']['ht_path'] . '/uri/' . $_POST['domain']);
|
2022-12-20 20:17:03 +00:00
|
|
|
|
2023-04-09 22:50:42 +00:00
|
|
|
output(200, sprintf(_('%s added on this directory.'), PAGE_METADATA['title']));
|