Add more paths as constants
This commit is contained in:
Miraty
parent
9ff2318b1b
commit
1736a9e5b1
9 changed files with 96 additions and 29 deletions
|
|
@ -51,15 +51,15 @@ if (isset($_POST['dir']) AND isset($_SESSION['username'])) {
|
|||
exit("ERROR : Wrong value for dir");
|
||||
|
||||
// Generate a .onion address
|
||||
$torConf = file_get_contents("/etc/tor/torrc");
|
||||
$torConf = $torConf . "\nHiddenServiceDir /var/lib/tor/niver/" . $_POST['dir'] . "/\nHiddenServicePort 1965 [::1]:1965";
|
||||
file_put_contents("/etc/tor/torrc", $torConf);
|
||||
$torConf = file_get_contents(TOR_CONFIG_PATH);
|
||||
$torConf = $torConf . "\nHiddenServiceDir " . TOR_KEYS_PATH . "/" . $_POST['dir'] . "/\nHiddenServicePort 1965 [::1]:1965";
|
||||
file_put_contents(TOR_CONFIG_PATH, $torConf);
|
||||
|
||||
exec("sudo -u root " . MANIVER_PATH . " reload-tor", $output);
|
||||
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-tor", $output);
|
||||
addNiverLog("Tor reloaded by " . $_SESSION['username'], $output);
|
||||
|
||||
// Copy generated address to a location readable by PHP
|
||||
exec("sudo -u root " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
|
||||
exec(SUDO_PATH . " " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
|
||||
addNiverLog("Tor data exported by " . $_SESSION['username'], $output);
|
||||
|
||||
// Get the address generated by Tor
|
||||
|
|
|
|||
|
|
@ -51,15 +51,15 @@ if (isset($_POST['dir']) AND isset($_SESSION['username'])) {
|
|||
exit("ERROR : Wrong value for dir");
|
||||
|
||||
// Generate a .onion address
|
||||
$torConf = file_get_contents("/etc/tor/torrc");
|
||||
$torConf = $torConf . "\nHiddenServiceDir /var/lib/tor/niver/" . $_POST['dir'] . "/\nHiddenServicePort 80 [::1]:80";
|
||||
file_put_contents("/etc/tor/torrc", $torConf);
|
||||
$torConf = file_get_contents(TOR_CONFIG_PATH);
|
||||
$torConf = $torConf . "\nHiddenServiceDir " . TOR_KEYS_PATH . "/" . $_POST['dir'] . "/\nHiddenServicePort 80 [::1]:80";
|
||||
file_put_contents(TOR_CONFIG_PATH, $torConf);
|
||||
|
||||
exec("sudo -u root " . MANIVER_PATH . " reload-tor", $output);
|
||||
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-tor", $output);
|
||||
addNiverLog("Tor reloaded by " . $_SESSION['username'], $output);
|
||||
|
||||
// Copy generated address to a location readable by PHP
|
||||
exec("sudo -u root " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
|
||||
exec(SUDO_PATH . " " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
|
||||
addNiverLog("Tor data exported by " . $_SESSION['username'], $output);
|
||||
|
||||
// Get the address generated by Tor
|
||||
|
|
@ -70,14 +70,14 @@ if (isset($_POST['dir']) AND isset($_SESSION['username'])) {
|
|||
addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "http");
|
||||
|
||||
// Add it to Nginx
|
||||
$nginxConf = file_get_contents("/etc/nginx/hyper.d/onion.template");
|
||||
$nginxConf = file_get_contents(ROOT_PATH . "/inc/nginx/dns.template");
|
||||
$nginxConf = preg_replace("#DOMAIN#", $onion, $nginxConf);
|
||||
$nginxConf = preg_replace("#DIR#", $_POST['dir'], $nginxConf);
|
||||
$nginxConf = preg_replace("#USER#", $_SESSION['username'], $nginxConf);
|
||||
file_put_contents("/etc/nginx/hyper.d/" . $_POST['dir'] . ".conf", $nginxConf);
|
||||
file_put_contents(NGINX_CONFIG_PATH . "/" . $_POST['dir'] . ".conf", $nginxConf);
|
||||
|
||||
// Reload Nginx
|
||||
exec("sudo /root/maniver/target/debug/maniver reload-nginx");
|
||||
exec("sudo " . MANIVER_PATH . " reload-nginx");
|
||||
|
||||
// Tell the user their site address
|
||||
echo "<p>L'adresse de votre site Onion HTTP est :<br><a href='http://" . $onion . "'<code>http://" . $onion . "</code></a></p>";
|
||||
|
|
|
|||
|
|
@ -60,13 +60,15 @@ if (isset($_POST['domain']) AND isset($_POST['dir']) AND isset($_SESSION['userna
|
|||
|
||||
addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");
|
||||
|
||||
$conf = file_get_contents("/etc/nginx/hyper.d/dns.template");
|
||||
$conf = file_get_contents(ROOT_PATH . "/inc/nginx/dns.template");
|
||||
$conf = preg_replace("#DOMAIN#", $_POST['domain'], $conf);
|
||||
$conf = preg_replace("#DIR#", $_POST['dir'], $conf);
|
||||
$conf = preg_replace("#USER#", $_SESSION['username'], $conf);
|
||||
file_put_contents("/etc/nginx/hyper.d/" . $_POST['domain'] . ".conf", $conf);
|
||||
exec("sudo " . MANIVER_PATH . " reload-nginx");
|
||||
//certbot certonly --nginx -d testcrabe.atope.art
|
||||
file_put_contents(NGINX_CONFIG_PATH . "/" . $_POST['domain'] . ".conf", $conf);
|
||||
|
||||
// Reload Nginx
|
||||
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-nginx");
|
||||
|
||||
echo "Accès HTTP par domaine ajouté sur ce dossier !";
|
||||
}
|
||||
|
||||
|
|
|
|||
10
ht/le.php
10
ht/le.php
|
|
@ -15,14 +15,12 @@
|
|||
if (isset($_POST['domain'])) {
|
||||
|
||||
exec("sudo " . MANIVER_PATH . " le-install " . $_POST['domain'], $output);
|
||||
echo "<pre>";
|
||||
print_r($output);
|
||||
echo "</pre>";
|
||||
$conf = file_get_contents("/etc/nginx/hyper.d/" . $_POST['domain'] . ".conf");
|
||||
addNiverLog($_SESSION['username'] . " installed a Let's Encrypt certificate on their site", $output);
|
||||
$conf = file_get_contents(NGINX_CONFIG_PATH . "/" . $_POST['domain'] . ".conf");
|
||||
$conf = preg_replace("#host\.atope\.art#", $_POST['domain'], $conf);
|
||||
file_put_contents("/etc/nginx/hyper.d/" . $_POST['domain'] . ".conf", $conf);
|
||||
file_put_contents(NGINX_CONFIG_PATH . "/" . $_POST['domain'] . ".conf", $conf);
|
||||
|
||||
exec("sudo /root/maniver/target/debug/maniver reload-nginx");
|
||||
exec("sudo " . MANIVER_PATH . " reload-nginx");
|
||||
|
||||
echo "Formulaire traité !!";
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -43,6 +43,8 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
|
|||
<br><br>
|
||||
<a href="sftp://<?= $_SESSION['username'] ?>@sftp.niver.atope.art/">sftp://<?= $_SESSION['username'] ?>@sftp.niver.atope.art/</a>
|
||||
<br><br>
|
||||
L'accès n'est pour l'instant disponible qu'en IPv4.
|
||||
<br><br>
|
||||
SHA-256 des clés du serveur :
|
||||
<br>Ed25519 : <code>MHwU49oafgq4jY6whUy2INWHMrs+uz4A0j+gsQEgho8</code>
|
||||
<br>RSA : <code>6wWSPLxqns4ZKtnqzv7ch3k/R2ztPgDiCr4c0B/I/mw</code>
|
||||
|
|
|
|||
25
inc/nginx/dns.template
Normal file
25
inc/nginx/dns.template
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name DOMAIN;
|
||||
return 301 https://DOMAIN$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name DOMAIN;
|
||||
root /srv/hyper/USER/hyper/DIR;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/host.atope.art/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/host.atope.art/privkey.pem;
|
||||
|
||||
include /etc/nginx/inc/intermediate.conf.inc;
|
||||
|
||||
default_type text/plain;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri.html $uri/ =404;
|
||||
}
|
||||
}
|
||||
|
||||
9
inc/nginx/onion.template
Normal file
9
inc/nginx/onion.template
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
server {
|
||||
listen [::1]:80;
|
||||
server_name DOMAIN;
|
||||
root /srv/hyper/USER/hyper/DIR;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri.html $uri/ =404;
|
||||
}
|
||||
}
|
||||
24
niver.log
24
niver.log
|
|
@ -47,3 +47,27 @@
|
|||
status: exit code: 0
|
||||
stdout:
|
||||
stderr:
|
||||
|
||||
2021-03-02 23:26:28 cake enabled SFTP on their account
|
||||
|
||||
2021-03-02 23:34:32 crible enabled SFTP on their account
|
||||
|
||||
2021-03-02 23:39:29 yonyon enabled SFTP on their account
|
||||
|
||||
2021-03-03 00:32:48 guidon enabled SFTP on their account
|
||||
|
||||
2021-03-03 00:34:40 carle enabled SFTP on their account
|
||||
status: exit code: 0
|
||||
stdout:
|
||||
stderr:
|
||||
sent username:password to chpasswd
|
||||
chpasswd responded with:
|
||||
status: exit code: 0
|
||||
stdout:
|
||||
stderr:
|
||||
status: exit code: 0
|
||||
stdout:
|
||||
stderr:
|
||||
status: exit code: 0
|
||||
stdout:
|
||||
stderr:
|
||||
|
|
|
|||
19
top.inc.php
19
top.inc.php
|
|
@ -19,14 +19,21 @@ define("USERNAME_REGEX", "^[a-z]{4,32}$");
|
|||
define("PASSWORD_REGEX", "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])[a-zA-Z0-9]{8,1024}|.{10,1024}$");
|
||||
define("SUBDOMAIN_REGEX", "^[a-z]{4,63}$");
|
||||
|
||||
define("PREFIX", "/malaxe");
|
||||
define("PREFIX", "/malaxe"); // Prefix in the URL, if any
|
||||
define("ROOT_PATH", "/var/www/niver" . PREFIX); // Niver directory
|
||||
define("DB_PATH", ROOT_PATH . "/db/niver.db"); // Niver SQLite database
|
||||
define("KNOTC_PATH", "/usr/sbin/knotc"); // Binary file
|
||||
define("KEYMGR_PATH", "/usr/sbin/keymgr"); // Binary file
|
||||
define("NGINX_CONFIG_PATH", "/etc/nginx/hyper"); // Config directory
|
||||
define("TOR_CONFIG_PATH", "/etc/tor/torrc"); // Config file
|
||||
define("TOR_KEYS_PATH", "/var/lib/tor/niver"); // Keys directory
|
||||
define("SUDO_PATH", "/usr/bin/sudo"); // Binary file
|
||||
define("MANIVER_PATH", "/root/maniver/target/release/maniver"); // Binary file
|
||||
// The mountpoint of the hypertext storage partition (that will be accessed over SFTP)
|
||||
define("HT_PATH", "/srv/hyper");
|
||||
|
||||
define("SERVICE", substr(dirname($_SERVER['PHP_SELF']), strlen(PREFIX) + 1));
|
||||
define("ROOT_PATH", "/var/www/niver" . PREFIX);
|
||||
define("PAGE", basename($_SERVER['PHP_SELF'], '.php'));
|
||||
define("DB_PATH", ROOT_PATH . "/db/niver.db");
|
||||
define("KNOTC_PATH", "/usr/sbin/knotc");
|
||||
define("KEYMGR_PATH", "/usr/sbin/keymgr");
|
||||
define("MANIVER_PATH", "/root/maniver/target/release/maniver");
|
||||
|
||||
if (SERVICE != "auth" AND !isset($_SESSION['username'])) {
|
||||
header('Location: ' . PREFIX . '/auth/login?redir=' . SERVICE . "/" . PAGE, true, 302);
|
||||
|
|
|
|||
Loading…
Reference in a new issue