beenull/servnest
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add setting to disable registrations

Browse source 
A new services['auth'] setting is available.
This commit is contained in:
Miraty 2023-05-10 01:34:45 +02:00
parent cbf49408d1
commit 337e7ab27e
10 changed files with 68 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
DOCS/configuration.md
View file

@ -30,12 +30,13 @@ Pretty string sometimes prefixed to the service name. Can be empty.
### `services[]`
Keys `reg`, `ns` and `ht` are required.
Keys `auth`, `reg`, `ns` and `ht` are required.
Values can be:
* `enabled`: the service is provided as usual
* `error`: the service is temporarily unavailable for maintenance/debugging
* `disabled`: the service is ignored everywhere ; this installation never provides it
* `enabled`: The service is provided as usual.
* `no-registration` (`auth` only): Same as `enabled`, but no new account can be created.
* `error`: For maintenance/debugging purposes, the service is temporarily unavailable. When used on the `auth` service, users can't submit any form, but this doesn't prevent already logged in SFTP users to act on the filesystem.
* `disabled` (`reg`, `ns` and `ht` only): The service is ignored everywhere, this installation never provides it.
## `[dns]`

2
check.php
View file

@ -17,7 +17,7 @@ const LF = "\n";
exec(CONF['dns']['kdig_path'] . ' torproject.org AAAA', $output, $return_code);
if (preg_match('/^;; Flags: qr rd ra ad;/Dm', implode("\n", $output)) !== 1)
exit('Unable to do a DNSSEC-validated DNS query.');
exit('Unable to do a DNSSEC-validated DNS query.' . LF);
if (CONF['common']['services']['ns'] === 'rest') {
echo 'a';

1
config.ini
View file

@ -5,6 +5,7 @@ public_domains[] = "servnest.test"
prefix = ""
service_name = "ServNest"
service_emoji = "🪺"
services[auth] = "enabled"
services[reg] = "enabled"
services[ns] = "enabled"
services[ht] = "enabled"

45
locales/fr/C/LC_MESSAGES/messages.po
View file

@ -1,7 +1,7 @@
msgid ""
msgstr ""
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2023-05-02 19:17+0200\n"
"POT-Creation-Date: 2023-05-10 01:29+0200\n"
"Language: fr\n"
"Content-Type: text/plain; charset=UTF-8\n"
@ -274,7 +274,7 @@ msgstr "Supprimer un accès"
msgid "Delete an existing HTTP access from a subdirectory of the SFTP space"
msgstr "Retirer un accès HTTP existant d'un sous-dossier de l'espace SFTP"
#: router.php:136 view.php:39
#: router.php:137 view.php:39
msgid "This service is currently under maintenance. No action can be taken on it until an administrator finishes repairing it."
msgstr "Ce service est en cours de maintenance. Aucune action ne peut être effectuée avant qu'ane administrataire termine de le réparer."
@ -332,12 +332,12 @@ msgstr "Adresse IP malformée."
msgid "Domain malformed."
msgstr "Domaine malformé."
#: fn/ns.php:40 pg-act/ns/edit.php:25
#: fn/ns.php:31 pg-act/ns/edit.php:25
#, php-format
msgid "TTLs shorter than %s seconds are forbidden."
msgstr "Les TTLs plus courts que %s secondes sont interdits."
#: fn/ns.php:42 pg-act/ns/edit.php:27
#: fn/ns.php:33 pg-act/ns/edit.php:27
#, php-format
msgid "TTLs longer than %s seconds are forbidden."
msgstr "Les TTLs plus longs que %s secondes sont interdits."
@ -371,7 +371,11 @@ msgstr "Clé de passe actuelle incorrecte."
msgid "Password updated."
msgstr "Clé de passe mise à jour."
#: pg-act/auth/register.php:10 pg-act/auth/username.php:11
#: pg-act/auth/register.php:4 pg-view/auth/register.php:3
msgid "Registrations are currently closed on this installation."
msgstr "Les inscriptions sont actuellement fermées sur cette installation."
#: pg-act/auth/register.php:13 pg-act/auth/username.php:11
msgid "This username is already taken."
msgstr "Cet identifiant est déjà pris."
@ -589,15 +593,16 @@ msgstr "L'identifiant interne du compte actuel est %s."
msgid "New?"
msgstr "Nouvele ?"
#: pg-view/auth/login.php:1 pg-view/auth/register.php:14
#: pg-view/auth/login.php:1 pg-view/auth/register.php:16
msgid "Create an account"
msgstr "Créer un compte"
#: pg-view/auth/login.php:4 pg-view/auth/register.php:4 pg-view/ht/index.php:64
#: pg-view/auth/login.php:4 pg-view/auth/register.php:6 pg-view/ht/index.php:64
msgid "Username"
msgstr "Identifiant"
#: pg-view/auth/login.php:8 pg-view/auth/register.php:9 pg-view/ht/index.php:68
#: pg-view/auth/login.php:8 pg-view/auth/register.php:11
#: pg-view/ht/index.php:68
msgid "Password"
msgstr "Clé de passe"
@ -618,7 +623,7 @@ msgstr "Mettre à jour la clé de passe"
msgid "Already have an account?"
msgstr "Déjà un compte ?"
#: pg-view/auth/register.php:10
#: pg-view/auth/register.php:12
#, php-format
msgid "Minimum %1$s characters, or %2$s characters if it contains lowercase, uppercase and digit."
msgstr "Minimum %1$s caractères, ou %2$s caractères si elle contient minuscule, majuscule et chiffre."
@ -652,7 +657,7 @@ msgstr "Un certificat Let's Encrypt sera obtenu."
msgid "The domain must have the following records when the form is being processed."
msgstr "Le domaine doit avoir les enregistrements suivant pendant le traitement du formulaire."
#: pg-view/ht/add-dns.php:25 pg-view/ns/form.ns.php:8 pg-view/ns/print.php:32
#: pg-view/ht/add-dns.php:29 pg-view/ns/form.ns.php:8 pg-view/ns/print.php:32
#: pg-view/ns/zone-add.php:6 pg-view/reg/ds.php:8 pg-view/reg/glue.php:8
#: pg-view/reg/glue.php:15 pg-view/reg/ns.php:8 pg-view/reg/print.php:2
#: pg-view/reg/print.php:16 pg-view/reg/register.php:7
@ -660,12 +665,12 @@ msgstr "Le domaine doit avoir les enregistrements suivant pendant le traitement
msgid "Domain"
msgstr "Domaine"
#: pg-view/ht/add-dns.php:27 pg-view/ht/add-onion.php:2
#: pg-view/ht/add-dns.php:31 pg-view/ht/add-onion.php:2
#: pg-view/ht/add-subdomain.php:4 pg-view/ht/add-subpath.php:4
msgid "Target directory"
msgstr "Dossier ciblé"
#: pg-view/ht/add-dns.php:36 pg-view/ht/add-onion.php:11
#: pg-view/ht/add-dns.php:40 pg-view/ht/add-onion.php:11
#: pg-view/ht/add-subdomain.php:13 pg-view/ht/add-subpath.php:13
msgid "Setup access"
msgstr "Créer l'accès"
@ -753,36 +758,36 @@ msgstr "Configuration par <code>.htaccess</code>"
msgid "You can change the way the HTTP server answers to requests in a directory by setting some directives in a file named <code>.htaccess</code> at the root of this directory. Only the following directives are allowed:"
msgstr "Vous pouvez modifier la façon dont le serveur HTTP répond aux requêtes dans un dossier en indiquant des directives dans un fichier nommé <code>.htaccess</code> à la racine de ce dossier. Seules les directives suivantes sont autorisées&nbsp;:"
#: pg-view/ht/index.php:161
#: pg-view/ht/index.php:163
msgid "Accounts capabilities"
msgstr "Capacités des comptes"
#: pg-view/ht/index.php:163
#: pg-view/ht/index.php:165
msgid "Testing"
msgstr "De test"
#: pg-view/ht/index.php:166 pg-view/ht/index.php:173
#: pg-view/ht/index.php:168 pg-view/ht/index.php:175
#, php-format
msgid "%s of SFTP quota"
msgstr "Quota SFTP de %s"
#: pg-view/ht/index.php:166 pg-view/ht/index.php:173
#: pg-view/ht/index.php:168 pg-view/ht/index.php:175
msgid "<abbr title=\"gibibyte\">GiB</abbr>"
msgstr "<abbr title=\"gibioctet\">Gio</abbr>"
#: pg-view/ht/index.php:166 pg-view/ht/index.php:173
#: pg-view/ht/index.php:168 pg-view/ht/index.php:175
msgid "<abbr title=\"mebibyte\">MiB</abbr>"
msgstr "<abbr title=\"mébioctet\">Mio</abbr>"
#: pg-view/ht/index.php:167
#: pg-view/ht/index.php:169
msgid "Let's Encrypt certificate from the staging environment (not trusted by clients)"
msgstr "Certificat Let's Encrypt de test (n'est pas reconnu par les clients)"
#: pg-view/ht/index.php:170
#: pg-view/ht/index.php:172
msgid "Approved"
msgstr "Approuvé"
#: pg-view/ht/index.php:174
#: pg-view/ht/index.php:176
msgid "Stable Let's Encrypt certificates"
msgstr "Vrai certificat Let's Encrypt"

45
locales/messages.pot
View file

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2023-05-02 19:17+0200\n"
"POT-Creation-Date: 2023-05-10 01:29+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -286,7 +286,7 @@ msgstr ""
msgid "Delete an existing HTTP access from a subdirectory of the SFTP space"
msgstr ""
#: router.php:136 view.php:39
#: router.php:137 view.php:39
msgid "This service is currently under maintenance. No action can be taken on it until an administrator finishes repairing it."
msgstr ""
@ -344,12 +344,12 @@ msgstr ""
msgid "Domain malformed."
msgstr ""
#: fn/ns.php:40 pg-act/ns/edit.php:25
#: fn/ns.php:31 pg-act/ns/edit.php:25
#, php-format
msgid "TTLs shorter than %s seconds are forbidden."
msgstr ""
#: fn/ns.php:42 pg-act/ns/edit.php:27
#: fn/ns.php:33 pg-act/ns/edit.php:27
#, php-format
msgid "TTLs longer than %s seconds are forbidden."
msgstr ""
@ -383,7 +383,11 @@ msgstr ""
msgid "Password updated."
msgstr ""
#: pg-act/auth/register.php:10 pg-act/auth/username.php:11
#: pg-act/auth/register.php:4 pg-view/auth/register.php:3
msgid "Registrations are currently closed on this installation."
msgstr ""
#: pg-act/auth/register.php:13 pg-act/auth/username.php:11
msgid "This username is already taken."
msgstr ""
@ -601,15 +605,16 @@ msgstr ""
msgid "New?"
msgstr ""
#: pg-view/auth/login.php:1 pg-view/auth/register.php:14
#: pg-view/auth/login.php:1 pg-view/auth/register.php:16
msgid "Create an account"
msgstr ""
#: pg-view/auth/login.php:4 pg-view/auth/register.php:4 pg-view/ht/index.php:64
#: pg-view/auth/login.php:4 pg-view/auth/register.php:6 pg-view/ht/index.php:64
msgid "Username"
msgstr ""
#: pg-view/auth/login.php:8 pg-view/auth/register.php:9 pg-view/ht/index.php:68
#: pg-view/auth/login.php:8 pg-view/auth/register.php:11
#: pg-view/ht/index.php:68
msgid "Password"
msgstr ""
@ -630,7 +635,7 @@ msgstr ""
msgid "Already have an account?"
msgstr ""
#: pg-view/auth/register.php:10
#: pg-view/auth/register.php:12
#, php-format
msgid "Minimum %1$s characters, or %2$s characters if it contains lowercase, uppercase and digit."
msgstr ""
@ -664,7 +669,7 @@ msgstr ""
msgid "The domain must have the following records when the form is being processed."
msgstr ""
#: pg-view/ht/add-dns.php:25 pg-view/ns/form.ns.php:8 pg-view/ns/print.php:32
#: pg-view/ht/add-dns.php:29 pg-view/ns/form.ns.php:8 pg-view/ns/print.php:32
#: pg-view/ns/zone-add.php:6 pg-view/reg/ds.php:8 pg-view/reg/glue.php:8
#: pg-view/reg/glue.php:15 pg-view/reg/ns.php:8 pg-view/reg/print.php:2
#: pg-view/reg/print.php:16 pg-view/reg/register.php:7
@ -672,12 +677,12 @@ msgstr ""
msgid "Domain"
msgstr ""
#: pg-view/ht/add-dns.php:27 pg-view/ht/add-onion.php:2
#: pg-view/ht/add-dns.php:31 pg-view/ht/add-onion.php:2
#: pg-view/ht/add-subdomain.php:4 pg-view/ht/add-subpath.php:4
msgid "Target directory"
msgstr ""
#: pg-view/ht/add-dns.php:36 pg-view/ht/add-onion.php:11
#: pg-view/ht/add-dns.php:40 pg-view/ht/add-onion.php:11
#: pg-view/ht/add-subdomain.php:13 pg-view/ht/add-subpath.php:13
msgid "Setup access"
msgstr ""
@ -765,36 +770,36 @@ msgstr ""
msgid "You can change the way the HTTP server answers to requests in a directory by setting some directives in a file named <code>.htaccess</code> at the root of this directory. Only the following directives are allowed:"
msgstr ""
#: pg-view/ht/index.php:161
#: pg-view/ht/index.php:163
msgid "Accounts capabilities"
msgstr ""
#: pg-view/ht/index.php:163
#: pg-view/ht/index.php:165
msgid "Testing"
msgstr ""
#: pg-view/ht/index.php:166 pg-view/ht/index.php:173
#: pg-view/ht/index.php:168 pg-view/ht/index.php:175
#, php-format
msgid "%s of SFTP quota"
msgstr ""
#: pg-view/ht/index.php:166 pg-view/ht/index.php:173
#: pg-view/ht/index.php:168 pg-view/ht/index.php:175
msgid "<abbr title=\"gibibyte\">GiB</abbr>"
msgstr ""
#: pg-view/ht/index.php:166 pg-view/ht/index.php:173
#: pg-view/ht/index.php:168 pg-view/ht/index.php:175
msgid "<abbr title=\"mebibyte\">MiB</abbr>"
msgstr ""
#: pg-view/ht/index.php:167
#: pg-view/ht/index.php:169
msgid "Let's Encrypt certificate from the staging environment (not trusted by clients)"
msgstr ""
#: pg-view/ht/index.php:170
#: pg-view/ht/index.php:172
msgid "Approved"
msgstr ""
#: pg-view/ht/index.php:174
#: pg-view/ht/index.php:176
msgid "Stable Let's Encrypt certificates"
msgstr ""

3
pg-act/auth/register.php
View file

@ -1,5 +1,8 @@
<?php
if (CONF['common']['services']['auth'] !== 'enabled')
output(403, _('Registrations are currently closed on this installation.'));
checkPasswordFormat($_POST['password']);
checkUsernameFormat($_POST['username']);

5
pg-view/auth/register.php
View file

@ -1,5 +1,7 @@
<p><?= _('Already have an account?') ?> <a href="login"><?= _('Log in') ?></a></p>
<?= (CONF['common']['services']['auth'] !== 'enabled') ? '<p><strong>' . _('Registrations are currently closed on this installation.') . '</strong></p>' : '' ?>
<form method="post">
<label for="username"><?= _('Username') ?></label>
<br>
@ -11,5 +13,6 @@
</details>
<input autocomplete="new-password" id="password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" required="" name="password" type="password" placeholder="<?= PLACEHOLDER_PASSWORD ?>">
<br>
<input type="submit" value="<?= _('Create an account') ?>">
<input<?= (CONF['common']['services']['auth'] !== 'enabled') ? ' disabled=""' : '' ?> type="submit" value="<?= _('Create an account') ?>">
</form>

4
pg-view/index.php
View file

@ -2,8 +2,8 @@
<dl>
<?php
foreach (array_merge(['auth' => 'enabled'], CONF['common']['services']) as $service => $status) {
if ($status !== 'enabled' AND $status !== 'error')
foreach (CONF['common']['services'] as $service => $status) {
if ($status === 'disabled')
continue;
?>
<?= ($status === 'error') ? '<s>' : '' ?>

2
router.php
View file

@ -133,7 +133,7 @@ function displayFinalMessage($data) {
}
if ($_POST !== []) {
if (in_array(SERVICE, SERVICES_USER, true) AND CONF['common']['services'][SERVICE] !== 'enabled')
if (!in_array(CONF['common']['services']['auth'], ['enabled', 'no-registration'], true) OR (in_array(SERVICE, SERVICES_USER, true) AND CONF['common']['services'][SERVICE] !== 'enabled'))
output(503, _('This service is currently under maintenance. No action can be taken on it until an administrator finishes repairing it.'));
// Protect against cross-site request forgery if a POST request is received

2
view.php
View file

@ -35,7 +35,7 @@ echo str_repeat('</li></ul>', count(TITLES_LINEAGE));
<main>
<?php
if (in_array(SERVICE, SERVICES_USER, true) AND CONF['common']['services'][SERVICE] === 'error')
if (CONF['common']['services']['auth'] === 'error' OR (in_array(SERVICE, SERVICES_USER, true) AND CONF['common']['services'][SERVICE] === 'error'))
echo '<p><strong>' . _('This service is currently under maintenance. No action can be taken on it until an administrator finishes repairing it.') . '</strong></p>';
require ROOT_PATH . '/pg-view/' . PAGE_ADDRESS . '.php';