http-onion.php now works
This commit is contained in:
parent
fc8d5f0420
commit
c997ac424d
7 changed files with 42 additions and 46 deletions
|
@ -90,10 +90,10 @@ switch (SERVICE) {
|
|||
$page['title'] = "Créer un dossier de site";
|
||||
break;
|
||||
case "http-onion":
|
||||
$page['title'] = "Accès HTTP en Onion";
|
||||
$page['title'] = "Accès HTTP par service Onion";
|
||||
break;
|
||||
case "https-domain":
|
||||
$page['title'] = "Accès HTTPS par domaine";
|
||||
$page['title'] = "Accès HTTP par DNS et TLS";
|
||||
break;
|
||||
case "le":
|
||||
$page['title'] = "Installer un certificat Let's Encrypt";
|
||||
|
|
|
@ -29,11 +29,13 @@ nginx_config_path = "/etc/nginx/ht"
|
|||
tor_config_path = "/etc/tor/instances/niver/torrc"
|
||||
; Tor keys directory
|
||||
tor_keys_path = "/var/lib/tor-instances/niver/keys"
|
||||
tor_service = "tor@niver"
|
||||
|
||||
sudo_path = "/usr/bin/sudo"
|
||||
systemctl_path = "/usr/bin/systemctl"
|
||||
certbot_path = "/usr/bin/certbot"
|
||||
chgrp_path = "/usr/bin/chgrp"
|
||||
cat_path = "/usr/bin/cat"
|
||||
|
||||
sftpgo_group = sftpgo
|
||||
|
||||
|
@ -43,7 +45,7 @@ ipv4_address = "127.0.0.1"
|
|||
sftp_pub = "/etc/sftpgo/ed25519.pub"
|
||||
sftp_fp = "/etc/sftpgo/ed25519.fp"
|
||||
sftp_asciiart = "/etc/sftpgo/ed25519.asciiart"
|
||||
sftp_domain = "sftp.niver.test"
|
||||
sftp_domain = "ht.niver.test"
|
||||
public_sftp_port = 2022
|
||||
|
||||
; Will be used in configuration files
|
||||
|
|
|
@ -33,44 +33,38 @@ switchToFormProcess();
|
|||
if ($dirsStatuses[$_POST['dir']] !== false)
|
||||
userError("Wrong value for <code>dir</code>.");
|
||||
|
||||
// Generate a .onion address
|
||||
// Add Tor config
|
||||
$torConf = file_get_contents(CONF['ht']['tor_config_path']);
|
||||
$torConf = $torConf . "HiddenServiceDir " . CONF['ht']['tor_keys_path'] . "/" . $_POST['dir'] . "/
|
||||
HiddenServicePort 80 [::1]:" . CONF['ht']['internal_onion_http_port'] . "
|
||||
";
|
||||
file_put_contents(CONF['ht']['tor_config_path'], $torConf);
|
||||
|
||||
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload tor", $output);
|
||||
addNiverLog("Tor reloaded by " . $_SESSION['username'], $output);
|
||||
|
||||
// Copy generated address to a location readable by PHP
|
||||
exec(CONF['ht']['sudo_path'] . " " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
|
||||
addNiverLog("Tor data exported by " . $_SESSION['username'], $output);
|
||||
|
||||
// Wait
|
||||
sleep(1);
|
||||
// Reload Tor
|
||||
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload " . CONF['ht']['tor_service'], $output);
|
||||
|
||||
// Get the address generated by Tor
|
||||
$onion = file_get_contents(CONF['ht']['ht_path'] . "/" . $_SESSION['username'] . "/" . $_POST['dir'] . "/hostname");
|
||||
$onion = str_replace(array("\r", "\n"), "", $onion);
|
||||
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['cat_path'] . " " . CONF['ht']['tor_keys_path'] . "/" . $_POST['dir'] . "/hostname", $output);
|
||||
$onion = $output[0];
|
||||
if (preg_match("/[0-9a-z]{56}\.onion/", $onion) !== 1)
|
||||
serverError("No onion address found.");
|
||||
|
||||
// Store it in the database
|
||||
addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "http");
|
||||
|
||||
// Add it to Nginx
|
||||
$nginxConf = file_get_contents(NIVER_TEMPLATE_PATH . "/nginx/onion.template");
|
||||
$nginxConf = str_replace("{{CONF['ht']['internal_onion_http_port']}}", CONF['ht']['internal_onion_http_port'], $nginxConf);
|
||||
$nginxConf = str_replace("{{DOMAIN}}", $onion, $nginxConf);
|
||||
$nginxConf = str_replace("{{CONF['ht']['ht_path']}}", CONF['ht']['ht_path'], $nginxConf);
|
||||
$nginxConf = str_replace("{{USERNAME}}", $_SESSION['username'], $nginxConf);
|
||||
$nginxConf = str_replace("{{DIR}}", $_POST['dir'], $nginxConf);
|
||||
file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['dir'] . ".conf", $nginxConf);
|
||||
// Add Nginx config
|
||||
$nginxConf = 'server {
|
||||
listen [::1]:' . CONF['ht']['internal_onion_http_port'] . ';
|
||||
server_name ' . $onion . ';
|
||||
root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
|
||||
|
||||
include inc/ht-onion.conf;
|
||||
}
|
||||
';
|
||||
file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $onion . ".conf", $nginxConf);
|
||||
|
||||
// Reload Nginx
|
||||
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", $output);
|
||||
addNiverLog("Nginx reloaded by " . $_SESSION['username'], $output);
|
||||
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx");
|
||||
|
||||
// Tell the user their site address
|
||||
success("L'adresse de votre service Onion HTTP est : <a href='http://" . $onion . "/'<code>http://" . $onion . "/</code></a>");
|
||||
|
|
|
@ -53,15 +53,15 @@
|
|||
</dl>
|
||||
|
||||
<dl>
|
||||
<dt><a class="ht" href="http-onion">Accès HTTP en Onion</a></dt>
|
||||
<dt><a href="http-onion">Accès HTTP par service Onion</a></dt>
|
||||
<dd>
|
||||
Un site HTML, accessible par Tor, avec une adresse en .onion
|
||||
</dd>
|
||||
<dt><a class="ht" href="https-domain">Accès HTTPS par DNS</a></dt>
|
||||
<dt><a href="https-domain">Accès HTTP par DNS et TLS</a></dt>
|
||||
<dd>
|
||||
Un site HTML, accessible directement, par un nom de domaine
|
||||
</dd>
|
||||
<dt><a class="ht" href="le">Let's Encrypt</a></dt>
|
||||
<dt><a href="le">Let's Encrypt</a></dt>
|
||||
<dd>
|
||||
Installer un certificat Let's Encrypt sur un domaine
|
||||
</dd>
|
||||
|
|
|
@ -1,58 +1,58 @@
|
|||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<dl>
|
||||
<dt><a class="ns" href="zone">Gérer ses zones</a></dt>
|
||||
<dt><a href="zone">Gérer ses zones</a></dt>
|
||||
<dd>
|
||||
Pour qu'elle soit gérée par le serveur de noms de Niver
|
||||
</dd>
|
||||
<dt><a class="ns" href="dnssec">Obtenir les enregistrements <abbr title="Delegation Signer">DS</abbr></a></dt>
|
||||
<dt><a href="dnssec">Obtenir les enregistrements <abbr title="Delegation Signer">DS</abbr></a></dt>
|
||||
<dd>
|
||||
À indiquer à la zone parente pour activer <abbr title="Domain Name System Security Extensions">DNSSEC</abbr>
|
||||
</dd>
|
||||
<dt><a class="ns" href="ns">Enregistrement <abbr title="Name Server">NS</abbr></a></dt>
|
||||
<dt><a href="ns">Enregistrement <abbr title="Name Server">NS</abbr></a></dt>
|
||||
<dd>
|
||||
Indiquer le serveur de noms d'une zone
|
||||
</dd>
|
||||
<dt><a class="ns" href="ip">Enregistrements A et AAAA</a></dt>
|
||||
<dt><a href="ip">Enregistrements A et AAAA</a></dt>
|
||||
<dd>
|
||||
Indiquer l'adresse IP d'un domaine
|
||||
</dd>
|
||||
<dt><a class="ns" href="txt">Enregistrement TXT</a></dt>
|
||||
<dt><a href="txt">Enregistrement TXT</a></dt>
|
||||
<dd>
|
||||
Associer du texte à un domaine
|
||||
</dd>
|
||||
|
||||
<dt><a class="ns" href="srv">Enregistrement SRV</a></dt>
|
||||
<dt><a href="srv">Enregistrement SRV</a></dt>
|
||||
<dd>
|
||||
Indiquer un serveur pour un domaine
|
||||
</dd>
|
||||
<dt><a class="ns" href="mx">Enregistrement <abbr title="Mail eXchanger">MX</abbr></a></dt>
|
||||
<dt><a href="mx">Enregistrement <abbr title="Mail eXchanger">MX</abbr></a></dt>
|
||||
<dd>
|
||||
Indiquer le serveur mail pour un domaine
|
||||
</dd>
|
||||
<dt><a class="ns" href="caa">Enregistrement <abbr title="Certification Authority Authorization">CAA</abbr></a></dt>
|
||||
<dt><a href="caa">Enregistrement <abbr title="Certification Authority Authorization">CAA</abbr></a></dt>
|
||||
<dd>
|
||||
Indiquer les seules autorités de certifications autorisée à signer les domaines
|
||||
</dd>
|
||||
<dt><a class="ns" href="tlsa">Enregistrement <abbr title="Transport Layer Security Association">TLSA</abbr></a></dt>
|
||||
<dt><a href="tlsa">Enregistrement <abbr title="Transport Layer Security Association">TLSA</abbr></a></dt>
|
||||
<dd>
|
||||
Mettre en place <abbr title="DNS-based Authentication of Named Entities">DANE</abbr> en indiquant l'empreinte d'un certificat <abbr title="Transport Layer Security">TLS</abbr>
|
||||
</dd>
|
||||
<dt><a class="ns" href="sshfp">Enregistrement <abbr title="Secure SHell FingerPrint">SSHFP</abbr></a></dt>
|
||||
<dt><a href="sshfp">Enregistrement <abbr title="Secure SHell FingerPrint">SSHFP</abbr></a></dt>
|
||||
<dd>
|
||||
Indiquer les empreintes de clés <abbr title="Secure SHell">SSH</abbr> d'un domaine
|
||||
</dd>
|
||||
|
||||
<!--
|
||||
<dt><a class="ns" href="loc">Enregistrement LOC</a></dt>
|
||||
<dt><a href="loc">Enregistrement LOC</a></dt>
|
||||
<dd>
|
||||
Indiquer des coordonnées géographiques
|
||||
</dd>
|
||||
<dt><a class="ns" href="cname">Enregistrement <abbr title="Canonical NAME">CNAME</abbr></a></dt>
|
||||
<dt><a href="cname">Enregistrement <abbr title="Canonical NAME">CNAME</abbr></a></dt>
|
||||
<dd>
|
||||
Définir un domaine comme étant l'alias d'un autre
|
||||
</dd>
|
||||
<dt><a class="ns" href="dname">Enregistrement <abbr title="Delegation NAME">DNAME</abbr></a></dt>
|
||||
<dt><a href="dname">Enregistrement <abbr title="Delegation NAME">DNAME</abbr></a></dt>
|
||||
<dd>
|
||||
Définir les sous-domaines d'un domaine comme étant les alias des sous-domaines d'un autre domaine
|
||||
</dd>-->
|
||||
|
|
|
@ -1,19 +1,19 @@
|
|||
<?php require "../../common/html.php"; ?>
|
||||
|
||||
<dl>
|
||||
<dt><a class="reg" href="register">Enregistrer un nouveau domaine</a></dt>
|
||||
<dt><a href="register">Enregistrer un nouveau domaine</a></dt>
|
||||
<dd>
|
||||
Prendre possession d'un sous-domaine de <code><?= CONF['reg']['registry'] ?></code>
|
||||
</dd>
|
||||
<dt><a class="reg" href="ns">Enregistrement <abbr title="Name Server">NS</abbr></a></dt>
|
||||
<dt><a href="ns">Enregistrement <abbr title="Name Server">NS</abbr></a></dt>
|
||||
<dd>
|
||||
Indiquer les serveurs de noms de son sous-domaine de <code><?= CONF['reg']['registry'] ?></code>
|
||||
</dd>
|
||||
<dt><a class="reg" href="ds">Enregistrement <abbr title="Delegation Signer">DS</abbr></a></dt>
|
||||
<dt><a href="ds">Enregistrement <abbr title="Delegation Signer">DS</abbr></a></dt>
|
||||
<dd>
|
||||
Déléguer la confiance <abbr title="Domain Name System Security Extensions">DNSSEC</abbr>
|
||||
</dd>
|
||||
<dt><a class="reg" href="glue">Glue Record</a></dt>
|
||||
<dt><a href="glue">Glue Record</a></dt>
|
||||
<dd>
|
||||
Indiquer les IP de ses serveurs de noms de son sous-domaine de <code><?= CONF['reg']['registry'] ?></code> dont les adresses se trouvent sur ce même sous-domaine
|
||||
</dd>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<?php
|
||||
|
||||
require "common/init.php";
|
||||
require "auth.php";
|
||||
require "fn/auth.php";
|
||||
|
||||
$authData = json_decode(file_get_contents("php://input"), true);
|
||||
$user = json_decode($authData['user'], true);
|
||||
|
|
Loading…
Reference in a new issue