166 lines
4.5 KiB
PHP
166 lines
4.5 KiB
PHP
<?php declare(strict_types=1);
|
|
|
|
const SUBPATH_REGEX = '^[a-z0-9-]{4,63}$';
|
|
const ED25519_PUBKEY_REGEX = '^[a-zA-Z0-9/+]{68}$';
|
|
|
|
function htSetupUserFs(string $id): void {
|
|
// Setup SFTP directory
|
|
if (mkdir(CONF['ht']['ht_path'] . '/fs/' . $id, 0000) !== true)
|
|
output(500, 'Can\'t create user directory.');
|
|
if (chmod(CONF['ht']['ht_path'] . '/fs/' . $id, 0775) !== true)
|
|
output(500, 'Can\'t chmod user directory.');
|
|
exescape([
|
|
CONF['ht']['sudo_path'],
|
|
'--',
|
|
CONF['ht']['chgrp_path'],
|
|
'--no-dereference',
|
|
'--',
|
|
CONF['ht']['sftpgo_group'],
|
|
CONF['ht']['ht_path'] . '/fs/' . $id,
|
|
], result_code: $code);
|
|
if ($code !== 0)
|
|
output(500, 'Can\'t change user directory group.');
|
|
|
|
// Setup Tor config directory
|
|
if (mkdir(CONF['ht']['tor_config_path'] . '/' . $id, 0000) !== true)
|
|
output(500, 'Can\'t create Tor config directory.');
|
|
if (chmod(CONF['ht']['tor_config_path'] . '/' . $id, 0775) !== true)
|
|
output(500, 'Can\'t chmod Tor config directory.');
|
|
|
|
// Setup Tor keys directory
|
|
exescape([
|
|
CONF['ht']['sudo_path'],
|
|
'-u',
|
|
CONF['ht']['tor_user'],
|
|
'--',
|
|
CONF['ht']['mkdir_path'],
|
|
'--mode=0700',
|
|
'--',
|
|
CONF['ht']['tor_keys_path'] . '/' . $id,
|
|
], result_code: $code);
|
|
if ($code !== 0)
|
|
output(500, 'Can\'t create Tor keys directory.');
|
|
}
|
|
|
|
function checkDomainFormat(string $domain): void {
|
|
// If the domain must end without a dot
|
|
if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match('/^(?=^.{1,254}$)([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$/D', $domain))
|
|
output(403, _('Domain malformed.'));
|
|
}
|
|
|
|
function formatDomain(string $domain): string {
|
|
$domain = rtrim(strtolower($domain), '.');
|
|
checkDomainFormat($domain);
|
|
return $domain;
|
|
}
|
|
|
|
function listFsDirs(string $username): array {
|
|
if ($username === '')
|
|
return [];
|
|
$absoluteDirs = glob(CONF['ht']['ht_path'] . '/fs/' . $username . '/*/', GLOB_ONLYDIR);
|
|
$dirs = [];
|
|
foreach ($absoluteDirs as $absoluteDir)
|
|
if (preg_match('/^[a-zA-Z0-9_-]{1,64}$/D', basename($absoluteDir)))
|
|
array_push($dirs, basename($absoluteDir));
|
|
return $dirs;
|
|
}
|
|
|
|
function addSite(string $username, string $siteDir, string $address, string $type): void {
|
|
insert('sites', [
|
|
'username' => $username,
|
|
'site_dir' => $siteDir,
|
|
'address' => $address,
|
|
'type' => $type,
|
|
'creation_date' => date('Y-m-d H:i:s'),
|
|
]);
|
|
}
|
|
|
|
function dirsStatuses(string $type): array {
|
|
if (isset($_SESSION['id']) !== true)
|
|
return [];
|
|
$dbDirs = query('select', 'sites', [
|
|
'username' => $_SESSION['id'],
|
|
'type' => $type,
|
|
], ['site_dir']);
|
|
$dirs = [];
|
|
foreach (listFsDirs($_SESSION['id']) as $fsDir)
|
|
$dirs[$fsDir] = in_array($fsDir, $dbDirs);
|
|
return $dirs;
|
|
}
|
|
|
|
function htRelativeSymlink(string $target, string $name): void {
|
|
chdir(pathinfo($name)['dirname']);
|
|
$symlink = symlink($target, pathinfo($name)['basename']);
|
|
chdir(ROOT_PATH);
|
|
if ($symlink !== true)
|
|
output(500, 'Unable to create symlink.');
|
|
}
|
|
|
|
function htDeleteSite(string $address, string $type, string $user_id): void {
|
|
|
|
if ($type === 'onion') {
|
|
$dir = query('select', 'sites', [
|
|
'username' => $user_id,
|
|
'address' => $address,
|
|
'type' => $type,
|
|
], ['site_dir'])[0];
|
|
|
|
// Delete Tor config
|
|
if (unlink(CONF['ht']['tor_config_path'] . '/' . $user_id . '/' . $dir) !== true)
|
|
output(500, 'Failed to delete Tor configuration.');
|
|
|
|
// Reload Tor
|
|
exescape([
|
|
CONF['ht']['sudo_path'],
|
|
'--',
|
|
...explode(' ', CONF['ht']['tor_reload_cmd']),
|
|
], result_code: $code);
|
|
if ($code !== 0)
|
|
output(500, 'Failed to reload Tor.');
|
|
|
|
// Delete Tor keys
|
|
exescape([
|
|
CONF['ht']['sudo_path'],
|
|
'-u',
|
|
CONF['ht']['tor_user'],
|
|
'--',
|
|
CONF['ht']['rm_path'],
|
|
'-r',
|
|
'--',
|
|
CONF['ht']['tor_keys_path'] . '/' . $user_id . '/' . $dir,
|
|
], result_code: $code);
|
|
if ($code !== 0)
|
|
output(500, 'Failed to delete Tor keys.');
|
|
}
|
|
|
|
if ($type === 'dns') {
|
|
// Delete Let's Encrypt certificate
|
|
exescape([
|
|
CONF['ht']['sudo_path'],
|
|
CONF['ht']['certbot_path'],
|
|
'--config',
|
|
CONF['ht']['certbot_config_path'],
|
|
'delete',
|
|
'--quiet',
|
|
'--cert-name',
|
|
$address,
|
|
], result_code: $code);
|
|
if ($code !== 0)
|
|
output(500, 'Certbot failed to delete the Let\'s Encrypt certificate.');
|
|
}
|
|
|
|
$link = CONF['ht']['ht_path'] . '/uri/' . match ($type) {
|
|
'onion', 'dns' => $address,
|
|
'subdomain' => $address . '.' . CONF['ht']['subdomain_domain'],
|
|
'subpath' => CONF['ht']['subpath_domain'] . '/' . $address,
|
|
};
|
|
|
|
if (unlink($link) !== true)
|
|
output(500, 'Unable to delete symlink.');
|
|
|
|
query('delete', 'sites', [
|
|
'username' => $user_id,
|
|
'type' => $type,
|
|
'address' => $address,
|
|
]);
|
|
}
|