101 lines
3.2 KiB
Markdown
101 lines
3.2 KiB
Markdown
# ServNest
|
|
|
|
ServNest (formerly Niver) is software providing a web interface allowing users to manage 3 independent services:
|
|
|
|
* Public suffix registry
|
|
* Domain name server
|
|
* Static HTTP site hosting
|
|
|
|
## Status
|
|
|
|
I plan to create and maintain a public stable instance of ServNest, but I haven't done so yet. Thus it is not yet tested with real world and long-term usages, and is **alpha software**.
|
|
|
|
## Detailed services features
|
|
|
|
### Public suffix registry (`reg`)
|
|
|
|
* Register a subdomain of the registry
|
|
* Set domain's nameservers
|
|
* Set a DS record to enable DNSSEC
|
|
* Set Glue records
|
|
* Display records
|
|
* Transfer domain to another account
|
|
|
|
### Name server (`ns`)
|
|
|
|
* Host a zone on the server
|
|
* Plain zone file edition
|
|
* Dedicated forms to set/unset `A`, `AAAA`, `NS`, `TXT`, `CAA`, `SRV`, `MX`, `SRV`, `SSHFP`, `TLSA`, `CNAME`, `DNAME` and `LOC` records
|
|
* Display records or the full zone file
|
|
|
|
### Static HTTP site hosting (`ht`)
|
|
|
|
Upload site's files to the server using SFTP. The way the site is accessed can then be choosed:
|
|
|
|
* Dedicated domain name and Let's Encrypt certificate
|
|
* Dedicated onion service (through Tor)
|
|
* Subdomain of a shared root domain
|
|
* HTTP subpath of a shared domain
|
|
|
|
Some Apache configuration directives are available through `.htaccess`.
|
|
|
|
## Software used
|
|
|
|
[PHP](https://www.php.net/)
|
|
: main language
|
|
|
|
[SQLite](https://www.sqlite.org/index.html)
|
|
: accounts data storage
|
|
|
|
[Knot DNS](https://www.knot-dns.cz/)
|
|
: DNS server for both registry and DNS hosting
|
|
|
|
[sudo](https://www.sudo.ws/) 1.9.10+
|
|
: execute actions that match a regex as privileged or specific users
|
|
|
|
[SFTPGo](https://github.com/drakkan/sftpgo)
|
|
: upload sites files using SFTP
|
|
|
|
[Apache HTTP Server](https://httpd.apache.org/)
|
|
: static HTTP server, with content negotiation and `.htaccess` dynamic configuration
|
|
|
|
[nginx](https://nginx.org/)
|
|
: HTTP reverse proxy for Apache; terminates TLS and enforces security headers
|
|
|
|
Tor
|
|
: [Onion services](https://community.torproject.org/onion-services/)
|
|
|
|
[Certbot](https://certbot.eff.org/)
|
|
: get [Let's Encrypt](https://letsencrypt.org/) certificates for TLS
|
|
|
|
Cronie (or another cron daemon)
|
|
: periodically run script to sync registry records with child zones and pseudo-CNAMEs at apex
|
|
|
|
[GNU Core Utilities](https://www.gnu.org/software/coreutils/) or [BusyBox](https://www.busybox.net/)
|
|
: manipulate the filesystem through sudo
|
|
|
|
## Installation
|
|
|
|
Manual installation instructions can be found in [DOCS/installation.md](DOCS/installation.md).
|
|
|
|
[servnest-mkosi](https://code.antopie.org/servnest/servnest-mkosi) can automatically build a system image for ServNest and has configuration files and scripts.
|
|
|
|
## Contribute
|
|
|
|
- Git repository : <https://code.antopie.org/servnest/servnest>
|
|
- Issue tracker : <https://code.antopie.org/servnest/servnest/issues>
|
|
- Matrix channel : [#servnest:matrix.antopie.org](matrix:r/servnest:matrix.antopie.org)
|
|
|
|
## Direct contact details
|
|
|
|
See <https://miraty.antopie.org/>.
|
|
|
|
## License
|
|
|
|
ServNest is ethical libre software: you can use, redistribute or modify it under the terms of the CNPL-NAv7+ as found in LICENSE.md or at <https://git.pixie.town/thufie/npl-builder>.
|
|
|
|
## Similar projects
|
|
|
|
- [DNSManager](https://github.com/KaneRoot/dnsmanager) powering [netlib.re](https://netlib.re/)
|
|
- [EU.org](https://nic.eu.org/)
|
|
- [DNS Witch](https://dns-witch.net.eu.org/)
|