Prints a lot of metadata available to the server when doing an HTTP request https://meta.antopie.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
Miraty 595232f9e3 Add README.md 10 months ago
db-reader Initial commit 10 months ago
geolite2 Initial commit 10 months ago
LICENSE Add source code links and LICENSE 10 months ago
README.md Add README.md 10 months ago
emoji.html Initial commit 10 months ago
geolite2.php Add source code links and LICENSE 10 months ago
index.php Add README.md 10 months ago
meta.php Add README.md 10 months ago

README.md

Meta

Meta is a small Nginx/PHP tool displaying some informations in order to debug or satisfy your curiosity.

Use

Paths

/me will redirect to /<your-ip-address> /<any-ip-address> will print informations obtained from databases located in the geolite2 directory /emoji will print an emoji list /<anything-else> will print IP, TCP, TLS and HTTP metadata

Domains

meta.4.niv.re have working A (IPv4) and AAAA (IPv6) records You can test IP version connectivity by forcing it throught

  • ipv4.meta.4.niv.re only have the A record
  • ipv6.meta.4.niv.re only have the AAAA record

Ports

You can try to connect to a few other TCP ports than 443, using IPv6.

Installation

Nginx configuration

server {
    listen 443 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:1 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:2 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:20 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:21 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:22 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:25 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:53 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:80 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:123 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:143 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:443 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:587 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:853 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:993 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:1194 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:1312 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:3478 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:5349 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:8448 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:9001 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:9030 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:16384 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:25565 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:32768 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:49152 ssl http2;
    listen [2a01:e0a:15c:2e40::65:535]:65535 ssl http2;

    server_name meta.4.niv.re *.meta.4.niv.re;

    root /var/www/meta;
    index index.php;
    try_files $uri/ /;

    more_set_headers "Content-Security-Policy : default-src 'none'; frame-ancestors 'none'; form-action 'none';";
    more_set_headers "X-Content-Type-Options : nosniff";
    more_set_headers "X-XSS-Protection : 1; mode=block";
    more_set_headers "X-Download-Options : noopen";
    more_set_headers "X-Permitted-Cross-Domain-Policies : none";
    more_set_headers "X-Frame-Options : DENY";
    more_set_headers "Referrer-Policy : no-referrer";
    more_set_headers "Strict-Transport-Security : max-age=94608000; includeSubDomains; preload";
    more_clear_headers Server;

    ssl_prefer_server_ciphers off;

    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_session_tickets off;

    ssl_early_data off;

    ssl_stapling on;
    ssl_stapling_verify on;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384;

    ssl_ecdh_curve X25519:X448;

    ssl_certificate /etc/letsencrypt/live/meta.4.niv.re/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/meta.4.niv.re/privkey.pem;

    error_log /var/log/nginx/meta.4.niv.re-error.log info;
    access_log off;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/meta.sock;
        include inc/fastcgi.conf;
        fastcgi_param SSL_CURVES $ssl_curves;
        fastcgi_param SSL_CIPHERS $ssl_ciphers;
        fastcgi_param SSL_CIPHER $ssl_cipher;
        fastcgi_param SSL_PROTOCOL $ssl_protocol;
        fastcgi_param SSL_SESSION_ID $ssl_session_id;
        fastcgi_param NGINX_VERSION $nginx_version;
        fastcgi_param TCPINFO_RTT $tcpinfo_rtt;
        fastcgi_param TCPINFO_RTTVAR $tcpinfo_rttvar;
        fastcgi_param TCPINFO_SND_CWND $tcpinfo_snd_cwnd;
        fastcgi_param TCPINFO_RCV_SPACE $tcpinfo_rcv_space;
        fastcgi_param CONNECTION $connection;
        fastcgi_param CONNECTION_REQUESTS $connection_requests;
        fastcgi_param REQUEST $request;
    }

    location ~ emojis.txt {
        charset utf-8;
    }
}

Might be useful

ip addr add 2a01:e0a:15c:2e40::65:535 dev eno1
ufw allow in proto tcp to 2a01:e0a:15c:2e40::65:535 port 1:65535
certbot certonly --nginx --key-type rsa --rsa-key-size 3072 -d *.meta.4.niv.re -d meta.4.niv.re

/etc/network/interfaces:

iface eno1 inet6 static
address 2a01:e0a:15c:2e40::65:535

Ressources

Nginx variable list: https://nginx.org/docs/varindex.html

PHP $_SERVER list: https://www.php.net/manual/reserved.variables.server.php

HTTP headers

https://en.wikipedia.org/wiki/List_of_HTTP_header_fields https://developer.mozilla.org/docs/Web/HTTP/Headers https://datatracker.ietf.org/doc/html/rfc7231

Free software

Meta is published under AGPLv3+ (see LICENSE), it's source code is available at https://code.antopie.org/miraty/meta. db-reader and geolite2 directories contents have their own license.