68 lines
2.3 KiB
PHP
68 lines
2.3 KiB
PHP
<?php
|
|
|
|
if (processForm()) {
|
|
$_POST['domain'] = formatAbsoluteDomain($_POST['domain']);
|
|
|
|
if (query('select', 'zones', ['zone' => $_POST['domain']], 'zone') !== [])
|
|
output(403, 'Cette zone existe déjà sur ce service.');
|
|
|
|
exec(CONF['ns']['kdig_path'] . ' ' . ltrim(strstr($_POST['domain'], '.'), '.') . ' NS +short', $parentAuthoritatives);
|
|
if ($parentAuthoritatives === [])
|
|
output(403, 'Serveurs de noms de la zone parente introuvables');
|
|
foreach ($parentAuthoritatives as $parentAuthoritative)
|
|
checkAbsoluteDomainFormat($parentAuthoritative);
|
|
|
|
exec(CONF['ns']['kdig_path'] . ' ' . $_POST['domain'] . " NS @" . $parentAuthoritatives[0], $results);
|
|
if (preg_match('/\n' . preg_quote($_POST['domain'], '/') . '[\t ]+[0-9]{1,8}[\t ]+IN[\t ]+NS[\t ]+([0-9a-f]{8})-([0-9a-f]{32})\.auth-owner.+\n/', implode("\n", $results), $matches) !== 1)
|
|
output(403, 'Enregistrement d\'authentification introuvable');
|
|
|
|
checkAuthToken($matches[1], $matches[2]);
|
|
|
|
rateLimit();
|
|
|
|
insert('zones', [
|
|
'zone' => $_POST['domain'],
|
|
'username' => $_SESSION['username'],
|
|
]);
|
|
|
|
$knotZonePath = CONF['ns']['knot_zones_path'] . "/" . $_POST['domain'] . "zone";
|
|
$knotZone = $_POST['domain'] . ' 3600 SOA ' . CONF['ns']['servers'][0] . ' admin.niver.test. 1 21600 7200 3628800 3600' . "\n";
|
|
foreach (CONF['ns']['servers'] as $server)
|
|
$knotZone .= $_POST['domain'] . ' 86400 NS ' . $server . "\n";
|
|
if (is_int(file_put_contents($knotZonePath, $knotZone)) !== true)
|
|
output(500, 'Failed to write new zone file.');
|
|
if (chmod($knotZonePath, 0660) !== true)
|
|
output(500, 'Failed to chmod new zone file.');
|
|
|
|
knotcConfExec([
|
|
"set 'zone[" . $_POST['domain'] . "]'",
|
|
"set 'zone[" . $_POST['domain'] . "].template' 'niver-ns'",
|
|
]);
|
|
|
|
output(200, 'La requête a été traitée.');
|
|
}
|
|
|
|
$proof = getAuthToken();
|
|
|
|
?>
|
|
|
|
<p>
|
|
Le domaine doit avoir un <?= linkToDocs('ns-record', 'enregistrement NS') ?> qui commence par <code><?= $proof ?>.auth-owner</code> lors du traitement de ce formulaire.
|
|
</p>
|
|
|
|
<p>
|
|
La zone sera servie par ces serveurs de noms :
|
|
<ul>
|
|
<?php
|
|
foreach (CONF['ns']['servers'] as $server)
|
|
echo ' <li><code>' . $server . '</code></li>';
|
|
?>
|
|
</ul>
|
|
</p>
|
|
|
|
<form method="post">
|
|
<label for="domain">Domaine</label><br>
|
|
<input required="" placeholder="domain.<?= PLACEHOLDER_DOMAIN ?>." id="domain" name="domain" type="text"><br>
|
|
<input value="Ajouter" type="submit">
|
|
</form>
|