servnest
/
servnest
1
1
Fork 0
Code Issues 4 Pull Requests Releases Wiki Activity
servnest/pages/ns/zone-add.php

79 lines
2.5 KiB
PHP
Raw Blame History

<?php
if (processForm()) {
$_POST['domain'] = formatAbsoluteDomain($_POST['domain']);
if (query('select', 'zones', ['zone' => $_POST['domain']], 'zone') !== [])
output(403, 'Cette zone existe déjà sur ce service.');
exec(CONF['ns']['kdig_path'] . ' ' . ltrim(strstr($_POST['domain'], '.'), '.') . ' NS +short', $parentAuthoritatives);
if ($parentAuthoritatives === [])
output(403, 'Serveurs de noms de la zone parente introuvables');
foreach ($parentAuthoritatives as $parentAuthoritative)
checkAbsoluteDomainFormat($parentAuthoritative);
exec(CONF['ns']['kdig_path'] . ' ' . $_POST['domain'] . ' NS @' . $parentAuthoritatives[0] . ' +noidn', $results);
if (preg_match('/^' . preg_quote($_POST['domain'], '/') . '[\t ]+[0-9]{1,8}[\t ]+IN[\t ]+NS[\t ]+(?<salt>[0-9a-f]{8})-(?<hash>[0-9a-f]{32})\.auth-owner.+$/m', implode("\n", $results), $matches) !== 1)
output(403, 'Enregistrement d\'authentification introuvable');
checkAuthToken($matches['salt'], $matches['hash']);
rateLimit();
insert('zones', [
'zone' => $_POST['domain'],
'username' => $_SESSION['username'],
]);
$knotZonePath = CONF['ns']['knot_zones_path'] . "/" . $_POST['domain'] . "zone";
$knotZone = implode(' ', [
$_POST['domain'],
SOA_VALUES['ttl'],
'SOA',
CONF['ns']['servers'][0],
SOA_VALUES['email'],
1,
SOA_VALUES['refresh'],
SOA_VALUES['retry'],
SOA_VALUES['expire'],
SOA_VALUES['negative'],
]) . "\n";
foreach (CONF['ns']['servers'] as $server)
$knotZone .= $_POST['domain'] . ' 86400 NS ' . $server . "\n";
if (is_int(file_put_contents($knotZonePath, $knotZone)) !== true)
output(500, 'Failed to write new zone file.');
if (chmod($knotZonePath, 0660) !== true)
output(500, 'Failed to chmod new zone file.');
knotcConfExec([
"set 'zone[" . $_POST['domain'] . "]'",
"set 'zone[" . $_POST['domain'] . "].template' 'niver-ns'",
]);
output(200, 'La requête a été traitée.');
}
$proof = getAuthToken();
?>
<p>
Le domaine doit avoir un <?= linkToDocs('ns-record', 'enregistrement NS') ?> qui commence par <code><?= $proof ?>.auth-owner</code> lors du traitement de ce formulaire.
</p>
<p>
La zone sera servie par ces serveurs de noms :
<ul>
<?php
foreach (CONF['ns']['servers'] as $server)
echo ' <li><code>' . $server . '</code></li>';
?>
</ul>
</p>
<form method="post">
<label for="domain">Domaine</label><br>
<input required="" placeholder="domain.<?= PLACEHOLDER_DOMAIN ?>." id="domain" name="domain" type="text"><br>
<input value="Ajouter" type="submit">
</form>
Reference in New Issue View Git Blame Copy Permalink