vern
/
website
4
4
Fork 4
Code Issues Pull Requests Packages Projects Releases Wiki Activity
website/spa-AR/register.php

232 lines
12 KiB
PHP
Raw Blame History

<!DOCTYPE html>
<!--
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
-->
<html lang="es">
<head>
<meta name="viewport" content="width=device-width">
<meta charset="UTF-8">
<meta name="description" content="Registro para ~vern">
<link rel="preload" href="//gcdn.vern.cc/vernsite/style.css">
<link rel="stylesheet" href="//gcdn.vern.cc/vernsite/style.css">
<title>Registro | ~vern</title>
</head>
<body>
<!--#include file="nav.php" -->
<p><b>Si no querés o no podés compartir tu correo electrónico para registrarte en ~vern, por favor contactá un <a href=/spa-AR/admins>administrador</a> así podemos crearte una cuenta sin uno</b></p>
<?php
function sanitize($str) {
$str = trim($str);
$str = stripslashes($str);
$str = htmlspecialchars($str);
$str = str_replace("\r", '', $str);
return $str;
}
$success = false;
$username = $email = $ssh = $reason =
$username_err = $email_err = $ssh_err = $reason_err = '';
$username_re = '/^[a-z_][a-z0-9_]{0,30}$/';
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (!empty($_POST['username'])) {
if (preg_match($username_re, $_POST['username']) === 1) {
if (!file_exists('/vm/' . $_POST['username'])) {
if (!file_exists("/var/spool/register/" . sanitize($_POST['username'])))
$username = sanitize($_POST['username']);
else $username_err = "Un pedido para el nombre de usuario " . $_POST['username'] . " ya existe. Probá después o elegí un nombre de usuario diferente.";
}
else $username_err = "El nombre de usuario ya está en uso";
} else {
$username_err = "Nombre de usuario inválido. El mismo debe ser un nombre de usuario de GNU/Linux válido ($username_re)";
}
} else {
$username_err = "Se requiere un nombre de usuario";
}
if (!empty($_POST['email'])) {
if (filter_var(sanitize($_POST['email']), FILTER_VALIDATE_EMAIL)) {
$email = sanitize($_POST['email']);
} else {
$email_err = "Correo inválido";
}
} else {
$email_err = "Se requiere un correo";
}
if (!empty($_POST['ssh'])) {
$ret = shell_exec('bash -c "ssh-keygen -lf - <<< ' . escapeshellarg($_POST['ssh']) . ' 2>&1"');
if (trim($ret) != "(stdin) is not a public key file.") {
$ssh = $_POST['ssh'];
} else {
$ssh_err = "Clave pública de SSH inválida";
}
unset($ret);
} else {
$ssh_err = "Se requiere una clave pública de SSH";
}
if (!empty($_POST['joinreason'])) {
$reason = $_POST['joinreason'];
} else {
$reason_err = "Se requiere una razón para unirse";
}
if (empty($username_err . $email_err . $ssh_err . $reason_err) && isset($_POST['tos']))
$success = true;
}
if (!$success) {
?>
<div class=h><h1 id=signup>Registro</h1> <a aria-hidden=true href=#signup>#signup</a></div>
<p>Vea la <a href="//wiki.vern.cc/eng/guides/register/">página de la wiki</a> para saber como registrarse.</p>
<span class="red">* Campo necesario</span>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<p>Nombre de usuario:
<input type="text" name="username">
<span class="red">* <?php echo $username_err; ?></span></p>
<p>Correo (para que podamos contactarte) <span class="red">* <?php echo $email_err; ?></span>
<input type="text" name="email"></p>
<p>Claves públicas de SSH (una por línea) <span class="red">* <?php echo $ssh_err; ?></span><br>
<textarea name="ssh" rows="3" cols="50"></textarea></p>
<p>¿Por qué te gustaría unirte? <span class="red">* <?php echo $reason_err; ?></span><br>
<textarea name="joinreason" rows="8" cols="50"></textarea></p>
<p>¿A qué servicios te gustaría acceder? (Siempre puedes pedir una cuenta en uno)</p>
<input type="checkbox" id="pubnix" name="pubnix" value="Pubnix" disabled checked>
<label for="pubnix">Pubnix (incluye correo)</label><br>
<input type="checkbox" id="matrix" name="matrix" value="Matrix" checked>
<label for="matrix">Matrix</label><br>
<input type="checkbox" id="akkoma" name="akkoma" value="Akkoma" checked>
<label for="akkoma">Akkoma (fork de Pleroma)</label><br>
<input type="checkbox" id="soju" name="soju" value="Soju" checked>
<label for="soju">Soju</label><br>
<input type="checkbox" id="git" name="git" value="Forgejo" checked>
<label for="git">Forgejo</label><br>
<input type="checkbox" id="freshrss" name="freshrss" value="FreshRSS" checked>
<label for="freshrss">FreshRSS</label><br>
<input type="checkbox" id="miniflux" name="miniflux" value="Miniflux" checked>
<label for="miniflux">Miniflux</label><br>
<input type="checkbox" id="penpot" name="penpot" value="Penpot" checked>
<label for="penpot">Penpot</label><br>
<input type="checkbox" id="nextcloud" name="nextcloud" value="Nextcloud" checked>
<label for="nextcloud">Nextcloud</label><br>
<input type="checkbox" id="peertube" name="peertube" value="PeerTube" checked>
<label for="peertube">PeerTube</label><br>
<input type="checkbox" id="xmpp" name="xmpp" value="XMPP" checked>
<label for="xmpp">XMPP/Jabber</label><br>
<input type="checkbox" id="xmppo" name="xmppo" value="XMPP Onion">
<label for="xmppo">XMPP/Jabber Onion (No lo actives si no sabés que es)</label><br>
<input type="checkbox" id="xmppi" name="xmppi" value="XMPP I2P">
<label for="xmppi">XMPP/Jabber I2P (No lo actives si no sabés que es)</label><br>
<br>
<input type="checkbox" id="tos" name="tos" value="I agree to the ToS and Privacy Policy">
<label for="tos">Acepto los <a href=/spa-AR/tos>Términos y Condiciones</a> y la <a href=/spa-AR/privpol>Política de Privacidad</a></label><br>
<br>
<span><input type="submit" value="Submit" style="width:100px;height:40px;font-size:20px"></span>
</form><br>
<p>EL SERVICIO SE PROVEE “COMO ESTÁ” Y “CUANDO ESTÁ”, Y NO GARANTIZAMOS QUE EL SERVICIO ESTÉ DISPONIBLE EN TODO MOMENTO, NI LA CALIDAD DEL SERVICIO O DE CUALQUIER MATERIAL PROVISTO POR EL SERVICIO O EN EL SITIO WEB DE ~VERN. EN NINGUN MOMENTO LOS ADMINISTRADORES SERÁN RESPONSABLE POR CUALQUIER RECLAMO, DAÑOS U OTRAS RESPONSABILIDADES PROVENIENTES DE, O EN CONEXIÓN CON EL SERVICIO O EL USO DE OTRAS NEGOCIACIONES EN EL SERVICIO. USTED ES EL ÚNICO RESPONSABLE DE SU USO DEL SERVICIO.</p>
<?php
} else {
?>
<meta http-equiv="refresh" content="5;url=/spa-AR/" />
<div class=h><h1 id=thanks>Gracias por registrarse.</h1> <a aria-hidden=true href=#thanks>#thanks</a></div>
<p>Un administrador auditará su pedido, y un correo será enviado si su registro es exitoso.</p>
<p>Serás redirigido de vuelta a la <a href=/spa-AR/>página principal</a> en 5 segundos.</p>
<?php
if (isset($_POST['matrix'])) $use_matrix = true;
if (isset($_POST['akkoma'])) $use_akkoma = true;
if (isset($_POST['soju'])) $use_soju = true;
if (isset($_POST['git'])) $use_git = true;
if (isset($_POST['nextcloud'])) $use_nc = true;
if (isset($_POST['freshrss'])) $use_freshrss = true;
if (isset($_POST['miniflux'])) $use_miniflux = true;
if (isset($_POST['penpot'])) $use_penpot = true;
if (isset($_POST['peertube'])) $use_peertube = true;
if (isset($_POST['xmpp'])) $use_xmpp = true;
if (isset($_POST['xmppo'])) $use_xmppo = true;
if (isset($_POST['xmppi'])) $use_xmppi = true;
$to = "root@vern.cc";
$subject = "New registration request from $username <$email>";
$message = "Hello Administrators,\nSomeone has requested a membership. Please view the details below and decide if it is worth approving.\n\nSSH keys:\n$ssh\n\nRequested username: $username\nRequested services: Tilde";
if ($use_matrix) $message .= ", Matrix";
if ($use_akkoma) $message .= ", Akkoma";
if ($use_soju) $message .= ", Soju";
if ($use_git) $message .= ", Forgejo";
if ($use_nc) $message .= ", Nextcloud";
if ($use_freshrss) $message .= ", FreshRSS";
if ($use_miniflux) $message .= ", Miniflux";
if ($use_penpot) $message .= ", Penpot";
if ($use_peertube) $message .= ", PeerTube";
if ($use_xmpp) $message .= ", XMPP";
if ($use_xmppo) $message .= ", XMPP Onion";
if ($use_xmppi) $message .= ", XMPP I2P";
$message .= ".\nJoin reason:\n$reason\n\n\nTo accept this request, run this command as root:\n/root/bin/accept $username\nTo deny this request, run this command as root:\n/root/bin/deny $username\n";
$contents = "#!/usr/bin/env -S bash -e\n\n# This is the registration script for $username \n# This script was automatically generated by http://" . $_SERVER['HTTP_HOST'] . htmlspecialchars($_SERVER['PHP_SELF']). "\n\n";
$contents .= 'password="$(tr -dc A-Za-z0-9 </dev/urandom | head -c 64)"' . "\n";
$contents .= '~/bin/mktuser ' . escapeshellarg($username) . ' "$password"' . " <<< " . escapeshellarg($_POST['ssh']) . "\n";
$contents .= 'echo "$password" > /sshfs/home/' . $username . '/pass && chmod 600 /sshfs/home/' . $username . '/pass && ssh 192.168.122.30 chown ' . escapeshellarg($username . ':' . $username) . ' /sshfs/home/' . $username . '/pass' . "\n\n";
if ($use_matrix) $contents .= '~/bin/mkmuser ' . escapeshellarg($username) . ' "$password"' . "\n";
if ($use_akkoma) $contents .= '~/bin/mkauser ' . escapeshellarg($username) . ' "$password"' . "\n";
if ($use_soju) $contents .= '~/bin/mksuser ' . escapeshellarg($username) . ' "$password"' . "\n";
if ($use_git) $contents .= '~/bin/mkguser ' . escapeshellarg($username) . ' "$password"' . "\n";
if ($use_nc) $contents .= '~/bin/mknuser ' . escapeshellarg($username) . ' "$password"' . "\n";
if ($use_freshrss) $contents .= '~/bin/mkfruser ' . escapeshellarg($username) . ' "$password"' . "\n";
if ($use_miniflux) $contents .= '~/bin/mkmfuser ' . escapeshellarg($username) . ' "$password"' . "\n";
if ($use_penpot) $contents .= '~/bin/mkppuser ' . escapeshellarg($username) . ' "$password"' . "\n";
if ($use_peertube) $contents .= '~/bin/mkpuser ' . escapeshellarg($username) . ' "$password"' . ' ' . escapeshellarg($email) . "\n";
if ($use_xmpp) $contents .= '~/bin/mkxuser ' . escapeshellarg($username) . ' "$password"' . " vern.cc\n";
if ($use_xmppo) $contents .= '~/bin/mkxuser ' . escapeshellarg($username) . ' "$password"' . " vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion\n";
if ($use_xmppi) $contents .= '~/bin/mkxuser ' . escapeshellarg($username) . ' "$password"' . " verncceu2kgz54wi7r5jatgmx2mqtsh3knxhiy4m5shescuqtqfa.b32.i2p\n";
$contents .= "s-nail -r 'register@vern.cc' -s 'Su cuenta de ~vern fue creada' -M text/plain " . escapeshellarg($email) . " < <(printf 'Hola %s,\\nSu pedido de inscripción en ~vern ha sido aceptado.\\nAhora puede conectarse por SSH en vern.cc usando la(s) clave(s) pública(s) que ingresó en su registro en ~vern.\\nUna contraseña global para todos los servicios a los que te registraste se puede encontrar en ~/pass. Si te registraste en Mastodon, la contraseña para la cuenta se puede encontrar en ~/mastodon-pass\\n\\nMuchas gracias por ser parte de ~vern!' " . escapeshellarg($username) . ")\n";
$contents .= "echo " . escapeshellarg($username . '@vern.cc') . " >> /var/spool/list\n";
$contents .= "echo " . escapeshellarg($email) . " >> /var/spool/list\n";
$contents .= "mv $0 /var/log/register/\n";
$contents .= "exit\n\n\n";
$contents .= $reason . "\n";
$filename = "/var/spool/register/" . $username;
$handle = fopen($filename, "w+");
chmod($filename, 0600);
unset($filename);
fwrite($handle, $contents);
fclose($handle);
$from = "register@vern.cc";
$headers = "From: " . $from . "\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/plain\n";
mail($to, $subject, $message, $headers);
}
?>
<!--#include file="footer.cgi" -->
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink