site-manager/sites.py

import os
import json
import re


def load_sites():
    if not os.path.isfile('sites.json'):
        with open('sites.json', 'w') as file:
            file.write('[]')

    with open('sites.json', 'r') as file:
        sites = json.loads(file.read())

    return sites


def get_info():
    sites = load_sites()
    if not sites:
        return {
            'total_sites': 0,
            'active_sites': 0
        }

    total_sites = len(sites)
    active_sites = 0
    for site in sites:
        if site['active']:
            active_sites += 1

    return {
        'total_sites': total_sites,
        'active_sites': active_sites
    }
    
def get_site(name):
    sites = load_sites()
    for site in sites:
        if site['name'] == name:
            return site
    return False

def add_site(name, domain):
    sites = load_sites()
    domain = domain.lower().strip()
    # Check domain
    if re.search(r'[^a-zA-Z0-9.-]', domain):
        return False
    
    # Make sure certs directory exists
    if not os.path.isdir('certs'):
        os.mkdir('certs')
    
    if is_icann(domain):
        tlsa = "Not needed"
    else:
        # Generate TLSA record
        tlsa = os.popen(f'./tlsa.sh {domain}').read().strip()
        print(tlsa)
        if not tlsa:
            return False

    id = len(sites)
    for site in sites:
        if site['id'] >= id:
            id = site['id'] + 1

    sites.append({
        'name': name,
        'domain': domain,
        'active': False,
        'tlsa': tlsa,
        'id': id
    })

    with open('sites.json', 'w') as file:
        file.write(json.dumps(sites))
    return True

def add_alt_domain(name, domain):
    sites = load_sites()
    for site in sites:
        if site['name'] == name:
            if 'alt_domains' not in site:
                site['alt_domains'] = []
            site['alt_domains'].append(domain)

            if is_icann(domain):
                tlsa = "Not needed"
            else:
                # Generate TLSA record
                tlsa = os.popen(f'./tlsa.sh {domain}').read().strip()
                print(tlsa)
                if not tlsa:
                    return False
            
            if 'alt_tlsa' not in site:
                site['alt_tlsa'] = {}
            site['alt_tlsa'][domain] = tlsa

            with open('sites.json', 'w') as file:
                file.write(json.dumps(sites))
            return True
    return False

def enable(name, enable):
    sites = load_sites()
    if enable == 'on':
        enable = True
        # Create site file
        write_nginx_conf(name)
    else:
        enable = False
        # Delete site file        
        os.remove(f'/etc/nginx/sites-enabled/{name}')
        

    for site in sites:
        if site['name'] == name:
            site['active'] = enable
            with open('sites.json', 'w') as file:
                file.write(json.dumps(sites))
            return True
    return False

def get_content(site):
    site = get_site(site)
    id = site['id']

    path = f'/var/www/{id}'
    if not os.path.isdir(path):
        return []
    files = os.listdir(path)
    return files

def get_dns_info(site):
    # Get public ip of server
    public_ip = os.popen('curl ipinfo.io/ip').read().strip()
    # Get domains
    domains = get_site(site)
    if not domains:
        return False
    main = domains['domain']
    tlsa = domains['tlsa']
    alt = []
    if 'alt_domains' in domains:
        alt = domains['alt_domains']
    
    info = [{
        'domain': main,
        'ip': public_ip,
        'tlsa': tlsa
    }]


    for alt_domain in alt:
        alt_tlsa = domains['alt_tlsa'][alt_domain]

        info.append({
            'domain': alt_domain,
            'ip': public_ip,
            'tlsa': alt_tlsa
        })
    return info
        

def write_nginx_conf(site):
    site = get_site(site)
    domain = site['domain']
    id = site['id']
    location = f'/var/www/{id}'

    ssl = ""
    if not is_icann(domain):
        ssl = f'''
        listen 443 ssl;
        ssl_certificate /root/site-manager/certs/{domain}/cert.crt;
        ssl_certificate_key /root/site-manager/certs/{domain}/cert.key;
        '''


    conf = f'''
    server {{
  listen 80;
  listen [::]:80;
  root '{location}';
  index index.html;
  server_name {domain} *.{domain};

    location / {{
        try_files $uri $uri/ @htmlext;
    }}

    location ~ \.html$ {{
        try_files $uri =404;
    }}

    location @htmlext {{
        rewrite ^(.*)$ $1.html last;
    }}
    error_page 404 /404.html;
    location = /404.html {{
            internal;
    }}
    location = /.well-known/wallets/HNS {{
        add_header Cache-Control 'must-revalidate';
        add_header Content-Type text/plain;
    }}
    {ssl}
    }}
    '''

    # Add alt domains
    if 'alt_domains' in site:
        for alt in site['alt_domains']:
            if not is_icann(alt):
                ssl = f'''
                listen 443 ssl;
                ssl_certificate /root/site-manager/certs/{alt}/cert.crt;
                ssl_certificate_key /root/site-manager/certs/{alt}/cert.key;
                '''
            else:
                ssl = ""

            conf += f'''
            server {{
    listen 80;
    listen [::]:80;
    root '{location}';
    index index.html;
    server_name {alt} *.{alt};

    location / {{
        try_files $uri $uri/ @htmlext;
    }}

    location ~ \.html$ {{
        try_files $uri =404;
    }}

    location @htmlext {{
        rewrite ^(.*)$ $1.html last;
    }}
    error_page 404 /404.html;
    location = /404.html {{
            internal;
    }}
    location = /.well-known/wallets/HNS {{
        add_header Cache-Control 'must-revalidate';
        add_header Content-Type text/plain;
    }}
    {ssl}
    }}
    '''
    with open(f'/etc/nginx/sites-enabled/{id}.conf', 'w') as file:
        file.write(conf)

    # Restart nginx
    os.system('systemctl restart nginx')

    # Create certs for ICANN domains
    icann_domains = []
    if is_icann(domain):
        icann_domains.append(domain)
    if 'alt_domains' in site:
        for alt in site['alt_domains']:
            if is_icann(alt):
                icann_domains.append(alt)
    email = f'admin@{icann_domains[0]}'
    icann_domains = " -d ".join(icann_domains)
    icann_domains = f'-d {icann_domains}'
    os.system(f'certbot --nginx {icann_domains} --non-interactive --agree-tos --email {email} --redirect')
    return True


def is_icann(domain):
    # Check if domain list is downloaded yet
    if not os.path.isfile('icann.txt'):
        os.system('wget https://data.iana.org/TLD/tlds-alpha-by-domain.txt -O icann.txt')

    tlds = open('icann.txt', 'r').read().split('\n')
    # Remove any comments
    tlds = [tld for tld in tlds if not tld.startswith('#')]
    if domain.split('.')[-1].upper() in tlds:
        return True
    return False

def clone_git(name, url):
    site = get_site(name)
    id = site['id']
    path = f'/var/www/{id}'
    if not os.path.isdir(path):
        os.mkdir(path)
    os.system(f'git clone {url} {path}')

    with open('sites.json', 'r') as file:
        sites = json.loads(file.read())
    for site in sites:
        if site['name'] == name:
            site['git'] = url
            with open('sites.json', 'w') as file:
                file.write(json.dumps(sites))
            return True

    return True

def pull_git(name):
    site = get_site(name)
    id = site['id']
    path = f'/var/www/{id}'
    if not os.path.isdir(path):
        return False
    
    # Check if it's a git repo
    if not os.path.isdir(f'{path}/.git'):
        # Remove git from sites.json
        with open('sites.json', 'r') as file:
            sites = json.loads(file.read())
        for site in sites:
            if site['name'] == name:
                del site['git']
                with open('sites.json', 'w') as file:
                    file.write(json.dumps(sites))
        return False
    

    os.system(f'cd {path} && git pull')
    return True
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`import os`
			`import json`
			`import re`


			`def load_sites():`
			`if not os.path.isfile('sites.json'):`
			`with open('sites.json', 'w') as file:`
			`file.write('[]')`

			`with open('sites.json', 'r') as file:`
			`sites = json.loads(file.read())`

			`return sites`


			`def get_info():`
			`sites = load_sites()`
			`if not sites:`
			`return {`
			`'total_sites': 0,`
			`'active_sites': 0`
			`}`

			`total_sites = len(sites)`
			`active_sites = 0`
			`for site in sites:`
			`if site['active']:`
			`active_sites += 1`

			`return {`
			`'total_sites': total_sites,`
			`'active_sites': active_sites`
			`}`

			`def get_site(name):`
			`sites = load_sites()`
			`for site in sites:`
			`if site['name'] == name:`
			`return site`
			`return False`

			`def add_site(name, domain):`
			`sites = load_sites()`
			`domain = domain.lower().strip()`
			`# Check domain`
			`if re.search(r'[^a-zA-Z0-9.-]', domain):`
			`return False`

			`# Make sure certs directory exists`
			`if not os.path.isdir('certs'):`
			`os.mkdir('certs')`

feat: Add ICANN certs 2024-02-23 15:30:57 +11:00			`if is_icann(domain):`
			`tlsa = "Not needed"`
			`else:`
			`# Generate TLSA record`
			`tlsa = os.popen(f'./tlsa.sh {domain}').read().strip()`
			`print(tlsa)`
			`if not tlsa:`
			`return False`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00
feat: Add zip uploads 2024-02-23 15:15:34 +11:00			`id = len(sites)`
			`for site in sites:`
			`if site['id'] >= id:`
			`id = site['id'] + 1`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00
			`sites.append({`
			`'name': name,`
			`'domain': domain,`
			`'active': False,`
			`'tlsa': tlsa,`
feat: Add zip uploads 2024-02-23 15:15:34 +11:00			`'id': id`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`})`

			`with open('sites.json', 'w') as file:`
			`file.write(json.dumps(sites))`
			`return True`

			`def add_alt_domain(name, domain):`
			`sites = load_sites()`
			`for site in sites:`
			`if site['name'] == name:`
			`if 'alt_domains' not in site:`
			`site['alt_domains'] = []`
			`site['alt_domains'].append(domain)`

feat: Add ICANN certs 2024-02-23 15:30:57 +11:00			`if is_icann(domain):`
			`tlsa = "Not needed"`
			`else:`
			`# Generate TLSA record`
			`tlsa = os.popen(f'./tlsa.sh {domain}').read().strip()`
			`print(tlsa)`
			`if not tlsa:`
			`return False`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00
			`if 'alt_tlsa' not in site:`
			`site['alt_tlsa'] = {}`
			`site['alt_tlsa'][domain] = tlsa`

			`with open('sites.json', 'w') as file:`
			`file.write(json.dumps(sites))`
			`return True`
			`return False`

			`def enable(name, enable):`
			`sites = load_sites()`
			`if enable == 'on':`
			`enable = True`
			`# Create site file`
			`write_nginx_conf(name)`
			`else:`
			`enable = False`
			`# Delete site file`
			`os.remove(f'/etc/nginx/sites-enabled/{name}')`



			`for site in sites:`
			`if site['name'] == name:`
			`site['active'] = enable`
			`with open('sites.json', 'w') as file:`
			`file.write(json.dumps(sites))`
			`return True`
			`return False`

			`def get_content(site):`
fix: Get site contents to use new dir 2024-02-23 14:59:35 +11:00			`site = get_site(site)`
			`id = site['id']`

			`path = f'/var/www/{id}'`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`if not os.path.isdir(path):`
			`return []`
			`files = os.listdir(path)`
			`return files`

			`def get_dns_info(site):`
			`# Get public ip of server`
			`public_ip = os.popen('curl ipinfo.io/ip').read().strip()`
			`# Get domains`
			`domains = get_site(site)`
			`if not domains:`
			`return False`
			`main = domains['domain']`
			`tlsa = domains['tlsa']`
			`alt = []`
			`if 'alt_domains' in domains:`
			`alt = domains['alt_domains']`

			`info = [{`
			`'domain': main,`
			`'ip': public_ip,`
			`'tlsa': tlsa`
			`}]`


			`for alt_domain in alt:`
			`alt_tlsa = domains['alt_tlsa'][alt_domain]`

			`info.append({`
			`'domain': alt_domain,`
			`'ip': public_ip,`
			`'tlsa': alt_tlsa`
			`})`
			`return info`


			`def write_nginx_conf(site):`
			`site = get_site(site)`
			`domain = site['domain']`
			`id = site['id']`
fix: Use /var/www as content location 2024-02-23 14:58:21 +11:00			`location = f'/var/www/{id}'`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00
feat: Add ICANN certs 2024-02-23 15:30:57 +11:00			`ssl = ""`
			`if not is_icann(domain):`
			`ssl = f'''`
			`listen 443 ssl;`
			`ssl_certificate /root/site-manager/certs/{domain}/cert.crt;`
			`ssl_certificate_key /root/site-manager/certs/{domain}/cert.key;`
			`'''`


feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`conf = f'''`
			`server {{`
			`listen 80;`
			`listen [::]:80;`
fix: Errors with service and nginx 2024-02-23 14:42:15 +11:00			`root '{location}';`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`index index.html;`
			`server_name {domain} *.{domain};`

			`location / {{`
fix: Install zip and fix nginx 2024-02-23 15:51:56 +11:00			`try_files $uri $uri/ @htmlext;`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`}}`

			`location ~ \.html$ {{`
fix: Install zip and fix nginx 2024-02-23 15:51:56 +11:00			`try_files $uri =404;`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`}}`

			`location @htmlext {{`
fix: Install zip and fix nginx 2024-02-23 15:51:56 +11:00			`rewrite ^(.*)$ $1.html last;`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`}}`
			`error_page 404 /404.html;`
			`location = /404.html {{`
			`internal;`
			`}}`
			`location = /.well-known/wallets/HNS {{`
			`add_header Cache-Control 'must-revalidate';`
			`add_header Content-Type text/plain;`
			`}}`
feat: Add ICANN certs 2024-02-23 15:30:57 +11:00			`{ssl}`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`}}`
			`'''`

			`# Add alt domains`
			`if 'alt_domains' in site:`
			`for alt in site['alt_domains']:`
feat: Add ICANN certs 2024-02-23 15:30:57 +11:00			`if not is_icann(alt):`
			`ssl = f'''`
			`listen 443 ssl;`
			`ssl_certificate /root/site-manager/certs/{alt}/cert.crt;`
			`ssl_certificate_key /root/site-manager/certs/{alt}/cert.key;`
			`'''`
			`else:`
			`ssl = ""`

feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`conf += f'''`
			`server {{`
			`listen 80;`
			`listen [::]:80;`
fix: Errors with service and nginx 2024-02-23 14:42:15 +11:00			`root '{location}';`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`index index.html;`
			`server_name {alt} *.{alt};`

			`location / {{`
fix: Install zip and fix nginx 2024-02-23 15:51:56 +11:00			`try_files $uri $uri/ @htmlext;`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`}}`

			`location ~ \.html$ {{`
fix: Install zip and fix nginx 2024-02-23 15:51:56 +11:00			`try_files $uri =404;`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`}}`

			`location @htmlext {{`
fix: Install zip and fix nginx 2024-02-23 15:51:56 +11:00			`rewrite ^(.*)$ $1.html last;`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`}}`
			`error_page 404 /404.html;`
			`location = /404.html {{`
			`internal;`
			`}}`
			`location = /.well-known/wallets/HNS {{`
			`add_header Cache-Control 'must-revalidate';`
			`add_header Content-Type text/plain;`
			`}}`
fix: nginx stuff 2024-02-23 15:59:01 +11:00			`{ssl}`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`}}`
			`'''`
fix: Errors with service and nginx 2024-02-23 14:42:15 +11:00			`with open(f'/etc/nginx/sites-enabled/{id}.conf', 'w') as file:`
feat: Add initial code drop 2024-02-23 13:55:05 +11:00			`file.write(conf)`

			`# Restart nginx`
			`os.system('systemctl restart nginx')`
feat: Add ICANN certs 2024-02-23 15:30:57 +11:00
			`# Create certs for ICANN domains`
			`icann_domains = []`
			`if is_icann(domain):`
			`icann_domains.append(domain)`
			`if 'alt_domains' in site:`
			`for alt in site['alt_domains']:`
			`if is_icann(alt):`
			`icann_domains.append(alt)`
fix: Email again 2024-02-23 16:00:40 +11:00			`email = f'admin@{icann_domains[0]}'`
feat: Add ICANN certs 2024-02-23 15:30:57 +11:00			`icann_domains = " -d ".join(icann_domains)`
			`icann_domains = f'-d {icann_domains}'`
fix: Email again 2024-02-23 16:00:40 +11:00			`os.system(f'certbot --nginx {icann_domains} --non-interactive --agree-tos --email {email} --redirect')`
feat: Add ICANN certs 2024-02-23 15:30:57 +11:00			`return True`


			`def is_icann(domain):`
			`# Check if domain list is downloaded yet`
			`if not os.path.isfile('icann.txt'):`
			`os.system('wget https://data.iana.org/TLD/tlds-alpha-by-domain.txt -O icann.txt')`

			`tlds = open('icann.txt', 'r').read().split('\n')`
			`# Remove any comments`
			`tlds = [tld for tld in tlds if not tld.startswith('#')]`
			`if domain.split('.')[-1].upper() in tlds:`
fix: nginx stuff 2024-02-23 15:59:01 +11:00			`return True`
feat: Added basic git 2024-02-23 17:07:34 +11:00			`return False`

			`def clone_git(name, url):`
			`site = get_site(name)`
			`id = site['id']`
			`path = f'/var/www/{id}'`
			`if not os.path.isdir(path):`
			`os.mkdir(path)`
			`os.system(f'git clone {url} {path}')`

			`with open('sites.json', 'r') as file:`
			`sites = json.loads(file.read())`
			`for site in sites:`
			`if site['name'] == name:`
			`site['git'] = url`
			`with open('sites.json', 'w') as file:`
			`file.write(json.dumps(sites))`
			`return True`

			`return True`

			`def pull_git(name):`
			`site = get_site(name)`
			`id = site['id']`
			`path = f'/var/www/{id}'`
			`if not os.path.isdir(path):`
			`return False`

			`# Check if it's a git repo`
			`if not os.path.isdir(f'{path}/.git'):`
			`# Remove git from sites.json`
			`with open('sites.json', 'r') as file:`
			`sites = json.loads(file.read())`
			`for site in sites:`
			`if site['name'] == name:`
			`del site['git']`
			`with open('sites.json', 'w') as file:`
			`file.write(json.dumps(sites))`
			`return False`


			`os.system(f'cd {path} && git pull')`
			`return True`