Compare commits
1 Commits
master
...
deepend-pa
Author | SHA1 | Date |
---|---|---|
deepend | d15eb9206e |
|
@ -8,7 +8,11 @@ We're so glad you could drop by and we hope you enjoy your visit. Stay a while!
|
|||
The Thunix project provide Secure Shell (SSH) accounts, Web Hosting, Email Accounts, and many other UNIX-like services. But, most of all, we are a community of users. It was founded by hexhaxtron in the Summer of 2017, and was continued by [ubergeek](/~ubergeek) since 2018 however in 2023 [deepend](/~deepend) has since taken the role. We aim to provide the best service possible with a wide variety of features, and we hope you have fun with it!
|
||||
|
||||
|
||||
Join us on IRC on irc.newnet.net/6697 in the #thunix channel, or just click here for a web client: [![#thunix channel](https://stats.newnet.net/badges/badge.php?channel=%23thunix)](https://tilde.chat/kiwi/#thunix)
|
||||
## Project Phoenix
|
||||
|
||||
The thunix Phoenix project aims to provide a new user experience for shell users, with integration into the wider Tildeverse network.
|
||||
|
||||
Join us on IRC on irc.tilde.chat/6697 in the #thunix channel, or just click here for a web client: [![#thunix channel](https://tilde.chat/badges/badge.php?channel=%23thunix)](https://tilde.chat/kiwi/#thunix)
|
||||
|
||||
If you want to sign up for an account, simply open our [signup form](/signup) and provide us with:
|
||||
|
||||
|
|
|
@ -14,10 +14,10 @@ Thunix offers webmail at [https://thunix.net/webmail](/webmail). You can also co
|
|||
|
||||
## SSH Fingerprints
|
||||
|
||||
256 SHA256:iuqEWXCqUNihqO7o4xLrJ05M+te09i3P+WrHZsjUdZY thunix.net (ECDSA)
|
||||
3072 SHA256:7gZXCqNUYBfrTQ8wYmLrD6rVc5zL5nYf2l5t8ZrLIBU thunix.net (RSA)
|
||||
256 SHA256:d+J8u5pmQ8sR1BM8/EpUiNAlL9by371utl1ncNgFG6A thunix.net (ED25519)
|
||||
|
||||
256 SHA256:iuqEWXCqUNihqO7o4xLrJ05M+te09i3P+WrHZsjUdZY root@thunix (ECDSA)
|
||||
256 SHA256:d+J8u5pmQ8sR1BM8/EpUiNAlL9by371utl1ncNgFG6A root@thunix (ED25519)
|
||||
3072 SHA256:7gZXCqNUYBfrTQ8wYmLrD6rVc5zL5nYf2l5t8ZrLIBU root@thunix (RSA)
|
||||
|
||||
## Onion Service
|
||||
|
||||
Thunix's websites are available as a onion site as well. (SSH access is currently not available over Tor)
|
||||
|
@ -29,10 +29,10 @@ BZFlag runs on the standard port. If you have a specific map you want loaded, se
|
|||
|
||||
## IRC Chat
|
||||
|
||||
Thunix is part of the Newnet IRC network. You can access chat via the terminal, with the 'chat' command, via your favorite email client at irc.newnet.net/6697, or via a web chat interface located [![#thunix channel](https://stats.newnet.net/badges/badge.php?channel=%23thunix)](https://web.newnet.net/?join=thunix).
|
||||
Thunix is part of the tilde.chat network. You can access chat via the terminal, with the 'chat' command, via your favorite email client at irc.tilde.chat/6697, or via a web chat interface located [![#thunix channel](https://tilde.chat/badges/badge.php?channel=%23thunix)](https://web.tilde.chat/?join=thunix).
|
||||
|
||||
|
||||
## FOSS Project Mirrors
|
||||
## FOSS Project Mirrors (Offline)
|
||||
|
||||
Thunix hosts mirrors for several FOSS projects. You can see the full mirror list in the sidebar link.
|
||||
|
||||
|
@ -42,4 +42,8 @@ Collaborative creation, modification and management of digital content.
|
|||
- LAMP (Apache HTTP server, MySQL database and PHP scripting language) is an open source software stack on Linux environment, available to host a variety of web sites, content management systems and applications.
|
||||
- Django web development framework.
|
||||
|
||||
## Tildenet Client VPN (Offline)
|
||||
|
||||
Thunix allows users to connect into [tildenet](https://intranet.tildeverse.org), via [Wireguard](https://www.wireguard.com/). If you're interested in accessing Tildenet, send an email to [root](mailto:root@thunix.net), requesting a wireguard client VPN, or ask in IRC.
|
||||
|
||||
<!-- Begin autogen content from /includes/server.php -->
|
||||
|
|
20
githook.php
20
githook.php
|
@ -16,6 +16,8 @@
|
|||
|
||||
/* security */
|
||||
$access_token = "secret";
|
||||
$ansible_lastrun = '/dev/shm/ansible-hook-last-run';
|
||||
$ansible_dropfile = '/dev/shm/run-ansible';
|
||||
$www_lastrun = '/dev/shm/www-hook-last-run';
|
||||
$www_dropfile = '/dev/shm/run-www';
|
||||
$gopher_lastrun = '/dev/shm/gopher-hook-last-run';
|
||||
|
@ -49,6 +51,24 @@ if ( strcmp($remoteip, $allowedip) !== 0 )
|
|||
exit(0);
|
||||
}
|
||||
|
||||
// Hook for ansible here
|
||||
if ($data["repository"]["full_name"] == 'thunix/ansible') {
|
||||
syslog(LOG_INFO, 'Ansible Webhook recieved.');
|
||||
// We limit runs to once per 5 minutes, so they don't try
|
||||
// overlapping. Systemd shouldn't allow it, but we'll check
|
||||
// anyways
|
||||
if ( time () - filemtime ( $ansible_lastrun ) > $ratelimit ) {
|
||||
touch ( $ansible_dropfile );
|
||||
touch ( $ansible_lastrun );
|
||||
echo "HTTP 200 - Ansible webhook recieved.\n";
|
||||
}
|
||||
else {
|
||||
http_response_code(429);
|
||||
echo "HTTP 429 - Rate Limited.\n";
|
||||
exit(0);
|
||||
}
|
||||
}
|
||||
|
||||
// Hook for www repo here. Same rules apply, as above, for www. We
|
||||
// could probably make it able to run more frequently. Backend job is
|
||||
// just a git pull, and is quick.
|
||||
|
|
|
@ -1,16 +1,15 @@
|
|||
/* TEAM */
|
||||
Your title: deepend, naglfar
|
||||
Your title: ubergeek, naglfar, fosslinux
|
||||
Site: https://thunix.net, root@thunix.net
|
||||
Location: Quebec, Canada
|
||||
Location: Frankfurt, Germany
|
||||
|
||||
/* THANKS */
|
||||
Name: deepend https://thunix.net/~deepend
|
||||
ubergeek https://thunix.net/~ubergeek
|
||||
Name: ubergeek https://thunix.net/~ubergeek
|
||||
naglfar https://thunix.net/~naglfar
|
||||
fosslinux https://thunix.net/~fosslinux
|
||||
|
||||
/* SITE */
|
||||
Last update: 2023/12/26
|
||||
Last update: 2019/10/31
|
||||
Standards: HTML5
|
||||
Components: Apache2, Git, and PHP, Parsedown, Parsedown Extra
|
||||
Software: vim, geany, ansible, wiki.php
|
||||
|
|
|
@ -2,4 +2,6 @@ All content is licensed as [CC BY-SA 4.0 license](https://creativecommons.org/li
|
|||
|
||||
All questions, comments, and concerns about this site should be sent to [the administration team](/contact).
|
||||
|
||||
Created with valid [HTML](https://validator.w3.org/check?uri=referer) and [CSS](https://jigsaw.w3.org/css-validator/check/referer) code.
|
||||
Created with valid [HTML](https://validator.w3.org/check?uri=referer) and [CSS](https://jigsaw.w3.org/css-validator/check/referer) code.
|
||||
|
||||
Services and hosting sponsored by [WNY Technology Collaborative](https://wnytechcollab.com).
|
|
@ -26,5 +26,6 @@
|
|||
- Server Staff
|
||||
------------
|
||||
|
||||
- [deepend](/~deepend/)
|
||||
- [Naglfar](/~naglfar/)
|
||||
- [Ubergeek](/~ubergeek/)
|
||||
- [Naglfar](/~naglfar/)
|
||||
- [fosslinux](/~fosslinux/)
|
||||
|
|
|
@ -9,13 +9,10 @@ $interest = $_GET['interest'];
|
|||
$pubkey = $_GET['pubkey'];
|
||||
$tv = $_GET['tv'];
|
||||
|
||||
// username passed lowercased
|
||||
$username = strtolower($username);
|
||||
|
||||
// strip new line characters from the end
|
||||
$pubkey = trim($pubkey);
|
||||
|
||||
$from = 'From: www-data <www-data@thunix.net>';
|
||||
$from = 'From: www-data <www-data@thunix.net>';
|
||||
$destination_addr = "newuser@thunix.net";
|
||||
$subject = "New User Registration";
|
||||
$mailbody = "A new user has tried to register.
|
||||
|
@ -25,39 +22,33 @@ Email Address: $email
|
|||
Interest: $interest
|
||||
Pubkey: $pubkey";
|
||||
|
||||
// In the future, here, we *should* be able to build a process that
|
||||
// somehow auto-verifies the user, and instead of email, it'll kick off the new user process here
|
||||
|
||||
$user_queue = '/dev/shm/userqueue';
|
||||
$user_file = $user_queue . '/' . $username;
|
||||
|
||||
// Spam attempt
|
||||
$success = 'success1';
|
||||
if ( $tv == "tildeverse" )
|
||||
{
|
||||
// Success!
|
||||
$success = 'success2';
|
||||
|
||||
// Check if username already taken
|
||||
if (posix_getpwnam($username)) {
|
||||
$success = 'success3';
|
||||
}
|
||||
if ($tv == "tildeverse") {
|
||||
$success = 'success2';
|
||||
|
||||
// Simple SSH public key format check
|
||||
$valid_key_starts = ['ssh-rsa', 'ssh-dss', 'ecdsa-sha2', 'ssh-ed25519'];
|
||||
$key_parts = explode(' ', $pubkey, 3);
|
||||
if (!in_array($key_parts[0], $valid_key_starts) || count($key_parts) < 2) {
|
||||
$success = 'success4';
|
||||
}
|
||||
// Check if username already taken
|
||||
exec("id $username 2>&1", $null, $retval);
|
||||
if ($retval == 0)
|
||||
$success = 'success3';
|
||||
|
||||
if ($success == "success2") {
|
||||
mail($destination_addr, $subject, $mailbody, $from);
|
||||
$fp = fopen($user_queue, 'a');
|
||||
fwrite($fp, "'$username','$email','$pubkey'\n");
|
||||
fclose($fp);
|
||||
}
|
||||
// Check SSH public key format:
|
||||
exec("echo $pubkey | ssh-keygen -l -f - 2>&1", $null, $retval);
|
||||
if ($retval != 0)
|
||||
$success = 'success4';
|
||||
|
||||
if ($success == "success2") {
|
||||
mail($destination_addr, $subject, $mailbody, $from);
|
||||
|
||||
// Use a file for each username to avoid race conditions
|
||||
$fp = fopen($user_file, 'w');
|
||||
fwrite($fp, "'$username','$email','$pubkey'\n");
|
||||
fclose($fp);
|
||||
}
|
||||
}
|
||||
|
||||
header("Location: $site_root/?page=$success");
|
||||
die();
|
||||
|
||||
?>
|
||||
?>
|
||||
|
|
Loading…
Reference in New Issue