pvlx/homelab
1
0
Fork 0
mirror of https://github.com/pvlnes/homelab.git synced 2026-06-03 17:13:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

update security of mtproto page

Browse Source
This commit is contained in:
pvlnes 2026-05-02 17:50:31 +03:00
parent ccc29243ac
commit 8f1df270f8
2 changed files with 72 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
services/caddy/Caddyfile
View File

@ -110,8 +110,21 @@ truenews.sesur.dev {
file_server
}
t.sesur.dev {
root * /opt/homelab/services/mtproto_page
basicauth {
pvlx $2b$05$wXo0zmemeoOJ3ukx4pORSuq/9IoH/Lo5PIvGk3uzNvcAMmtpjI1o2
}
root * /opt/homelab/services/mtproto_page/xk9m2p4q7
file_server
header {
X-Robots-Tag "noindex, nofollow"
X-Content-Type-Options "nosniff"
X-Frame-Options "DENY"
Strict-Transport-Security "max-age=31536000"
}
log {
output file /var/log/caddy/access.log
format json
}
}
git.sesur.dev {
log {

216
services/mtproto_page/xk9m2p4q7/index.html
View File

@ -15,7 +15,6 @@
--accent2: #7b2fff;
--text: #c8c8d8;
--dim: #55556a;
--danger: #ff3b6b;
--mono: 'Space Mono', monospace;
--sans: 'Syne', sans-serif;
}
@ -30,7 +29,6 @@
overflow-x: hidden;
}
/* ── noise overlay ── */
body::before {
content: '';
position: fixed; inset: 0;
@ -39,7 +37,6 @@
z-index: 0;
}
/* ── ambient glow blobs ── */
.blob {
position: fixed;
border-radius: 50%;
@ -51,7 +48,6 @@
.blob-1 { width: 500px; height: 500px; background: var(--accent2); top: -150px; left: -100px; }
.blob-2 { width: 400px; height: 400px; background: var(--accent); bottom: -100px; right: -80px; }
/* ── layout wrapper ── */
#app {
position: relative; z-index: 1;
min-height: 100vh;
@ -59,7 +55,6 @@
padding: 2rem 1rem 4rem;
}
/* ── header ── */
header {
width: 100%; max-width: 680px;
display: flex; align-items: center; gap: 1rem;
@ -112,74 +107,9 @@
50% { opacity: 0.3; }
}
/* ── auth wall ── */
#auth-wall {
width: 100%; max-width: 360px;
display: flex; flex-direction: column; gap: 1.5rem;
animation: fadeUp 0.4s ease both;
}
.auth-label {
font-size: 0.65rem; letter-spacing: 0.12em;
text-transform: uppercase; color: var(--dim);
margin-bottom: 0.5rem;
}
.auth-label span { color: var(--accent); }
.input-wrap {
position: relative;
}
.input-wrap input {
width: 100%;
background: var(--surface);
border: 1px solid var(--border);
color: #fff;
font-family: var(--mono); font-size: 0.9rem;
padding: 0.85rem 3rem 0.85rem 1rem;
outline: none;
transition: border-color 0.2s;
letter-spacing: 0.05em;
}
.input-wrap input:focus { border-color: var(--accent); }
.input-wrap input.error { border-color: var(--danger); }
.input-wrap button {
position: absolute; right: 0; top: 0; bottom: 0;
width: 48px; background: none; border: none; cursor: pointer;
color: var(--dim); font-size: 1.1rem;
transition: color 0.2s;
}
.input-wrap button:hover { color: var(--accent); }
.err-msg {
font-size: 0.7rem; color: var(--danger);
margin-top: 0.5rem; display: none;
}
.err-msg.show { display: block; }
.btn-primary {
width: 100%;
background: transparent;
border: 1px solid var(--accent);
color: var(--accent);
font-family: var(--mono); font-size: 0.8rem;
letter-spacing: 0.1em; text-transform: uppercase;
padding: 0.9rem;
cursor: pointer;
position: relative; overflow: hidden;
transition: color 0.2s;
}
.btn-primary::before {
content: '';
position: absolute; inset: 0;
background: var(--accent);
transform: translateX(-100%);
transition: transform 0.25s ease;
z-index: -1;
}
.btn-primary:hover { color: var(--bg); }
.btn-primary:hover::before { transform: translateX(0); }
/* ── proxy list ── */
#proxy-list {
width: 100%; max-width: 680px;
display: flex; flex-direction: column; gap: 1rem;
display: none;
animation: fadeUp 0.4s ease both;
}
@ -190,7 +120,6 @@
}
.section-title span { color: var(--accent); }
/* ── proxy card ── */
.proxy-card {
background: var(--surface);
border: 1px solid var(--border);
@ -266,7 +195,6 @@
.btn-copy:hover { color: var(--accent); border-color: var(--accent); }
.btn-copy.copied { color: #2bff8f; border-color: #2bff8f; }
/* ── footer ── */
footer {
width: 100%; max-width: 680px;
margin-top: 3rem; padding-top: 1.5rem;
@ -275,15 +203,12 @@
display: flex; justify-content: space-between; align-items: center;
letter-spacing: 0.06em; text-transform: uppercase;
}
footer a { color: var(--dim); text-decoration: none; }
footer a:hover { color: var(--accent); }
@keyframes fadeUp {
from { opacity: 0; transform: translateY(12px); }
to { opacity: 1; transform: translateY(0); }
}
/* stagger cards */
.proxy-card:nth-child(2) { animation-delay: 0.05s; }
.proxy-card:nth-child(3) { animation-delay: 0.10s; }
.proxy-card:nth-child(4) { animation-delay: 0.15s; }
@ -307,23 +232,8 @@
<div class="status-dot"><span></span>Actual</div>
</header>
<!-- AUTH WALL -->
<div id="auth-wall">
<div>
<p class="auth-label">Введи <span>пароль</span>
<div class="input-wrap">
<input type="password" id="pass-input" placeholder="Введите пароль" autocomplete="off" />
<button onclick="toggleVis()" id="eye-btn">👁</button>
</div>
<p class="err-msg" id="err-msg">Неправильный пароль. Ты знаешь кому писать.</p>
</div>
<button class="btn-primary" onclick="tryAuth()">→ Нажать</button>
</div>
<!-- PROXY LIST (hidden until auth) -->
<div id="proxy-list">
<p class="section-title"><span>//</span> Доступные прокси — Telegram MTProto</p>
<!-- Cards injected by JS -->
</div>
<footer>
@ -335,8 +245,6 @@
<script>
document.getElementById('yr').textContent = new Date().getFullYear();
const PASSWORD_HASH = '5631bc4dcf6154c7f1170b47364396eca17409b8d5940597ea7b0e333d0bac70';
const PROXIES = [
{
name: 'Finland',
@ -360,85 +268,77 @@
secret: 'ee47c0a56f112a9e015c15aa4ed2fe5d5f6d61782e7275',
}
];
// AUTH
async function sha256(str) {
const buf = await crypto.subtle.digest('SHA-256', new TextEncoder().encode(str));
return [...new Uint8Array(buf)].map(x => x.toString(16).padStart(2,'0')).join('');
}
async function tryAuth() {
const val = document.getElementById('pass-input').value;
const hash = await sha256(val);
if (hash === PASSWORD_HASH) {
document.getElementById('auth-wall').style.display = 'none';
renderProxies();
const list = document.getElementById('proxy-list');
list.style.display = 'flex';
list.style.flexDirection = 'column';
} else {
const input = document.getElementById('pass-input');
const msg = document.getElementById('err-msg');
input.classList.add('error');
msg.classList.add('show');
input.animate([{transform:'translateX(-6px)'},{transform:'translateX(6px)'},{transform:'translateX(0)'}], {duration:200, iterations:3});
setTimeout(() => { input.classList.remove('error'); msg.classList.remove('show'); }, 3000);
}
}
document.getElementById('pass-input').addEventListener('keydown', e => {
if (e.key === 'Enter') tryAuth();
});
function toggleVis() {
const inp = document.getElementById('pass-input');
inp.type = inp.type === 'password' ? 'text' : 'password';
}
// ── RENDER ──────────────────────────────────────────────────────────────────
function tgUrl(p) {
return `tg://proxy?server=${p.server}&port=${p.port}&secret=${p.secret}`;
return `tg://proxy?server=${encodeURIComponent(p.server)}&port=${encodeURIComponent(p.port)}&secret=${encodeURIComponent(p.secret)}`;
}
function renderProxies() {
const list = document.getElementById('proxy-list');
PROXIES.forEach((p, i) => {
const url = tgUrl(p);
const card = document.createElement('div');
card.className = 'proxy-card';
card.innerHTML = `
<div class="card-header">
<span class="node-index">NODE ${String(i+1).padStart(2,'0')}</span>
<span class="node-name">${p.name}</span>
<span class="node-flag">${p.flag}</span>
</div>
<div class="card-meta">
<span class="key">server</span><span class="val">${p.server}</span>
<span class="key">port</span><span class="val">${p.port}</span>
<span class="key">secret</span><span class="val">${p.secret}</span>
</div>
<div class="card-actions">
<a class="btn-tg" href="${url}">
✈ Open in Telegram
</a>
<button class="btn-copy" onclick="copyUrl(this, '${url}')">
⎘ Copy link
</button>
</div>
`;
const header = document.createElement('div');
header.className = 'card-header';
const idx = document.createElement('span');
idx.className = 'node-index';
idx.textContent = `NODE ${String(i + 1).padStart(2, '0')}`;
const name = document.createElement('span');
name.className = 'node-name';
name.textContent = p.name;
const flag = document.createElement('span');
flag.className = 'node-flag';
flag.textContent = p.flag;
header.append(idx, name, flag);
const meta = document.createElement('div');
meta.className = 'card-meta';
[['server', p.server], ['port', p.port], ['secret', p.secret]].forEach(([k, v]) => {
const key = document.createElement('span');
key.className = 'key';
key.textContent = k;
const val = document.createElement('span');
val.className = 'val';
val.textContent = v;
meta.append(key, val);
});
const actions = document.createElement('div');
actions.className = 'card-actions';
const tgBtn = document.createElement('a');
tgBtn.className = 'btn-tg';
tgBtn.href = url;
tgBtn.textContent = '✈ Open in Telegram';
const copyBtn = document.createElement('button');
copyBtn.className = 'btn-copy';
copyBtn.textContent = '⎘ Copy link';
copyBtn.addEventListener('click', () => {
navigator.clipboard.writeText(url).then(() => {
copyBtn.textContent = '✓ Copied';
copyBtn.classList.add('copied');
setTimeout(() => {
copyBtn.textContent = '⎘ Copy link';
copyBtn.classList.remove('copied');
}, 2000);
});
});
actions.append(tgBtn, copyBtn);
card.append(header, meta, actions);
list.appendChild(card);
});
}
function copyUrl(btn, url) {
navigator.clipboard.writeText(url).then(() => {
btn.textContent = '✓ Copied';
btn.classList.add('copied');
setTimeout(() => {
btn.innerHTML = '⎘ Copy link';
btn.classList.remove('copied');
}, 2000);
});
}
renderProxies();
</script>
</body>
</html>
</html>