pvlx/homelab
1
0
Fork 0
mirror of https://github.com/pvlnes/homelab.git synced 2026-06-03 18:13:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: pvlx:ccc29243acafc7cc750d73d88f31644f098135b2
Branches Tags
pvlx:master
pvlx:burko_kabluko
pvlx:feat/arkhip_mtproxy
...
compare: pvlx:2c0ca60b6599d15cfd810c37f97efc3e60c4536f
Branches Tags
pvlx:master
pvlx:burko_kabluko
pvlx:feat/arkhip_mtproxy

2 Commits
ccc29243ac ... 2c0ca60b65

Author SHA1 Message Date
pvlnes
2c0ca60b65 security update 2026-05-02 17:56:58 +03:00
pvlnes
8f1df270f8 update security of mtproto page 2026-05-02 17:50:31 +03:00
3 changed files with 144 additions and 102 deletions
Show Stats Expand all files Collapse all files

18
services/caddy/Caddyfile
View File

@ -110,8 +110,24 @@ truenews.sesur.dev {
file_server
}
t.sesur.dev {
root * /opt/homelab/services/mtproto_page
root * /opt/homelab/services/mtproto_page/xk9m2p4q7
@data path /data.json
basicauth @data {
pvlx $2b$05$wXo0zmemeoOJ3ukx4pORSuq/9IoH/Lo5PIvGk3uzNvcAMmtpjI1o2
}
file_server
header {
X-Robots-Tag "noindex, nofollow"
X-Content-Type-Options "nosniff"
X-Frame-Options "DENY"
Strict-Transport-Security "max-age=31536000"
}
log {
output file /var/log/caddy/access.log
format json
}
}
git.sesur.dev {
log {

23
services/mtproto_page/xk9m2p4q7/data.json Normal file
View File

@ -0,0 +1,23 @@
[
{
"name": "Finland",
"flag": "🇫🇮",
"server": "31.57.61.253",
"port": 8443,
"secret": "ee6a2be996de31501c347f0f690fa9163e6d61782e7275"
},
{
"name": "Sweden",
"flag": "🇸🇪",
"server": "77.221.137.83",
"port": 8443,
"secret": "eeeb5a33684ac1e9005e0364b58502a2016d61782e7275"
},
{
"name": "Paris",
"flag": "🇫🇷",
"server": "45.39.255.201",
"port": 8443,
"secret": "ee47c0a56f112a9e015c15aa4ed2fe5d5f6d61782e7275"
}
]

189
services/mtproto_page/xk9m2p4q7/index.html
View File

@ -30,7 +30,6 @@
overflow-x: hidden;
}
/* ── noise overlay ── */
body::before {
content: '';
position: fixed; inset: 0;
@ -39,7 +38,6 @@
z-index: 0;
}
/* ── ambient glow blobs ── */
.blob {
position: fixed;
border-radius: 50%;
@ -51,7 +49,6 @@
.blob-1 { width: 500px; height: 500px; background: var(--accent2); top: -150px; left: -100px; }
.blob-2 { width: 400px; height: 400px; background: var(--accent); bottom: -100px; right: -80px; }
/* ── layout wrapper ── */
#app {
position: relative; z-index: 1;
min-height: 100vh;
@ -59,7 +56,6 @@
padding: 2rem 1rem 4rem;
}
/* ── header ── */
header {
width: 100%; max-width: 680px;
display: flex; align-items: center; gap: 1rem;
@ -164,6 +160,7 @@
position: relative; overflow: hidden;
transition: color 0.2s;
}
.btn-primary:disabled { opacity: 0.5; cursor: default; }
.btn-primary::before {
content: '';
position: absolute; inset: 0;
@ -172,14 +169,14 @@
transition: transform 0.25s ease;
z-index: -1;
}
.btn-primary:hover { color: var(--bg); }
.btn-primary:hover::before { transform: translateX(0); }
.btn-primary:not(:disabled):hover { color: var(--bg); }
.btn-primary:not(:disabled):hover::before { transform: translateX(0); }
/* ── proxy list ── */
#proxy-list {
width: 100%; max-width: 680px;
display: flex; flex-direction: column; gap: 1rem;
display: none;
flex-direction: column; gap: 1rem;
animation: fadeUp 0.4s ease both;
}
@ -190,7 +187,6 @@
}
.section-title span { color: var(--accent); }
/* ── proxy card ── */
.proxy-card {
background: var(--surface);
border: 1px solid var(--border);
@ -223,10 +219,7 @@
font-weight: 700; font-size: 1rem;
color: #fff; letter-spacing: -0.01em;
}
.node-flag {
margin-left: auto;
font-size: 1.2rem;
}
.node-flag { margin-left: auto; font-size: 1.2rem; }
.card-meta {
display: grid; grid-template-columns: auto 1fr; gap: 0.3rem 1rem;
@ -235,9 +228,7 @@
.card-meta .key { color: var(--dim); }
.card-meta .val { color: var(--text); font-size: 0.68rem; word-break: break-all; }
.card-actions {
display: flex; gap: 0.5rem; flex-wrap: wrap;
}
.card-actions { display: flex; gap: 0.5rem; flex-wrap: wrap; }
.btn-tg {
flex: 1;
background: linear-gradient(90deg, var(--accent2), #4a1fff);
@ -266,7 +257,6 @@
.btn-copy:hover { color: var(--accent); border-color: var(--accent); }
.btn-copy.copied { color: #2bff8f; border-color: #2bff8f; }
/* ── footer ── */
footer {
width: 100%; max-width: 680px;
margin-top: 3rem; padding-top: 1.5rem;
@ -275,15 +265,12 @@
display: flex; justify-content: space-between; align-items: center;
letter-spacing: 0.06em; text-transform: uppercase;
}
footer a { color: var(--dim); text-decoration: none; }
footer a:hover { color: var(--accent); }
@keyframes fadeUp {
from { opacity: 0; transform: translateY(12px); }
to { opacity: 1; transform: translateY(0); }
}
/* stagger cards */
.proxy-card:nth-child(2) { animation-delay: 0.05s; }
.proxy-card:nth-child(3) { animation-delay: 0.10s; }
.proxy-card:nth-child(4) { animation-delay: 0.15s; }
@ -307,23 +294,20 @@
<div class="status-dot"><span></span>Actual</div>
</header>
<!-- AUTH WALL -->
<div id="auth-wall">
<div>
<p class="auth-label">Введи <span>пароль</span>
<p class="auth-label">Введи <span>пароль</span></p>
<div class="input-wrap">
<input type="password" id="pass-input" placeholder="Введите пароль" autocomplete="off" />
<button onclick="toggleVis()" id="eye-btn">👁</button>
</div>
<p class="err-msg" id="err-msg">Неправильный пароль. Ты знаешь кому писать.</p>
</div>
<button class="btn-primary" onclick="tryAuth()">→ Нажать</button>
<button class="btn-primary" id="submit-btn" onclick="tryAuth()">→ Нажать</button>
</div>
<!-- PROXY LIST (hidden until auth) -->
<div id="proxy-list">
<p class="section-title"><span>//</span> Доступные прокси — Telegram MTProto</p>
<!-- Cards injected by JS -->
</div>
<footer>
@ -335,55 +319,51 @@
<script>
document.getElementById('yr').textContent = new Date().getFullYear();
const PASSWORD_HASH = '5631bc4dcf6154c7f1170b47364396eca17409b8d5940597ea7b0e333d0bac70';
const PROXIES = [
{
name: 'Finland',
flag: '🇫🇮',
server: '31.57.61.253',
port: 8443,
secret: 'ee6a2be996de31501c347f0f690fa9163e6d61782e7275',
},
{
name: 'Sweden',
flag: '🇸🇪',
server: '77.221.137.83',
port: 8443,
secret: 'eeeb5a33684ac1e9005e0364b58502a2016d61782e7275',
},
{
name: 'Paris',
flag: '🇫🇷',
server: '45.39.255.201',
port: 8443,
secret: 'ee47c0a56f112a9e015c15aa4ed2fe5d5f6d61782e7275',
}
];
// AUTH
async function sha256(str) {
const buf = await crypto.subtle.digest('SHA-256', new TextEncoder().encode(str));
return [...new Uint8Array(buf)].map(x => x.toString(16).padStart(2,'0')).join('');
}
async function tryAuth() {
const val = document.getElementById('pass-input').value;
const hash = await sha256(val);
if (hash === PASSWORD_HASH) {
const password = document.getElementById('pass-input').value;
if (!password) return;
const btn = document.getElementById('submit-btn');
btn.disabled = true;
btn.textContent = '...';
let res;
try {
res = await fetch('/data.json', {
headers: { 'Authorization': 'Basic ' + btoa('pvlx:' + password) }
});
} catch {
showError();
btn.disabled = false;
btn.textContent = '→ Нажать';
return;
}
if (res.ok) {
const proxies = await res.json();
document.getElementById('auth-wall').style.display = 'none';
renderProxies();
renderProxies(proxies);
const list = document.getElementById('proxy-list');
list.style.display = 'flex';
list.style.flexDirection = 'column';
} else {
showError();
btn.disabled = false;
btn.textContent = '→ Нажать';
}
}
function showError() {
const input = document.getElementById('pass-input');
const msg = document.getElementById('err-msg');
input.classList.add('error');
msg.classList.add('show');
input.animate([{transform:'translateX(-6px)'},{transform:'translateX(6px)'},{transform:'translateX(0)'}], {duration:200, iterations:3});
input.animate(
[{transform:'translateX(-6px)'},{transform:'translateX(6px)'},{transform:'translateX(0)'}],
{duration: 200, iterations: 3}
);
setTimeout(() => { input.classList.remove('error'); msg.classList.remove('show'); }, 3000);
}
}
document.getElementById('pass-input').addEventListener('keydown', e => {
if (e.key === 'Enter') tryAuth();
@ -394,50 +374,73 @@
inp.type = inp.type === 'password' ? 'text' : 'password';
}
// ── RENDER ──────────────────────────────────────────────────────────────────
function tgUrl(p) {
return `tg://proxy?server=${p.server}&port=${p.port}&secret=${p.secret}`;
return `tg://proxy?server=${encodeURIComponent(p.server)}&port=${encodeURIComponent(p.port)}&secret=${encodeURIComponent(p.secret)}`;
}
function renderProxies() {
function renderProxies(proxies) {
const list = document.getElementById('proxy-list');
PROXIES.forEach((p, i) => {
proxies.forEach((p, i) => {
const url = tgUrl(p);
const card = document.createElement('div');
card.className = 'proxy-card';
card.innerHTML = `
<div class="card-header">
<span class="node-index">NODE ${String(i+1).padStart(2,'0')}</span>
<span class="node-name">${p.name}</span>
<span class="node-flag">${p.flag}</span>
</div>
<div class="card-meta">
<span class="key">server</span><span class="val">${p.server}</span>
<span class="key">port</span><span class="val">${p.port}</span>
<span class="key">secret</span><span class="val">${p.secret}</span>
</div>
<div class="card-actions">
<a class="btn-tg" href="${url}">
✈ Open in Telegram
</a>
<button class="btn-copy" onclick="copyUrl(this, '${url}')">
⎘ Copy link
</button>
</div>
`;
list.appendChild(card);
});
}
function copyUrl(btn, url) {
const header = document.createElement('div');
header.className = 'card-header';
const idx = document.createElement('span');
idx.className = 'node-index';
idx.textContent = `NODE ${String(i + 1).padStart(2, '0')}`;
const name = document.createElement('span');
name.className = 'node-name';
name.textContent = p.name;
const flag = document.createElement('span');
flag.className = 'node-flag';
flag.textContent = p.flag;
header.append(idx, name, flag);
const meta = document.createElement('div');
meta.className = 'card-meta';
[['server', p.server], ['port', p.port], ['secret', p.secret]].forEach(([k, v]) => {
const key = document.createElement('span');
key.className = 'key';
key.textContent = k;
const val = document.createElement('span');
val.className = 'val';
val.textContent = v;
meta.append(key, val);
});
const actions = document.createElement('div');
actions.className = 'card-actions';
const tgBtn = document.createElement('a');
tgBtn.className = 'btn-tg';
tgBtn.href = url;
tgBtn.textContent = '✈ Open in Telegram';
const copyBtn = document.createElement('button');
copyBtn.className = 'btn-copy';
copyBtn.textContent = '⎘ Copy link';
copyBtn.addEventListener('click', () => {
navigator.clipboard.writeText(url).then(() => {
btn.textContent = '✓ Copied';
btn.classList.add('copied');
copyBtn.textContent = '✓ Copied';
copyBtn.classList.add('copied');
setTimeout(() => {
btn.innerHTML = '⎘ Copy link';
btn.classList.remove('copied');
copyBtn.textContent = '⎘ Copy link';
copyBtn.classList.remove('copied');
}, 2000);
});
});
actions.append(tgBtn, copyBtn);
card.append(header, meta, actions);
list.appendChild(card);
});
}
</script>
</body>