moved admin stuff behind admin panel with opt. password closes #68
This commit is contained in:
parent
6ded9f5368
commit
2c248dac12
|
@ -2,6 +2,7 @@
|
|||
|
||||
## UNRELEASED
|
||||
- Added support for webhooks
|
||||
- Moved account list and logs to admin site with optional passwords
|
||||
|
||||
## V1.3.0
|
||||
- Added TLS and STARTTLS support
|
||||
|
|
|
@ -78,6 +78,8 @@ Just edit the `config.ini` You can use the following settings
|
|||
- `TLS_CERTIFICATE` -> Path to the certificate (chain). Can be relative to the /python directory or absolute
|
||||
- `TLS_PRIVATE_KEY` -> Path to the private key of the certificate. Can be relative to the /python directory or absolute
|
||||
- `WEBHOOK_URL` -> If set, will send a POST request to this URL with the JSON data of the email as body. Can be used to integrate OpenTrashmail in your own projects
|
||||
- `ADMIN_ENABLED` -> Enables the admin menu. Default `false`
|
||||
- `ADMIN_PASSWORD` -> If set, needs this password to access the admin menu
|
||||
|
||||
## Docker env vars
|
||||
In Docker you can use the following environment variables:
|
||||
|
@ -98,6 +100,8 @@ In Docker you can use the following environment variables:
|
|||
| TLS_CERTIFICATE | Path to the certificate (chain). Can be relative to the /python directory or absolute | `/certs/cert.pem` or `cert.pem` if it's inside the python directory |
|
||||
| TLS_PRIVATE_KEY | Path to the private key of the certificate. Can be relative to the /python directory or absolute | `/certs/privkey.pem` or `key.pem` if it's inside the python directory |
|
||||
| WEBHOOK_URL | If set, will send a POST request to this URL with the JSON data of the email as body. Can be used to integrate OpenTrashmail in your own projects | `https://example.com/webhook` |
|
||||
| ADMIN_ENABLED | Enables the admin menu. Default `false` | `false` / `true` |
|
||||
| ADMIN_PASSWORD | If set, needs this password to access the admin menu | `123456` |
|
||||
|
||||
## TLS
|
||||
Since v1.3.0 TLS and STARTTLS are supported by OpenTrashmail.
|
||||
|
|
|
@ -15,6 +15,8 @@ services:
|
|||
- DISCARD_UNKNOWN=false
|
||||
- SHOW_ACCOUNT_LIST=true
|
||||
- SHOW_LOGS=true
|
||||
- ADMIN_ENABLED=true
|
||||
#- ADMIN_PASSWORD=
|
||||
# - PASSWORD=123456
|
||||
# - ALLOWED_IPS=192.168.0.0/16,2a02:ab:cd:ef::/60
|
||||
# - ATTACHMENTS_MAX_SIZE=10000000
|
||||
|
|
|
@ -11,6 +11,8 @@ services:
|
|||
- DATEFORMAT=D.M.YYYY HH:mm
|
||||
- SKIP_FILEPERMISSIONS=true
|
||||
- DISCARD_UNKNOWN=false
|
||||
- ADMIN_ENABLED=true
|
||||
# - ADMIN_PASSWORD=123456
|
||||
# - PASSWORD=123456
|
||||
# - ALLOWED_IPS=192.168.0.0/16,2a02:ab:cd:ef::/60
|
||||
# - ATTACHMENTS_MAX_SIZE=10000000
|
||||
|
|
|
@ -30,9 +30,6 @@ _buildConfig() {
|
|||
echo "[GENERAL]"
|
||||
echo "DOMAINS=${DOMAINS:-localhost}"
|
||||
echo "URL=${URL:-http://localhost:8080}"
|
||||
echo "SHOW_ACCOUNT_LIST=${SHOW_ACCOUNT_LIST:-false}"
|
||||
echo "ADMIN=${ADMIN:-}"
|
||||
echo "SHOW_LOGS=${SHOW_LOGS:-false}"
|
||||
echo "PASSWORD=${PASSWORD:-}"
|
||||
echo "ALLOWED_IPS=${ALLOWED_IPS:-}"
|
||||
echo ""
|
||||
|
@ -52,6 +49,12 @@ _buildConfig() {
|
|||
echo ""
|
||||
echo "[WEBHOOK]"
|
||||
echo "WEBHOOK_URL=${WEBHOOK_URL:-}"
|
||||
echo ""
|
||||
echo "[ADMIN]"
|
||||
echo "ADMIN_ENABLED=${ADMIN_ENABLED:-}"
|
||||
echo "SHOW_ACCOUNT_LIST=${SHOW_ACCOUNT_LIST:-false}"
|
||||
echo "ADMIN=${ADMIN:-}"
|
||||
echo "SHOW_LOGS=${SHOW_LOGS:-false}"
|
||||
}
|
||||
|
||||
_buildConfig > /var/www/opentrashmail/config.ini
|
||||
|
|
|
@ -9,16 +9,6 @@ DOMAINS=yourdomain,sub.yourdomain,*.mydom.com
|
|||
; The URL of your webserver hosting the GUI. No trailing slash
|
||||
URL="http://localhost:8080"
|
||||
|
||||
; Enable to show a list of all existing accounts with mail
|
||||
;SHOW_ACCOUNT_LIST=true
|
||||
|
||||
; Enter the admin email address. If you choose this email on the website you will see all emails from all users
|
||||
; The email doesn't really have to exist or have mail but must look like an email address
|
||||
;ADMIN=some@random.email
|
||||
|
||||
; Enable to show logs on the website
|
||||
;SHOW_LOGS=false
|
||||
|
||||
; Password authentication for Web UI and API
|
||||
; Passwords have to be sent via the HTTP header "PWD" or as a GET/Post parameter "password"
|
||||
;PASSWORD=mystrongpassword
|
||||
|
@ -56,8 +46,27 @@ DATEFORMAT="D.M.YYYY HH:mm"
|
|||
DELETE_OLDER_THAN_DAYS=false
|
||||
|
||||
[WEBHOOK]
|
||||
WEBHOOK_URL=
|
||||
; Configure the URL of a webhook to be called when a new email is received. The BODY of the POST request will contain the email as JSON
|
||||
; WEBHOOK_URL=
|
||||
|
||||
[ADMIN]
|
||||
; This section is for the admin panel.
|
||||
|
||||
; Enable the admin panel. If false the link will not be shown on the web UI
|
||||
ADMIN_ENABLED=false
|
||||
|
||||
; The password to access the admin panel If empty or not set, no password will be needed to access the admin page
|
||||
;ADMIN_PASSWORD=123456
|
||||
|
||||
; Enable to show a list of all existing accounts with mail
|
||||
;SHOW_ACCOUNT_LIST=true
|
||||
|
||||
; Enter the admin email address. If you choose this email on the website you will see all emails from all users
|
||||
; The email doesn't really have to exist or have mail but must look like an email address
|
||||
;ADMIN=some@random.email
|
||||
|
||||
; Enable to show logs on the admin website
|
||||
;SHOW_LOGS=false
|
||||
|
||||
; NOT IMPLEMENTED YET
|
||||
; NOT IMPLEMENTED YET
|
||||
|
|
|
@ -84,4 +84,32 @@ tr.htmx-swapping td {
|
|||
display: block;
|
||||
text-align: left;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/** tab support for admin page **/
|
||||
|
||||
[role="tabs"] {
|
||||
display: flex;
|
||||
}
|
||||
|
||||
[role="tabs"] section {
|
||||
display: flex;
|
||||
flex-wrap: wrap;
|
||||
width: 100%;
|
||||
}
|
||||
|
||||
[role="tabs"] figure {
|
||||
flex-grow: 1;
|
||||
width: 100%;
|
||||
height: 100%;
|
||||
display: none;
|
||||
}
|
||||
|
||||
[role="tabs"] [type="radio"]:checked + figure {
|
||||
display: block;
|
||||
}
|
||||
|
||||
nav[role="tab-control"] label.active {
|
||||
color: var(--primary);
|
||||
cursor: pointer;
|
||||
}
|
|
@ -45,6 +45,12 @@ class OpenTrashmailBackend{
|
|||
'configfile' => ROOT.DS.'../config.ini',
|
||||
]);
|
||||
else return '403 Forbidden';
|
||||
case 'admin':
|
||||
if($this->settings['ADMIN_ENABLED']==true)
|
||||
return $this->renderTemplate('admin.html',[
|
||||
'settings'=>$this->settings,
|
||||
]);
|
||||
else return '403 Not activated in config.ini';
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
|
|
|
@ -18,9 +18,11 @@ if($settings['ALLOWED_IPS'])
|
|||
exit("Your IP ($ip) is not allowed to access this site.");
|
||||
}
|
||||
|
||||
if($settings['PASSWORD'] || $settings['ADMIN_PASSWORD']) // let's only start a session if we need one
|
||||
session_start();
|
||||
|
||||
if($settings['PASSWORD']) //site requires a password
|
||||
{
|
||||
session_start();
|
||||
$pw = $settings['PASSWORD'];
|
||||
$auth = false;
|
||||
//first check for auth header or POST/GET variable
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
<h1>Admin</h1>
|
||||
|
||||
<?php
|
||||
if($_REQUEST['password'] && $_REQUEST['password'] == $settings['ADMIN_PASSWORD'])
|
||||
$_SESSION['admin'] = true;
|
||||
else if($_REQUEST['password'] && $_REQUEST['password'] != $settings['ADMIN_PASSWORD'])
|
||||
echo '<div class="error">Wrong password</div>';
|
||||
?>
|
||||
|
||||
<?php if($settings['ADMIN_PASSWORD'] != "" && !$_SESSION['admin']): ?>
|
||||
<form method="post" hx-post="/api/admin" hx-target="#main">
|
||||
<input type="password" name="password" placeholder="password" />
|
||||
<input type="submit" value="Login" />
|
||||
</form>
|
||||
<?php return; endif; ?>
|
||||
|
||||
|
||||
<nav>
|
||||
<ul>
|
||||
<li><?php if($settings['SHOW_ACCOUNT_LIST']): ?><a href="/listaccounts" hx-get="/api/listaccounts" hx-target="#adminmain" hx-push-url="/listaccounts"><i class="fas fa-list"></i> List accounts</a><?php endif; ?></li>
|
||||
<li><?php if($settings['SHOW_LOGS']==true): ?><a href="/logs" hx-get="/api/logs" hx-target="#adminmain" hx-push-url="/logs"><i class="fas fa-list"></i> Show logs</a><?php endif; ?></li>
|
||||
</ul>
|
||||
</nav>
|
||||
|
||||
|
||||
<div id="adminmain"></div>
|
|
@ -16,8 +16,7 @@
|
|||
<a href="/"><img src="/imgs/logo-50.png" width="50px" /> Open Trashmail <small class="version"><?=getVersion()?></small></a>
|
||||
<a><input id="email" hx-post="/api/address" hx-target="#main" name="email" type="email" style="margin-bottom:0px" hx-trigger="input changed delay:500ms" placeholder="email address" aria-label="email address"></a>
|
||||
<a href="/random" hx-get="/api/random" hx-target="#main"><i class="fas fa-random"></i> Generate random</a>
|
||||
<?php if($settings['SHOW_ACCOUNT_LIST']): ?><a href="/listaccounts" hx-get="/api/listaccounts" hx-target="#main" hx-push-url="/listaccounts"><i class="fas fa-list"></i> List accounts</a><?php endif; ?>
|
||||
<?php if($settings['SHOW_LOGS']==true): ?><a href="/logs" hx-get="/api/logs" hx-target="#main" hx-push-url="/logs"><i class="fas fa-list"></i> Show logs</a><?php endif; ?>
|
||||
<?php if($this->settings['ADMIN_ENABLED']==true):?><a href="/admin" hx-get="/api/admin" hx-target="#main" hx-push-url="/admin"><i class="fas fa-user-shield"></i> Admin</a><?php endif; ?>
|
||||
<a href="javascript:void(0);" class="icon" onclick="navbarmanager()">
|
||||
<i class="fa fa-bars"></i>
|
||||
</a>
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
<a href="#" hx-push-url="/logs/10" hx-get="/api/logs/10" <?= $lines==10?'disabled':'' ?> hx-target="#main" role="button">Last 10 lines</a>
|
||||
<a href="#" hx-push-url="/logs/50" hx-get="/api/logs/50" <?= $lines==50?'disabled':'' ?> hx-target="#main" role="button">Last 50 lines</a>
|
||||
<a href="#" hx-push-url="/logs/100" hx-get="/api/logs/100" <?= $lines==100?'disabled':'' ?> hx-target="#main" role="button">Last 100 lines</a>
|
||||
<a href="#" hx-push-url="/logs/200" hx-get="/api/logs/200" <?= $lines==200?'disabled':'' ?> hx-target="#main" role="button">Last 200 lines</a>
|
||||
<a href="#" hx-push-url="/logs/500" hx-get="/api/logs/500" <?= $lines==500?'disabled':'' ?> hx-target="#main" role="button">Last 500 lines</a>
|
||||
<a href="#" hx-push-url="/logs/10" hx-get="/api/logs/10" <?= $lines==10?'disabled':'' ?> hx-target="#adminmain" role="button">Last 10 lines</a>
|
||||
<a href="#" hx-push-url="/logs/50" hx-get="/api/logs/50" <?= $lines==50?'disabled':'' ?> hx-target="#adminmain" role="button">Last 50 lines</a>
|
||||
<a href="#" hx-push-url="/logs/100" hx-get="/api/logs/100" <?= $lines==100?'disabled':'' ?> hx-target="#adminmain" role="button">Last 100 lines</a>
|
||||
<a href="#" hx-push-url="/logs/200" hx-get="/api/logs/200" <?= $lines==200?'disabled':'' ?> hx-target="#adminmain" role="button">Last 200 lines</a>
|
||||
<a href="#" hx-push-url="/logs/500" hx-get="/api/logs/500" <?= $lines==500?'disabled':'' ?> hx-target="#adminmain" role="button">Last 500 lines</a>
|
||||
|
||||
<hr>
|
||||
|
||||
|
|
Loading…
Reference in New Issue