casjaysdevdocker/tor
1
0
Fork 0
mirror of https://github.com/casjaysdevdocker/tor synced 2025-10-14 08:02:34 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

🗃️ Committing everything that changed 🗃️

Browse Source 
Dockerfile
README.md
rootfs/tmp/etc/nginx/nginx.conf
rootfs/tmp/etc/nginx/vhosts.d/admin.conf
rootfs/usr/local/bin/entrypoint.sh
rootfs/usr/local/etc/docker/init.d/99-php-fpm.sh
rootfs/usr/local/share/
This commit is contained in:
casjay
2025-09-20 04:02:09 -04:00
parent 0693f74ba2
commit 57554833fd
22 changed files with 2793 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
rootfs/usr/local/share/webpanel/.htaccess Normal file
View File

@@ -0,0 +1,21 @@
# Security settings
<Files "*.conf">
Require all denied
</Files>
<Files "*.log">
Require all denied
</Files>
<Files "auth.php">
Require all denied
</Files>
<Files "functions.php">
Require all denied
</Files>
# PHP settings
php_value session.cookie_httponly 1
php_value session.cookie_secure 0
php_value session.use_strict_mode 1

125
rootfs/usr/local/share/webpanel/api.php Normal file
View File

@@ -0,0 +1,125 @@
<?php
require_once 'auth.php';
require_once 'functions.php';
require_once 'jwt.php';
header('Content-Type: application/json');
// Check for token authentication first
$authenticated = false;
$auth_headers = getallheaders();
$auth_header = $auth_headers['Authorization'] ?? '';
if ($auth_header && strpos($auth_header, 'Bearer ') === 0) {
$token = substr($auth_header, 7);
$payload = validateApiToken($token);
if ($payload) {
$authenticated = true;
$_SESSION['api_user'] = $payload['username'];
}
} elseif (isAuthenticated()) {
$authenticated = true;
}
if (!$authenticated) {
http_response_code(401);
echo json_encode(['error' => 'Authentication required. Use Bearer token or login session.']);
exit;
}
$action = $_GET['action'] ?? '';
switch ($action) {
case 'login':
// Token-based login endpoint
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
if (authenticate($username, $password)) {
$token = generateApiToken($username);
echo json_encode([
'success' => true,
'token' => $token,
'expires_in' => 86400 // 24 hours
]);
} else {
http_response_code(401);
echo json_encode(['error' => 'Invalid credentials']);
}
break;
case 'status':
$services = [
'tor-bridge' => 'Tor Bridge',
'tor-relay' => 'Tor Relay',
'tor-server' => 'Tor Server',
'unbound' => 'DNS Resolver',
'privoxy' => 'HTTP Proxy',
'nginx' => 'Web Server'
];
$status = [];
foreach ($services as $service => $name) {
$status[$service] = [
'name' => $name,
'running' => getServiceStatus($service),
'pid' => getServicePid($service)
];
}
echo json_encode($status);
break;
case 'stats':
echo json_encode(getSystemStats());
break;
case 'hidden-services':
echo json_encode(getHiddenServices());
break;
case 'service-control':
$service = $_POST['service'] ?? '';
$command = $_POST['command'] ?? '';
$valid_services = ['tor-bridge', 'tor-relay', 'tor-server', 'unbound', 'privoxy', 'nginx'];
$valid_commands = ['start', 'stop', 'restart'];
if (!in_array($service, $valid_services)) {
http_response_code(400);
echo json_encode(['error' => 'Invalid service']);
break;
}
if (!in_array($command, $valid_commands)) {
http_response_code(400);
echo json_encode(['error' => 'Invalid command']);
break;
}
$success = false;
switch ($command) {
case 'start':
$success = startService($service);
break;
case 'stop':
$success = stopService($service);
break;
case 'restart':
$success = restartService($service);
break;
}
echo json_encode([
'success' => $success,
'message' => $success ?
"Successfully {$command}ed $service" :
"Failed to $command $service"
]);
break;
default:
http_response_code(400);
echo json_encode(['error' => 'Invalid action']);
}
?>

235
rootfs/usr/local/share/webpanel/api/index.php Normal file
View File

@@ -0,0 +1,235 @@
<?php
require_once '../auth.php';
require_once '../functions.php';
require_once '../jwt.php';
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type, Authorization');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
exit(0);
}
// Authentication check
$authenticated = false;
$auth_headers = getallheaders();
$auth_header = $auth_headers['Authorization'] ?? '';
if ($auth_header && strpos($auth_header, 'Bearer ') === 0) {
$token = substr($auth_header, 7);
$payload = validateApiToken($token);
if ($payload) {
$authenticated = true;
$_SESSION['api_user'] = $payload['username'];
}
} elseif (isAuthenticated()) {
$authenticated = true;
}
// Router
$method = $_SERVER['REQUEST_METHOD'];
$path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
$path = str_replace('/admin/api', '', $path);
$path = trim($path, '/');
// Public endpoints (no auth required)
if ($method === 'POST' && $path === 'auth/login') {
$input = json_decode(file_get_contents('php://input'), true);
$username = $input['username'] ?? '';
$password = $input['password'] ?? '';
if (authenticate($username, $password)) {
$token = generateApiToken($username);
echo json_encode([
'success' => true,
'token' => $token,
'expires_in' => 86400
]);
} else {
http_response_code(401);
echo json_encode(['error' => 'Invalid credentials']);
}
exit;
}
// Require authentication for all other endpoints
if (!$authenticated) {
http_response_code(401);
echo json_encode(['error' => 'Authentication required']);
exit;
}
// Protected endpoints
switch ($method) {
case 'GET':
handleGetRequest($path);
break;
case 'POST':
handlePostRequest($path);
break;
case 'PUT':
handlePutRequest($path);
break;
case 'DELETE':
handleDeleteRequest($path);
break;
default:
http_response_code(405);
echo json_encode(['error' => 'Method not allowed']);
}
function handleGetRequest($path) {
switch ($path) {
case 'services':
case 'services/status':
$services = [
'tor-bridge' => 'Tor Bridge',
'tor-relay' => 'Tor Relay',
'tor-server' => 'Tor Server',
'unbound' => 'DNS Resolver',
'privoxy' => 'HTTP Proxy',
'nginx' => 'Web Server'
];
$status = [];
foreach ($services as $service => $name) {
$status[] = [
'id' => $service,
'name' => $name,
'running' => getServiceStatus($service),
'pid' => getServicePid($service)
];
}
echo json_encode(['data' => $status]);
break;
case 'system/stats':
echo json_encode(['data' => getSystemStats()]);
break;
case 'hidden-services':
echo json_encode(['data' => getHiddenServices()]);
break;
default:
if (preg_match('/^services\/([^\/]+)$/', $path, $matches)) {
$service = $matches[1];
$valid_services = ['tor-bridge', 'tor-relay', 'tor-server', 'unbound', 'privoxy', 'nginx'];
if (in_array($service, $valid_services)) {
echo json_encode([
'data' => [
'id' => $service,
'running' => getServiceStatus($service),
'pid' => getServicePid($service)
]
]);
} else {
http_response_code(404);
echo json_encode(['error' => 'Service not found']);
}
} else {
http_response_code(404);
echo json_encode(['error' => 'Endpoint not found']);
}
}
}
function handlePostRequest($path) {
$input = json_decode(file_get_contents('php://input'), true);
switch ($path) {
case 'hidden-services':
$name = $input['name'] ?? '';
$port_mapping = $input['port_mapping'] ?? '';
if (empty($name) || empty($port_mapping)) {
http_response_code(400);
echo json_encode(['error' => 'Name and port_mapping required']);
return;
}
if (!validateServiceName($name) || !validatePortMapping($port_mapping)) {
http_response_code(400);
echo json_encode(['error' => 'Invalid name or port mapping format']);
return;
}
if (createHiddenService($name, $port_mapping)) {
echo json_encode(['success' => true, 'message' => 'Hidden service created']);
} else {
http_response_code(500);
echo json_encode(['error' => 'Failed to create hidden service']);
}
break;
default:
if (preg_match('/^services\/([^\/]+)\/([^\/]+)$/', $path, $matches)) {
$service = $matches[1];
$action = $matches[2];
$valid_services = ['tor-bridge', 'tor-relay', 'tor-server', 'unbound', 'privoxy', 'nginx'];
$valid_actions = ['start', 'stop', 'restart'];
if (!in_array($service, $valid_services)) {
http_response_code(404);
echo json_encode(['error' => 'Service not found']);
return;
}
if (!in_array($action, $valid_actions)) {
http_response_code(400);
echo json_encode(['error' => 'Invalid action']);
return;
}
$success = false;
switch ($action) {
case 'start':
$success = startService($service);
break;
case 'stop':
$success = stopService($service);
break;
case 'restart':
$success = restartService($service);
break;
}
echo json_encode([
'success' => $success,
'message' => $success ?
"Successfully {$action}ed $service" :
"Failed to $action $service"
]);
} else {
http_response_code(404);
echo json_encode(['error' => 'Endpoint not found']);
}
}
}
function handlePutRequest($path) {
http_response_code(501);
echo json_encode(['error' => 'PUT method not implemented yet']);
}
function handleDeleteRequest($path) {
if (preg_match('/^hidden-services\/([^\/]+)$/', $path, $matches)) {
$name = $matches[1];
if (deleteHiddenService($name)) {
echo json_encode(['success' => true, 'message' => 'Hidden service deleted']);
} else {
http_response_code(500);
echo json_encode(['error' => 'Failed to delete hidden service']);
}
} else {
http_response_code(404);
echo json_encode(['error' => 'Endpoint not found']);
}
}
?>

32
rootfs/usr/local/share/webpanel/auth.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
session_start();
$admin_user = $_ENV['TOR_ADMIN_USER'] ?? 'admin';
$admin_pass = $_ENV['TOR_ADMIN_PASS'] ?? 'torpass123';
function isAuthenticated() {
return isset($_SESSION['authenticated']) && $_SESSION['authenticated'] === true;
}
function authenticate($username, $password) {
global $admin_user, $admin_pass;
return $username === $admin_user && $password === $admin_pass;
}
function requireAuth() {
if (!isAuthenticated()) {
header('Location: login.php');
exit;
}
}
function logout() {
session_destroy();
header('Location: login.php');
exit;
}
if (isset($_GET['logout'])) {
logout();
}
?>

31
rootfs/usr/local/share/webpanel/components/footer.php Normal file
View File

@@ -0,0 +1,31 @@
</div>
</div>
<footer class="footer">
<div class="footer-content">
<p>&copy; 2025 Tor Admin Panel |
<a href="https://www.torproject.org/" target="_blank">Tor Project</a> |
<span id="last-update"></span>
</p>
</div>
</footer>
<script>
// Update last refresh time
document.getElementById('last-update').textContent = 'Last updated: ' + new Date().toLocaleTimeString();
// Mobile menu toggle
function toggleMobileMenu() {
const nav = document.querySelector('.nav');
nav.classList.toggle('mobile-open');
}
// Auto-refresh functionality
<?php if (isset($auto_refresh)): ?>
setTimeout(function() {
window.location.reload();
}, <?php echo $auto_refresh * 1000; ?>);
<?php endif; ?>
</script>
</body>
</html>

21
rootfs/usr/local/share/webpanel/components/header.php Normal file
View File

@@ -0,0 +1,21 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title><?php echo $page_title ?? 'Tor Admin Panel'; ?></title>
<link rel="stylesheet" href="style.css">
<?php if (isset($auto_refresh)): ?>
<meta http-equiv="refresh" content="<?php echo $auto_refresh; ?>">
<?php endif; ?>
</head>
<body>
<div class="main-wrapper">
<div class="container">
<div class="header">
<h1>🧅 <?php echo $page_title ?? 'Tor Admin Panel'; ?></h1>
<div class="header-actions">
<span>Welcome, <?php echo htmlspecialchars($_SESSION['username']); ?></span>
<a href="?logout=1" class="logout-btn">Logout</a>
</div>
</div>

17
rootfs/usr/local/share/webpanel/components/nav.php Normal file
View File

@@ -0,0 +1,17 @@
<nav class="nav">
<a href="index.php" <?php echo ($current_page === 'dashboard') ? 'class="active"' : ''; ?>>
📊 Dashboard
</a>
<a href="config.php" <?php echo ($current_page === 'config') ? 'class="active"' : ''; ?>>
⚙️ Configuration
</a>
<a href="hidden.php" <?php echo ($current_page === 'hidden') ? 'class="active"' : ''; ?>>
🧅 Hidden Services
</a>
<a href="logs.php" <?php echo ($current_page === 'logs') ? 'class="active"' : ''; ?>>
📝 Logs
</a>
<a href="tokens.php" <?php echo ($current_page === 'tokens') ? 'class="active"' : ''; ?>>
🔑 API Tokens
</a>
</nav>

116
rootfs/usr/local/share/webpanel/config.php Normal file
View File

@@ -0,0 +1,116 @@
<?php
require_once 'auth.php';
require_once 'functions.php';
requireAuth();
$message = '';
$messageType = '';
$config_files = [
'tor-server' => '/config/tor/server/server.conf',
'tor-bridge' => '/config/tor/bridge/bridge.conf',
'tor-relay' => '/config/tor/relay/relay.conf',
'unbound' => '/config/unbound/unbound.conf',
'privoxy' => '/config/privoxy/config',
'nginx' => '/config/nginx/nginx.conf'
];
$current_config = $_GET['config'] ?? 'tor-server';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$config_name = $_POST['config'] ?? '';
$content = $_POST['content'] ?? '';
if (isset($config_files[$config_name])) {
$config_file = $config_files[$config_name];
$config_dir = dirname($config_file);
if (!is_dir($config_dir)) {
mkdir($config_dir, 0755, true);
}
if (saveConfigContent($config_file, $content)) {
$message = "Configuration saved successfully for $config_name";
$messageType = 'success';
// Restart the service after config change
if (in_array($config_name, ['tor-server', 'tor-bridge', 'tor-relay'])) {
restartService($config_name);
$message .= " and service restarted";
}
} else {
$message = "Failed to save configuration for $config_name";
$messageType = 'error';
}
}
}
$config_content = getConfigContent($config_files[$current_config]);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Configuration - Tor Admin Panel</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="container">
<div class="header">
<h1>🧅 Tor Admin Panel - Configuration</h1>
<div>
<span>Welcome, <?php echo htmlspecialchars($_SESSION['username']); ?></span>
<a href="?logout=1" style="color: white; margin-left: 20px;">Logout</a>
</div>
</div>
<div class="nav">
<a href="index.php">Dashboard</a>
<a href="config.php" class="active">Configuration</a>
<a href="hidden.php">Hidden Services</a>
<a href="logs.php">Logs</a>
<a href="tokens.php">API Tokens</a>
</div>
<?php if ($message): ?>
<div class="<?php echo $messageType; ?>">
<?php echo htmlspecialchars($message); ?>
</div>
<?php endif; ?>
<div class="tabs">
<?php foreach ($config_files as $key => $file): ?>
<div class="tab <?php echo $key === $current_config ? 'active' : ''; ?>"
onclick="location.href='config.php?config=<?php echo $key; ?>'">
<?php echo ucfirst(str_replace('-', ' ', $key)); ?>
</div>
<?php endforeach; ?>
</div>
<div class="config-section">
<h3>Editing: <?php echo ucfirst(str_replace('-', ' ', $current_config)); ?> Configuration</h3>
<p><strong>File:</strong> <?php echo $config_files[$current_config]; ?></p>
<form method="POST">
<input type="hidden" name="config" value="<?php echo $current_config; ?>">
<div class="form-group">
<label for="content">Configuration Content:</label>
<textarea name="content" id="content" rows="20"
style="font-family: 'Courier New', monospace; font-size: 14px;"
required><?php echo htmlspecialchars($config_content); ?></textarea>
</div>
<button type="submit">Save Configuration</button>
</form>
</div>
<div class="info">
<strong>Important Notes:</strong><br>
• Changes to Tor configurations will automatically restart the affected service<br>
• Backup your configurations before making changes<br>
• Invalid configurations may prevent services from starting<br>
• Check logs if services fail to start after configuration changes
</div>
</div>
</body>
</html>

139
rootfs/usr/local/share/webpanel/functions.php Normal file
View File

@@ -0,0 +1,139 @@
<?php
function getServiceStatus($service) {
$output = shell_exec("pgrep -f '$service' 2>/dev/null");
return !empty(trim($output));
}
function getServicePid($service) {
$output = shell_exec("pgrep -f '$service' 2>/dev/null");
return trim($output) ?: 'N/A';
}
function startService($service) {
$init_script = "/usr/local/etc/docker/init.d/*$service*.sh";
$files = glob($init_script);
if (!empty($files)) {
$script = $files[0];
shell_exec("bash '$script' > /dev/null 2>&1 &");
return true;
}
return false;
}
function stopService($service) {
$pid = getServicePid($service);
if ($pid !== 'N/A') {
shell_exec("kill $pid 2>/dev/null");
return true;
}
return false;
}
function restartService($service) {
stopService($service);
sleep(2);
return startService($service);
}
function getLogTail($logfile, $lines = 50) {
if (file_exists($logfile)) {
return shell_exec("tail -n $lines '$logfile' 2>/dev/null");
}
return "Log file not found: $logfile";
}
function getConfigContent($configfile) {
if (file_exists($configfile)) {
return file_get_contents($configfile);
}
return '';
}
function saveConfigContent($configfile, $content) {
return file_put_contents($configfile, $content) !== false;
}
function getHiddenServices() {
$services = [];
$services_dir = '/data/tor/server/services';
if (is_dir($services_dir)) {
$dirs = glob($services_dir . '/*', GLOB_ONLYDIR);
foreach ($dirs as $dir) {
$name = basename($dir);
$hostname_file = $dir . '/hostname';
$hostname = file_exists($hostname_file) ? trim(file_get_contents($hostname_file)) : 'Not generated yet';
$services[] = [
'name' => $name,
'hostname' => $hostname,
'path' => $dir
];
}
}
return $services;
}
function createHiddenService($name, $port_mapping) {
$services_dir = '/data/tor/server/services';
$service_dir = $services_dir . '/' . $name;
if (!is_dir($service_dir)) {
mkdir($service_dir, 0700, true);
}
$config_content = "HiddenServiceDir $service_dir\n";
$config_content .= "HiddenServicePort $port_mapping\n";
$config_file = "/config/tor/server/hidden.d/$name.conf";
return file_put_contents($config_file, $config_content) !== false;
}
function deleteHiddenService($name) {
$services_dir = '/data/tor/server/services';
$service_dir = $services_dir . '/' . $name;
$config_file = "/config/tor/server/hidden.d/$name.conf";
$success = true;
if (is_dir($service_dir)) {
$success &= shell_exec("rm -rf '$service_dir'") !== false;
}
if (file_exists($config_file)) {
$success &= unlink($config_file);
}
return $success;
}
function getSystemStats() {
$stats = [];
$uptime = trim(shell_exec('uptime -p 2>/dev/null || echo "N/A"'));
$stats['uptime'] = $uptime;
$memory = shell_exec('free -m | grep "Mem:" | awk \'{print $3"/"$2" MB"}\'');
$stats['memory'] = trim($memory) ?: 'N/A';
$disk = shell_exec('df -h / | tail -1 | awk \'{print $3"/"$2" ("$5")"}\'');
$stats['disk'] = trim($disk) ?: 'N/A';
$load = trim(shell_exec('uptime | awk -F"load average:" \'{print $2}\' | awk \'{print $1}\' | tr -d ","'));
$stats['load'] = $load ?: 'N/A';
return $stats;
}
function sanitizeInput($input) {
return htmlspecialchars(trim($input), ENT_QUOTES, 'UTF-8');
}
function validatePortMapping($mapping) {
return preg_match('/^\d+\s+\d+\.\d+\.\d+\.\d+:\d+$/', $mapping);
}
function validateServiceName($name) {
return preg_match('/^[a-zA-Z0-9_-]+$/', $name);
}
?>

153
rootfs/usr/local/share/webpanel/hidden.php Normal file
View File

@@ -0,0 +1,153 @@
<?php
require_once 'auth.php';
require_once 'functions.php';
requireAuth();
$message = '';
$messageType = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$action = $_POST['action'] ?? '';
if ($action === 'create') {
$name = sanitizeInput($_POST['name'] ?? '');
$port_mapping = sanitizeInput($_POST['port_mapping'] ?? '');
if (empty($name) || empty($port_mapping)) {
$message = 'Name and port mapping are required';
$messageType = 'error';
} elseif (!validateServiceName($name)) {
$message = 'Invalid service name. Use only letters, numbers, underscores, and hyphens';
$messageType = 'error';
} elseif (!validatePortMapping($port_mapping)) {
$message = 'Invalid port mapping format. Use: external_port internal_ip:internal_port';
$messageType = 'error';
} else {
if (createHiddenService($name, $port_mapping)) {
$message = "Hidden service '$name' created successfully. Restart tor-server to activate.";
$messageType = 'success';
} else {
$message = "Failed to create hidden service '$name'";
$messageType = 'error';
}
}
} elseif ($action === 'delete') {
$name = sanitizeInput($_POST['name'] ?? '');
if (deleteHiddenService($name)) {
$message = "Hidden service '$name' deleted successfully. Restart tor-server to apply.";
$messageType = 'success';
} else {
$message = "Failed to delete hidden service '$name'";
$messageType = 'error';
}
} elseif ($action === 'restart-tor') {
if (restartService('tor-server')) {
$message = "Tor server restarted successfully";
$messageType = 'success';
} else {
$message = "Failed to restart Tor server";
$messageType = 'error';
}
}
}
$hidden_services = getHiddenServices();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Hidden Services - Tor Admin Panel</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="container">
<div class="header">
<h1>🧅 Tor Admin Panel - Hidden Services</h1>
<div>
<span>Welcome, <?php echo htmlspecialchars($_SESSION['username']); ?></span>
<a href="?logout=1" style="color: white; margin-left: 20px;">Logout</a>
</div>
</div>
<div class="nav">
<a href="index.php">Dashboard</a>
<a href="config.php">Configuration</a>
<a href="hidden.php" class="active">Hidden Services</a>
<a href="logs.php">Logs</a>
<a href="tokens.php">API Tokens</a>
</div>
<?php if ($message): ?>
<div class="<?php echo $messageType; ?>">
<?php echo htmlspecialchars($message); ?>
</div>
<?php endif; ?>
<div class="config-section">
<h2>Create New Hidden Service</h2>
<form method="POST">
<input type="hidden" name="action" value="create">
<div class="form-group">
<label for="name">Service Name:</label>
<input type="text" id="name" name="name" required
placeholder="e.g., myapp, blog, api" pattern="[a-zA-Z0-9_-]+">
</div>
<div class="form-group">
<label for="port_mapping">Port Mapping:</label>
<input type="text" id="port_mapping" name="port_mapping" required
placeholder="80 127.0.0.1:8080" pattern="\d+\s+\d+\.\d+\.\d+\.\d+:\d+">
<small>Format: external_port internal_ip:internal_port</small>
</div>
<button type="submit">Create Hidden Service</button>
</form>
</div>
<h2>Existing Hidden Services</h2>
<?php if (empty($hidden_services)): ?>
<div class="info">
No hidden services configured yet. Create one above to get started.
</div>
<?php else: ?>
<?php foreach ($hidden_services as $service): ?>
<div class="hidden-service">
<h3><?php echo htmlspecialchars($service['name']); ?></h3>
<div class="onion-address">
<strong>Onion Address:</strong><br>
<?php echo htmlspecialchars($service['hostname']); ?>
</div>
<p><strong>Data Directory:</strong> <?php echo htmlspecialchars($service['path']); ?></p>
<form method="POST" style="margin-top: 10px;"
onsubmit="return confirm('Are you sure you want to delete this hidden service?');">
<input type="hidden" name="action" value="delete">
<input type="hidden" name="name" value="<?php echo htmlspecialchars($service['name']); ?>">
<button type="submit" class="btn-small"
style="background: #d63031;">Delete Service</button>
</form>
</div>
<?php endforeach; ?>
<div style="margin-top: 20px;">
<form method="POST">
<input type="hidden" name="action" value="restart-tor">
<button type="submit" class="btn-small">Restart Tor Server</button>
</form>
<small>Restart Tor server to activate new services or apply deletions</small>
</div>
<?php endif; ?>
<div class="info">
<strong>Hidden Service Management:</strong><br>
• Hidden services allow you to host websites accessible only via Tor<br>
• Each service gets a unique .onion address<br>
• Port mapping routes external .onion traffic to internal services<br>
• Services are stored in /data/tor/server/services/<br>
• Restart Tor server after creating/deleting services
</div>
</div>
</body>
</html>

151
rootfs/usr/local/share/webpanel/index.php Normal file
View File

@@ -0,0 +1,151 @@
<?php
require_once 'auth.php';
require_once 'functions.php';
requireAuth();
$services = [
'tor-bridge' => 'Tor Bridge',
'tor-relay' => 'Tor Relay',
'tor-server' => 'Tor Server',
'unbound' => 'DNS Resolver',
'privoxy' => 'HTTP Proxy',
'nginx' => 'Web Server'
];
$message = '';
$messageType = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$action = $_POST['action'] ?? '';
$service = $_POST['service'] ?? '';
if (in_array($service, array_keys($services))) {
switch ($action) {
case 'start':
if (startService($service)) {
$message = "Started $services[$service]";
$messageType = 'success';
} else {
$message = "Failed to start $services[$service]";
$messageType = 'error';
}
break;
case 'stop':
if (stopService($service)) {
$message = "Stopped $services[$service]";
$messageType = 'success';
} else {
$message = "Failed to stop $services[$service]";
$messageType = 'error';
}
break;
case 'restart':
if (restartService($service)) {
$message = "Restarted $services[$service]";
$messageType = 'success';
} else {
$message = "Failed to restart $services[$service]";
$messageType = 'error';
}
break;
}
}
}
$stats = getSystemStats();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Tor Admin Panel</title>
<link rel="stylesheet" href="style.css">
<meta http-equiv="refresh" content="30">
</head>
<body>
<div class="container">
<div class="header">
<h1>🧅 Tor Admin Panel</h1>
<div>
<span>Welcome, <?php echo htmlspecialchars($_SESSION['username']); ?></span>
<a href="?logout=1" style="color: white; margin-left: 20px;">Logout</a>
</div>
</div>
<div class="nav">
<a href="index.php" class="active">Dashboard</a>
<a href="config.php">Configuration</a>
<a href="hidden.php">Hidden Services</a>
<a href="logs.php">Logs</a>
<a href="tokens.php">API Tokens</a>
</div>
<?php if ($message): ?>
<div class="<?php echo $messageType; ?>">
<?php echo htmlspecialchars($message); ?>
</div>
<?php endif; ?>
<div class="stats-grid">
<div class="stat-card">
<div class="stat-value"><?php echo $stats['uptime']; ?></div>
<div>System Uptime</div>
</div>
<div class="stat-card">
<div class="stat-value"><?php echo $stats['memory']; ?></div>
<div>Memory Usage</div>
</div>
<div class="stat-card">
<div class="stat-value"><?php echo $stats['disk']; ?></div>
<div>Disk Usage</div>
</div>
<div class="stat-card">
<div class="stat-value"><?php echo $stats['load']; ?></div>
<div>Load Average</div>
</div>
</div>
<h2>Service Management</h2>
<div class="service-grid">
<?php foreach ($services as $service => $name): ?>
<?php $isRunning = getServiceStatus($service); ?>
<div class="service-card">
<h3><?php echo $name; ?></h3>
<div class="service-status <?php echo $isRunning ? 'status-running' : 'status-stopped'; ?>">
<?php echo $isRunning ? 'RUNNING' : 'STOPPED'; ?>
</div>
<p>PID: <?php echo getServicePid($service); ?></p>
<form method="POST" style="margin-top: 15px;">
<input type="hidden" name="service" value="<?php echo $service; ?>">
<button type="submit" name="action" value="start" class="btn-small"
<?php echo $isRunning ? 'disabled' : ''; ?>>Start</button>
<button type="submit" name="action" value="stop" class="btn-small"
<?php echo !$isRunning ? 'disabled' : ''; ?>>Stop</button>
<button type="submit" name="action" value="restart" class="btn-small">Restart</button>
</form>
</div>
<?php endforeach; ?>
</div>
<div class="info">
<strong>Quick Info:</strong><br>
• SOCKS Proxy: localhost:9050<br>
• HTTP Proxy: localhost:8118<br>
• DNS Resolver: localhost:9053<br>
• Control Port: localhost:9051<br>
• Web Interface: localhost:80
</div>
</div>
<script>
// Auto-refresh page every 30 seconds
setTimeout(function() {
window.location.reload();
}, 30000);
</script>
</body>
</html>

94
rootfs/usr/local/share/webpanel/jwt.php Normal file
View File

@@ -0,0 +1,94 @@
<?php
class SimpleJWT {
private static $secret_key;
public static function init() {
$secret_file = '/config/secure/jwt_secret';
if (isset($_ENV['TOR_JWT_SECRET'])) {
self::$secret_key = $_ENV['TOR_JWT_SECRET'];
} elseif (file_exists($secret_file)) {
self::$secret_key = trim(file_get_contents($secret_file));
} else {
// Generate random secret and save it
self::$secret_key = bin2hex(random_bytes(32));
if (!is_dir(dirname($secret_file))) {
mkdir(dirname($secret_file), 0700, true);
}
file_put_contents($secret_file, self::$secret_key);
chmod($secret_file, 0600);
}
}
public static function getSecret() {
self::init();
return self::$secret_key;
}
public static function encode($payload) {
self::init();
$header = json_encode(['typ' => 'JWT', 'alg' => 'HS256']);
$payload = json_encode(array_merge($payload, [
'iat' => time(),
'exp' => time() + (24 * 60 * 60) // 24 hours
]));
$base64Header = self::base64UrlEncode($header);
$base64Payload = self::base64UrlEncode($payload);
$signature = hash_hmac('sha256', $base64Header . '.' . $base64Payload, self::$secret_key, true);
$base64Signature = self::base64UrlEncode($signature);
return $base64Header . '.' . $base64Payload . '.' . $base64Signature;
}
public static function decode($jwt) {
self::init();
$parts = explode('.', $jwt);
if (count($parts) !== 3) {
return false;
}
list($base64Header, $base64Payload, $base64Signature) = $parts;
$signature = self::base64UrlDecode($base64Signature);
$expectedSignature = hash_hmac('sha256', $base64Header . '.' . $base64Payload, self::$secret_key, true);
if (!hash_equals($signature, $expectedSignature)) {
return false;
}
$payload = json_decode(self::base64UrlDecode($base64Payload), true);
if (isset($payload['exp']) && $payload['exp'] < time()) {
return false; // Token expired
}
return $payload;
}
private static function base64UrlEncode($data) {
return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
}
private static function base64UrlDecode($data) {
return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT));
}
}
function generateApiToken($username) {
return SimpleJWT::encode([
'username' => $username,
'role' => 'admin'
]);
}
function validateApiToken($token) {
$payload = SimpleJWT::decode($token);
return $payload !== false ? $payload : null;
}
?>

52
rootfs/usr/local/share/webpanel/login.php Normal file
View File

@@ -0,0 +1,52 @@
<?php
require_once 'auth.php';
$error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
if (authenticate($username, $password)) {
$_SESSION['authenticated'] = true;
$_SESSION['username'] = $username;
header('Location: index.php');
exit;
} else {
$error = 'Invalid username or password';
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Tor Admin Panel - Login</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="login-container">
<div class="login-form">
<h1>🧅 Tor Admin Panel</h1>
<form method="POST">
<?php if ($error): ?>
<div class="error"><?php echo htmlspecialchars($error); ?></div>
<?php endif; ?>
<div class="form-group">
<label for="username">Username:</label>
<input type="text" id="username" name="username" required>
</div>
<div class="form-group">
<label for="password">Password:</label>
<input type="password" id="password" name="password" required>
</div>
<button type="submit">Login</button>
</form>
<div class="auth-info">
<p><small>Set credentials via TOR_ADMIN_USER and TOR_ADMIN_PASS environment variables</small></p>
</div>
</div>
</div>
</body>
</html>

106
rootfs/usr/local/share/webpanel/logs.php Normal file
View File

@@ -0,0 +1,106 @@
<?php
require_once 'auth.php';
require_once 'functions.php';
requireAuth();
$log_files = [
'tor-server' => '/data/logs/tor/server.log',
'tor-bridge' => '/data/logs/tor/bridge.log',
'tor-relay' => '/data/logs/tor/relay.log',
'unbound' => '/data/logs/unbound/unbound.log',
'privoxy' => '/data/logs/privoxy/privoxy.log',
'nginx-access' => '/data/logs/nginx/access.log',
'nginx-error' => '/data/logs/nginx/error.log',
'entrypoint' => '/data/logs/entrypoint.log'
];
$current_log = $_GET['log'] ?? 'tor-server';
$lines = (int)($_GET['lines'] ?? 100);
$log_content = '';
if (isset($log_files[$current_log])) {
$log_content = getLogTail($log_files[$current_log], $lines);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Logs - Tor Admin Panel</title>
<link rel="stylesheet" href="style.css">
<meta http-equiv="refresh" content="10">
</head>
<body>
<div class="container">
<div class="header">
<h1>🧅 Tor Admin Panel - Logs</h1>
<div>
<span>Welcome, <?php echo htmlspecialchars($_SESSION['username']); ?></span>
<a href="?logout=1" style="color: white; margin-left: 20px;">Logout</a>
</div>
</div>
<div class="nav">
<a href="index.php">Dashboard</a>
<a href="config.php">Configuration</a>
<a href="hidden.php">Hidden Services</a>
<a href="logs.php" class="active">Logs</a>
<a href="tokens.php">API Tokens</a>
</div>
<div class="tabs">
<?php foreach ($log_files as $key => $file): ?>
<div class="tab <?php echo $key === $current_log ? 'active' : ''; ?>"
onclick="location.href='logs.php?log=<?php echo $key; ?>&lines=<?php echo $lines; ?>'">
<?php echo ucfirst(str_replace('-', ' ', $key)); ?>
</div>
<?php endforeach; ?>
</div>
<div class="config-section">
<div style="display: flex; justify-content: space-between; align-items: center; margin-bottom: 15px;">
<h3>Viewing: <?php echo ucfirst(str_replace('-', ' ', $current_log)); ?> Log</h3>
<div>
<label for="lines" style="margin-right: 10px;">Lines:</label>
<select id="lines" onchange="location.href='logs.php?log=<?php echo $current_log; ?>&lines=' + this.value">
<option value="50" <?php echo $lines === 50 ? 'selected' : ''; ?>>50</option>
<option value="100" <?php echo $lines === 100 ? 'selected' : ''; ?>>100</option>
<option value="200" <?php echo $lines === 200 ? 'selected' : ''; ?>>200</option>
<option value="500" <?php echo $lines === 500 ? 'selected' : ''; ?>>500</option>
</select>
</div>
</div>
<p><strong>File:</strong> <?php echo $log_files[$current_log]; ?></p>
<div class="log-container">
<?php echo htmlspecialchars($log_content ?: 'Log file is empty or not found'); ?>
</div>
<div style="margin-top: 15px;">
<button onclick="location.reload()" class="btn-small">Refresh</button>
<button onclick="location.href='logs.php?log=<?php echo $current_log; ?>&lines=<?php echo $lines; ?>'"
class="btn-small">Auto-refresh (10s)</button>
</div>
</div>
<div class="info">
<strong>Log Monitoring:</strong><br>
• Logs auto-refresh every 10 seconds<br>
• Tor logs show connection and circuit information<br>
• Nginx logs show web access and errors<br>
• Entrypoint log shows container initialization<br>
• Check logs if services fail to start
</div>
</div>
<script>
// Auto-scroll to bottom of log
const logContainer = document.querySelector('.log-container');
if (logContainer) {
logContainer.scrollTop = logContainer.scrollHeight;
}
</script>
</body>
</html>

446
rootfs/usr/local/share/webpanel/style.css Normal file
View File

@@ -0,0 +1,446 @@
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
background: #0d1117;
min-height: 100vh;
color: #f0f6fc;
line-height: 1.6;
display: flex;
flex-direction: column;
}
.main-wrapper {
flex: 1;
display: flex;
flex-direction: column;
}
.login-container {
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
padding: 20px;
}
.login-form {
background: #161b22;
padding: 2rem;
border-radius: 12px;
box-shadow: 0 8px 32px rgba(0, 0, 0, 0.3);
width: 100%;
max-width: 400px;
border: 1px solid #30363d;
}
.container {
max-width: 1200px;
margin: 0 auto;
padding: 1rem;
background: #0d1117;
flex: 1;
}
.header {
background: #161b22;
color: #f0f6fc;
padding: 1.5rem;
border-radius: 12px;
margin-bottom: 1.5rem;
display: flex;
justify-content: space-between;
align-items: center;
border: 1px solid #30363d;
flex-wrap: wrap;
gap: 1rem;
}
.nav {
background: #161b22;
padding: 1rem;
border-radius: 12px;
margin-bottom: 1.5rem;
border: 1px solid #30363d;
overflow-x: auto;
white-space: nowrap;
}
.nav a {
color: #7c3aed;
text-decoration: none;
margin-right: 1rem;
padding: 0.75rem 1rem;
border-radius: 8px;
transition: all 0.2s;
display: inline-block;
font-weight: 500;
}
.nav a:hover, .nav a.active {
background: #7c3aed;
color: white;
}
h1 {
color: #f0f6fc;
margin-bottom: 1.5rem;
text-align: center;
font-size: clamp(1.5rem, 4vw, 2rem);
}
.form-group {
margin-bottom: 1.5rem;
}
label {
display: block;
margin-bottom: 0.5rem;
font-weight: 600;
color: #f0f6fc;
font-size: 0.9rem;
}
input, select, textarea {
width: 100%;
padding: 0.875rem;
border: 1px solid #30363d;
border-radius: 8px;
font-size: 1rem;
transition: all 0.2s;
background: #0d1117;
color: #f0f6fc;
}
input:focus, select:focus, textarea:focus {
outline: none;
border-color: #7c3aed;
box-shadow: 0 0 0 3px rgba(124, 58, 237, 0.1);
}
button {
background: #7c3aed;
color: white;
padding: 0.875rem 1.5rem;
border: none;
border-radius: 8px;
font-size: 1rem;
cursor: pointer;
transition: all 0.2s;
width: 100%;
font-weight: 600;
}
button:hover {
background: #8b5cf6;
transform: translateY(-1px);
}
.btn-small {
padding: 0.5rem 0.875rem;
font-size: 0.875rem;
width: auto;
margin: 0.25rem;
min-width: 4rem;
}
.error {
background: #1a1a1a;
color: #f85149;
padding: 1rem;
border-radius: 8px;
margin-bottom: 1.5rem;
border-left: 4px solid #f85149;
border: 1px solid #30363d;
}
.success {
background: #1a1a1a;
color: #56d364;
padding: 1rem;
border-radius: 8px;
margin-bottom: 1.5rem;
border-left: 4px solid #56d364;
border: 1px solid #30363d;
}
.info {
background: #161b22;
color: #79c0ff;
padding: 1rem;
border-radius: 8px;
margin-bottom: 1.5rem;
border-left: 4px solid #79c0ff;
border: 1px solid #30363d;
}
.service-grid {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(280px, 1fr));
gap: 1rem;
margin-bottom: 1.5rem;
}
.service-card {
background: #161b22;
border: 1px solid #30363d;
border-radius: 12px;
padding: 1.5rem;
transition: all 0.2s;
}
.service-card:hover {
border-color: #7c3aed;
transform: translateY(-2px);
}
.service-status {
display: inline-block;
padding: 4px 12px;
border-radius: 20px;
font-size: 12px;
font-weight: bold;
text-transform: uppercase;
}
.status-running {
background: #e6ffe6;
color: #00b894;
}
.status-stopped {
background: #ffe6e6;
color: #d63031;
}
.config-section {
background: #161b22;
padding: 1.5rem;
border-radius: 12px;
margin-bottom: 1.5rem;
border: 1px solid #30363d;
}
.log-container {
background: #0d1117;
color: #56d364;
padding: 1.5rem;
border-radius: 12px;
font-family: 'SF Mono', 'Monaco', 'Inconsolata', 'Roboto Mono', 'Courier New', monospace;
font-size: 0.875rem;
max-height: 400px;
overflow-y: auto;
white-space: pre-wrap;
border: 1px solid #30363d;
}
.hidden-service {
background: #161b22;
border: 1px solid #30363d;
border-radius: 12px;
padding: 1.5rem;
margin-bottom: 1rem;
}
.onion-address {
font-family: 'SF Mono', 'Monaco', 'Inconsolata', 'Roboto Mono', 'Courier New', monospace;
background: #0d1117;
color: #79c0ff;
padding: 1rem;
border-radius: 8px;
word-break: break-all;
margin: 1rem 0;
border: 1px solid #30363d;
font-size: 0.875rem;
}
.auth-info {
text-align: center;
margin-top: 20px;
color: #666;
}
.stats-grid {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(200px, 1fr));
gap: 1rem;
margin-bottom: 1.5rem;
}
.stat-card {
background: #161b22;
padding: 1.5rem;
border-radius: 12px;
text-align: center;
border: 1px solid #30363d;
transition: all 0.2s;
}
.stat-card:hover {
border-color: #7c3aed;
transform: translateY(-2px);
}
.stat-value {
font-size: 1.5rem;
font-weight: bold;
color: #7c3aed;
margin-bottom: 0.5rem;
}
.tabs {
display: flex;
margin-bottom: 20px;
border-bottom: 2px solid #e0e0e0;
}
.tab {
padding: 12px 24px;
cursor: pointer;
border-bottom: 2px solid transparent;
transition: all 0.3s;
}
.tab.active {
border-bottom-color: #667eea;
color: #667eea;
}
.tab-content {
display: none;
}
.tab-content.active {
display: block;
}
.footer {
background: #161b22;
border-top: 1px solid #30363d;
padding: 1.5rem;
text-align: center;
margin-top: auto;
border-radius: 12px 12px 0 0;
}
.footer-content {
max-width: 1200px;
margin: 0 auto;
}
.footer a {
color: #7c3aed;
text-decoration: none;
}
.footer a:hover {
text-decoration: underline;
}
.logout-btn {
background: #f85149;
color: white;
padding: 0.5rem 1rem;
border-radius: 6px;
text-decoration: none;
font-size: 0.875rem;
margin-left: 1rem;
transition: all 0.2s;
}
.logout-btn:hover {
background: #da3633;
}
.header-actions {
display: flex;
align-items: center;
flex-wrap: wrap;
gap: 0.5rem;
}
/* Mobile First Design */
@media (max-width: 768px) {
.container {
padding: 0.5rem;
}
.header {
padding: 1rem;
text-align: center;
}
.header-actions {
justify-content: center;
width: 100%;
margin-top: 0.5rem;
}
.nav {
padding: 0.5rem;
text-align: center;
}
.nav a {
display: inline-block;
margin: 0.25rem;
padding: 0.5rem 0.75rem;
font-size: 0.875rem;
}
.service-grid {
grid-template-columns: 1fr;
gap: 0.75rem;
}
.stats-grid {
grid-template-columns: repeat(2, 1fr);
gap: 0.75rem;
}
.service-card, .stat-card, .config-section {
padding: 1rem;
}
.btn-small {
padding: 0.5rem;
font-size: 0.8rem;
min-width: 3.5rem;
}
.onion-address {
font-size: 0.8rem;
word-break: break-all;
}
h1 {
font-size: 1.5rem;
}
h2 {
font-size: 1.25rem;
}
h3 {
font-size: 1.1rem;
}
}
@media (max-width: 480px) {
.stats-grid {
grid-template-columns: 1fr;
}
.header {
padding: 0.75rem;
}
.nav a {
font-size: 0.8rem;
padding: 0.5rem;
}
}

147
rootfs/usr/local/share/webpanel/tokens.php Normal file
View File

@@ -0,0 +1,147 @@
<?php
require_once 'auth.php';
require_once 'functions.php';
require_once 'jwt.php';
requireAuth();
$message = '';
$messageType = '';
$new_token = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$action = $_POST['action'] ?? '';
if ($action === 'generate') {
$description = sanitizeInput($_POST['description'] ?? '');
$username = $_SESSION['username'];
$new_token = generateApiToken($username);
$message = "New API token generated successfully";
$messageType = 'success';
// Store token info (in a real app, you'd store this in a database)
$token_file = "/config/secure/tokens.log";
$token_info = date('Y-m-d H:i:s') . " - Token generated for $username - $description\n";
file_put_contents($token_file, $token_info, FILE_APPEND | LOCK_EX);
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>API Tokens - Tor Admin Panel</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="container">
<div class="header">
<h1>🧅 Tor Admin Panel - API Tokens</h1>
<div>
<span>Welcome, <?php echo htmlspecialchars($_SESSION['username']); ?></span>
<a href="?logout=1" style="color: white; margin-left: 20px;">Logout</a>
</div>
</div>
<div class="nav">
<a href="index.php">Dashboard</a>
<a href="config.php">Configuration</a>
<a href="hidden.php">Hidden Services</a>
<a href="logs.php">Logs</a>
<a href="tokens.php" class="active">API Tokens</a>
</div>
<?php if ($message): ?>
<div class="<?php echo $messageType; ?>">
<?php echo htmlspecialchars($message); ?>
</div>
<?php endif; ?>
<?php if ($new_token): ?>
<div class="config-section">
<h3>🔑 Your New API Token</h3>
<div class="onion-address" style="background: #f0f8ff; border: 2px solid #0984e3;">
<?php echo htmlspecialchars($new_token); ?>
</div>
<div class="error" style="background: #fff3cd; color: #856404; border-left-color: #ffc107;">
<strong>Important:</strong> Save this token now! It will not be shown again.
</div>
</div>
<?php endif; ?>
<div class="config-section">
<h2>🔐 JWT Secret Key</h2>
<p>Current JWT secret (auto-generated if TOR_JWT_SECRET not set):</p>
<div class="onion-address" style="background: #fff3cd; border: 1px solid #ffc107;">
<small><?php echo htmlspecialchars(SimpleJWT::getSecret()); ?></small>
</div>
<p><small>Set TOR_JWT_SECRET environment variable to use a custom secret</small></p>
</div>
<div class="config-section">
<h2>Generate New API Token</h2>
<form method="POST">
<input type="hidden" name="action" value="generate">
<div class="form-group">
<label for="description">Token Description:</label>
<input type="text" id="description" name="description" required
placeholder="e.g., Production monitoring, Mobile app, External script">
</div>
<button type="submit">Generate Token</button>
</form>
</div>
<div class="config-section">
<h2>📚 API Documentation</h2>
<h3>Authentication</h3>
<div style="background: #f8f9fa; padding: 15px; border-radius: 8px; margin-bottom: 20px;">
<h4>1. Get a token:</h4>
<code style="display: block; margin: 10px 0; padding: 10px; background: #1a1a1a; color: #00ff00; border-radius: 5px;">
curl -X POST http://your-server/admin/api.php?action=login \<br>
-d "username=admin&password=yourpass"
</code>
<h4>2. Use the token:</h4>
<code style="display: block; margin: 10px 0; padding: 10px; background: #1a1a1a; color: #00ff00; border-radius: 5px;">
curl -H "Authorization: Bearer YOUR_TOKEN" \<br>
http://your-server/admin/api.php?action=status
</code>
</div>
<h3>Available Endpoints</h3>
<div style="background: #f8f9fa; padding: 15px; border-radius: 8px;">
<h4>📊 GET /admin/api.php?action=status</h4>
<p>Get status of all services</p>
<h4>📈 GET /admin/api.php?action=stats</h4>
<p>Get system statistics</p>
<h4>🧅 GET /admin/api.php?action=hidden-services</h4>
<p>Get list of hidden services</p>
<h4>⚙️ POST /admin/api.php?action=service-control</h4>
<p>Control services (start/stop/restart)</p>
<code style="display: block; margin: 10px 0; padding: 10px; background: #1a1a1a; color: #00ff00; border-radius: 5px;">
POST data: service=tor-server&command=restart
</code>
<h4>🔑 POST /admin/api.php?action=login</h4>
<p>Get authentication token</p>
<code style="display: block; margin: 10px 0; padding: 10px; background: #1a1a1a; color: #00ff00; border-radius: 5px;">
POST data: username=admin&password=yourpass
</code>
</div>
</div>
<div class="info">
<strong>Security Notes:</strong><br>
• Tokens expire after 24 hours<br>
• Set custom JWT secret via TOR_JWT_SECRET environment variable<br>
• Store tokens securely - they provide full admin access<br>
• API supports both Bearer tokens and web session authentication
</div>
</div>
</body>
</html>