tuvme.xyz-server-main/server/server (1).js

const express = require('express');
const https = require('https');
const http = require('http');
const tls = require('tls');
const fs = require('fs');
const path = require('path');
const url = require('url');
const { execFile } = require('child_process');

require('dotenv').config({ path: path.join(__dirname, '.env') });

const app = express();

// Parse ALLOWED_DOMAINS environment variable as an array
const allowedDomains = process.env.ALLOWED_DOMAINS ? process.env.ALLOWED_DOMAINS.split(',') : [];

// Middleware to parse JSON request bodies
app.use(express.json());

// Helper function to get SSL options based on hostname
const getSSLOptions = (hostname) => {
  const sslPrefix = process.env.SSL_PREFIX || '/etc/letsencrypt/live/';
  
  try {
    return {
      key: fs.readFileSync(path.join(sslPrefix, hostname, 'privkey.pem')),
      cert: fs.readFileSync(path.join(sslPrefix, hostname, 'fullchain.pem')),
    };
  } catch (error) {
    // Fallback to default certificates if domain-specific ones aren't found
    console.warn(`Could not load SSL certificates for ${hostname}, using defaults`);
    return {
      key: fs.readFileSync(process.env.SSL_KEY_FILE),
      cert: fs.readFileSync(process.env.SSL_CRT_FILE),
    };
  }
};

// Redirect HTTP to HTTPS
app.use((req, res, next) => {
  if (!req.secure && req.headers['x-forwarded-proto'] !== 'https') {
    return res.redirect(`https://${req.headers.host}${req.url}`);
  }
  next();
});

const forwardRequest = (req, res) => {
  const npxRoute = req.params[0];

  if (!npxRoute) {
    return res.status(400).json({ error: 'Bad Request: No dynamic route found' });
  }

  const parsedUrl = url.parse(req.url);
  const requestOptions = {
    hostname: 'localhost',
    port: 3000,
    path: `/api/v1/${npxRoute}${parsedUrl.search || ''}`, // Include query string
    method: req.method,
    headers: { ...req.headers },
  };

  let jsonPayload = null;
  if (['POST', 'PUT', 'PATCH', 'DELETE'].includes(req.method)) {
    jsonPayload = JSON.stringify(req.body);
    requestOptions.headers['Content-Type'] = 'application/json';
    requestOptions.headers['Content-Length'] = Buffer.byteLength(jsonPayload);
  }

  const proxyReq = http.request(requestOptions, (proxyRes) => {
    res.writeHead(proxyRes.statusCode, proxyRes.headers);
    proxyRes.pipe(res);
  });

  proxyReq.on('error', (error) => {
    console.error(`Error forwarding request: ${error.message}`);
    res.status(500).json({ error: 'Internal Server Error' });
  });

  if (jsonPayload) {
    proxyReq.write(jsonPayload);
  }

  proxyReq.end();
};

// Handle /api/* route forwarding
app.use('/api/v1/*', (req, res) => {
  forwardRequest(req, res);
});

// Function for direct PHP execution
const executePhpDirectly = (phpFilePath, domainPath, req, res) => {
  // Create environment variables that PHP might expect
  const env = {
    ...process.env,
    DOCUMENT_ROOT: domainPath,
    SCRIPT_FILENAME: phpFilePath,
    REQUEST_URI: req.url,
    QUERY_STRING: url.parse(req.url).query || '',
    REQUEST_METHOD: req.method,
    HTTP_HOST: req.headers.host,
    REMOTE_ADDR: req.ip,
    SERVER_NAME: req.headers.host.split(':')[0],
    // Additional variables that PHP might expect
    GATEWAY_INTERFACE: 'CGI/1.1',
    SERVER_PROTOCOL: 'HTTP/1.1',
    // Pass HTTP headers as environment variables
    ...Object.entries(req.headers).reduce((env, [key, value]) => {
      env[`HTTP_${key.toUpperCase().replace(/-/g, '_')}`] = value;
      return env;
    }, {})
  };
  
  execFile('php', [phpFilePath], { env }, (error, stdout, stderr) => {
    if (error) {
      console.error(`PHP execution error: ${error.message}`);
      return res.status(500).send(`PHP Execution Error: ${error.message}`);
    }
    
    if (stderr) {
      console.error(`PHP stderr output: ${stderr}`);
    }
    
    // Set Content-Type to HTML for proper rendering
    res.setHeader('Content-Type', 'text/html; charset=utf-8');
    res.send(stdout);
  });
};

// Helper function to check for index files
const findIndexFile = (directoryPath) => {
  // Common index file types to check for
  const indexFiles = ['index.html', 'index.htm', 'index.php'];
  
  for (const indexFile of indexFiles) {
    const filePath = path.join(directoryPath, indexFile);
    if (fs.existsSync(filePath)) {
      return { path: filePath, type: indexFile.endsWith('.php') ? 'php' : 'html' };
    }
  }
  
  return null;
};

// Handle PHP for all domains (both xyz and non-xyz)
app.use((req, res, next) => {
  const host = req.headers.host.split(':')[0]; // Remove port if present
  const domainPath = path.join('/var/www', host);
  
  // Make sure the domain directory exists
  if (!fs.existsSync(domainPath)) {
    return next(); // Skip to next middleware if domain directory doesn't exist
  }
  
  // Handle direct PHP file requests
  if (req.path.endsWith('.php')) {
    const phpFilePath = path.join(domainPath, req.path);
    
    if (fs.existsSync(phpFilePath)) {
      return executePhpDirectly(phpFilePath, domainPath, req, res);
    }
  }
  
  // Handle directory requests - check for index files
  if (req.path === '/' || req.path.endsWith('/')) {
    // First, check for index files in domain root
    const indexResult = findIndexFile(path.join(domainPath, req.path));
    
    if (indexResult) {
      if (indexResult.type === 'php') {
        return executePhpDirectly(indexResult.path, domainPath, req, res);
      } else {
        return res.sendFile(indexResult.path);
      }
    }
  }
  
  next();
});

// Serve static files from domain root first for all domains
app.use((req, res, next) => {
  const host = req.headers.host.split(':')[0]; // Remove port if present
  const domainPath = path.join('/var/www', host);
  
  if (!fs.existsSync(domainPath)) {
    return next();
  }
  
  // Try to serve files from the domain's root directory
  express.static(domainPath)(req, res, (err) => {
    // Continue to next middleware if file not found
    next();
  });
});

// Serve static files from build directory as fallback for non-xyz domains
app.use((req, res, next) => {
  const host = req.headers.host.split(':')[0]; // Remove port if present
  
  // Handle all domains (both xyz and non-xyz)
  const domainPath = path.join('/var/www', host);
  const buildPath = path.join(domainPath, 'build');
  
  if (fs.existsSync(buildPath)) {
    // Serve static files from build directory
    express.static(buildPath)(req, res, next);
  } else {
    next();
  }
});

// Catch-all route handler for all domains 
app.get('*', (req, res) => {
  const host = req.headers.host.split(':')[0]; // Remove port if present
  const domainPath = path.join('/var/www', host);
  
  // First, check for index.html in domain root
  const rootIndexPath = path.join(domainPath, 'index.html');
  if (fs.existsSync(rootIndexPath)) {
    return res.sendFile(rootIndexPath);
  }
  
  // Then, check build folder
  const buildPath = path.join(domainPath, 'build');
  if (fs.existsSync(buildPath)) {
    const buildIndexPath = path.join(buildPath, 'index.html');
    if (fs.existsSync(buildIndexPath)) {
      return res.sendFile(buildIndexPath);
    }
  }
  
  // No matching file found
  res.status(404).send('Not Found');
});

// Create HTTPS server with SNI support for multiple domains
const server = https.createServer({ 
  SNICallback: (hostname, cb) => {
    const secureContext = tls.createSecureContext(getSSLOptions(hostname));
    if (cb) {
      cb(null, secureContext);
    } else {
      return secureContext;
    }
  }
}, app);

server.listen(443, '0.0.0.0', () => {
  console.log(`Server running on https://0.0.0.0:443`);
});

// Also create a HTTP server that redirects to HTTPS
http.createServer((req, res) => {
  res.writeHead(301, { Location: `https://${req.headers.host}${req.url}` });
  res.end();
}).listen(80, '0.0.0.0', () => {
  console.log('HTTP to HTTPS redirect server running on port 80');
});