init

Dockerfile

@@ -0,0 +1,16 @@
+FROM debian:12-slim
+RUN apt-get update && apt-get upgrade -y
+RUN apt-get install -y \
+    apache2 \
+    php\
+    php-opcache\
+    php-yaml \
+    php-mbstring \
+    php-curl
+
+
+RUN rm -rf /var/www/html/index.html
+ADD index.php /var/www/html/index.php
+
+
+ENTRYPOINT ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"]

index.php

@@ -0,0 +1,50 @@
+<?php
+$config = yaml_parse_file("../config.yaml");
+$remoteIp = $_SERVER["REMOTE_ADDR"];
+$reverseDns = gethostbyaddr($remoteIp);
+$match = false;
+foreach ($config["allowed_sender"] as $host) {
+    if (fnmatch($host, $remoteIp)) {
+        echo "match $host, $remoteIp\n";
+        $match = true;
+        break;
+    }
+    $forwardResolve = gethostbyname($reverseDns);
+    if ($forwardResolve != $remoteIp) {
+        header(
+            "X-Auth: reverse dns of $remoteIp ($reverseDns) does not resolve to $remoteIp ($forwardResolve)"
+        );
+        continue;
+    }
+    if (fnmatch($host, $reverseDns)) {
+        echo "match $host, $reverseDns\n";
+        $match = true;
+        break;
+    }
+}
+if (!$match) {
+    header("HTTP/1.0 403 Forbidden");
+    die("403 Forbidden");
+}
+send("$reverseDns: " . file_get_contents("php://input"), $config);
+
+function send($message, $config)
+{
+    $target = $config["matrix"]["target"];
+    $token = $config["matrix"]["token"];
+    $ch = curl_init();
+    curl_setopt(
+        $ch,
+        CURLOPT_URL,
+        "https://matrix.c3re.de/_matrix/client/r0/rooms/$target/send/m.room.message/123?access_token=$token"
+    );
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+    curl_setopt(
+        $ch,
+        CURLOPT_POSTFIELDS,
+        json_encode(["msgtype" => "m.text", "body" => $message])
+    );
+    curl_setopt($ch, CURLOPT_POST, 1);
+    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
+    curl_exec($ch);
+}