author | Kim Alvefur <zash@zash.se> |
Thu, 27 Jan 2022 12:36:50 +0100 | |
changeset 12221 | 39043233de04 |
parent 12163 | aa299551f8c6 |
child 12222 | 0795e1ccf3d8 |
permissions | -rw-r--r-- |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 |
local configmanager = require "core.configmanager"; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
local show_usage = require "util.prosodyctl".show_usage; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 |
local show_warning = require "util.prosodyctl".show_warning; |
11784
98ae95235775
util.prosodyctl.check: Refuse to do ojn test unless prosody is running
Kim Alvefur <zash@zash.se>
parents:
11783
diff
changeset
|
4 |
local is_prosody_running = require "util.prosodyctl".isrunning; |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 |
local dependencies = require "util.dependencies"; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 |
local socket = require "socket"; |
11831
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
7 |
local socket_url = require "socket.url"; |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 |
local jid_split = require "util.jid".prepped_split; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
local modulemanager = require "core.modulemanager"; |
11831
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
10 |
local async = require "util.async"; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
11 |
local httputil = require "util.http"; |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 |
|
11830
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
13 |
local function check_ojn(check_type, target_host) |
11783
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
14 |
local http = require "net.http"; -- .new({}); |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
15 |
local json = require "util.json"; |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
16 |
|
11830
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
17 |
local response, err = async.wait_for(http.request( |
11831
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
18 |
("https://observe.jabber.network/api/v1/check/%s"):format(httputil.urlencode(check_type)), |
11783
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
19 |
{ |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
20 |
method="POST", |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
21 |
headers={["Accept"] = "application/json"; ["Content-Type"] = "application/json"}, |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
22 |
body=json.encode({target=target_host}), |
11830
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
23 |
})); |
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
24 |
|
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
25 |
if not response then |
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
26 |
return false, err; |
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
27 |
end |
11783
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
28 |
|
11830
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
29 |
if response.code ~= 200 then |
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
30 |
return false, ("API replied with non-200 code: %d"):format(response.code); |
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
31 |
end |
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
32 |
|
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
33 |
local decoded_body, err = json.decode(response.body); |
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
34 |
if decoded_body == nil then |
e1c4cc5d0ef8
prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents:
11811
diff
changeset
|
35 |
return false, ("Failed to parse API JSON: %s"):format(err) |
11783
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
36 |
end |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
37 |
|
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
38 |
local success = decoded_body["success"]; |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
39 |
return success == true, nil; |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
40 |
end |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
41 |
|
11831
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
42 |
local function check_probe(base_url, probe_module, target) |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
43 |
local http = require "net.http"; -- .new({}); |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
44 |
local params = httputil.formencode({ module = probe_module; target = target }) |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
45 |
local response, err = async.wait_for(http.request(base_url .. "?" .. params)); |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
46 |
|
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
47 |
if not response then return false, err; end |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
48 |
|
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
49 |
if response.code ~= 200 then return false, ("API replied with non-200 code: %d"):format(response.code); end |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
50 |
|
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
51 |
for line in response.body:gmatch("[^\r\n]+") do |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
52 |
local probe_success = line:match("^probe_success%s+(%d+)"); |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
53 |
|
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
54 |
if probe_success == "1" then |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
55 |
return true; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
56 |
elseif probe_success == "0" then |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
57 |
return false; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
58 |
end |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
59 |
end |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
60 |
return false, "Probe endpoint did not return a success status"; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
61 |
end |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
62 |
|
11783
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
63 |
local function skip_bare_jid_hosts(host) |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
64 |
if jid_split(host) then |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
65 |
-- See issue #779 |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
66 |
return false; |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
67 |
end |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
68 |
return true; |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
69 |
end |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
70 |
|
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
71 |
local function check(arg) |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
72 |
if arg[1] == "--help" then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
73 |
show_usage([[check]], [[Perform basic checks on your Prosody installation]]); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
74 |
return 1; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
75 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
76 |
local what = table.remove(arg, 1); |
11802
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
77 |
local array = require "util.array"; |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
78 |
local set = require "util.set"; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
79 |
local it = require "util.iterators"; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
80 |
local ok = true; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
81 |
local function disabled_hosts(host, conf) return host ~= "*" and conf.enabled ~= false; end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
82 |
local function enabled_hosts() return it.filter(disabled_hosts, pairs(configmanager.getconfig())); end |
11783
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
83 |
if not (what == nil or what == "disabled" or what == "config" or what == "dns" or what == "certs" or what == "connectivity") then |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
84 |
show_warning("Don't know how to check '%s'. Try one of 'config', 'dns', 'certs', 'disabled' or 'connectivity'.", what); |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
85 |
show_warning("Note: The connectivity check will connect to a remote server."); |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
86 |
return 1; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
87 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 |
if not what or what == "disabled" then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
89 |
local disabled_hosts_set = set.new(); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
90 |
for host, host_options in it.filter("*", pairs(configmanager.getconfig())) do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
91 |
if host_options.enabled == false then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
92 |
disabled_hosts_set:add(host); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
93 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
94 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
95 |
if not disabled_hosts_set:empty() then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
96 |
local msg = "Checks will be skipped for these disabled hosts: %s"; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
97 |
if what then msg = "These hosts are disabled: %s"; end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
98 |
show_warning(msg, tostring(disabled_hosts_set)); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
99 |
if what then return 0; end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 |
print"" |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
102 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
103 |
if not what or what == "config" then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
104 |
print("Checking config..."); |
11802
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
105 |
local obsolete = set.new({ --> remove |
12122
30d55809d9a6
util.prosodyctl.check: Add some more obsolete settings
Kim Alvefur <zash@zash.se>
parents:
12103
diff
changeset
|
106 |
"archive_cleanup_interval", |
11638
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
107 |
"cross_domain_bosh", |
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
108 |
"cross_domain_websocket", |
12122
30d55809d9a6
util.prosodyctl.check: Add some more obsolete settings
Kim Alvefur <zash@zash.se>
parents:
12103
diff
changeset
|
109 |
"dns_timeout", |
30d55809d9a6
util.prosodyctl.check: Add some more obsolete settings
Kim Alvefur <zash@zash.se>
parents:
12103
diff
changeset
|
110 |
"muc_log_cleanup_interval", |
30d55809d9a6
util.prosodyctl.check: Add some more obsolete settings
Kim Alvefur <zash@zash.se>
parents:
12103
diff
changeset
|
111 |
"s2s_dns_resolvers", |
30d55809d9a6
util.prosodyctl.check: Add some more obsolete settings
Kim Alvefur <zash@zash.se>
parents:
12103
diff
changeset
|
112 |
"setgid", |
30d55809d9a6
util.prosodyctl.check: Add some more obsolete settings
Kim Alvefur <zash@zash.se>
parents:
12103
diff
changeset
|
113 |
"setuid", |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
114 |
}); |
12163
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
115 |
local function instead_use(kind, name, value) |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
116 |
if kind == "option" then |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
117 |
if value then |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
118 |
return string.format("instead, use '%s = %q'", name, value); |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
119 |
else |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
120 |
return string.format("instead, use '%s'", name); |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
121 |
end |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
122 |
elseif kind == "module" then |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
123 |
return string.format("instead, add %q to '%s'", name, value or "modules_enabled"); |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
124 |
elseif kind == "community" then |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
125 |
return string.format("instead, add %q from %s", name, value or "prosody-modules"); |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
126 |
end |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
127 |
return kind |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
128 |
end |
11802
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
129 |
local deprecated_replacements = { |
12163
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
130 |
anonymous_login = instead_use("option", "authentication", "anonymous"); |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
131 |
daemonize = "instead, use the --daemonize/-D or --foreground/-F command line flags"; |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
132 |
disallow_s2s = instead_use("module", "s2s"); |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
133 |
no_daemonize = "instead, use the --daemonize/-D or --foreground/-F command line flags"; |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
134 |
require_encryption = "instead, use 'c2s_require_encryption' and 's2s_require_encryption'"; |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
135 |
vcard_compatibility = instead_use("community", "mod_compat_vcard"); |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
136 |
use_libevent = instead_use("option", "network_backend", "event"); |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
137 |
whitelist_registration_only = instead_use("option", "allowlist_registration_only"); |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
138 |
registration_whitelist = instead_use("option", "registration_allowlist"); |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
139 |
registration_blacklist = instead_use("option", "registration_blocklist"); |
aa299551f8c6
util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents:
12162
diff
changeset
|
140 |
blacklist_on_registration_throttle_overload = instead_use("blocklist_on_registration_throttle_overload"); |
11802
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
141 |
}; |
11804
60018637f5d4
util.prosodyctl.check: Nudge towards plural port options
Kim Alvefur <zash@zash.se>
parents:
11803
diff
changeset
|
142 |
-- FIXME all the singular _port and _interface options are supposed to be deprecated too |
11802
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
143 |
local deprecated_ports = { bosh = "http", legacy_ssl = "c2s_direct_tls" }; |
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
144 |
local port_suffixes = set.new({ "port", "ports", "interface", "interfaces", "ssl" }); |
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
145 |
for port, replacement in pairs(deprecated_ports) do |
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
146 |
for suffix in port_suffixes do |
11804
60018637f5d4
util.prosodyctl.check: Nudge towards plural port options
Kim Alvefur <zash@zash.se>
parents:
11803
diff
changeset
|
147 |
local rsuffix = (suffix == "port" or suffix == "interface") and suffix.."s" or suffix; |
12162
7ff3699c1653
util.prosodyctl.check: Move word to ease future translations
Kim Alvefur <zash@zash.se>
parents:
12161
diff
changeset
|
148 |
deprecated_replacements[port.."_"..suffix] = "instead, use '"..replacement.."_"..rsuffix.."'" |
11802
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
149 |
end |
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
150 |
end |
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
151 |
local deprecated = set.new(array.collect(it.keys(deprecated_replacements))); |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
152 |
local known_global_options = set.new({ |
11639
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
153 |
"access_control_allow_credentials", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
154 |
"access_control_allow_headers", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
155 |
"access_control_allow_methods", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
156 |
"access_control_max_age", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
157 |
"admin_socket", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
158 |
"body_size_limit", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
159 |
"bosh_max_inactivity", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
160 |
"bosh_max_polling", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
161 |
"bosh_max_wait", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
162 |
"buffer_size_limit", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
163 |
"c2s_close_timeout", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
164 |
"c2s_stanza_size_limit", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
165 |
"c2s_tcp_keepalives", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
166 |
"c2s_timeout", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
167 |
"component_stanza_size_limit", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
168 |
"component_tcp_keepalives", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
169 |
"consider_bosh_secure", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
170 |
"consider_websocket_secure", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
171 |
"console_banner", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
172 |
"console_prettyprint_settings", |
11638
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
173 |
"daemonize", |
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
174 |
"gc", |
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
175 |
"http_default_host", |
11639
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
176 |
"http_errors_always_show", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
177 |
"http_errors_default_message", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
178 |
"http_errors_detailed", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
179 |
"http_errors_messages", |
11837
bd86ab8122d9
util.prosodyctl.check: Add two known globals from mod_http
Kim Alvefur <zash@zash.se>
parents:
11831
diff
changeset
|
180 |
"http_max_buffer_size", |
bd86ab8122d9
util.prosodyctl.check: Add two known globals from mod_http
Kim Alvefur <zash@zash.se>
parents:
11831
diff
changeset
|
181 |
"http_max_content_size", |
11638
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
182 |
"installer_plugin_path", |
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
183 |
"limits", |
11639
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
184 |
"limits_resolution", |
11638
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
185 |
"log", |
11639
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
186 |
"multiplex_buffer_size", |
11638
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
187 |
"network_backend", |
11639
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
188 |
"network_default_read_size", |
11638
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
189 |
"network_settings", |
11944
2d82e4245aa3
util.prosodyctl.check: Add mod_http_openmetrics settings to known globals
Kim Alvefur <zash@zash.se>
parents:
11929
diff
changeset
|
190 |
"openmetrics_allow_cidr", |
2d82e4245aa3
util.prosodyctl.check: Add mod_http_openmetrics settings to known globals
Kim Alvefur <zash@zash.se>
parents:
11929
diff
changeset
|
191 |
"openmetrics_allow_ips", |
11638
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
192 |
"pidfile", |
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
193 |
"plugin_paths", |
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
194 |
"plugin_server", |
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
195 |
"prosodyctl_timeout", |
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
196 |
"prosody_group", |
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
197 |
"prosody_user", |
11639
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
198 |
"run_as_root", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
199 |
"s2s_close_timeout", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
200 |
"s2s_insecure_domains", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
201 |
"s2s_require_encryption", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
202 |
"s2s_secure_auth", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
203 |
"s2s_secure_domains", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
204 |
"s2s_stanza_size_limit", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
205 |
"s2s_tcp_keepalives", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
206 |
"s2s_timeout", |
11638
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
207 |
"statistics", |
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
208 |
"statistics_config", |
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
209 |
"statistics_interval", |
11639
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
210 |
"tcp_keepalives", |
12103
b344edad61d3
core.certmanager: Rename preset option to 'tls_preset'
Kim Alvefur <zash@zash.se>
parents:
11961
diff
changeset
|
211 |
"tls_profile", |
11639
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
212 |
"trusted_proxies", |
11638
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
213 |
"umask", |
11639
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
214 |
"use_dane", |
11638
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
215 |
"use_ipv4", |
a6c87b4c0cdf
util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents:
11621
diff
changeset
|
216 |
"use_ipv6", |
11639
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
217 |
"websocket_frame_buffer_limit", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
218 |
"websocket_frame_fragment_limit", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
219 |
"websocket_get_response_body", |
1b17b967838e
util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents:
11638
diff
changeset
|
220 |
"websocket_get_response_text", |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
221 |
}); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
222 |
local config = configmanager.getconfig(); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
223 |
-- Check that we have any global options (caused by putting a host at the top) |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
224 |
if it.count(it.filter("log", pairs(config["*"]))) == 0 then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
225 |
ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
226 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
227 |
print(" No global options defined. Perhaps you have put a host definition at the top") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
228 |
print(" of the config file? They should be at the bottom, see https://prosody.im/doc/configure#overview"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
229 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
230 |
if it.count(enabled_hosts()) == 0 then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
231 |
ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
232 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
233 |
if it.count(it.filter("*", pairs(config))) == 0 then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
234 |
print(" No hosts are defined, please add at least one VirtualHost section") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
235 |
elseif config["*"]["enabled"] == false then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
236 |
print(" No hosts are enabled. Remove enabled = false from the global section or put enabled = true under at least one VirtualHost section") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
237 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
238 |
print(" All hosts are disabled. Remove enabled = false from at least one VirtualHost section") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
239 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
240 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
241 |
if not config["*"].modules_enabled then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
242 |
print(" No global modules_enabled is set?"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
243 |
local suggested_global_modules; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
244 |
for host, options in enabled_hosts() do --luacheck: ignore 213/host |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
245 |
if not options.component_module and options.modules_enabled then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
246 |
suggested_global_modules = set.intersection(suggested_global_modules or set.new(options.modules_enabled), set.new(options.modules_enabled)); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
247 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
248 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
249 |
if suggested_global_modules and not suggested_global_modules:empty() then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
250 |
print(" Consider moving these modules into modules_enabled in the global section:") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
251 |
print(" "..tostring(suggested_global_modules / function (x) return ("%q"):format(x) end)); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
252 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
253 |
print(); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
254 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
255 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
256 |
do -- Check for modules enabled both normally and as components |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
257 |
local modules = set.new(config["*"]["modules_enabled"]); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
258 |
for host, options in enabled_hosts() do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
259 |
local component_module = options.component_module; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
260 |
if component_module and modules:contains(component_module) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
261 |
print((" mod_%s is enabled both in modules_enabled and as Component %q %q"):format(component_module, host, component_module)); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
262 |
print(" This means the service is enabled on all VirtualHosts as well as the Component."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
263 |
print(" Are you sure this what you want? It may cause unexpected behaviour."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
264 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
265 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
266 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
267 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
268 |
-- Check for global options under hosts |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
269 |
local global_options = set.new(it.to_array(it.keys(config["*"]))); |
11802
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
270 |
local obsolete_global_options = set.intersection(global_options, obsolete); |
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
271 |
if not obsolete_global_options:empty() then |
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
272 |
print(""); |
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
273 |
print(" You have some obsolete options you can remove from the global section:"); |
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
274 |
print(" "..tostring(obsolete_global_options)) |
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
275 |
ok = false; |
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
276 |
end |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
277 |
local deprecated_global_options = set.intersection(global_options, deprecated); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
278 |
if not deprecated_global_options:empty() then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
279 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
280 |
print(" You have some deprecated options in the global section:"); |
11802
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
281 |
for option in deprecated_global_options do |
12162
7ff3699c1653
util.prosodyctl.check: Move word to ease future translations
Kim Alvefur <zash@zash.se>
parents:
12161
diff
changeset
|
282 |
print((" '%s' -- %s"):format(option, deprecated_replacements[option])); |
11802
ba88060fa145
util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents:
11787
diff
changeset
|
283 |
end |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
284 |
ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
285 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
286 |
for host, options in it.filter(function (h) return h ~= "*" end, pairs(configmanager.getconfig())) do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
287 |
local host_options = set.new(it.to_array(it.keys(options))); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
288 |
local misplaced_options = set.intersection(host_options, known_global_options); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
289 |
for name in pairs(options) do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
290 |
if name:match("^interfaces?") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
291 |
or name:match("_ports?$") or name:match("_interfaces?$") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
292 |
or (name:match("_ssl$") and not name:match("^[cs]2s_ssl$")) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
293 |
misplaced_options:add(name); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
294 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
295 |
end |
11803
8c9ec2db1d95
util.prosodyctl.check: Fix to not treat some options as misplaced
Kim Alvefur <zash@zash.se>
parents:
11802
diff
changeset
|
296 |
-- FIXME These _could_ be misplaced, but we would have to check where the corresponding module is loaded to be sure |
8c9ec2db1d95
util.prosodyctl.check: Fix to not treat some options as misplaced
Kim Alvefur <zash@zash.se>
parents:
11802
diff
changeset
|
297 |
misplaced_options:exclude(set.new({ "external_service_port", "turn_external_port" })); |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
298 |
if not misplaced_options:empty() then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
299 |
ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
300 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
301 |
local n = it.count(misplaced_options); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
302 |
print(" You have "..n.." option"..(n>1 and "s " or " ").."set under "..host.." that should be"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
303 |
print(" in the global section of the config file, above any VirtualHost or Component definitions,") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
304 |
print(" see https://prosody.im/doc/configure#overview for more information.") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
305 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
306 |
print(" You need to move the following option"..(n>1 and "s" or "")..": "..table.concat(it.to_array(misplaced_options), ", ")); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
307 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
308 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
309 |
for host, options in enabled_hosts() do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
310 |
local host_options = set.new(it.to_array(it.keys(options))); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
311 |
local subdomain = host:match("^[^.]+"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
312 |
if not(host_options:contains("component_module")) and (subdomain == "jabber" or subdomain == "xmpp" |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
313 |
or subdomain == "chat" or subdomain == "im") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
314 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
315 |
print(" Suggestion: If "..host.. " is a new host with no real users yet, consider renaming it now to"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
316 |
print(" "..host:gsub("^[^.]+%.", "")..". You can use SRV records to redirect XMPP clients and servers to "..host.."."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
317 |
print(" For more information see: https://prosody.im/doc/dns"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
318 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
319 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
320 |
local all_modules = set.new(config["*"].modules_enabled); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
321 |
local all_options = set.new(it.to_array(it.keys(config["*"]))); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
322 |
for host in enabled_hosts() do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
323 |
all_options:include(set.new(it.to_array(it.keys(config[host])))); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
324 |
all_modules:include(set.new(config[host].modules_enabled)); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
325 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
326 |
for mod in all_modules do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
327 |
if mod:match("^mod_") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
328 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
329 |
print(" Modules in modules_enabled should not have the 'mod_' prefix included."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
330 |
print(" Change '"..mod.."' to '"..mod:match("^mod_(.*)").."'."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
331 |
elseif mod:match("^auth_") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
332 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
333 |
print(" Authentication modules should not be added to modules_enabled,"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
334 |
print(" but be specified in the 'authentication' option."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
335 |
print(" Remove '"..mod.."' from modules_enabled and instead add"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
336 |
print(" authentication = '"..mod:match("^auth_(.*)").."'"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
337 |
print(" For more information see https://prosody.im/doc/authentication"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
338 |
elseif mod:match("^storage_") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
339 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
340 |
print(" storage modules should not be added to modules_enabled,"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
341 |
print(" but be specified in the 'storage' option."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
342 |
print(" Remove '"..mod.."' from modules_enabled and instead add"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
343 |
print(" storage = '"..mod:match("^storage_(.*)").."'"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
344 |
print(" For more information see https://prosody.im/doc/storage"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
345 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
346 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
347 |
if all_modules:contains("vcard") and all_modules:contains("vcard_legacy") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
348 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
349 |
print(" Both mod_vcard_legacy and mod_vcard are enabled but they conflict"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
350 |
print(" with each other. Remove one."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
351 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
352 |
if all_modules:contains("pep") and all_modules:contains("pep_simple") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
353 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
354 |
print(" Both mod_pep_simple and mod_pep are enabled but they conflict"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
355 |
print(" with each other. Remove one."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
356 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
357 |
for host, host_config in pairs(config) do --luacheck: ignore 213/host |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
358 |
if type(rawget(host_config, "storage")) == "string" and rawget(host_config, "default_storage") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
359 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
360 |
print(" The 'default_storage' option is not needed if 'storage' is set to a string."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
361 |
break; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
362 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
363 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
364 |
local require_encryption = set.intersection(all_options, set.new({ |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
365 |
"require_encryption", "c2s_require_encryption", "s2s_require_encryption" |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
366 |
})):empty(); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
367 |
local ssl = dependencies.softreq"ssl"; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
368 |
if not ssl then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
369 |
if not require_encryption then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
370 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
371 |
print(" You require encryption but LuaSec is not available."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
372 |
print(" Connections will fail."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
373 |
ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
374 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
375 |
elseif not ssl.loadcertificate then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
376 |
if all_options:contains("s2s_secure_auth") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
377 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
378 |
print(" You have set s2s_secure_auth but your version of LuaSec does "); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
379 |
print(" not support certificate validation, so all s2s connections will"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
380 |
print(" fail."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
381 |
ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
382 |
elseif all_options:contains("s2s_secure_domains") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
383 |
local secure_domains = set.new(); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
384 |
for host in enabled_hosts() do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
385 |
if config[host].s2s_secure_auth == true then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
386 |
secure_domains:add("*"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
387 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
388 |
secure_domains:include(set.new(config[host].s2s_secure_domains)); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
389 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
390 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
391 |
if not secure_domains:empty() then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
392 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
393 |
print(" You have set s2s_secure_domains but your version of LuaSec does "); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
394 |
print(" not support certificate validation, so s2s connections to/from "); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
395 |
print(" these domains will fail."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
396 |
ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
397 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
398 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
399 |
elseif require_encryption and not all_modules:contains("tls") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
400 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
401 |
print(" You require encryption but mod_tls is not enabled."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
402 |
print(" Connections will fail."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
403 |
ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
404 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
405 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
406 |
print("Done.\n"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
407 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
408 |
if not what or what == "dns" then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
409 |
local dns = require "net.dns"; |
10975
3cdb4a7cb406
util.prosodyctl.check: Use net.unbound for DNS if available
Kim Alvefur <zash@zash.se>
parents:
10936
diff
changeset
|
410 |
pcall(function () |
11649
3be346c5b940
util.prosodyctl.check: Reload unbound to ensure hosts.txt is ignored
Kim Alvefur <zash@zash.se>
parents:
11639
diff
changeset
|
411 |
local unbound = require"net.unbound"; |
11621
166f8e1d82b0
util.prosodyctl.check: Ensure that libunbound does not check hosts file
Kim Alvefur <zash@zash.se>
parents:
11620
diff
changeset
|
412 |
local unbound_config = configmanager.get("*", "unbound") or {}; |
166f8e1d82b0
util.prosodyctl.check: Ensure that libunbound does not check hosts file
Kim Alvefur <zash@zash.se>
parents:
11620
diff
changeset
|
413 |
unbound_config.hoststxt = false; -- don't look at /etc/hosts |
166f8e1d82b0
util.prosodyctl.check: Ensure that libunbound does not check hosts file
Kim Alvefur <zash@zash.se>
parents:
11620
diff
changeset
|
414 |
configmanager.set("*", "unbound", unbound_config); |
11649
3be346c5b940
util.prosodyctl.check: Reload unbound to ensure hosts.txt is ignored
Kim Alvefur <zash@zash.se>
parents:
11639
diff
changeset
|
415 |
unbound.purge(); -- ensure the above config is used |
3be346c5b940
util.prosodyctl.check: Reload unbound to ensure hosts.txt is ignored
Kim Alvefur <zash@zash.se>
parents:
11639
diff
changeset
|
416 |
dns = unbound.dns; |
10975
3cdb4a7cb406
util.prosodyctl.check: Use net.unbound for DNS if available
Kim Alvefur <zash@zash.se>
parents:
10936
diff
changeset
|
417 |
end) |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
418 |
local idna = require "util.encodings".idna; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
419 |
local ip = require "util.ip"; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
420 |
local c2s_ports = set.new(configmanager.get("*", "c2s_ports") or {5222}); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
421 |
local s2s_ports = set.new(configmanager.get("*", "s2s_ports") or {5269}); |
11782
f254fd16218a
mod_c2s: Rename Direct TLS listener 'c2s_direct_tls' for clarity
Kim Alvefur <zash@zash.se>
parents:
11781
diff
changeset
|
422 |
local c2s_tls_ports = set.new(configmanager.get("*", "c2s_direct_tls_ports") or {}); |
11780
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
423 |
local s2s_tls_ports = set.new(configmanager.get("*", "s2s_direct_tls_ports") or {}); |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
424 |
|
11780
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
425 |
local c2s_srv_required, s2s_srv_required, c2s_tls_srv_required, s2s_tls_srv_required; |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
426 |
if not c2s_ports:contains(5222) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
427 |
c2s_srv_required = true; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
428 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
429 |
if not s2s_ports:contains(5269) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
430 |
s2s_srv_required = true; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
431 |
end |
11619
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
432 |
if not c2s_tls_ports:empty() then |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
433 |
c2s_tls_srv_required = true; |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
434 |
end |
11780
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
435 |
if not s2s_tls_ports:empty() then |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
436 |
s2s_tls_srv_required = true; |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
437 |
end |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
438 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
439 |
local problem_hosts = set.new(); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
440 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
441 |
local external_addresses, internal_addresses = set.new(), set.new(); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
442 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
443 |
local fqdn = socket.dns.tohostname(socket.dns.gethostname()); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
444 |
if fqdn then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
445 |
do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
446 |
local res = dns.lookup(idna.to_ascii(fqdn), "A"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
447 |
if res then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
448 |
for _, record in ipairs(res) do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
449 |
external_addresses:add(record.a); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
450 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
451 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
452 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
453 |
do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
454 |
local res = dns.lookup(idna.to_ascii(fqdn), "AAAA"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
455 |
if res then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
456 |
for _, record in ipairs(res) do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
457 |
external_addresses:add(record.aaaa); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
458 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
459 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
460 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
461 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
462 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
463 |
local local_addresses = require"util.net".local_addresses() or {}; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
464 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
465 |
for addr in it.values(local_addresses) do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
466 |
if not ip.new_ip(addr).private then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
467 |
external_addresses:add(addr); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
468 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
469 |
internal_addresses:add(addr); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
470 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
471 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
472 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
473 |
if external_addresses:empty() then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
474 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
475 |
print(" Failed to determine the external addresses of this server. Checks may be inaccurate."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
476 |
c2s_srv_required, s2s_srv_required = true, true; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
477 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
478 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
479 |
local v6_supported = not not socket.tcp6; |
11928
53e68227c2c0
util.prosodyctl.check: Respect use_ipv4/v6 in proxy65 check
Kim Alvefur <zash@zash.se>
parents:
11927
diff
changeset
|
480 |
local use_ipv4 = configmanager.get("*", "use_ipv4") ~= false; |
53e68227c2c0
util.prosodyctl.check: Respect use_ipv4/v6 in proxy65 check
Kim Alvefur <zash@zash.se>
parents:
11927
diff
changeset
|
481 |
local use_ipv6 = v6_supported and configmanager.get("*", "use_ipv6") ~= false; |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
482 |
|
11659
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
483 |
local function trim_dns_name(n) |
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
484 |
return (n:gsub("%.$", "")); |
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
485 |
end |
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
486 |
|
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
487 |
for jid, host_options in enabled_hosts() do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
488 |
local all_targets_ok, some_targets_ok = true, false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
489 |
local node, host = jid_split(jid); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
490 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
491 |
local modules, component_module = modulemanager.get_modules_for_host(host); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
492 |
if component_module then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
493 |
modules:add(component_module); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
494 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
495 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
496 |
local is_component = not not host_options.component_module; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
497 |
print("Checking DNS for "..(is_component and "component" or "host").." "..jid.."..."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
498 |
if node then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
499 |
print("Only the domain part ("..host..") is used in DNS.") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
500 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
501 |
local target_hosts = set.new(); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
502 |
if modules:contains("c2s") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
503 |
local res = dns.lookup("_xmpp-client._tcp."..idna.to_ascii(host)..".", "SRV"); |
11617
c8a9f77d48fd
util.prosodyctl.check: Fix for net.dns vs unbound API difference
Kim Alvefur <zash@zash.se>
parents:
11616
diff
changeset
|
504 |
if res and #res > 0 then |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
505 |
for _, record in ipairs(res) do |
10936
ea4a7619058f
util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents:
10875
diff
changeset
|
506 |
if record.srv.target == "." then -- TODO is this an error if mod_c2s is enabled? |
ea4a7619058f
util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents:
10875
diff
changeset
|
507 |
print(" 'xmpp-client' service disabled by pointing to '.'"); -- FIXME Explain better what this is |
ea4a7619058f
util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents:
10875
diff
changeset
|
508 |
break; |
ea4a7619058f
util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents:
10875
diff
changeset
|
509 |
end |
11659
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
510 |
local target = trim_dns_name(record.srv.target); |
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
511 |
target_hosts:add(target); |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
512 |
if not c2s_ports:contains(record.srv.port) then |
11659
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
513 |
print(" SRV target "..target.." contains unknown client port: "..record.srv.port); |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
514 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
515 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
516 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
517 |
if c2s_srv_required then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
518 |
print(" No _xmpp-client SRV record found for "..host..", but it looks like you need one."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
519 |
all_targets_ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
520 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
521 |
target_hosts:add(host); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
522 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
523 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
524 |
end |
11619
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
525 |
if modules:contains("c2s") and c2s_tls_srv_required then |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
526 |
local res = dns.lookup("_xmpps-client._tcp."..idna.to_ascii(host)..".", "SRV"); |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
527 |
if res and #res > 0 then |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
528 |
for _, record in ipairs(res) do |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
529 |
if record.srv.target == "." then -- TODO is this an error if mod_c2s is enabled? |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
530 |
print(" 'xmpps-client' service disabled by pointing to '.'"); -- FIXME Explain better what this is |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
531 |
break; |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
532 |
end |
11659
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
533 |
local target = trim_dns_name(record.srv.target); |
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
534 |
target_hosts:add(target); |
11619
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
535 |
if not c2s_tls_ports:contains(record.srv.port) then |
11659
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
536 |
print(" SRV target "..target.." contains unknown Direct TLS client port: "..record.srv.port); |
11619
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
537 |
end |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
538 |
end |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
539 |
else |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
540 |
print(" No _xmpps-client SRV record found for "..host..", but it looks like you need one."); |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
541 |
all_targets_ok = false; |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
542 |
end |
8e16fd976c57
util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents:
11617
diff
changeset
|
543 |
end |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
544 |
if modules:contains("s2s") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
545 |
local res = dns.lookup("_xmpp-server._tcp."..idna.to_ascii(host)..".", "SRV"); |
11617
c8a9f77d48fd
util.prosodyctl.check: Fix for net.dns vs unbound API difference
Kim Alvefur <zash@zash.se>
parents:
11616
diff
changeset
|
546 |
if res and #res > 0 then |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
547 |
for _, record in ipairs(res) do |
10936
ea4a7619058f
util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents:
10875
diff
changeset
|
548 |
if record.srv.target == "." then -- TODO Is this an error if mod_s2s is enabled? |
ea4a7619058f
util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents:
10875
diff
changeset
|
549 |
print(" 'xmpp-server' service disabled by pointing to '.'"); -- FIXME Explain better what this is |
ea4a7619058f
util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents:
10875
diff
changeset
|
550 |
break; |
ea4a7619058f
util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents:
10875
diff
changeset
|
551 |
end |
11659
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
552 |
local target = trim_dns_name(record.srv.target); |
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
553 |
target_hosts:add(target); |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
554 |
if not s2s_ports:contains(record.srv.port) then |
11659
bbf50525faa5
util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents:
11658
diff
changeset
|
555 |
print(" SRV target "..target.." contains unknown server port: "..record.srv.port); |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
556 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
557 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
558 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
559 |
if s2s_srv_required then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
560 |
print(" No _xmpp-server SRV record found for "..host..", but it looks like you need one."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
561 |
all_targets_ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
562 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
563 |
target_hosts:add(host); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
564 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
565 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
566 |
end |
11780
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
567 |
if modules:contains("s2s") and s2s_tls_srv_required then |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
568 |
local res = dns.lookup("_xmpps-server._tcp."..idna.to_ascii(host)..".", "SRV"); |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
569 |
if res and #res > 0 then |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
570 |
for _, record in ipairs(res) do |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
571 |
if record.srv.target == "." then -- TODO is this an error if mod_s2s is enabled? |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
572 |
print(" 'xmpps-server' service disabled by pointing to '.'"); -- FIXME Explain better what this is |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
573 |
break; |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
574 |
end |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
575 |
local target = trim_dns_name(record.srv.target); |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
576 |
target_hosts:add(target); |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
577 |
if not s2s_tls_ports:contains(record.srv.port) then |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
578 |
print(" SRV target "..target.." contains unknown Direct TLS server port: "..record.srv.port); |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
579 |
end |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
580 |
end |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
581 |
else |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
582 |
print(" No _xmpps-server SRV record found for "..host..", but it looks like you need one."); |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
583 |
all_targets_ok = false; |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
584 |
end |
1132a1f1ca5a
util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents:
11659
diff
changeset
|
585 |
end |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
586 |
if target_hosts:empty() then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
587 |
target_hosts:add(host); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
588 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
589 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
590 |
if target_hosts:contains("localhost") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
591 |
print(" Target 'localhost' cannot be accessed from other servers"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
592 |
target_hosts:remove("localhost"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
593 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
594 |
|
12221
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
595 |
local function check_address(target) |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
596 |
local A, AAAA = dns.lookup(idna.to_ascii(target), "A"), dns.lookup(idna.to_ascii(target), "AAAA"); |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
597 |
local prob = {}; |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
598 |
if use_ipv4 and not A then table.insert(prob, "A"); end |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
599 |
if use_ipv6 and not AAAA then table.insert(prob, "AAAA"); end |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
600 |
return prob; |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
601 |
end |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
602 |
|
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
603 |
if modules:contains("proxy65") then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
604 |
local proxy65_target = configmanager.get(host, "proxy65_address") or host; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
605 |
if type(proxy65_target) == "string" then |
12221
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
606 |
local prob = check_address(proxy65_target); |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
607 |
if #prob > 0 then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
608 |
print(" File transfer proxy "..proxy65_target.." has no "..table.concat(prob, "/") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
609 |
.." record. Create one or set 'proxy65_address' to the correct host/IP."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
610 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
611 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
612 |
print(" proxy65_address for "..host.." should be set to a string, unable to perform DNS check"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
613 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
614 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
615 |
|
12221
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
616 |
local known_http_modules = set.new { "bosh"; "http_files"; "http_file_share"; "http_openmetrics"; "websocket" }; |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
617 |
local function contains_match(hayset, needle) |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
618 |
for member in hayset do if member:find(needle) then return true end end |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
619 |
end |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
620 |
|
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
621 |
if modules:contains("http") or not set.intersection(modules, known_http_modules):empty() |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
622 |
or contains_match(modules, "^http_") or contains_match(modules, "_web$") then |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
623 |
|
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
624 |
local http_host = configmanager.get(host, "http_host") or host; |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
625 |
local http_internal_host = http_host; |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
626 |
local http_url = configmanager.get(host, "http_external_url"); |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
627 |
if http_url then |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
628 |
local url_parse = require "socket.url"; |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
629 |
local external_url_parts = url_parse(http_url); |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
630 |
if external_url_parts then |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
631 |
http_host = external_url_parts.host; |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
632 |
else |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
633 |
print(" The 'http_external_url' setting is not a valid URL"); |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
634 |
end |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
635 |
end |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
636 |
|
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
637 |
local prob = check_address(http_host); |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
638 |
if #prob > 1 then |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
639 |
print(" HTTP service " .. http_host .. " has no " .. table.concat(prob, "/") .. " record. Create one or change " |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
640 |
.. (http_url and "'http_external_url'" or "'http_host'").." to the correct host."); |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
641 |
end |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
642 |
|
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
643 |
if http_host ~= http_internal_host then |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
644 |
print(" Ensure the reverse proxy sets the HTTP Host header to '" .. http_internal_host .. "'"); |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
645 |
end |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
646 |
end |
39043233de04
util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents:
12163
diff
changeset
|
647 |
|
11656
887d7b15e21b
util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false
Kim Alvefur <zash@zash.se>
parents:
11655
diff
changeset
|
648 |
if not use_ipv4 and not use_ipv6 then |
887d7b15e21b
util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false
Kim Alvefur <zash@zash.se>
parents:
11655
diff
changeset
|
649 |
print(" Both IPv6 and IPv4 are disabled, Prosody will not listen on any ports"); |
887d7b15e21b
util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false
Kim Alvefur <zash@zash.se>
parents:
11655
diff
changeset
|
650 |
print(" nor be able to connect to any remote servers."); |
887d7b15e21b
util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false
Kim Alvefur <zash@zash.se>
parents:
11655
diff
changeset
|
651 |
all_targets_ok = false; |
887d7b15e21b
util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false
Kim Alvefur <zash@zash.se>
parents:
11655
diff
changeset
|
652 |
end |
887d7b15e21b
util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false
Kim Alvefur <zash@zash.se>
parents:
11655
diff
changeset
|
653 |
|
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
654 |
for target_host in target_hosts do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
655 |
local host_ok_v4, host_ok_v6; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
656 |
do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
657 |
local res = dns.lookup(idna.to_ascii(target_host), "A"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
658 |
if res then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
659 |
for _, record in ipairs(res) do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
660 |
if external_addresses:contains(record.a) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
661 |
some_targets_ok = true; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
662 |
host_ok_v4 = true; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
663 |
elseif internal_addresses:contains(record.a) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
664 |
host_ok_v4 = true; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
665 |
some_targets_ok = true; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
666 |
print(" "..target_host.." A record points to internal address, external connections might fail"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
667 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
668 |
print(" "..target_host.." A record points to unknown address "..record.a); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
669 |
all_targets_ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
670 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
671 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
672 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
673 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
674 |
do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
675 |
local res = dns.lookup(idna.to_ascii(target_host), "AAAA"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
676 |
if res then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
677 |
for _, record in ipairs(res) do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
678 |
if external_addresses:contains(record.aaaa) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
679 |
some_targets_ok = true; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
680 |
host_ok_v6 = true; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
681 |
elseif internal_addresses:contains(record.aaaa) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
682 |
host_ok_v6 = true; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
683 |
some_targets_ok = true; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
684 |
print(" "..target_host.." AAAA record points to internal address, external connections might fail"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
685 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
686 |
print(" "..target_host.." AAAA record points to unknown address "..record.aaaa); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
687 |
all_targets_ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
688 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
689 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
690 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
691 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
692 |
|
11657
51141309ffc4
util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents:
11656
diff
changeset
|
693 |
if host_ok_v4 and not use_ipv4 then |
51141309ffc4
util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents:
11656
diff
changeset
|
694 |
print(" Host "..target_host.." does seem to resolve to this server but IPv4 has been disabled"); |
51141309ffc4
util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents:
11656
diff
changeset
|
695 |
all_targets_ok = false; |
51141309ffc4
util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents:
11656
diff
changeset
|
696 |
end |
51141309ffc4
util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents:
11656
diff
changeset
|
697 |
|
51141309ffc4
util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents:
11656
diff
changeset
|
698 |
if host_ok_v6 and not use_ipv6 then |
51141309ffc4
util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents:
11656
diff
changeset
|
699 |
print(" Host "..target_host.." does seem to resolve to this server but IPv6 has been disabled"); |
51141309ffc4
util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents:
11656
diff
changeset
|
700 |
all_targets_ok = false; |
51141309ffc4
util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents:
11656
diff
changeset
|
701 |
end |
51141309ffc4
util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents:
11656
diff
changeset
|
702 |
|
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
703 |
local bad_protos = {} |
11655
c9f46d28ed7e
util.prosodyctl.check: Silence IP protocol mismatches when disabled
Kim Alvefur <zash@zash.se>
parents:
11649
diff
changeset
|
704 |
if use_ipv4 and not host_ok_v4 then |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
705 |
table.insert(bad_protos, "IPv4"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
706 |
end |
11655
c9f46d28ed7e
util.prosodyctl.check: Silence IP protocol mismatches when disabled
Kim Alvefur <zash@zash.se>
parents:
11649
diff
changeset
|
707 |
if use_ipv6 and not host_ok_v6 then |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
708 |
table.insert(bad_protos, "IPv6"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
709 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
710 |
if #bad_protos > 0 then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
711 |
print(" Host "..target_host.." does not seem to resolve to this server ("..table.concat(bad_protos, "/")..")"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
712 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
713 |
if host_ok_v6 and not v6_supported then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
714 |
print(" Host "..target_host.." has AAAA records, but your version of LuaSocket does not support IPv6."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
715 |
print(" Please see https://prosody.im/doc/ipv6 for more information."); |
11929
3e0d03a74285
util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false
Kim Alvefur <zash@zash.se>
parents:
11928
diff
changeset
|
716 |
elseif host_ok_v6 and not use_ipv6 then |
3e0d03a74285
util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false
Kim Alvefur <zash@zash.se>
parents:
11928
diff
changeset
|
717 |
print(" Host "..target_host.." has AAAA records, but IPv6 is disabled."); |
3e0d03a74285
util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false
Kim Alvefur <zash@zash.se>
parents:
11928
diff
changeset
|
718 |
-- TODO Tell them to drop the AAAA records or enable IPv6? |
3e0d03a74285
util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false
Kim Alvefur <zash@zash.se>
parents:
11928
diff
changeset
|
719 |
print(" Please see https://prosody.im/doc/ipv6 for more information."); |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
720 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
721 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
722 |
if not all_targets_ok then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
723 |
print(" "..(some_targets_ok and "Only some" or "No").." targets for "..host.." appear to resolve to this server."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
724 |
if is_component then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
725 |
print(" DNS records are necessary if you want users on other servers to access this component."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
726 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
727 |
problem_hosts:add(host); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
728 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
729 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
730 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
731 |
if not problem_hosts:empty() then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
732 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
733 |
print("For more information about DNS configuration please see https://prosody.im/doc/dns"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
734 |
print(""); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
735 |
ok = false; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
736 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
737 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
738 |
if not what or what == "certs" then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
739 |
local cert_ok; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
740 |
print"Checking certificates..." |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
741 |
local x509_verify_identity = require"util.x509".verify_identity; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
742 |
local create_context = require "core.certmanager".create_context; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
743 |
local ssl = dependencies.softreq"ssl"; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
744 |
-- local datetime_parse = require"util.datetime".parse_x509; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
745 |
local load_cert = ssl and ssl.loadcertificate; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
746 |
-- or ssl.cert_from_pem |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
747 |
if not ssl then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
748 |
print("LuaSec not available, can't perform certificate checks") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
749 |
if what == "certs" then cert_ok = false end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
750 |
elseif not load_cert then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
751 |
print("This version of LuaSec (" .. ssl._VERSION .. ") does not support certificate checking"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
752 |
cert_ok = false |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
753 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
754 |
for host in it.filter(skip_bare_jid_hosts, enabled_hosts()) do |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
755 |
print("Checking certificate for "..host); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
756 |
-- First, let's find out what certificate this host uses. |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
757 |
local host_ssl_config = configmanager.rawget(host, "ssl") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
758 |
or configmanager.rawget(host:match("%.(.*)"), "ssl"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
759 |
local global_ssl_config = configmanager.rawget("*", "ssl"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
760 |
local ok, err, ssl_config = create_context(host, "server", host_ssl_config, global_ssl_config); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
761 |
if not ok then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
762 |
print(" Error: "..err); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
763 |
cert_ok = false |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
764 |
elseif not ssl_config.certificate then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
765 |
print(" No 'certificate' found for "..host) |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
766 |
cert_ok = false |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
767 |
elseif not ssl_config.key then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
768 |
print(" No 'key' found for "..host) |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
769 |
cert_ok = false |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
770 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
771 |
local key, err = io.open(ssl_config.key); -- Permissions check only |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
772 |
if not key then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
773 |
print(" Could not open "..ssl_config.key..": "..err); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
774 |
cert_ok = false |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
775 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
776 |
key:close(); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
777 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
778 |
local cert_fh, err = io.open(ssl_config.certificate); -- Load the file. |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
779 |
if not cert_fh then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
780 |
print(" Could not open "..ssl_config.certificate..": "..err); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
781 |
cert_ok = false |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
782 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
783 |
print(" Certificate: "..ssl_config.certificate) |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
784 |
local cert = load_cert(cert_fh:read"*a"); cert_fh:close(); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
785 |
if not cert:validat(os.time()) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
786 |
print(" Certificate has expired.") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
787 |
cert_ok = false |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
788 |
elseif not cert:validat(os.time() + 86400) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
789 |
print(" Certificate expires within one day.") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
790 |
cert_ok = false |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
791 |
elseif not cert:validat(os.time() + 86400*7) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
792 |
print(" Certificate expires within one week.") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
793 |
elseif not cert:validat(os.time() + 86400*31) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
794 |
print(" Certificate expires within one month.") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
795 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
796 |
if configmanager.get(host, "component_module") == nil |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
797 |
and not x509_verify_identity(host, "_xmpp-client", cert) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
798 |
print(" Not valid for client connections to "..host..".") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
799 |
cert_ok = false |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
800 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
801 |
if (not (configmanager.get(host, "anonymous_login") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
802 |
or configmanager.get(host, "authentication") == "anonymous")) |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
803 |
and not x509_verify_identity(host, "_xmpp-server", cert) then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
804 |
print(" Not valid for server-to-server connections to "..host..".") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
805 |
cert_ok = false |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
806 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
807 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
808 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
809 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
810 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
811 |
if cert_ok == false then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
812 |
print("") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
813 |
print("For more information about certificates please see https://prosody.im/doc/certificates"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
814 |
ok = false |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
815 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
816 |
print("") |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
817 |
end |
11783
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
818 |
-- intentionally not doing this by default |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
819 |
if what == "connectivity" then |
11786
d93107de52dd
util.prosodyctl.check: Ignore unused "ok" variable [luacheck]
Kim Alvefur <zash@zash.se>
parents:
11784
diff
changeset
|
820 |
local _, prosody_is_running = is_prosody_running(); |
11784
98ae95235775
util.prosodyctl.check: Refuse to do ojn test unless prosody is running
Kim Alvefur <zash@zash.se>
parents:
11783
diff
changeset
|
821 |
if configmanager.get("*", "pidfile") and not prosody_is_running then |
98ae95235775
util.prosodyctl.check: Refuse to do ojn test unless prosody is running
Kim Alvefur <zash@zash.se>
parents:
11783
diff
changeset
|
822 |
print("Prosody does not appear to be running, which is required for this test."); |
98ae95235775
util.prosodyctl.check: Refuse to do ojn test unless prosody is running
Kim Alvefur <zash@zash.se>
parents:
11783
diff
changeset
|
823 |
print("Start it and then try again."); |
98ae95235775
util.prosodyctl.check: Refuse to do ojn test unless prosody is running
Kim Alvefur <zash@zash.se>
parents:
11783
diff
changeset
|
824 |
return 1; |
98ae95235775
util.prosodyctl.check: Refuse to do ojn test unless prosody is running
Kim Alvefur <zash@zash.se>
parents:
11783
diff
changeset
|
825 |
end |
98ae95235775
util.prosodyctl.check: Refuse to do ojn test unless prosody is running
Kim Alvefur <zash@zash.se>
parents:
11783
diff
changeset
|
826 |
|
11831
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
827 |
local checker = "observe.jabber.network"; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
828 |
local probe_instance; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
829 |
local probe_modules = { |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
830 |
["xmpp-client"] = "c2s_normal_auth"; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
831 |
["xmpp-server"] = "s2s_normal"; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
832 |
["xmpps-client"] = nil; -- TODO |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
833 |
["xmpps-server"] = nil; -- TODO |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
834 |
}; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
835 |
local probe_settings = configmanager.get("*", "connectivity_probe"); |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
836 |
if type(probe_settings) == "string" then |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
837 |
probe_instance = probe_settings; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
838 |
elseif type(probe_settings) == "table" and type(probe_settings.url) == "string" then |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
839 |
probe_instance = probe_settings.url; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
840 |
if type(probe_settings.modules) == "table" then |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
841 |
probe_modules = probe_settings.modules; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
842 |
end |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
843 |
elseif probe_settings ~= nil then |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
844 |
print("The 'connectivity_probe' setting not understood."); |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
845 |
print("Expected an URL or a table with 'url' and 'modules' fields"); |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
846 |
print("See https://prosody.im/doc/prosodyctl#check for more information."); -- FIXME |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
847 |
return 1; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
848 |
end |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
849 |
|
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
850 |
local check_api; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
851 |
if probe_instance then |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
852 |
local parsed_url = socket_url.parse(probe_instance); |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
853 |
if not parsed_url then |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
854 |
print(("'connectivity_probe' is not a valid URL: %q"):format(probe_instance)); |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
855 |
print("Set it to the URL of an XMPP Blackbox Exporter instance and try again"); |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
856 |
return 1; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
857 |
end |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
858 |
checker = parsed_url.host; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
859 |
|
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
860 |
function check_api(protocol, host) |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
861 |
local target = socket_url.build({scheme="xmpp",path=host}); |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
862 |
local probe_module = probe_modules[protocol]; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
863 |
if not probe_module then |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
864 |
return nil, "Checking protocol '"..protocol.."' is currently unsupported"; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
865 |
end |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
866 |
return check_probe(probe_instance, probe_module, target); |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
867 |
end |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
868 |
else |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
869 |
check_api = check_ojn; |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
870 |
end |
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
871 |
|
11783
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
872 |
for host in it.filter(skip_bare_jid_hosts, enabled_hosts()) do |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
873 |
local modules, component_module = modulemanager.get_modules_for_host(host); |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
874 |
if component_module then |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
875 |
modules:add(component_module) |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
876 |
end |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
877 |
|
11831
2359519260ec
prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents:
11830
diff
changeset
|
878 |
print("Checking external connectivity for "..host.." via "..checker) |
11783
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
879 |
local function check_connectivity(protocol) |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
880 |
local success, err = check_api(protocol, host); |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
881 |
if not success and err ~= nil then |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
882 |
print((" %s: Failed to request check at API: %s"):format(protocol, err)) |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
883 |
elseif success then |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
884 |
print((" %s: Works"):format(protocol)) |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
885 |
else |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
886 |
print((" %s: Check service failed to establish (secure) connection"):format(protocol)) |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
887 |
ok = false |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
888 |
end |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
889 |
end |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
890 |
|
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
891 |
if modules:contains("c2s") then |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
892 |
check_connectivity("xmpp-client") |
11961
3a7ce7df7806
util.prosodyctl.check: Support direct TLS connectivity checks
Kim Alvefur <zash@zash.se>
parents:
11944
diff
changeset
|
893 |
if configmanager.get("*", "c2s_direct_tls_ports") then |
3a7ce7df7806
util.prosodyctl.check: Support direct TLS connectivity checks
Kim Alvefur <zash@zash.se>
parents:
11944
diff
changeset
|
894 |
check_connectivity("xmpps-client"); |
3a7ce7df7806
util.prosodyctl.check: Support direct TLS connectivity checks
Kim Alvefur <zash@zash.se>
parents:
11944
diff
changeset
|
895 |
end |
11783
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
896 |
end |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
897 |
|
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
898 |
if modules:contains("s2s") then |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
899 |
check_connectivity("xmpp-server") |
11961
3a7ce7df7806
util.prosodyctl.check: Support direct TLS connectivity checks
Kim Alvefur <zash@zash.se>
parents:
11944
diff
changeset
|
900 |
if configmanager.get("*", "s2s_direct_tls_ports") then |
3a7ce7df7806
util.prosodyctl.check: Support direct TLS connectivity checks
Kim Alvefur <zash@zash.se>
parents:
11944
diff
changeset
|
901 |
check_connectivity("xmpps-server"); |
3a7ce7df7806
util.prosodyctl.check: Support direct TLS connectivity checks
Kim Alvefur <zash@zash.se>
parents:
11944
diff
changeset
|
902 |
end |
11783
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
903 |
end |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
904 |
|
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
905 |
print() |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
906 |
end |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
907 |
print("Note: The connectivity check only checks the reachability of the domain.") |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
908 |
print("Note: It does not ensure that the check actually reaches this specific prosody instance.") |
f4f0bdaeabd2
prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents:
11782
diff
changeset
|
909 |
end |
10875
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
910 |
if not ok then |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
911 |
print("Problems found, see above."); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
912 |
else |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
913 |
print("All checks passed, congratulations!"); |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
914 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
915 |
return ok and 0 or 2; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
916 |
end |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
917 |
|
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
918 |
return { |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
919 |
check = check; |
e5dee71d0ebb
prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
920 |
}; |