Software /
code /
prosody-modules
Annotate
mod_http_health/mod_http_health.lua @ 5734:c782f220b3ee
mod_audit: Fix storing IP prefixes
Was essentially calling new_ip(new_ip())
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 13 Nov 2023 16:55:12 +0100 |
parent | 5712:09233b625cb9 |
rev | line source |
---|---|
5161
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 module:set_global(); |
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
5712
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
3 local ip = require "util.ip"; |
5161
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 local modulemanager = require "core.modulemanager"; |
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
5712
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
7 local permitted_ips = module:get_option_set("http_health_allow_ips", { "::1", "127.0.0.1" }); |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
8 local permitted_cidr = module:get_option_string("http_health_allow_cidr"); |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
9 |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
10 local function is_permitted(request) |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
11 local ip_raw = request.ip; |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
12 if permitted_ips:contains(ip_raw) or |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
13 (permitted_cidr and ip.match(ip.new_ip(ip_raw), ip.parse_cidr(permitted_cidr))) then |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
14 return true; |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
15 end |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
16 return false; |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
17 end |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
18 |
5161
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 module:provides("http", { |
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 route = { |
5712
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
21 GET = function(event) |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
22 local request = event.request; |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
23 if not is_permitted(request) then |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
24 return 403; -- Forbidden |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
25 end |
09233b625cb9
mod_http_health: Copypaste IP access control code
Kim Alvefur <zash@zash.se>
parents:
5690
diff
changeset
|
26 |
5161
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 for host in pairs(prosody.hosts) do |
5690
9bcd257dea4e
mod_http_health: Provide a health check HTTP endpoint
Kim Alvefur <zash@zash.se>
parents:
5161
diff
changeset
|
28 local mods = modulemanager.get_modules(host); |
9bcd257dea4e
mod_http_health: Provide a health check HTTP endpoint
Kim Alvefur <zash@zash.se>
parents:
5161
diff
changeset
|
29 for _, mod in pairs(mods) do |
9bcd257dea4e
mod_http_health: Provide a health check HTTP endpoint
Kim Alvefur <zash@zash.se>
parents:
5161
diff
changeset
|
30 if mod.module.status_type == "error" then |
9bcd257dea4e
mod_http_health: Provide a health check HTTP endpoint
Kim Alvefur <zash@zash.se>
parents:
5161
diff
changeset
|
31 return { status_code = 500; headers = { content_type = "text/plain" }; body = "HAS ERRORS\n" }; |
9bcd257dea4e
mod_http_health: Provide a health check HTTP endpoint
Kim Alvefur <zash@zash.se>
parents:
5161
diff
changeset
|
32 end |
9bcd257dea4e
mod_http_health: Provide a health check HTTP endpoint
Kim Alvefur <zash@zash.se>
parents:
5161
diff
changeset
|
33 end |
5161
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 end |
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 |
5690
9bcd257dea4e
mod_http_health: Provide a health check HTTP endpoint
Kim Alvefur <zash@zash.se>
parents:
5161
diff
changeset
|
36 return { status_code = 200; headers = { content_type = "text/plain" }; body = "OK\n" }; |
5161
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 end; |
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 }; |
6af2d74daa15
mod_http_status: Report module statuses
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 }); |