Annotate

util/prosodyctl/check.lua @ 13742:47e537e340c4 default tip

Merge 13.0->trunk
author Matthew Wild <mwild1@gmail.com>
date Mon, 17 Feb 2025 23:06:26 +0000 (6 days ago)
parent 13727:704765bfe0a3
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
1 local configmanager = require "prosody.core.configmanager";
13218
e576c6a0d1f8 Merge 0.12->trunk
Kim Alvefur <zash@zash.se>
parents: 13122 13217
diff changeset
2 local moduleapi = require "prosody.core.moduleapi";
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
3 local show_usage = require "prosody.util.prosodyctl".show_usage;
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
4 local show_warning = require "prosody.util.prosodyctl".show_warning;
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
5 local is_prosody_running = require "prosody.util.prosodyctl".isrunning;
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
6 local parse_args = require "prosody.util.argparse".parse;
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
7 local dependencies = require "prosody.util.dependencies";
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 local socket = require "socket";
11827
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
9 local socket_url = require "socket.url";
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
10 local jid_split = require "prosody.util.jid".prepped_split;
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
11 local modulemanager = require "prosody.core.modulemanager";
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
12 local async = require "prosody.util.async";
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
13 local httputil = require "prosody.util.http";
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
15 local function api(host)
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
16 return setmetatable({ name = "prosodyctl.check"; host = host; log = prosody.log }, { __index = moduleapi })
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
17 end
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
18
11826
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
19 local function check_ojn(check_type, target_host)
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
20 local http = require "prosody.net.http"; -- .new({});
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
21 local json = require "prosody.util.json";
11779
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
22
11826
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
23 local response, err = async.wait_for(http.request(
11827
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
24 ("https://observe.jabber.network/api/v1/check/%s"):format(httputil.urlencode(check_type)),
11779
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
25 {
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
26 method="POST",
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
27 headers={["Accept"] = "application/json"; ["Content-Type"] = "application/json"},
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
28 body=json.encode({target=target_host}),
11826
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
29 }));
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
30
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
31 if not response then
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
32 return false, err;
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
33 end
11779
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
34
11826
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
35 if response.code ~= 200 then
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
36 return false, ("API replied with non-200 code: %d"):format(response.code);
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
37 end
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
38
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
39 local decoded_body, err = json.decode(response.body);
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
40 if decoded_body == nil then
e1c4cc5d0ef8 prosodyctl: Use HTTP client in promise mode for connectivity check
Kim Alvefur <zash@zash.se>
parents: 11807
diff changeset
41 return false, ("Failed to parse API JSON: %s"):format(err)
11779
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
42 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
43
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
44 local success = decoded_body["success"];
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
45 return success == true, nil;
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
46 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
47
11827
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
48 local function check_probe(base_url, probe_module, target)
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
49 local http = require "prosody.net.http"; -- .new({});
11827
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
50 local params = httputil.formencode({ module = probe_module; target = target })
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
51 local response, err = async.wait_for(http.request(base_url .. "?" .. params));
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
52
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
53 if not response then return false, err; end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
54
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
55 if response.code ~= 200 then return false, ("API replied with non-200 code: %d"):format(response.code); end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
56
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
57 for line in response.body:gmatch("[^\r\n]+") do
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
58 local probe_success = line:match("^probe_success%s+(%d+)");
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
59
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
60 if probe_success == "1" then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
61 return true;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
62 elseif probe_success == "0" then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
63 return false;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
64 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
65 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
66 return false, "Probe endpoint did not return a success status";
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
67 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
68
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
69 local function check_turn_service(turn_service, ping_service)
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
70 local ip = require "prosody.util.ip";
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
71 local stun = require "prosody.net.stun";
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
72
13580
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
73 local result = { warnings = {} };
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
74
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
75 -- Create UDP socket for communication with the server
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
76 local sock = assert(require "socket".udp());
13580
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
77 do
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
78 local ok, err = sock:setsockname("*", 0);
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
79 if not ok then
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
80 result.error = "Unable to perform TURN test: setsockname: "..tostring(err);
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
81 return result;
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
82 end
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
83 ok, err = sock:setpeername(turn_service.host, turn_service.port);
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
84 if not ok then
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
85 result.error = "Unable to perform TURN test: setpeername: "..tostring(err);
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
86 return result;
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
87 end
836efad8483c util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
Matthew Wild <mwild1@gmail.com>
parents: 13465
diff changeset
88 end
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
89 sock:settimeout(10);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
90
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
91 -- Helper function to receive a packet
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
92 local function receive_packet()
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
93 local raw_packet, err = sock:receive();
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
94 if not raw_packet then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
95 return nil, err;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
96 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
97 return stun.new_packet():deserialize(raw_packet);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
98 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
99
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
100 -- Send a "binding" query, i.e. a request for our external IP/port
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
101 local bind_query = stun.new_packet("binding", "request");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
102 bind_query:add_attribute("software", "prosodyctl check turn");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
103 sock:send(bind_query:serialize());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
104
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
105 local bind_result, err = receive_packet();
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
106 if not bind_result then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
107 result.error = "No STUN response: "..err;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
108 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
109 elseif bind_result:is_err_resp() then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
110 result.error = ("STUN server returned error: %d (%s)"):format(bind_result:get_error());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
111 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
112 elseif not bind_result:is_success_resp() then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
113 result.error = ("Unexpected STUN response: %d (%s)"):format(bind_result:get_type());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
114 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
115 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
116
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
117 result.external_ip = bind_result:get_xor_mapped_address();
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
118 if not result.external_ip then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
119 result.error = "STUN server did not return an address";
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
120 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
121 end
12384
53b4549c2209 prosodyctl: check turn: Add check for private IP returned from STUN.
Matthew Wild <mwild1@gmail.com>
parents: 12383
diff changeset
122 if ip.new_ip(result.external_ip.address).private then
53b4549c2209 prosodyctl: check turn: Add check for private IP returned from STUN.
Matthew Wild <mwild1@gmail.com>
parents: 12383
diff changeset
123 table.insert(result.warnings, "STUN returned a private IP! Is the TURN server behind a NAT and misconfigured?");
53b4549c2209 prosodyctl: check turn: Add check for private IP returned from STUN.
Matthew Wild <mwild1@gmail.com>
parents: 12383
diff changeset
124 end
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
125
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
126 -- Send a TURN "allocate" request. Expected to fail due to auth, but
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
127 -- necessary to obtain a valid realm/nonce from the server.
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
128 local pre_request = stun.new_packet("allocate", "request");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
129 sock:send(pre_request:serialize());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
130
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
131 local pre_result, err = receive_packet();
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
132 if not pre_result then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
133 result.error = "No initial TURN response: "..err;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
134 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
135 elseif pre_result:is_success_resp() then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
136 result.error = "TURN server does not have authentication enabled";
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
137 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
138 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
139
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
140 local realm = pre_result:get_attribute("realm");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
141 local nonce = pre_result:get_attribute("nonce");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
142
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
143 if not realm then
12383
a9b6ed86b573 prosodyctl: check turn: improve warning text to suggest issues
Matthew Wild <mwild1@gmail.com>
parents: 12382
diff changeset
144 table.insert(result.warnings, "TURN server did not return an authentication realm. Is authentication enabled?");
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
145 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
146 if not nonce then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
147 table.insert(result.warnings, "TURN server did not return a nonce");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
148 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
149
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
150 -- Use the configured secret to obtain temporary user/pass credentials
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
151 local turn_user, turn_pass = stun.get_user_pass_from_secret(turn_service.secret);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
152
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
153 -- Send a TURN allocate request, will fail if auth is wrong
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
154 local alloc_request = stun.new_packet("allocate", "request");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
155 alloc_request:add_requested_transport("udp");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
156 alloc_request:add_attribute("username", turn_user);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
157 if realm then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
158 alloc_request:add_attribute("realm", realm);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
159 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
160 if nonce then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
161 alloc_request:add_attribute("nonce", nonce);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
162 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
163 local key = stun.get_long_term_auth_key(realm or turn_service.host, turn_user, turn_pass);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
164 alloc_request:add_message_integrity(key);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
165 sock:send(alloc_request:serialize());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
166
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
167 -- Check the response
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
168 local alloc_response, err = receive_packet();
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
169 if not alloc_response then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
170 result.error = "TURN server did not response to allocation request: "..err;
12466
9ee41552bca0 util.prosodyctl: check turn: ensure a result is always returned from a check (thanks eTaurus)
Matthew Wild <mwild1@gmail.com>
parents: 12441
diff changeset
171 return result;
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
172 elseif alloc_response:is_err_resp() then
12741
7b3deafb9162 prosodyctl: check turn: More clearly indicate the error is from TURN server
Matthew Wild <mwild1@gmail.com>
parents: 12520
diff changeset
173 result.error = ("TURN server failed to create allocation: %d (%s)"):format(alloc_response:get_error());
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
174 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
175 elseif not alloc_response:is_success_resp() then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
176 result.error = ("Unexpected TURN response: %d (%s)"):format(alloc_response:get_type());
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
177 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
178 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
179
12375
ea5e46601cfb prosodyctl: check turn: show relayed address(es) in verbose mode
Matthew Wild <mwild1@gmail.com>
parents: 12373
diff changeset
180 result.relayed_addresses = alloc_response:get_xor_relayed_addresses();
ea5e46601cfb prosodyctl: check turn: show relayed address(es) in verbose mode
Matthew Wild <mwild1@gmail.com>
parents: 12373
diff changeset
181
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
182 if not ping_service then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
183 -- Success! We won't be running the relay test.
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
184 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
185 end
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
186
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
187 -- Run the relay test - i.e. send a binding request to ping_service
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
188 -- and receive a response.
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
189
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
190 -- Resolve the IP of the ping service
12373
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service
Matthew Wild <mwild1@gmail.com>
parents: 12372
diff changeset
191 local ping_host, ping_port = ping_service:match("^([^:]+):(%d+)$");
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service
Matthew Wild <mwild1@gmail.com>
parents: 12372
diff changeset
192 if ping_host then
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service
Matthew Wild <mwild1@gmail.com>
parents: 12372
diff changeset
193 ping_port = tonumber(ping_port);
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service
Matthew Wild <mwild1@gmail.com>
parents: 12372
diff changeset
194 else
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service
Matthew Wild <mwild1@gmail.com>
parents: 12372
diff changeset
195 -- Only a hostname specified, use default STUN port
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service
Matthew Wild <mwild1@gmail.com>
parents: 12372
diff changeset
196 ping_host, ping_port = ping_service, 3478;
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service
Matthew Wild <mwild1@gmail.com>
parents: 12372
diff changeset
197 end
12416
19fd28239e73 prosodyctl: check turn: Fail with error if our own address is supplied for the ping test
Matthew Wild <mwild1@gmail.com>
parents: 12414
diff changeset
198
19fd28239e73 prosodyctl: check turn: Fail with error if our own address is supplied for the ping test
Matthew Wild <mwild1@gmail.com>
parents: 12414
diff changeset
199 if ping_host == turn_service.host then
19fd28239e73 prosodyctl: check turn: Fail with error if our own address is supplied for the ping test
Matthew Wild <mwild1@gmail.com>
parents: 12414
diff changeset
200 result.error = ("Unable to perform ping test: please supply an external STUN server address. See https://prosody.im/doc/turn#prosodyctl-check");
19fd28239e73 prosodyctl: check turn: Fail with error if our own address is supplied for the ping test
Matthew Wild <mwild1@gmail.com>
parents: 12414
diff changeset
201 return result;
19fd28239e73 prosodyctl: check turn: Fail with error if our own address is supplied for the ping test
Matthew Wild <mwild1@gmail.com>
parents: 12414
diff changeset
202 end
19fd28239e73 prosodyctl: check turn: Fail with error if our own address is supplied for the ping test
Matthew Wild <mwild1@gmail.com>
parents: 12414
diff changeset
203
12373
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service
Matthew Wild <mwild1@gmail.com>
parents: 12372
diff changeset
204 local ping_service_ip, err = socket.dns.toip(ping_host);
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
205 if not ping_service_ip then
12379
6ac3c580c00d prosodyctl: check turn: Clearer error when unable to resolve external service host
Matthew Wild <mwild1@gmail.com>
parents: 12377
diff changeset
206 result.error = "Unable to resolve ping service hostname: "..err;
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
207 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
208 end
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
209
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
210 -- Ask the TURN server to allow packets from the ping service IP
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
211 local perm_request = stun.new_packet("create-permission");
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
212 perm_request:add_xor_peer_address(ping_service_ip);
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
213 perm_request:add_attribute("username", turn_user);
12382
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce
Matthew Wild <mwild1@gmail.com>
parents: 12381
diff changeset
214 if realm then
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce
Matthew Wild <mwild1@gmail.com>
parents: 12381
diff changeset
215 perm_request:add_attribute("realm", realm);
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce
Matthew Wild <mwild1@gmail.com>
parents: 12381
diff changeset
216 end
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce
Matthew Wild <mwild1@gmail.com>
parents: 12381
diff changeset
217 if nonce then
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce
Matthew Wild <mwild1@gmail.com>
parents: 12381
diff changeset
218 perm_request:add_attribute("nonce", nonce);
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce
Matthew Wild <mwild1@gmail.com>
parents: 12381
diff changeset
219 end
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
220 perm_request:add_message_integrity(key);
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
221 sock:send(perm_request:serialize());
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
222
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
223 local perm_response, err = receive_packet();
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
224 if not perm_response then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
225 result.error = "No response from TURN server when requesting peer permission: "..err;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
226 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
227 elseif perm_response:is_err_resp() then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
228 result.error = ("TURN permission request failed: %d (%s)"):format(perm_response:get_error());
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
229 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
230 elseif not perm_response:is_success_resp() then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
231 result.error = ("Unexpected TURN response: %d (%s)"):format(perm_response:get_type());
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
232 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
233 end
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
234
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
235 -- Ask the TURN server to relay a STUN binding request to the ping server
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
236 local ping_data = stun.new_packet("binding"):serialize();
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
237
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
238 local ping_request = stun.new_packet("send", "indication");
12373
5417ec7e2ee8 prosodyctl: check turn: Allow specifying port for the ping service
Matthew Wild <mwild1@gmail.com>
parents: 12372
diff changeset
239 ping_request:add_xor_peer_address(ping_service_ip, ping_port);
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
240 ping_request:add_attribute("data", ping_data);
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
241 ping_request:add_attribute("username", turn_user);
12382
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce
Matthew Wild <mwild1@gmail.com>
parents: 12381
diff changeset
242 if realm then
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce
Matthew Wild <mwild1@gmail.com>
parents: 12381
diff changeset
243 ping_request:add_attribute("realm", realm);
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce
Matthew Wild <mwild1@gmail.com>
parents: 12381
diff changeset
244 end
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce
Matthew Wild <mwild1@gmail.com>
parents: 12381
diff changeset
245 if nonce then
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce
Matthew Wild <mwild1@gmail.com>
parents: 12381
diff changeset
246 ping_request:add_attribute("nonce", nonce);
574cf096a426 prosodyctl: check turn: fix traceback when server does not provide realm/nonce
Matthew Wild <mwild1@gmail.com>
parents: 12381
diff changeset
247 end
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
248 ping_request:add_message_integrity(key);
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
249 sock:send(ping_request:serialize());
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
250
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
251 local ping_response, err = receive_packet();
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
252 if not ping_response then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
253 result.error = "No response from ping server ("..ping_service_ip.."): "..err;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
254 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
255 elseif not ping_response:is_indication() or select(2, ping_response:get_method()) ~= "data" then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
256 result.error = ("Unexpected TURN response: %s %s"):format(select(2, ping_response:get_method()), select(2, ping_response:get_type()));
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
257 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
258 end
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
259
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
260 local pong_data = ping_response:get_attribute("data");
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
261 if not pong_data then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
262 result.error = "No data relayed from remote server";
12466
9ee41552bca0 util.prosodyctl: check turn: ensure a result is always returned from a check (thanks eTaurus)
Matthew Wild <mwild1@gmail.com>
parents: 12441
diff changeset
263 return result;
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
264 end
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
265 local pong = stun.new_packet():deserialize(pong_data);
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
266
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
267 result.external_ip_pong = pong:get_xor_mapped_address();
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
268 if not result.external_ip_pong then
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
269 result.error = "Ping server did not return an address";
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
270 return result;
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
271 end
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
272
12390
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT
Matthew Wild <mwild1@gmail.com>
parents: 12385
diff changeset
273 local relay_address_found, relay_port_matches;
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT
Matthew Wild <mwild1@gmail.com>
parents: 12385
diff changeset
274 for _, relayed_address in ipairs(result.relayed_addresses) do
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT
Matthew Wild <mwild1@gmail.com>
parents: 12385
diff changeset
275 if relayed_address.address == result.external_ip_pong.address then
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT
Matthew Wild <mwild1@gmail.com>
parents: 12385
diff changeset
276 relay_address_found = true;
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT
Matthew Wild <mwild1@gmail.com>
parents: 12385
diff changeset
277 relay_port_matches = result.external_ip_pong.port == relayed_address.port;
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT
Matthew Wild <mwild1@gmail.com>
parents: 12385
diff changeset
278 end
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT
Matthew Wild <mwild1@gmail.com>
parents: 12385
diff changeset
279 end
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT
Matthew Wild <mwild1@gmail.com>
parents: 12385
diff changeset
280 if not relay_address_found then
12383
a9b6ed86b573 prosodyctl: check turn: improve warning text to suggest issues
Matthew Wild <mwild1@gmail.com>
parents: 12382
diff changeset
281 table.insert(result.warnings, "TURN external IP vs relay address mismatch! Is the TURN server behind a NAT and misconfigured?");
12390
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT
Matthew Wild <mwild1@gmail.com>
parents: 12385
diff changeset
282 elseif not relay_port_matches then
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT
Matthew Wild <mwild1@gmail.com>
parents: 12385
diff changeset
283 table.insert(result.warnings, "External port does not match reported relay port! This is probably caused by a NAT in front of the TURN server.");
12383
a9b6ed86b573 prosodyctl: check turn: improve warning text to suggest issues
Matthew Wild <mwild1@gmail.com>
parents: 12382
diff changeset
284 end
a9b6ed86b573 prosodyctl: check turn: improve warning text to suggest issues
Matthew Wild <mwild1@gmail.com>
parents: 12382
diff changeset
285
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
286 --
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
287
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
288 return result;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
289 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
290
11779
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
291 local function skip_bare_jid_hosts(host)
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
292 if jid_split(host) then
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
293 -- See issue #779
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
294 return false;
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
295 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
296 return true;
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
297 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
298
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
299 local check_opts = {
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
300 short_params = {
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
301 h = "help", v = "verbose";
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
302 };
12376
10353ad0ca7a prosodyctl: check: Slightly improved argument handling
Matthew Wild <mwild1@gmail.com>
parents: 12375
diff changeset
303 value_params = {
10353ad0ca7a prosodyctl: check: Slightly improved argument handling
Matthew Wild <mwild1@gmail.com>
parents: 12375
diff changeset
304 ping = true;
10353ad0ca7a prosodyctl: check: Slightly improved argument handling
Matthew Wild <mwild1@gmail.com>
parents: 12375
diff changeset
305 };
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
306 };
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
307
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
308 local function check(arg)
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
309 if arg[1] == "help" or arg[1] == "--help" then
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
310 show_usage([[check]], [[Perform basic checks on your Prosody installation]]);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
311 return 1;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
312 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
313 local what = table.remove(arg, 1);
12376
10353ad0ca7a prosodyctl: check: Slightly improved argument handling
Matthew Wild <mwild1@gmail.com>
parents: 12375
diff changeset
314 local opts, opts_err, opts_info = parse_args(arg, check_opts);
10353ad0ca7a prosodyctl: check: Slightly improved argument handling
Matthew Wild <mwild1@gmail.com>
parents: 12375
diff changeset
315 if opts_err == "missing-value" then
10353ad0ca7a prosodyctl: check: Slightly improved argument handling
Matthew Wild <mwild1@gmail.com>
parents: 12375
diff changeset
316 print("Error: Expected a value after '"..opts_info.."'");
10353ad0ca7a prosodyctl: check: Slightly improved argument handling
Matthew Wild <mwild1@gmail.com>
parents: 12375
diff changeset
317 return 1;
10353ad0ca7a prosodyctl: check: Slightly improved argument handling
Matthew Wild <mwild1@gmail.com>
parents: 12375
diff changeset
318 elseif opts_err == "param-not-found" then
10353ad0ca7a prosodyctl: check: Slightly improved argument handling
Matthew Wild <mwild1@gmail.com>
parents: 12375
diff changeset
319 print("Error: Unknown parameter: "..opts_info);
10353ad0ca7a prosodyctl: check: Slightly improved argument handling
Matthew Wild <mwild1@gmail.com>
parents: 12375
diff changeset
320 return 1;
10353ad0ca7a prosodyctl: check: Slightly improved argument handling
Matthew Wild <mwild1@gmail.com>
parents: 12375
diff changeset
321 end
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
322 local array = require "prosody.util.array";
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
323 local set = require "prosody.util.set";
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
324 local it = require "prosody.util.iterators";
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
325 local ok = true;
13326
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
326 local function contains_match(hayset, needle) for member in hayset do if member:find(needle) then return true end end end
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
327 local function disabled_hosts(host, conf) return host ~= "*" and conf.enabled ~= false; end
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
328 local function is_user_host(host, conf) return host ~= "*" and conf.component_module == nil; end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
329 local function is_component_host(host, conf) return host ~= "*" and conf.component_module ~= nil; end
13706
a988867a5567 util.prosodyctl.check: Sort hosts in iterator for more stable output
Matthew Wild <mwild1@gmail.com>
parents: 13705
diff changeset
330 local function enabled_hosts() return it.filter(disabled_hosts, it.sorted_pairs(configmanager.getconfig())); end
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
331 local function enabled_user_hosts() return it.filter(is_user_host, it.sorted_pairs(configmanager.getconfig())); end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
332 local function enabled_components() return it.filter(is_component_host, it.sorted_pairs(configmanager.getconfig())); end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
333
13301
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
334 local checks = {};
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
335 function checks.disabled()
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
336 local disabled_hosts_set = set.new();
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
337 for host in it.filter("*", pairs(configmanager.getconfig())) do
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
338 if api(host):get_option_boolean("enabled") == false then
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
339 disabled_hosts_set:add(host);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
340 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
341 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
342 if not disabled_hosts_set:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
343 local msg = "Checks will be skipped for these disabled hosts: %s";
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
344 if what then msg = "These hosts are disabled: %s"; end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
345 show_warning(msg, tostring(disabled_hosts_set));
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
346 if what then return 0; end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
347 print""
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
348 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
349 end
13301
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
350 function checks.config()
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
351 print("Checking config...");
12441
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729)
Matthew Wild <mwild1@gmail.com>
parents: 12416
diff changeset
352
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729)
Matthew Wild <mwild1@gmail.com>
parents: 12416
diff changeset
353 if what == "config" then
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729)
Matthew Wild <mwild1@gmail.com>
parents: 12416
diff changeset
354 local files = configmanager.files();
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729)
Matthew Wild <mwild1@gmail.com>
parents: 12416
diff changeset
355 print(" The following configuration files have been loaded:");
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729)
Matthew Wild <mwild1@gmail.com>
parents: 12416
diff changeset
356 print(" - "..table.concat(files, "\n - "));
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729)
Matthew Wild <mwild1@gmail.com>
parents: 12416
diff changeset
357 end
dc6263625069 prosodyctl: check config: Report paths of loaded configuration files (fixed #1729)
Matthew Wild <mwild1@gmail.com>
parents: 12416
diff changeset
358
11798
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
359 local obsolete = set.new({ --> remove
12118
30d55809d9a6 util.prosodyctl.check: Add some more obsolete settings
Kim Alvefur <zash@zash.se>
parents: 12099
diff changeset
360 "archive_cleanup_interval",
30d55809d9a6 util.prosodyctl.check: Add some more obsolete settings
Kim Alvefur <zash@zash.se>
parents: 12099
diff changeset
361 "dns_timeout",
30d55809d9a6 util.prosodyctl.check: Add some more obsolete settings
Kim Alvefur <zash@zash.se>
parents: 12099
diff changeset
362 "muc_log_cleanup_interval",
30d55809d9a6 util.prosodyctl.check: Add some more obsolete settings
Kim Alvefur <zash@zash.se>
parents: 12099
diff changeset
363 "s2s_dns_resolvers",
30d55809d9a6 util.prosodyctl.check: Add some more obsolete settings
Kim Alvefur <zash@zash.se>
parents: 12099
diff changeset
364 "setgid",
30d55809d9a6 util.prosodyctl.check: Add some more obsolete settings
Kim Alvefur <zash@zash.se>
parents: 12099
diff changeset
365 "setuid",
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
366 });
12159
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
367 local function instead_use(kind, name, value)
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
368 if kind == "option" then
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
369 if value then
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
370 return string.format("instead, use '%s = %q'", name, value);
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
371 else
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
372 return string.format("instead, use '%s'", name);
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
373 end
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
374 elseif kind == "module" then
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
375 return string.format("instead, add %q to '%s'", name, value or "modules_enabled");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
376 elseif kind == "community" then
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
377 return string.format("instead, add %q from %s", name, value or "prosody-modules");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
378 end
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
379 return kind
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
380 end
11798
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
381 local deprecated_replacements = {
12159
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
382 anonymous_login = instead_use("option", "authentication", "anonymous");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
383 daemonize = "instead, use the --daemonize/-D or --foreground/-F command line flags";
13254
a2ba3f06dcf4 util.prosodyctl.check: Correct modern replacement for 'disallow_s2s'
Kim Alvefur <zash@zash.se>
parents: 13219
diff changeset
384 disallow_s2s = instead_use("module", "s2s", "modules_disabled");
12159
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
385 no_daemonize = "instead, use the --daemonize/-D or --foreground/-F command line flags";
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
386 require_encryption = "instead, use 'c2s_require_encryption' and 's2s_require_encryption'";
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
387 vcard_compatibility = instead_use("community", "mod_compat_vcard");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
388 use_libevent = instead_use("option", "network_backend", "event");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
389 whitelist_registration_only = instead_use("option", "allowlist_registration_only");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
390 registration_whitelist = instead_use("option", "registration_allowlist");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
391 registration_blacklist = instead_use("option", "registration_blocklist");
aa299551f8c6 util.prosodyctl.check: Parameterize replacement instructions
Kim Alvefur <zash@zash.se>
parents: 12158
diff changeset
392 blacklist_on_registration_throttle_overload = instead_use("blocklist_on_registration_throttle_overload");
12898
4255db0f8e58 util.prosodyctl.check: Suggest 'http_cors_override' instead of older CORS settings
Kim Alvefur <zash@zash.se>
parents: 12842
diff changeset
393 cross_domain_bosh = "instead, use 'http_cors_override', see https://prosody.im/doc/http#cross-domain-cors-support";
4255db0f8e58 util.prosodyctl.check: Suggest 'http_cors_override' instead of older CORS settings
Kim Alvefur <zash@zash.se>
parents: 12842
diff changeset
394 cross_domain_websocket = "instead, use 'http_cors_override', see https://prosody.im/doc/http#cross-domain-cors-support";
11798
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
395 };
11800
60018637f5d4 util.prosodyctl.check: Nudge towards plural port options
Kim Alvefur <zash@zash.se>
parents: 11799
diff changeset
396 -- FIXME all the singular _port and _interface options are supposed to be deprecated too
11798
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
397 local deprecated_ports = { bosh = "http", legacy_ssl = "c2s_direct_tls" };
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
398 local port_suffixes = set.new({ "port", "ports", "interface", "interfaces", "ssl" });
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
399 for port, replacement in pairs(deprecated_ports) do
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
400 for suffix in port_suffixes do
11800
60018637f5d4 util.prosodyctl.check: Nudge towards plural port options
Kim Alvefur <zash@zash.se>
parents: 11799
diff changeset
401 local rsuffix = (suffix == "port" or suffix == "interface") and suffix.."s" or suffix;
12158
7ff3699c1653 util.prosodyctl.check: Move word to ease future translations
Kim Alvefur <zash@zash.se>
parents: 12157
diff changeset
402 deprecated_replacements[port.."_"..suffix] = "instead, use '"..replacement.."_"..rsuffix.."'"
11798
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
403 end
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
404 end
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
405 local deprecated = set.new(array.collect(it.keys(deprecated_replacements)));
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
406 local known_global_options = set.new({
11635
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
407 "access_control_allow_credentials",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
408 "access_control_allow_headers",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
409 "access_control_allow_methods",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
410 "access_control_max_age",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
411 "admin_socket",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
412 "body_size_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
413 "bosh_max_inactivity",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
414 "bosh_max_polling",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
415 "bosh_max_wait",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
416 "buffer_size_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
417 "c2s_close_timeout",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
418 "c2s_stanza_size_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
419 "c2s_tcp_keepalives",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
420 "c2s_timeout",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
421 "component_stanza_size_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
422 "component_tcp_keepalives",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
423 "consider_bosh_secure",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
424 "consider_websocket_secure",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
425 "console_banner",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
426 "console_prettyprint_settings",
11634
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
427 "daemonize",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
428 "gc",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
429 "http_default_host",
11635
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
430 "http_errors_always_show",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
431 "http_errors_default_message",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
432 "http_errors_detailed",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
433 "http_errors_messages",
11833
bd86ab8122d9 util.prosodyctl.check: Add two known globals from mod_http
Kim Alvefur <zash@zash.se>
parents: 11827
diff changeset
434 "http_max_buffer_size",
bd86ab8122d9 util.prosodyctl.check: Add two known globals from mod_http
Kim Alvefur <zash@zash.se>
parents: 11827
diff changeset
435 "http_max_content_size",
11634
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
436 "installer_plugin_path",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
437 "limits",
11635
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
438 "limits_resolution",
11634
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
439 "log",
11635
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
440 "multiplex_buffer_size",
11634
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
441 "network_backend",
11635
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
442 "network_default_read_size",
11634
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
443 "network_settings",
11940
2d82e4245aa3 util.prosodyctl.check: Add mod_http_openmetrics settings to known globals
Kim Alvefur <zash@zash.se>
parents: 11925
diff changeset
444 "openmetrics_allow_cidr",
2d82e4245aa3 util.prosodyctl.check: Add mod_http_openmetrics settings to known globals
Kim Alvefur <zash@zash.se>
parents: 11925
diff changeset
445 "openmetrics_allow_ips",
11634
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
446 "pidfile",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
447 "plugin_paths",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
448 "plugin_server",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
449 "prosodyctl_timeout",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
450 "prosody_group",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
451 "prosody_user",
11635
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
452 "run_as_root",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
453 "s2s_close_timeout",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
454 "s2s_insecure_domains",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
455 "s2s_require_encryption",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
456 "s2s_secure_auth",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
457 "s2s_secure_domains",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
458 "s2s_stanza_size_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
459 "s2s_tcp_keepalives",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
460 "s2s_timeout",
11634
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
461 "statistics",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
462 "statistics_config",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
463 "statistics_interval",
11635
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
464 "tcp_keepalives",
12099
b344edad61d3 core.certmanager: Rename preset option to 'tls_preset'
Kim Alvefur <zash@zash.se>
parents: 11957
diff changeset
465 "tls_profile",
11635
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
466 "trusted_proxies",
11634
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
467 "umask",
11635
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
468 "use_dane",
11634
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
469 "use_ipv4",
a6c87b4c0cdf util.prosodyctl.check: Format, sort option listings into canonical form
Kim Alvefur <zash@zash.se>
parents: 11617
diff changeset
470 "use_ipv6",
11635
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
471 "websocket_frame_buffer_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
472 "websocket_frame_fragment_limit",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
473 "websocket_get_response_body",
1b17b967838e util.prosodyctl.check: Collect options from all global plugins
Kim Alvefur <zash@zash.se>
parents: 11634
diff changeset
474 "websocket_get_response_text",
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
475 });
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
476 local config = configmanager.getconfig();
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
477 local global = api("*");
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
478 -- Check that we have any global options (caused by putting a host at the top)
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
479 if it.count(it.filter("log", pairs(config["*"]))) == 0 then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
480 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
481 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
482 print(" No global options defined. Perhaps you have put a host definition at the top")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
483 print(" of the config file? They should be at the bottom, see https://prosody.im/doc/configure#overview");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
484 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
485 if it.count(enabled_hosts()) == 0 then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
486 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
487 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
488 if it.count(it.filter("*", pairs(config))) == 0 then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
489 print(" No hosts are defined, please add at least one VirtualHost section")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
490 elseif config["*"]["enabled"] == false then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
491 print(" No hosts are enabled. Remove enabled = false from the global section or put enabled = true under at least one VirtualHost section")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
492 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
493 print(" All hosts are disabled. Remove enabled = false from at least one VirtualHost section")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
494 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
495 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
496 if not config["*"].modules_enabled then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
497 print(" No global modules_enabled is set?");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
498 local suggested_global_modules;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
499 for host, options in enabled_hosts() do --luacheck: ignore 213/host
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
500 if not options.component_module and options.modules_enabled then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
501 suggested_global_modules = set.intersection(suggested_global_modules or set.new(options.modules_enabled), set.new(options.modules_enabled));
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
502 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
503 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
504 if suggested_global_modules and not suggested_global_modules:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
505 print(" Consider moving these modules into modules_enabled in the global section:")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
506 print(" "..tostring(suggested_global_modules / function (x) return ("%q"):format(x) end));
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
507 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
508 print();
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
509 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
510
13217
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
511 local function validate_module_list(host, name, modules)
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
512 if modules == nil then
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
513 return -- okay except for global section, checked separately
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
514 end
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
515 local t = type(modules)
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
516 if t ~= "table" then
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
517 print(" The " .. name .. " in the " .. host .. " section should not be a " .. t .. " but a list of strings, e.g.");
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
518 print(" " .. name .. " = { \"name_of_module\", \"another_plugin\", }")
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
519 print()
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
520 ok = false
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
521 return
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
522 end
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
523 for k, v in pairs(modules) do
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
524 if type(k) ~= "number" or type(v) ~= "string" then
13316
a27a329e93ca util.prosodyctl.check: Try to clarify check for misplaced k=v in modules_enabled (thanks aab and Menel)
Kim Alvefur <zash@zash.se>
parents: 13302
diff changeset
525 print(" The " .. name .. " in the " .. host .. " section should be a list of strings, e.g.");
13217
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
526 print(" " .. name .. " = { \"name_of_module\", \"another_plugin\", }")
13316
a27a329e93ca util.prosodyctl.check: Try to clarify check for misplaced k=v in modules_enabled (thanks aab and Menel)
Kim Alvefur <zash@zash.se>
parents: 13302
diff changeset
527 print(" It should not contain key = value pairs, try putting them outside the {} brackets.");
13217
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
528 ok = false
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
529 break
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
530 end
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
531 end
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
532 end
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
533
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
534 for host, options in enabled_hosts() do
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
535 validate_module_list(host, "modules_enabled", options.modules_enabled);
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
536 validate_module_list(host, "modules_disabled", options.modules_disabled);
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
537 end
b264ea91e930 util.prosodyctl.check: Validate format of module list options
Kim Alvefur <zash@zash.se>
parents: 13216
diff changeset
538
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
539 do -- Check for modules enabled both normally and as components
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
540 local modules = global:get_option_set("modules_enabled");
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
541 for host, options in enabled_hosts() do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
542 local component_module = options.component_module;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
543 if component_module and modules:contains(component_module) then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
544 print((" mod_%s is enabled both in modules_enabled and as Component %q %q"):format(component_module, host, component_module));
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
545 print(" This means the service is enabled on all VirtualHosts as well as the Component.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
546 print(" Are you sure this what you want? It may cause unexpected behaviour.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
547 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
548 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
549 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
550
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
551 -- Check for global options under hosts
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
552 local global_options = set.new(it.to_array(it.keys(config["*"])));
11798
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
553 local obsolete_global_options = set.intersection(global_options, obsolete);
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
554 if not obsolete_global_options:empty() then
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
555 print("");
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
556 print(" You have some obsolete options you can remove from the global section:");
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
557 print(" "..tostring(obsolete_global_options))
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
558 ok = false;
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
559 end
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
560 local deprecated_global_options = set.intersection(global_options, deprecated);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
561 if not deprecated_global_options:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
562 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
563 print(" You have some deprecated options in the global section:");
11798
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
564 for option in deprecated_global_options do
12158
7ff3699c1653 util.prosodyctl.check: Move word to ease future translations
Kim Alvefur <zash@zash.se>
parents: 12157
diff changeset
565 print((" '%s' -- %s"):format(option, deprecated_replacements[option]));
11798
ba88060fa145 util.prosodyctl.check: Suggest replacements for deprecated options #1684
Kim Alvefur <zash@zash.se>
parents: 11783
diff changeset
566 end
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
567 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
568 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
569 for host, options in it.filter(function (h) return h ~= "*" end, pairs(configmanager.getconfig())) do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
570 local host_options = set.new(it.to_array(it.keys(options)));
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
571 local misplaced_options = set.intersection(host_options, known_global_options);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
572 for name in pairs(options) do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
573 if name:match("^interfaces?")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
574 or name:match("_ports?$") or name:match("_interfaces?$")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
575 or (name:match("_ssl$") and not name:match("^[cs]2s_ssl$")) then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
576 misplaced_options:add(name);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
577 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
578 end
11799
8c9ec2db1d95 util.prosodyctl.check: Fix to not treat some options as misplaced
Kim Alvefur <zash@zash.se>
parents: 11798
diff changeset
579 -- FIXME These _could_ be misplaced, but we would have to check where the corresponding module is loaded to be sure
8c9ec2db1d95 util.prosodyctl.check: Fix to not treat some options as misplaced
Kim Alvefur <zash@zash.se>
parents: 11798
diff changeset
580 misplaced_options:exclude(set.new({ "external_service_port", "turn_external_port" }));
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
581 if not misplaced_options:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
582 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
583 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
584 local n = it.count(misplaced_options);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
585 print(" You have "..n.." option"..(n>1 and "s " or " ").."set under "..host.." that should be");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
586 print(" in the global section of the config file, above any VirtualHost or Component definitions,")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
587 print(" see https://prosody.im/doc/configure#overview for more information.")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
588 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
589 print(" You need to move the following option"..(n>1 and "s" or "")..": "..table.concat(it.to_array(misplaced_options), ", "));
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
590 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
591 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
592 for host, options in enabled_hosts() do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
593 local host_options = set.new(it.to_array(it.keys(options)));
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
594 local subdomain = host:match("^[^.]+");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
595 if not(host_options:contains("component_module")) and (subdomain == "jabber" or subdomain == "xmpp"
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
596 or subdomain == "chat" or subdomain == "im") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
597 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
598 print(" Suggestion: If "..host.. " is a new host with no real users yet, consider renaming it now to");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
599 print(" "..host:gsub("^[^.]+%.", "")..". You can use SRV records to redirect XMPP clients and servers to "..host..".");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
600 print(" For more information see: https://prosody.im/doc/dns");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
601 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
602 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
603 local all_modules = set.new(config["*"].modules_enabled);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
604 local all_options = set.new(it.to_array(it.keys(config["*"])));
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
605 for host in enabled_hosts() do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
606 all_options:include(set.new(it.to_array(it.keys(config[host]))));
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
607 all_modules:include(set.new(config[host].modules_enabled));
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
608 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
609 for mod in all_modules do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
610 if mod:match("^mod_") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
611 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
612 print(" Modules in modules_enabled should not have the 'mod_' prefix included.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
613 print(" Change '"..mod.."' to '"..mod:match("^mod_(.*)").."'.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
614 elseif mod:match("^auth_") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
615 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
616 print(" Authentication modules should not be added to modules_enabled,");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
617 print(" but be specified in the 'authentication' option.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
618 print(" Remove '"..mod.."' from modules_enabled and instead add");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
619 print(" authentication = '"..mod:match("^auth_(.*)").."'");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
620 print(" For more information see https://prosody.im/doc/authentication");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
621 elseif mod:match("^storage_") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
622 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
623 print(" storage modules should not be added to modules_enabled,");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
624 print(" but be specified in the 'storage' option.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
625 print(" Remove '"..mod.."' from modules_enabled and instead add");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
626 print(" storage = '"..mod:match("^storage_(.*)").."'");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
627 print(" For more information see https://prosody.im/doc/storage");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
628 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
629 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
630 if all_modules:contains("vcard") and all_modules:contains("vcard_legacy") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
631 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
632 print(" Both mod_vcard_legacy and mod_vcard are enabled but they conflict");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
633 print(" with each other. Remove one.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
634 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
635 if all_modules:contains("pep") and all_modules:contains("pep_simple") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
636 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
637 print(" Both mod_pep_simple and mod_pep are enabled but they conflict");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
638 print(" with each other. Remove one.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
639 end
13690
d112eac6a3dc prosodyctl: check: Warn about deprecated mod_posix
Matthew Wild <mwild1@gmail.com>
parents: 13581
diff changeset
640 if all_modules:contains("posix") then
d112eac6a3dc prosodyctl: check: Warn about deprecated mod_posix
Matthew Wild <mwild1@gmail.com>
parents: 13581
diff changeset
641 print("");
d112eac6a3dc prosodyctl: check: Warn about deprecated mod_posix
Matthew Wild <mwild1@gmail.com>
parents: 13581
diff changeset
642 print(" mod_posix is loaded in your configuration file, but it has");
d112eac6a3dc prosodyctl: check: Warn about deprecated mod_posix
Matthew Wild <mwild1@gmail.com>
parents: 13581
diff changeset
643 print(" been deprecated. You can safely remove it.");
d112eac6a3dc prosodyctl: check: Warn about deprecated mod_posix
Matthew Wild <mwild1@gmail.com>
parents: 13581
diff changeset
644 end
d112eac6a3dc prosodyctl: check: Warn about deprecated mod_posix
Matthew Wild <mwild1@gmail.com>
parents: 13581
diff changeset
645
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
646 for host, host_config in pairs(config) do --luacheck: ignore 213/host
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
647 if type(rawget(host_config, "storage")) == "string" and rawget(host_config, "default_storage") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
648 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
649 print(" The 'default_storage' option is not needed if 'storage' is set to a string.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
650 break;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
651 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
652 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
653 local require_encryption = set.intersection(all_options, set.new({
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
654 "require_encryption", "c2s_require_encryption", "s2s_require_encryption"
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
655 })):empty();
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
656 local ssl = dependencies.softreq"ssl";
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
657 if not ssl then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
658 if not require_encryption then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
659 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
660 print(" You require encryption but LuaSec is not available.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
661 print(" Connections will fail.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
662 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
663 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
664 elseif not ssl.loadcertificate then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
665 if all_options:contains("s2s_secure_auth") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
666 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
667 print(" You have set s2s_secure_auth but your version of LuaSec does ");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
668 print(" not support certificate validation, so all s2s connections will");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
669 print(" fail.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
670 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
671 elseif all_options:contains("s2s_secure_domains") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
672 local secure_domains = set.new();
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
673 for host in enabled_hosts() do
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
674 if api(host):get_option_boolean("s2s_secure_auth") then
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
675 secure_domains:add("*");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
676 else
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
677 secure_domains:include(api(host):get_option_set("s2s_secure_domains", {}));
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
678 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
679 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
680 if not secure_domains:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
681 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
682 print(" You have set s2s_secure_domains but your version of LuaSec does ");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
683 print(" not support certificate validation, so s2s connections to/from ");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
684 print(" these domains will fail.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
685 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
686 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
687 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
688 elseif require_encryption and not all_modules:contains("tls") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
689 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
690 print(" You require encryption but mod_tls is not enabled.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
691 print(" Connections will fail.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
692 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
693 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
694
12317
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
695 do
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
696 local registration_enabled_hosts = {};
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
697 for host in enabled_hosts() do
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
698 local host_modules, component = modulemanager.get_modules_for_host(host);
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
699 local hostapi = api(host);
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
700 local allow_registration = hostapi:get_option_boolean("allow_registration", false);
12317
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
701 local mod_register = host_modules:contains("register");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
702 local mod_register_ibr = host_modules:contains("register_ibr");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
703 local mod_invites_register = host_modules:contains("invites_register");
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
704 local registration_invite_only = hostapi:get_option_boolean("registration_invite_only", true);
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
705 local is_vhost = not component;
12317
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
706 if is_vhost and (mod_register_ibr or (mod_register and allow_registration))
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
707 and not (mod_invites_register and registration_invite_only) then
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
708 table.insert(registration_enabled_hosts, host);
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
709 end
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
710 end
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
711 if #registration_enabled_hosts > 0 then
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
712 table.sort(registration_enabled_hosts);
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
713 print("");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
714 print(" Public registration is enabled on:");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
715 print(" "..table.concat(registration_enabled_hosts, ", "));
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
716 print("");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
717 print(" If this is intentional, review our guidelines on running a public server");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
718 print(" at https://prosody.im/doc/public_servers - otherwise, consider switching to");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
719 print(" invite-based registration, which is more secure.");
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
720 end
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
721 end
b4f2027ef917 util.prosodyctl: Warn about enabled public registration in 'check config'
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
722
12318
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
723 do
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
724 local orphan_components = {};
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
725 local referenced_components = set.new();
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
726 local enabled_hosts_set = set.new();
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
727 for host in it.filter("*", pairs(configmanager.getconfig())) do
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
728 local hostapi = api(host);
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
729 if hostapi:get_option_boolean("enabled", true) then
12318
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
730 enabled_hosts_set:add(host);
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
731 for _, disco_item in ipairs(hostapi:get_option_array("disco_items", {})) do
12318
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
732 referenced_components:add(disco_item[1]);
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
733 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
734 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
735 end
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
736 for host in it.filter(skip_bare_jid_hosts, enabled_hosts()) do
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
737 local is_component = not not select(2, modulemanager.get_modules_for_host(host));
12318
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
738 if is_component then
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
739 local parent_domain = host:match("^[^.]+%.(.+)$");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
740 local is_orphan = not (enabled_hosts_set:contains(parent_domain) or referenced_components:contains(host));
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
741 if is_orphan then
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
742 table.insert(orphan_components, host);
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
743 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
744 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
745 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
746 if #orphan_components > 0 then
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
747 table.sort(orphan_components);
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
748 print("");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
749 print(" Your configuration contains the following unreferenced components:\n");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
750 print(" "..table.concat(orphan_components, "\n "));
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
751 print("");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
752 print(" Clients may not be able to discover these services because they are not linked to");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
753 print(" any VirtualHost. They are automatically linked if they are direct subdomains of a");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
754 print(" VirtualHost. Alternatively, you can explicitly link them using the disco_items option.");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
755 print(" For more information see https://prosody.im/doc/modules/mod_disco#items");
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
756 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
757 end
239ce74aa6a4 util.prosodyctl: check: warn about unreferenced components, suggest disco_items
Matthew Wild <mwild1@gmail.com>
parents: 12317
diff changeset
758
13465
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
759 -- Check hostname validity
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
760 do
13466
5d9ec2e55d74 Merge 0.12->trunk
Matthew Wild <mwild1@gmail.com>
parents: 13327 13465
diff changeset
761 local idna = require "prosody.util.encodings".idna;
13465
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
762 local invalid_hosts = {};
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
763 local alabel_hosts = {};
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
764 for host in it.filter("*", pairs(configmanager.getconfig())) do
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
765 local _, h, _ = jid_split(host);
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
766 if not h or not idna.to_ascii(h) then
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
767 table.insert(invalid_hosts, host);
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
768 else
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
769 for label in h:gmatch("[^%.]+") do
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
770 if label:match("^xn%-%-") then
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
771 table.insert(alabel_hosts, host);
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
772 break;
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
773 end
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
774 end
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
775 end
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
776 end
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
777
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
778 if #invalid_hosts > 0 then
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
779 table.sort(invalid_hosts);
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
780 print("");
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
781 print(" Your configuration contains invalid host names:");
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
782 print(" "..table.concat(invalid_hosts, "\n "));
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
783 print("");
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
784 print(" Clients may not be able to log in to these hosts, or you may not be able to");
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
785 print(" communicate with remote servers.");
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
786 print(" Use a valid domain name to correct this issue.");
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
787 end
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
788
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
789 if #alabel_hosts > 0 then
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
790 table.sort(alabel_hosts);
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
791 print("");
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
792 print(" Your configuration contains incorrectly-encoded hostnames:");
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
793 for _, ahost in ipairs(alabel_hosts) do
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
794 print((" '%s' (should be '%s')"):format(ahost, idna.to_unicode(ahost)));
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
795 end
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
796 print("");
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
797 print(" Clients may not be able to log in to these hosts, or you may not be able to");
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
798 print(" communicate with remote servers.");
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
799 print(" To correct this issue, use the Unicode version of the domain in Prosody's config file.");
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
800 end
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
801
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
802 if #invalid_hosts > 0 or #alabel_hosts > 0 then
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
803 print("");
13705
5f1eb8b14923 prosodyctl: check: Fix indentation in warning message
Matthew Wild <mwild1@gmail.com>
parents: 13690
diff changeset
804 print(" WARNING: Changing the name of a VirtualHost in Prosody's config file");
5f1eb8b14923 prosodyctl: check: Fix indentation in warning message
Matthew Wild <mwild1@gmail.com>
parents: 13690
diff changeset
805 print(" WILL NOT migrate any existing data (user accounts, etc.) to the new name.");
13465
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
806 ok = false;
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
807 end
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
808 end
54a936345aaa prosodyctl check: Warn about invalid domain names in the config file
Matthew Wild <mwild1@gmail.com>
parents: 13254
diff changeset
809
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
810 -- Check features
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
811 do
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
812 local missing_features = {};
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
813 for host in enabled_user_hosts() do
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
814 local all_features = checks.features(host, true);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
815 if not all_features then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
816 table.insert(missing_features, host);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
817 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
818 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
819 if #missing_features > 0 then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
820 print("");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
821 print(" Some of your hosts may be missing features due to a lack of configuration.");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
822 print(" For more details, use the 'prosodyctl check features' command.");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
823 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
824 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
825
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
826 print("Done.\n");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
827 end
13301
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
828 function checks.dns()
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
829 local dns = require "prosody.net.dns";
10971
3cdb4a7cb406 util.prosodyctl.check: Use net.unbound for DNS if available
Kim Alvefur <zash@zash.se>
parents: 10932
diff changeset
830 pcall(function ()
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
831 local unbound = require"prosody.net.unbound";
11645
3be346c5b940 util.prosodyctl.check: Reload unbound to ensure hosts.txt is ignored
Kim Alvefur <zash@zash.se>
parents: 11635
diff changeset
832 dns = unbound.dns;
10971
3cdb4a7cb406 util.prosodyctl.check: Use net.unbound for DNS if available
Kim Alvefur <zash@zash.se>
parents: 10932
diff changeset
833 end)
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
834 local idna = require "prosody.util.encodings".idna;
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
835 local ip = require "prosody.util.ip";
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
836 local global = api("*");
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
837 local c2s_ports = global:get_option_set("c2s_ports", {5222});
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
838 local s2s_ports = global:get_option_set("s2s_ports", {5269});
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
839 local c2s_tls_ports = global:get_option_set("c2s_direct_tls_ports", {});
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
840 local s2s_tls_ports = global:get_option_set("s2s_direct_tls_ports", {});
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
841
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
842 local global_enabled = set.new();
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
843 for host in enabled_hosts() do
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
844 global_enabled:include(modulemanager.get_modules_for_host(host));
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
845 end
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
846 if global_enabled:contains("net_multiplex") then
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
847 local multiplex_ports = global:get_option_set("ports", {});
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
848 local multiplex_tls_ports = global:get_option_set("ssl_ports", {});
12230
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704
Kim Alvefur <zash@zash.se>
parents: 12218
diff changeset
849 if not multiplex_ports:empty() then
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704
Kim Alvefur <zash@zash.se>
parents: 12218
diff changeset
850 c2s_ports = c2s_ports + multiplex_ports;
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704
Kim Alvefur <zash@zash.se>
parents: 12218
diff changeset
851 s2s_ports = s2s_ports + multiplex_ports;
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704
Kim Alvefur <zash@zash.se>
parents: 12218
diff changeset
852 end
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704
Kim Alvefur <zash@zash.se>
parents: 12218
diff changeset
853 if not multiplex_tls_ports:empty() then
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704
Kim Alvefur <zash@zash.se>
parents: 12218
diff changeset
854 c2s_tls_ports = c2s_tls_ports + multiplex_tls_ports;
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704
Kim Alvefur <zash@zash.se>
parents: 12218
diff changeset
855 s2s_tls_ports = s2s_tls_ports + multiplex_tls_ports;
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704
Kim Alvefur <zash@zash.se>
parents: 12218
diff changeset
856 end
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704
Kim Alvefur <zash@zash.se>
parents: 12218
diff changeset
857 end
f590058d8d99 util.prosodyctl.check: Include multiplexed ports in DNS checks #1704
Kim Alvefur <zash@zash.se>
parents: 12218
diff changeset
858
11776
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
859 local c2s_srv_required, s2s_srv_required, c2s_tls_srv_required, s2s_tls_srv_required;
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
860 if not c2s_ports:contains(5222) then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
861 c2s_srv_required = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
862 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
863 if not s2s_ports:contains(5269) then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
864 s2s_srv_required = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
865 end
11615
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
866 if not c2s_tls_ports:empty() then
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
867 c2s_tls_srv_required = true;
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
868 end
11776
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
869 if not s2s_tls_ports:empty() then
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
870 s2s_tls_srv_required = true;
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
871 end
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
872
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
873 local problem_hosts = set.new();
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
874
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
875 local external_addresses, internal_addresses = set.new(), set.new();
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
876
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
877 local fqdn = socket.dns.tohostname(socket.dns.gethostname());
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
878 if fqdn then
13121
332e95f75dbb util.prosodyctl.check: Fix error where hostname can't be turned into A label
Kim Alvefur <zash@zash.se>
parents: 12898
diff changeset
879 local fqdn_a = idna.to_ascii(fqdn);
332e95f75dbb util.prosodyctl.check: Fix error where hostname can't be turned into A label
Kim Alvefur <zash@zash.se>
parents: 12898
diff changeset
880 if fqdn_a then
332e95f75dbb util.prosodyctl.check: Fix error where hostname can't be turned into A label
Kim Alvefur <zash@zash.se>
parents: 12898
diff changeset
881 local res = dns.lookup(fqdn_a, "A");
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
882 if res then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
883 for _, record in ipairs(res) do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
884 external_addresses:add(record.a);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
885 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
886 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
887 end
13121
332e95f75dbb util.prosodyctl.check: Fix error where hostname can't be turned into A label
Kim Alvefur <zash@zash.se>
parents: 12898
diff changeset
888 if fqdn_a then
332e95f75dbb util.prosodyctl.check: Fix error where hostname can't be turned into A label
Kim Alvefur <zash@zash.se>
parents: 12898
diff changeset
889 local res = dns.lookup(fqdn_a, "AAAA");
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
890 if res then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
891 for _, record in ipairs(res) do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
892 external_addresses:add(record.aaaa);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
893 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
894 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
895 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
896 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
897
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
898 local local_addresses = require"prosody.util.net".local_addresses() or {};
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
899
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
900 for addr in it.values(local_addresses) do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
901 if not ip.new_ip(addr).private then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
902 external_addresses:add(addr);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
903 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
904 internal_addresses:add(addr);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
905 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
906 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
907
12320
f0be98bab9dd prosodyctl: check dns: Allow admin to specify undiscoverable external IPs in config
Matthew Wild <mwild1@gmail.com>
parents: 12319
diff changeset
908 -- Allow admin to specify additional (e.g. undiscoverable) IP addresses in the config
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
909 for _, address in ipairs(global:get_option_array("external_addresses", {})) do
12320
f0be98bab9dd prosodyctl: check dns: Allow admin to specify undiscoverable external IPs in config
Matthew Wild <mwild1@gmail.com>
parents: 12319
diff changeset
910 external_addresses:add(address);
f0be98bab9dd prosodyctl: check dns: Allow admin to specify undiscoverable external IPs in config
Matthew Wild <mwild1@gmail.com>
parents: 12319
diff changeset
911 end
f0be98bab9dd prosodyctl: check dns: Allow admin to specify undiscoverable external IPs in config
Matthew Wild <mwild1@gmail.com>
parents: 12319
diff changeset
912
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
913 if external_addresses:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
914 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
915 print(" Failed to determine the external addresses of this server. Checks may be inaccurate.");
13219
22763b30e458 util.prosodyctl.check: Hint about the 'external_addresses' config option
Kim Alvefur <zash@zash.se>
parents: 13217
diff changeset
916 print(" If you know the correct external addresses you can specify them in the config like:")
22763b30e458 util.prosodyctl.check: Hint about the 'external_addresses' config option
Kim Alvefur <zash@zash.se>
parents: 13217
diff changeset
917 print(" external_addresses = { \"192.0.2.34\", \"2001:db8::abcd:1234\" }")
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
918 c2s_srv_required, s2s_srv_required = true, true;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
919 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
920
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
921 local v6_supported = not not socket.tcp6;
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
922 local use_ipv4 = global:get_option_boolean("use_ipv4", true);
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
923 local use_ipv6 = global:get_option_boolean("use_ipv6", true);
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
924
11655
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
925 local function trim_dns_name(n)
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
926 return (n:gsub("%.$", ""));
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
927 end
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
928
12319
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
929 local unknown_addresses = set.new();
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
930
13708
9f8e9aabc00b prosodyctl: check: Skip DNS checks for known invalid domains (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents: 13707
diff changeset
931 local function is_valid_domain(domain)
9f8e9aabc00b prosodyctl: check: Skip DNS checks for known invalid domains (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents: 13707
diff changeset
932 return idna.to_ascii(domain) ~= nil;
9f8e9aabc00b prosodyctl: check: Skip DNS checks for known invalid domains (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents: 13707
diff changeset
933 end
9f8e9aabc00b prosodyctl: check: Skip DNS checks for known invalid domains (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents: 13707
diff changeset
934
9f8e9aabc00b prosodyctl: check: Skip DNS checks for known invalid domains (fixes traceback)
Matthew Wild <mwild1@gmail.com>
parents: 13707
diff changeset
935 for jid in it.filter(is_valid_domain, enabled_hosts()) do
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
936 local all_targets_ok, some_targets_ok = true, false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
937 local node, host = jid_split(jid);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
938
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
939 local modules, component_module = modulemanager.get_modules_for_host(host);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
940 if component_module then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
941 modules:add(component_module);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
942 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
943
12842
3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793)
Kim Alvefur <zash@zash.se>
parents: 12520
diff changeset
944 -- TODO Refactor these DNS SRV checks since they are very similar
3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793)
Kim Alvefur <zash@zash.se>
parents: 12520
diff changeset
945 -- FIXME Suggest concrete actionable steps to correct issues so that
3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793)
Kim Alvefur <zash@zash.se>
parents: 12520
diff changeset
946 -- users don't have to copy-paste the message into the support chat and
3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793)
Kim Alvefur <zash@zash.se>
parents: 12520
diff changeset
947 -- ask what to do about it.
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
948 local is_component = not not component_module;
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
949 print("Checking DNS for "..(is_component and "component" or "host").." "..jid.."...");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
950 if node then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
951 print("Only the domain part ("..host..") is used in DNS.")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
952 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
953 local target_hosts = set.new();
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
954 if modules:contains("c2s") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
955 local res = dns.lookup("_xmpp-client._tcp."..idna.to_ascii(host)..".", "SRV");
11613
c8a9f77d48fd util.prosodyctl.check: Fix for net.dns vs unbound API difference
Kim Alvefur <zash@zash.se>
parents: 11612
diff changeset
956 if res and #res > 0 then
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
957 for _, record in ipairs(res) do
10932
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents: 10871
diff changeset
958 if record.srv.target == "." then -- TODO is this an error if mod_c2s is enabled?
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents: 10871
diff changeset
959 print(" 'xmpp-client' service disabled by pointing to '.'"); -- FIXME Explain better what this is
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents: 10871
diff changeset
960 break;
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents: 10871
diff changeset
961 end
11655
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
962 local target = trim_dns_name(record.srv.target);
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
963 target_hosts:add(target);
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
964 if not c2s_ports:contains(record.srv.port) then
11655
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
965 print(" SRV target "..target.." contains unknown client port: "..record.srv.port);
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
966 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
967 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
968 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
969 if c2s_srv_required then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
970 print(" No _xmpp-client SRV record found for "..host..", but it looks like you need one.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
971 all_targets_ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
972 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
973 target_hosts:add(host);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
974 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
975 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
976 end
12842
3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793)
Kim Alvefur <zash@zash.se>
parents: 12520
diff changeset
977 if modules:contains("c2s") then
11615
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
978 local res = dns.lookup("_xmpps-client._tcp."..idna.to_ascii(host)..".", "SRV");
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
979 if res and #res > 0 then
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
980 for _, record in ipairs(res) do
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
981 if record.srv.target == "." then -- TODO is this an error if mod_c2s is enabled?
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
982 print(" 'xmpps-client' service disabled by pointing to '.'"); -- FIXME Explain better what this is
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
983 break;
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
984 end
11655
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
985 local target = trim_dns_name(record.srv.target);
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
986 target_hosts:add(target);
11615
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
987 if not c2s_tls_ports:contains(record.srv.port) then
11655
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
988 print(" SRV target "..target.." contains unknown Direct TLS client port: "..record.srv.port);
11615
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
989 end
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
990 end
12842
3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793)
Kim Alvefur <zash@zash.se>
parents: 12520
diff changeset
991 elseif c2s_tls_srv_required then
11615
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
992 print(" No _xmpps-client SRV record found for "..host..", but it looks like you need one.");
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
993 all_targets_ok = false;
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
994 end
8e16fd976c57 util.prosodyctl.check: Add support for checking Direct TLS SRV records
Kim Alvefur <zash@zash.se>
parents: 11613
diff changeset
995 end
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
996 if modules:contains("s2s") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
997 local res = dns.lookup("_xmpp-server._tcp."..idna.to_ascii(host)..".", "SRV");
11613
c8a9f77d48fd util.prosodyctl.check: Fix for net.dns vs unbound API difference
Kim Alvefur <zash@zash.se>
parents: 11612
diff changeset
998 if res and #res > 0 then
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
999 for _, record in ipairs(res) do
10932
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents: 10871
diff changeset
1000 if record.srv.target == "." then -- TODO Is this an error if mod_s2s is enabled?
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents: 10871
diff changeset
1001 print(" 'xmpp-server' service disabled by pointing to '.'"); -- FIXME Explain better what this is
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents: 10871
diff changeset
1002 break;
ea4a7619058f util.prosodyctl.check: Fix traceback by handling SRV '.' target to
Kim Alvefur <zash@zash.se>
parents: 10871
diff changeset
1003 end
11655
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
1004 local target = trim_dns_name(record.srv.target);
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
1005 target_hosts:add(target);
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1006 if not s2s_ports:contains(record.srv.port) then
11655
bbf50525faa5 util.prosodyctl.check: Normalize away trailing dot in some messages too
Kim Alvefur <zash@zash.se>
parents: 11654
diff changeset
1007 print(" SRV target "..target.." contains unknown server port: "..record.srv.port);
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1008 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1009 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1010 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1011 if s2s_srv_required then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1012 print(" No _xmpp-server SRV record found for "..host..", but it looks like you need one.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1013 all_targets_ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1014 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1015 target_hosts:add(host);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1016 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1017 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1018 end
12842
3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793)
Kim Alvefur <zash@zash.se>
parents: 12520
diff changeset
1019 if modules:contains("s2s") then
11776
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1020 local res = dns.lookup("_xmpps-server._tcp."..idna.to_ascii(host)..".", "SRV");
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1021 if res and #res > 0 then
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1022 for _, record in ipairs(res) do
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1023 if record.srv.target == "." then -- TODO is this an error if mod_s2s is enabled?
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1024 print(" 'xmpps-server' service disabled by pointing to '.'"); -- FIXME Explain better what this is
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1025 break;
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1026 end
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1027 local target = trim_dns_name(record.srv.target);
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1028 target_hosts:add(target);
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1029 if not s2s_tls_ports:contains(record.srv.port) then
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1030 print(" SRV target "..target.." contains unknown Direct TLS server port: "..record.srv.port);
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1031 end
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1032 end
12842
3edd39c55a8a prosodyctl check dns: Check for Direct TLS SRV records even if not configured (fix #1793)
Kim Alvefur <zash@zash.se>
parents: 12520
diff changeset
1033 elseif s2s_tls_srv_required then
11776
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1034 print(" No _xmpps-server SRV record found for "..host..", but it looks like you need one.");
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1035 all_targets_ok = false;
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1036 end
1132a1f1ca5a util.prosodyctl.check: Check for server-to-server Direct TLS records
Kim Alvefur <zash@zash.se>
parents: 11655
diff changeset
1037 end
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1038 if target_hosts:empty() then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1039 target_hosts:add(host);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1040 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1041
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1042 if target_hosts:contains("localhost") then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1043 print(" Target 'localhost' cannot be accessed from other servers");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1044 target_hosts:remove("localhost");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1045 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1046
12217
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1047 local function check_address(target)
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1048 local A, AAAA = dns.lookup(idna.to_ascii(target), "A"), dns.lookup(idna.to_ascii(target), "AAAA");
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1049 local prob = {};
12231
ca8453129ade util.prosodyctl.check: Fix A/AAAA check for proxy65 and http
Kim Alvefur <zash@zash.se>
parents: 12230
diff changeset
1050 if use_ipv4 and not (A and #A > 0) then table.insert(prob, "A"); end
ca8453129ade util.prosodyctl.check: Fix A/AAAA check for proxy65 and http
Kim Alvefur <zash@zash.se>
parents: 12230
diff changeset
1051 if use_ipv6 and not (AAAA and #AAAA > 0) then table.insert(prob, "AAAA"); end
12217
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1052 return prob;
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1053 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1054
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1055 if modules:contains("proxy65") then
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
1056 local proxy65_target = api(host):get_option_string("proxy65_address", host);
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1057 if type(proxy65_target) == "string" then
12217
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1058 local prob = check_address(proxy65_target);
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1059 if #prob > 0 then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1060 print(" File transfer proxy "..proxy65_target.." has no "..table.concat(prob, "/")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1061 .." record. Create one or set 'proxy65_address' to the correct host/IP.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1062 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1063 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1064 print(" proxy65_address for "..host.." should be set to a string, unable to perform DNS check");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1065 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1066 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1067
12217
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1068 local known_http_modules = set.new { "bosh"; "http_files"; "http_file_share"; "http_openmetrics"; "websocket" };
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1069
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1070 if modules:contains("http") or not set.intersection(modules, known_http_modules):empty()
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1071 or contains_match(modules, "^http_") or contains_match(modules, "_web$") then
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1072
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
1073 local http_host = api(host):get_option_string("http_host", host);
12217
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1074 local http_internal_host = http_host;
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
1075 local http_url = api(host):get_option_string("http_external_url");
12217
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1076 if http_url then
12218
0795e1ccf3d8 util.prosodyctl.check: Fix use of LuaSocket URL parser
Kim Alvefur <zash@zash.se>
parents: 12217
diff changeset
1077 local url_parse = require "socket.url".parse;
12217
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1078 local external_url_parts = url_parse(http_url);
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1079 if external_url_parts then
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1080 http_host = external_url_parts.host;
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1081 else
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1082 print(" The 'http_external_url' setting is not a valid URL");
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1083 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1084 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1085
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1086 local prob = check_address(http_host);
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1087 if #prob > 1 then
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1088 print(" HTTP service " .. http_host .. " has no " .. table.concat(prob, "/") .. " record. Create one or change "
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1089 .. (http_url and "'http_external_url'" or "'http_host'").." to the correct host.");
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1090 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1091
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1092 if http_host ~= http_internal_host then
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1093 print(" Ensure the reverse proxy sets the HTTP Host header to '" .. http_internal_host .. "'");
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1094 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1095 end
39043233de04 util.prosodyctl.check: Add HTTP related DNS checks
Kim Alvefur <zash@zash.se>
parents: 12159
diff changeset
1096
11652
887d7b15e21b util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false
Kim Alvefur <zash@zash.se>
parents: 11651
diff changeset
1097 if not use_ipv4 and not use_ipv6 then
887d7b15e21b util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false
Kim Alvefur <zash@zash.se>
parents: 11651
diff changeset
1098 print(" Both IPv6 and IPv4 are disabled, Prosody will not listen on any ports");
887d7b15e21b util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false
Kim Alvefur <zash@zash.se>
parents: 11651
diff changeset
1099 print(" nor be able to connect to any remote servers.");
887d7b15e21b util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false
Kim Alvefur <zash@zash.se>
parents: 11651
diff changeset
1100 all_targets_ok = false;
887d7b15e21b util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false
Kim Alvefur <zash@zash.se>
parents: 11651
diff changeset
1101 end
887d7b15e21b util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false
Kim Alvefur <zash@zash.se>
parents: 11651
diff changeset
1102
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1103 for target_host in target_hosts do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1104 local host_ok_v4, host_ok_v6;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1105 do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1106 local res = dns.lookup(idna.to_ascii(target_host), "A");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1107 if res then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1108 for _, record in ipairs(res) do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1109 if external_addresses:contains(record.a) then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1110 some_targets_ok = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1111 host_ok_v4 = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1112 elseif internal_addresses:contains(record.a) then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1113 host_ok_v4 = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1114 some_targets_ok = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1115 print(" "..target_host.." A record points to internal address, external connections might fail");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1116 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1117 print(" "..target_host.." A record points to unknown address "..record.a);
12319
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1118 unknown_addresses:add(record.a);
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1119 all_targets_ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1120 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1121 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1122 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1123 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1124 do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1125 local res = dns.lookup(idna.to_ascii(target_host), "AAAA");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1126 if res then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1127 for _, record in ipairs(res) do
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1128 if external_addresses:contains(record.aaaa) then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1129 some_targets_ok = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1130 host_ok_v6 = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1131 elseif internal_addresses:contains(record.aaaa) then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1132 host_ok_v6 = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1133 some_targets_ok = true;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1134 print(" "..target_host.." AAAA record points to internal address, external connections might fail");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1135 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1136 print(" "..target_host.." AAAA record points to unknown address "..record.aaaa);
12319
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1137 unknown_addresses:add(record.aaaa);
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1138 all_targets_ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1139 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1140 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1141 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1142 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1143
11653
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents: 11652
diff changeset
1144 if host_ok_v4 and not use_ipv4 then
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents: 11652
diff changeset
1145 print(" Host "..target_host.." does seem to resolve to this server but IPv4 has been disabled");
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents: 11652
diff changeset
1146 all_targets_ok = false;
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents: 11652
diff changeset
1147 end
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents: 11652
diff changeset
1148
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents: 11652
diff changeset
1149 if host_ok_v6 and not use_ipv6 then
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents: 11652
diff changeset
1150 print(" Host "..target_host.." does seem to resolve to this server but IPv6 has been disabled");
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents: 11652
diff changeset
1151 all_targets_ok = false;
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents: 11652
diff changeset
1152 end
51141309ffc4 util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX
Kim Alvefur <zash@zash.se>
parents: 11652
diff changeset
1153
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1154 local bad_protos = {}
11651
c9f46d28ed7e util.prosodyctl.check: Silence IP protocol mismatches when disabled
Kim Alvefur <zash@zash.se>
parents: 11645
diff changeset
1155 if use_ipv4 and not host_ok_v4 then
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1156 table.insert(bad_protos, "IPv4");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1157 end
11651
c9f46d28ed7e util.prosodyctl.check: Silence IP protocol mismatches when disabled
Kim Alvefur <zash@zash.se>
parents: 11645
diff changeset
1158 if use_ipv6 and not host_ok_v6 then
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1159 table.insert(bad_protos, "IPv6");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1160 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1161 if #bad_protos > 0 then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1162 print(" Host "..target_host.." does not seem to resolve to this server ("..table.concat(bad_protos, "/")..")");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1163 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1164 if host_ok_v6 and not v6_supported then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1165 print(" Host "..target_host.." has AAAA records, but your version of LuaSocket does not support IPv6.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1166 print(" Please see https://prosody.im/doc/ipv6 for more information.");
11925
3e0d03a74285 util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false
Kim Alvefur <zash@zash.se>
parents: 11924
diff changeset
1167 elseif host_ok_v6 and not use_ipv6 then
3e0d03a74285 util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false
Kim Alvefur <zash@zash.se>
parents: 11924
diff changeset
1168 print(" Host "..target_host.." has AAAA records, but IPv6 is disabled.");
3e0d03a74285 util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false
Kim Alvefur <zash@zash.se>
parents: 11924
diff changeset
1169 -- TODO Tell them to drop the AAAA records or enable IPv6?
3e0d03a74285 util.prosodyctl.check: Highlight inconsistency of AAAA records and use_ipv6=false
Kim Alvefur <zash@zash.se>
parents: 11924
diff changeset
1170 print(" Please see https://prosody.im/doc/ipv6 for more information.");
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1171 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1172 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1173 if not all_targets_ok then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1174 print(" "..(some_targets_ok and "Only some" or "No").." targets for "..host.." appear to resolve to this server.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1175 if is_component then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1176 print(" DNS records are necessary if you want users on other servers to access this component.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1177 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1178 problem_hosts:add(host);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1179 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1180 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1181 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1182 if not problem_hosts:empty() then
12319
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1183 if not unknown_addresses:empty() then
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1184 print("");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1185 print("Some of your DNS records point to unknown IP addresses. This may be expected if your server");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1186 print("is behind a NAT or proxy. The unrecognized addresses were:");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1187 print("");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1188 print(" Unrecognized: "..tostring(unknown_addresses));
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1189 print("");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1190 print("The addresses we found on this system are:");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1191 print("");
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1192 print(" Internal: "..tostring(internal_addresses));
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1193 print(" External: "..tostring(external_addresses));
13219
22763b30e458 util.prosodyctl.check: Hint about the 'external_addresses' config option
Kim Alvefur <zash@zash.se>
parents: 13217
diff changeset
1194 print("")
22763b30e458 util.prosodyctl.check: Hint about the 'external_addresses' config option
Kim Alvefur <zash@zash.se>
parents: 13217
diff changeset
1195 print("If the list of external external addresses is incorrect you can specify correct addresses in the config:")
22763b30e458 util.prosodyctl.check: Hint about the 'external_addresses' config option
Kim Alvefur <zash@zash.se>
parents: 13217
diff changeset
1196 print(" external_addresses = { \"192.0.2.34\", \"2001:db8::abcd:1234\" }")
12319
8fc3c06f922d prosodyctl: check dns: List discovered addresses for diagnostic purposes
Matthew Wild <mwild1@gmail.com>
parents: 12318
diff changeset
1197 end
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1198 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1199 print("For more information about DNS configuration please see https://prosody.im/doc/dns");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1200 print("");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1201 ok = false;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1202 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1203 end
13301
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1204 function checks.certs()
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1205 local cert_ok;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1206 print"Checking certificates..."
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
1207 local x509_verify_identity = require"prosody.util.x509".verify_identity;
13302
30b7cd40ee14 util.prosodyctl.check: Print DANE TLSA records for certificates
Kim Alvefur <zash@zash.se>
parents: 13301
diff changeset
1208 local use_dane = configmanager.get("*", "use_dane");
30b7cd40ee14 util.prosodyctl.check: Print DANE TLSA records for certificates
Kim Alvefur <zash@zash.se>
parents: 13301
diff changeset
1209 local pem2der = require"prosody.util.x509".pem2der;
30b7cd40ee14 util.prosodyctl.check: Print DANE TLSA records for certificates
Kim Alvefur <zash@zash.se>
parents: 13301
diff changeset
1210 local sha256 = require"prosody.util.hashes".sha256;
12975
d10957394a3c util: Prefix module imports with prosody namespace
Kim Alvefur <zash@zash.se>
parents: 12899
diff changeset
1211 local create_context = require "prosody.core.certmanager".create_context;
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1212 local ssl = dependencies.softreq"ssl";
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1213 -- local datetime_parse = require"util.datetime".parse_x509;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1214 local load_cert = ssl and ssl.loadcertificate;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1215 -- or ssl.cert_from_pem
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1216 if not ssl then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1217 print("LuaSec not available, can't perform certificate checks")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1218 if what == "certs" then cert_ok = false end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1219 elseif not load_cert then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1220 print("This version of LuaSec (" .. ssl._VERSION .. ") does not support certificate checking");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1221 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1222 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1223 for host in it.filter(skip_bare_jid_hosts, enabled_hosts()) do
13324
6f371066d6e0 util.prosodyctl.check: Simplify conditions for c2s and s2s cert checks
Kim Alvefur <zash@zash.se>
parents: 13316
diff changeset
1224 local modules = modulemanager.get_modules_for_host(host);
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1225 print("Checking certificate for "..host);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1226 -- First, let's find out what certificate this host uses.
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1227 local host_ssl_config = configmanager.rawget(host, "ssl")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1228 or configmanager.rawget(host:match("%.(.*)"), "ssl");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1229 local global_ssl_config = configmanager.rawget("*", "ssl");
13301
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1230 local ctx_ok, err, ssl_config = create_context(host, "server", host_ssl_config, global_ssl_config);
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1231 if not ctx_ok then
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1232 print(" Error: "..err);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1233 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1234 elseif not ssl_config.certificate then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1235 print(" No 'certificate' found for "..host)
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1236 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1237 elseif not ssl_config.key then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1238 print(" No 'key' found for "..host)
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1239 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1240 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1241 local key, err = io.open(ssl_config.key); -- Permissions check only
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1242 if not key then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1243 print(" Could not open "..ssl_config.key..": "..err);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1244 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1245 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1246 key:close();
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1247 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1248 local cert_fh, err = io.open(ssl_config.certificate); -- Load the file.
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1249 if not cert_fh then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1250 print(" Could not open "..ssl_config.certificate..": "..err);
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1251 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1252 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1253 print(" Certificate: "..ssl_config.certificate)
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1254 local cert = load_cert(cert_fh:read"*a"); cert_fh:close();
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1255 if not cert:validat(os.time()) then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1256 print(" Certificate has expired.")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1257 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1258 elseif not cert:validat(os.time() + 86400) then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1259 print(" Certificate expires within one day.")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1260 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1261 elseif not cert:validat(os.time() + 86400*7) then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1262 print(" Certificate expires within one week.")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1263 elseif not cert:validat(os.time() + 86400*31) then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1264 print(" Certificate expires within one month.")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1265 end
13324
6f371066d6e0 util.prosodyctl.check: Simplify conditions for c2s and s2s cert checks
Kim Alvefur <zash@zash.se>
parents: 13316
diff changeset
1266 if modules:contains("c2s") and not x509_verify_identity(host, "_xmpp-client", cert) then
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1267 print(" Not valid for client connections to "..host..".")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1268 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1269 end
13325
f32faaea3461 util.prosodyctl.check: Update conditions for s2s cert checks
Kim Alvefur <zash@zash.se>
parents: 13324
diff changeset
1270 local anon = api(host):get_option_string("authentication", "internal_hashed") == "anonymous";
f32faaea3461 util.prosodyctl.check: Update conditions for s2s cert checks
Kim Alvefur <zash@zash.se>
parents: 13324
diff changeset
1271 local anon_s2s = api(host):get_option_boolean("allow_anonymous_s2s", false);
f32faaea3461 util.prosodyctl.check: Update conditions for s2s cert checks
Kim Alvefur <zash@zash.se>
parents: 13324
diff changeset
1272 if modules:contains("s2s") and (anon_s2s or not anon) and not x509_verify_identity(host, "_xmpp-server", cert) then
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1273 print(" Not valid for server-to-server connections to "..host..".")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1274 cert_ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1275 end
13326
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
1276
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
1277 local known_http_modules = set.new { "bosh"; "http_files"; "http_file_share"; "http_openmetrics"; "websocket" };
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
1278 local http_loaded = modules:contains("http")
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
1279 or not set.intersection(modules, known_http_modules):empty()
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
1280 or contains_match(modules, "^http_")
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
1281 or contains_match(modules, "_web$");
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
1282
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
1283 local http_host = api(host):get_option_string("http_host", host);
13327
f0fc6e7cc4de util.prosodyctl.check: Disable https cert check if http_external_url set
Kim Alvefur <zash@zash.se>
parents: 13326
diff changeset
1284 if api(host):get_option_string("http_external_url") then
f0fc6e7cc4de util.prosodyctl.check: Disable https cert check if http_external_url set
Kim Alvefur <zash@zash.se>
parents: 13326
diff changeset
1285 -- Assumed behind a reverse proxy
f0fc6e7cc4de util.prosodyctl.check: Disable https cert check if http_external_url set
Kim Alvefur <zash@zash.se>
parents: 13326
diff changeset
1286 http_loaded = false;
f0fc6e7cc4de util.prosodyctl.check: Disable https cert check if http_external_url set
Kim Alvefur <zash@zash.se>
parents: 13326
diff changeset
1287 end
13326
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
1288 if http_loaded and not x509_verify_identity(http_host, nil, cert) then
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
1289 print(" Not valid for HTTPS connections to "..host..".")
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
1290 cert_ok = false
76b6556c0f67 util.prosodyctl.check: Check cert for HTTPS if http module enabled
Kim Alvefur <zash@zash.se>
parents: 13325
diff changeset
1291 end
13302
30b7cd40ee14 util.prosodyctl.check: Print DANE TLSA records for certificates
Kim Alvefur <zash@zash.se>
parents: 13301
diff changeset
1292 if use_dane then
30b7cd40ee14 util.prosodyctl.check: Print DANE TLSA records for certificates
Kim Alvefur <zash@zash.se>
parents: 13301
diff changeset
1293 if cert.pubkey then
30b7cd40ee14 util.prosodyctl.check: Print DANE TLSA records for certificates
Kim Alvefur <zash@zash.se>
parents: 13301
diff changeset
1294 print(" DANE: TLSA 3 1 1 "..sha256(pem2der(cert:pubkey()), true))
30b7cd40ee14 util.prosodyctl.check: Print DANE TLSA records for certificates
Kim Alvefur <zash@zash.se>
parents: 13301
diff changeset
1295 elseif cert.pem then
30b7cd40ee14 util.prosodyctl.check: Print DANE TLSA records for certificates
Kim Alvefur <zash@zash.se>
parents: 13301
diff changeset
1296 print(" DANE: TLSA 3 0 1 "..sha256(pem2der(cert:pem()), true))
30b7cd40ee14 util.prosodyctl.check: Print DANE TLSA records for certificates
Kim Alvefur <zash@zash.se>
parents: 13301
diff changeset
1297 end
30b7cd40ee14 util.prosodyctl.check: Print DANE TLSA records for certificates
Kim Alvefur <zash@zash.se>
parents: 13301
diff changeset
1298 end
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1299 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1300 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1301 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1302 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1303 if cert_ok == false then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1304 print("")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1305 print("For more information about certificates please see https://prosody.im/doc/certificates");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1306 ok = false
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1307 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1308 print("")
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1309 end
11779
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1310 -- intentionally not doing this by default
13301
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1311 function checks.connectivity()
11782
d93107de52dd util.prosodyctl.check: Ignore unused "ok" variable [luacheck]
Kim Alvefur <zash@zash.se>
parents: 11780
diff changeset
1312 local _, prosody_is_running = is_prosody_running();
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
1313 if api("*"):get_option_string("pidfile") and not prosody_is_running then
11780
98ae95235775 util.prosodyctl.check: Refuse to do ojn test unless prosody is running
Kim Alvefur <zash@zash.se>
parents: 11779
diff changeset
1314 print("Prosody does not appear to be running, which is required for this test.");
98ae95235775 util.prosodyctl.check: Refuse to do ojn test unless prosody is running
Kim Alvefur <zash@zash.se>
parents: 11779
diff changeset
1315 print("Start it and then try again.");
98ae95235775 util.prosodyctl.check: Refuse to do ojn test unless prosody is running
Kim Alvefur <zash@zash.se>
parents: 11779
diff changeset
1316 return 1;
98ae95235775 util.prosodyctl.check: Refuse to do ojn test unless prosody is running
Kim Alvefur <zash@zash.se>
parents: 11779
diff changeset
1317 end
98ae95235775 util.prosodyctl.check: Refuse to do ojn test unless prosody is running
Kim Alvefur <zash@zash.se>
parents: 11779
diff changeset
1318
11827
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1319 local checker = "observe.jabber.network";
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1320 local probe_instance;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1321 local probe_modules = {
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1322 ["xmpp-client"] = "c2s_normal_auth";
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1323 ["xmpp-server"] = "s2s_normal";
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1324 ["xmpps-client"] = nil; -- TODO
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1325 ["xmpps-server"] = nil; -- TODO
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1326 };
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
1327 local probe_settings = api("*"):get_option_string("connectivity_probe");
11827
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1328 if type(probe_settings) == "string" then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1329 probe_instance = probe_settings;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1330 elseif type(probe_settings) == "table" and type(probe_settings.url) == "string" then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1331 probe_instance = probe_settings.url;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1332 if type(probe_settings.modules) == "table" then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1333 probe_modules = probe_settings.modules;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1334 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1335 elseif probe_settings ~= nil then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1336 print("The 'connectivity_probe' setting not understood.");
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1337 print("Expected an URL or a table with 'url' and 'modules' fields");
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1338 print("See https://prosody.im/doc/prosodyctl#check for more information."); -- FIXME
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1339 return 1;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1340 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1341
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1342 local check_api;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1343 if probe_instance then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1344 local parsed_url = socket_url.parse(probe_instance);
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1345 if not parsed_url then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1346 print(("'connectivity_probe' is not a valid URL: %q"):format(probe_instance));
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1347 print("Set it to the URL of an XMPP Blackbox Exporter instance and try again");
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1348 return 1;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1349 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1350 checker = parsed_url.host;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1351
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1352 function check_api(protocol, host)
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1353 local target = socket_url.build({scheme="xmpp",path=host});
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1354 local probe_module = probe_modules[protocol];
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1355 if not probe_module then
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1356 return nil, "Checking protocol '"..protocol.."' is currently unsupported";
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1357 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1358 return check_probe(probe_instance, probe_module, target);
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1359 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1360 else
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1361 check_api = check_ojn;
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1362 end
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1363
11779
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1364 for host in it.filter(skip_bare_jid_hosts, enabled_hosts()) do
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1365 local modules, component_module = modulemanager.get_modules_for_host(host);
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1366 if component_module then
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1367 modules:add(component_module)
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1368 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1369
11827
2359519260ec prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check
Kim Alvefur <zash@zash.se>
parents: 11826
diff changeset
1370 print("Checking external connectivity for "..host.." via "..checker)
11779
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1371 local function check_connectivity(protocol)
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1372 local success, err = check_api(protocol, host);
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1373 if not success and err ~= nil then
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1374 print((" %s: Failed to request check at API: %s"):format(protocol, err))
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1375 elseif success then
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1376 print((" %s: Works"):format(protocol))
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1377 else
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1378 print((" %s: Check service failed to establish (secure) connection"):format(protocol))
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1379 ok = false
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1380 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1381 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1382
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1383 if modules:contains("c2s") then
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1384 check_connectivity("xmpp-client")
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
1385 if not api("*"):get_option_set("c2s_direct_tls_ports", {}):empty() then
11957
3a7ce7df7806 util.prosodyctl.check: Support direct TLS connectivity checks
Kim Alvefur <zash@zash.se>
parents: 11940
diff changeset
1386 check_connectivity("xmpps-client");
3a7ce7df7806 util.prosodyctl.check: Support direct TLS connectivity checks
Kim Alvefur <zash@zash.se>
parents: 11940
diff changeset
1387 end
11779
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1388 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1389
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1390 if modules:contains("s2s") then
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1391 check_connectivity("xmpp-server")
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
1392 if not api("*"):get_option_set("s2s_direct_tls_ports", {}):empty() then
11957
3a7ce7df7806 util.prosodyctl.check: Support direct TLS connectivity checks
Kim Alvefur <zash@zash.se>
parents: 11940
diff changeset
1393 check_connectivity("xmpps-server");
3a7ce7df7806 util.prosodyctl.check: Support direct TLS connectivity checks
Kim Alvefur <zash@zash.se>
parents: 11940
diff changeset
1394 end
11779
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1395 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1396
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1397 print()
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1398 end
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1399 print("Note: The connectivity check only checks the reachability of the domain.")
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1400 print("Note: It does not ensure that the check actually reaches this specific prosody instance.")
f4f0bdaeabd2 prosodyctl: Add external connectivity check based on observe.jabber.network
Jonas Schäfer <jonas@wielicki.name>
parents: 11778
diff changeset
1401 end
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1402
13301
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1403 function checks.turn()
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1404 local turn_enabled_hosts = {};
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1405 local turn_services = {};
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1406
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1407 for host in enabled_hosts() do
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1408 local has_external_turn = modulemanager.get_modules_for_host(host):contains("turn_external");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1409 if has_external_turn then
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
1410 local hostapi = api(host);
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1411 table.insert(turn_enabled_hosts, host);
13216
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
1412 local turn_host = hostapi:get_option_string("turn_external_host", host);
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
1413 local turn_port = hostapi:get_option_number("turn_external_port", 3478);
fcc052ca1652 util.prosodyctl.check: Get some config options via minimal moduleapi #896
Kim Alvefur <zash@zash.se>
parents: 13121
diff changeset
1414 local turn_secret = hostapi:get_option_string("turn_external_secret");
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1415 if not turn_secret then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1416 print("Error: Your configuration is missing a turn_external_secret for "..host);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1417 print("Error: TURN will not be advertised for this host.");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1418 ok = false;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1419 else
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1420 local turn_id = ("%s:%d"):format(turn_host, turn_port);
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1421 if turn_services[turn_id] and turn_services[turn_id].secret ~= turn_secret then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1422 print("Error: Your configuration contains multiple differing secrets");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1423 print(" for the TURN service at "..turn_id.." - we will only test one.");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1424 elseif not turn_services[turn_id] then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1425 turn_services[turn_id] = {
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1426 host = turn_host;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1427 port = turn_port;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1428 secret = turn_secret;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1429 };
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1430 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1431 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1432 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1433 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1434
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1435 if what == "turn" then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1436 local count = it.count(pairs(turn_services));
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1437 if count == 0 then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1438 print("Error: Unable to find any TURN services configured. Enable mod_turn_external!");
12488
3183f358a88f util.prosodyctl.check: turn: Report lack of TURN services as a problem #1749
Kim Alvefur <zash@zash.se>
parents: 12466
diff changeset
1439 ok = false;
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1440 else
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1441 print("Identified "..tostring(count).." TURN services.");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1442 print("");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1443 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1444 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1445
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1446 for turn_id, turn_service in pairs(turn_services) do
12377
317132bca8c0 prosodyctl: check: include TURN checks by default
Matthew Wild <mwild1@gmail.com>
parents: 12376
diff changeset
1447 print("Testing TURN service "..turn_id.."...");
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1448
12372
1ba451c10f41 prosodyctl: check turn: Add support for testing data relay with an external STUN server via --ping
Matthew Wild <mwild1@gmail.com>
parents: 12362
diff changeset
1449 local result = check_turn_service(turn_service, opts.ping);
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1450 if #result.warnings > 0 then
12381
d999c2b3e289 prosodyctl: check turn: fix formatting of multiple warnings
Matthew Wild <mwild1@gmail.com>
parents: 12380
diff changeset
1451 print(("%d warnings:\n"):format(#result.warnings));
d999c2b3e289 prosodyctl: check turn: fix formatting of multiple warnings
Matthew Wild <mwild1@gmail.com>
parents: 12380
diff changeset
1452 print(" "..table.concat(result.warnings, "\n "));
d999c2b3e289 prosodyctl: check turn: fix formatting of multiple warnings
Matthew Wild <mwild1@gmail.com>
parents: 12380
diff changeset
1453 print("");
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1454 end
12380
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1455
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1456 if opts.verbose then
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1457 if result.external_ip then
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1458 print(("External IP: %s"):format(result.external_ip.address));
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1459 end
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1460 if result.relayed_addresses then
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1461 for i, relayed_address in ipairs(result.relayed_addresses) do
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1462 print(("Relayed address %d: %s:%d"):format(i, relayed_address.address, relayed_address.port));
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1463 end
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1464 end
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1465 if result.external_ip_pong then
12390
71b5c9b8b07a prosodyctl: check turn: warn about external port mismatches behind NAT
Matthew Wild <mwild1@gmail.com>
parents: 12385
diff changeset
1466 print(("TURN external address: %s:%d"):format(result.external_ip_pong.address, result.external_ip_pong.port));
12380
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1467 end
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1468 end
3a702f37e87c prosodyctl: check turn: always show debug info even if test fails
Matthew Wild <mwild1@gmail.com>
parents: 12379
diff changeset
1469
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1470 if result.error then
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1471 print("Error: "..result.error.."\n");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1472 ok = false;
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1473 else
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1474 print("Success!\n");
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1475 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1476 end
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1477 end
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1478
13710
f7de36fed53c prosodyctl: check: Fix variable name (thanks luacheck)
Matthew Wild <mwild1@gmail.com>
parents: 13708
diff changeset
1479 function checks.features(check_host, quiet)
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1480 if not quiet then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1481 print("Feature report");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1482 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1483
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1484 local common_subdomains = {
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1485 http_file_share = "share";
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1486 muc = "groups";
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1487 };
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1488
13717
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1489 local recommended_component_modules = {
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1490 muc = { "muc_mam" };
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1491 };
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1492
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1493 local function print_feature_status(feature, host)
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1494 if quiet then return; end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1495 print("", feature.ok and "OK" or "(!)", feature.name);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1496 if not feature.ok then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1497 if feature.lacking_modules then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1498 table.sort(feature.lacking_modules);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1499 print("", "", "Suggested modules: ");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1500 for _, module in ipairs(feature.lacking_modules) do
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1501 print("", "", (" - %s: https://prosody.im/doc/modules/mod_%s"):format(module, module));
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1502 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1503 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1504 if feature.lacking_components then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1505 table.sort(feature.lacking_components);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1506 for _, component_module in ipairs(feature.lacking_components) do
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1507 local subdomain = common_subdomains[component_module];
13717
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1508 local recommended_mods = recommended_component_modules[component_module];
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1509 if subdomain then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1510 print("", "", "Suggested component:");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1511 print("");
13717
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1512 print("", "", "", ("-- Documentation: https://prosody.im/doc/modules/mod_%s"):format(component_module));
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1513 print("", "", "", ("Component %q %q"):format(subdomain.."."..host, component_module));
13717
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1514 if recommended_mods then
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1515 print("", "", "", " modules_enabled = {");
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1516 table.sort(recommended_mods);
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1517 for _, mod in ipairs(recommended_mods) do
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1518 print("", "", "", (" %q;"):format(mod));
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1519 end
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1520 print("", "", "", " }");
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1521 end
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1522 else
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1523 print("", "", ("Suggested component: %s"):format(component_module));
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1524 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1525 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1526 print("");
13722
8bf5d07e3796 util.prosodyctl.check: Fix typo in informational message
Matthew Wild <mwild1@gmail.com>
parents: 13717
diff changeset
1527 print("", "", "If you have already configured any of these components, they may not be");
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1528 print("", "", "linked correctly to "..host..". For more info see https://prosody.im/doc/components");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1529 end
13717
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1530 if feature.lacking_component_modules then
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1531 table.sort(feature.lacking_component_modules, function (a, b)
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1532 return a.host < b.host;
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1533 end);
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1534 for _, problem in ipairs(feature.lacking_component_modules) do
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1535 local hostapi = api(problem.host);
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1536 local current_modules_enabled = hostapi:get_option_array("modules_enabled", {});
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1537 print("", "", ("Component %q is missing the following modules: %s"):format(problem.host, table.concat(problem.missing_mods)));
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1538 print("");
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1539 print("","", "Add the missing modules to your modules_enabled under the Component, like this:");
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1540 print("");
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1541 print("");
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1542 print("", "", "", ("-- Documentation: https://prosody.im/doc/modules/mod_%s"):format(problem.component_module));
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1543 print("", "", "", ("Component %q %q"):format(problem.host, problem.component_module));
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1544 print("", "", "", (" modules_enabled = {"));
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1545 for _, mod in ipairs(current_modules_enabled) do
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1546 print("", "", "", (" %q;"):format(mod));
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1547 end
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1548 for _, mod in ipairs(problem.missing_mods) do
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1549 print("", "", "", (" %q; -- Add this!"):format(mod));
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1550 end
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1551 print("", "", "", (" }"));
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1552 end
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1553 end
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1554 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1555 print("");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1556 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1557
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1558 local all_ok = true;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1559
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1560 local config = configmanager.getconfig();
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1561
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1562 local f, s, v;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1563 if check_host then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1564 f, s, v = it.values({ check_host });
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1565 else
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1566 f, s, v = enabled_user_hosts();
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1567 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1568
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1569 for host in f, s, v do
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1570 local modules_enabled = set.new(config["*"].modules_enabled);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1571 modules_enabled:include(set.new(config[host].modules_enabled));
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1572
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1573 -- { [component_module] = { hostname1, hostname2, ... } }
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1574 local host_components = setmetatable({}, { __index = function (t, k) return rawset(t, k, {})[k]; end });
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1575
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1576 do
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1577 local hostapi = api(host);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1578
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1579 -- Find implicitly linked components
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1580 for other_host in enabled_components() do
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1581 local parent_host = other_host:match("^[^.]+%.(.+)$");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1582 if parent_host == host then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1583 local component_module = configmanager.get(other_host, "component_module");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1584 if component_module then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1585 table.insert(host_components[component_module], other_host);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1586 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1587 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1588 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1589
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1590 -- And components linked explicitly
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1591 for _, disco_item in ipairs(hostapi:get_option_array("disco_items", {})) do
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1592 local other_host = disco_item[1];
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1593 local component_module = configmanager.get(other_host, "component_module");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1594 if component_module then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1595 table.insert(host_components[component_module], other_host);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1596 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1597 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1598 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1599
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1600 local current_feature;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1601
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1602 local function check_module(suggested, alternate, ...)
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1603 if set.intersection(modules_enabled, set.new({suggested, alternate, ...})):empty() then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1604 current_feature.lacking_modules = current_feature.lacking_modules or {};
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1605 table.insert(current_feature.lacking_modules, suggested);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1606 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1607 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1608
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1609 local function check_component(suggested, alternate, ...)
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1610 local found;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1611 for _, component_module in ipairs({ suggested, alternate, ... }) do
13717
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1612 found = host_components[component_module][1];
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1613 if found then
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1614 local enabled_component_modules = api(found):get_option_inherited_set("modules_enabled");
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1615 local recommended_mods = recommended_component_modules[component_module];
13727
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1616 if recommended_mods then
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1617 local missing_mods = {};
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1618 for _, mod in ipairs(recommended_mods) do
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1619 if not enabled_component_modules:contains(mod) then
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1620 table.insert(missing_mods, mod);
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1621 end
13717
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1622 end
13727
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1623 if #missing_mods > 0 then
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1624 if not current_feature.lacking_component_modules then
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1625 current_feature.lacking_component_modules = {};
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1626 end
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1627 table.insert(current_feature.lacking_component_modules, {
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1628 host = found;
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1629 component_module = component_module;
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1630 missing_mods = missing_mods;
704765bfe0a3 prosodyctl: check features: Fix traceback for components with no recommended modules (thanks Menel, riau)
Matthew Wild <mwild1@gmail.com>
parents: 13723
diff changeset
1631 });
13717
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1632 end
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1633 end
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1634 end
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1635 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1636 if not found then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1637 current_feature.lacking_components = current_feature.lacking_components or {};
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1638 table.insert(current_feature.lacking_components, suggested);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1639 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1640 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1641
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1642 local features = {
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1643 {
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1644 name = "Basic functionality";
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1645 check = function ()
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1646 check_module("disco");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1647 check_module("roster");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1648 check_module("saslauth");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1649 check_module("tls");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1650 check_module("pep");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1651 end;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1652 };
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1653 {
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1654 name = "Multi-device sync";
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1655 check = function ()
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1656 check_module("carbons");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1657 check_module("mam");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1658 check_module("bookmarks");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1659 end;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1660 };
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1661 {
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1662 name = "Mobile optimizations";
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1663 check = function ()
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1664 check_module("smacks");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1665 check_module("csi_simple", "csi_battery_saver");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1666 end;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1667 };
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1668 {
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1669 name = "Web connections";
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1670 check = function ()
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1671 check_module("bosh");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1672 check_module("websocket");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1673 end;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1674 };
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1675 {
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1676 name = "User profiles";
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1677 check = function ()
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1678 check_module("vcard_legacy", "vcard");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1679 end;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1680 };
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1681 {
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1682 name = "Blocking";
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1683 check = function ()
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1684 check_module("blocklist");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1685 end;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1686 };
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1687 {
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1688 name = "Push notifications";
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1689 check = function ()
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1690 check_module("cloud_notify");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1691 end;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1692 };
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1693 {
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1694 name = "Audio/video calls";
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1695 check = function ()
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1696 check_module(
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1697 "turn_external",
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1698 "external_services",
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1699 "turncredentials",
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1700 "extdisco"
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1701 );
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1702 end;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1703 };
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1704 {
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1705 name = "File sharing";
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1706 check = function ()
13723
d7bf48d31374 util.prosodyctl.check: Recognise http_upload_external as a file upload service
Matthew Wild <mwild1@gmail.com>
parents: 13722
diff changeset
1707 check_component("http_file_share", "http_upload", "http_upload_external");
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1708 end;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1709 };
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1710 {
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1711 name = "Group chats";
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1712 check = function ()
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1713 check_component("muc");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1714 end;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1715 };
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1716 };
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1717
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1718 if not quiet then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1719 print(host);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1720 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1721
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1722 for _, feature in ipairs(features) do
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1723 current_feature = feature;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1724 feature.check();
13717
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1725 feature.ok = (
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1726 not feature.lacking_modules and
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1727 not feature.lacking_components and
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1728 not feature.lacking_component_modules
4f173a44370b prosodyctl: check features: check for mod_muc_mam on MUC components
Matthew Wild <mwild1@gmail.com>
parents: 13710
diff changeset
1729 );
13707
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1730 -- For improved presentation, we group the (ok) and (not ok) features
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1731 if feature.ok then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1732 print_feature_status(feature, host);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1733 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1734 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1735
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1736 for _, feature in ipairs(features) do
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1737 if not feature.ok then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1738 all_ok = false;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1739 print_feature_status(feature, host);
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1740 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1741 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1742
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1743 if not quiet then
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1744 print("");
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1745 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1746 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1747
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1748 return all_ok;
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1749 end
6c59b9072871 prosodyctl: check features: Check for recommended feature availability
Matthew Wild <mwild1@gmail.com>
parents: 13706
diff changeset
1750
13301
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1751 if what == nil or what == "all" then
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1752 local ret;
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1753 ret = checks.disabled();
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1754 if ret ~= nil then return ret; end
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1755 ret = checks.config();
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1756 if ret ~= nil then return ret; end
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1757 ret = checks.dns();
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1758 if ret ~= nil then return ret; end
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1759 ret = checks.certs();
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1760 if ret ~= nil then return ret; end
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1761 ret = checks.turn();
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1762 if ret ~= nil then return ret; end
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1763 elseif checks[what] then
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1764 local ret = checks[what]();
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1765 if ret ~= nil then return ret; end
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1766 else
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1767 show_warning("Don't know how to check '%s'. Try one of 'config', 'dns', 'certs', 'disabled', 'turn' or 'connectivity'.", what);
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1768 show_warning("Note: The connectivity check will connect to a remote server.");
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1769 return 1;
84d83f4a190f util.prosodyctl.check: Wrap each check in a function
Kim Alvefur <zash@zash.se>
parents: 13256
diff changeset
1770 end
12357
cd11d7c4af8b util.prosodyctl: check turn: New command to verify STUN/TURN service is operational
Matthew Wild <mwild1@gmail.com>
parents: 12233
diff changeset
1771
10871
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1772 if not ok then
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1773 print("Problems found, see above.");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1774 else
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1775 print("All checks passed, congratulations!");
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1776 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1777 return ok and 0 or 2;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1778 end
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1779
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1780 return {
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1781 check = check;
e5dee71d0ebb prosodyctl+util.prosodyctl.*: Start breaking up the ever-growing prosodyctl
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
1782 };