YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add category to services to have more meaningful messages in reports about port forwarding checks

Browse source
This commit is contained in:
Alexandre Aubin 2020-03-21 22:27:52 +01:00
parent 69bc12454e
commit 937d339631
4 changed files with 22 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
data/hooks/diagnosis/14-ports.py
View file

@ -21,7 +21,8 @@ class PortsDiagnoser(Diagnoser):
# 443: "nginx" # 443: "nginx"
# ... } # ... }
ports = {} ports = {}
for service, infos in _get_services().items(): services = _get_services()
for service, infos in services.items():
for port in infos.get("needs_exposed_ports", []): for port in infos.get("needs_exposed_ports", []):
ports[port] = service ports[port] = service
@ -39,17 +40,18 @@ class PortsDiagnoser(Diagnoser):
except Exception as e: except Exception as e:
raise YunohostError("diagnosis_ports_could_not_diagnose", error=e) raise YunohostError("diagnosis_ports_could_not_diagnose", error=e)
for port, service in ports.items(): for port, service in sorted(ports.items()):
category = services[service].get("category", "[?]")
if r["ports"].get(str(port), None) is not True: if r["ports"].get(str(port), None) is not True:
yield dict(meta={"port": port, "needed_by": service}, yield dict(meta={"port": port, "needed_by": service},
status="ERROR", status="ERROR",
summary=("diagnosis_ports_unreachable", {"port": port}), summary=("diagnosis_ports_unreachable", {"port": port}),
details=[("diagnosis_ports_needed_by", (service,)), ("diagnosis_ports_forwarding_tip", ())]) details=[("diagnosis_ports_needed_by", (service, category)), ("diagnosis_ports_forwarding_tip", ())])
else: else:
yield dict(meta={"port": port, "needed_by": service}, yield dict(meta={"port": port, "needed_by": service},
status="SUCCESS", status="SUCCESS",
summary=("diagnosis_ports_ok", {"port": port}), summary=("diagnosis_ports_ok", {"port": port}),
details=[("diagnosis_ports_needed_by", (service))]) details=[("diagnosis_ports_needed_by", (service, category))])
def main(args, env, loggers): def main(args, env, loggers):

15
data/templates/yunohost/services.yml
View file

@ -3,40 +3,53 @@ dnsmasq: {}
dovecot: dovecot:
log: [/var/log/mail.log,/var/log/mail.err] log: [/var/log/mail.log,/var/log/mail.err]
needs_exposed_ports: [993] needs_exposed_ports: [993]
category: email
fail2ban: fail2ban:
log: /var/log/fail2ban.log log: /var/log/fail2ban.log
category: security
metronome: metronome:
log: [/var/log/metronome/metronome.log,/var/log/metronome/metronome.err] log: [/var/log/metronome/metronome.log,/var/log/metronome/metronome.err]
needs_exposed_ports: [5222, 5269] needs_exposed_ports: [5222, 5269]
category: xmpp
mysql: mysql:
log: [/var/log/mysql.log,/var/log/mysql.err,/var/log/mysql/error.log] log: [/var/log/mysql.log,/var/log/mysql.err,/var/log/mysql/error.log]
alternates: ['mariadb'] alternates: ['mariadb']
category: database
nginx: nginx:
log: /var/log/nginx log: /var/log/nginx
test_conf: nginx -t test_conf: nginx -t
needs_exposed_ports: [80, 443] needs_exposed_ports: [80, 443]
category: web
nslcd: {} nslcd: {}
php7.0-fpm: php7.0-fpm:
log: /var/log/php7.0-fpm.log log: /var/log/php7.0-fpm.log
test_conf: php-fpm7.0 --test test_conf: php-fpm7.0 --test
category: web
postfix: postfix:
log: [/var/log/mail.log,/var/log/mail.err] log: [/var/log/mail.log,/var/log/mail.err]
test_status: systemctl show postfix@- | grep -q "^SubState=running" test_status: systemctl show postfix@- | grep -q "^SubState=running"
needs_exposed_ports: [25, 587] needs_exposed_ports: [25, 587]
category: email
redis-server: redis-server:
log: /var/log/redis/redis-server.log log: /var/log/redis/redis-server.log
category: database
rspamd: rspamd:
log: /var/log/rspamd/rspamd.log log: /var/log/rspamd/rspamd.log
slapd: {} category: email
slapd:
category: database
ssh: ssh:
log: /var/log/auth.log log: /var/log/auth.log
test_conf: sshd -t test_conf: sshd -t
needs_exposed_ports: [22] needs_exposed_ports: [22]
category: admin
yunohost-api: yunohost-api:
log: /var/log/yunohost/yunohost-api.log log: /var/log/yunohost/yunohost-api.log
category: admin
yunohost-firewall: yunohost-firewall:
need_lock: true need_lock: true
test_status: iptables -S | grep "^-A INPUT" | grep " --dport" | grep -q ACCEPT test_status: iptables -S | grep "^-A INPUT" | grep " --dport" | grep -q ACCEPT
category: security
glances: null glances: null
nsswitch: null nsswitch: null
ssl: null ssl: null

2
locales/en.json
View file

@ -210,7 +210,7 @@
"diagnosis_ports_could_not_diagnose": "Could not diagnose if ports are reachable from outside. Error: {error}", "diagnosis_ports_could_not_diagnose": "Could not diagnose if ports are reachable from outside. Error: {error}",
"diagnosis_ports_unreachable": "Port {port} is not reachable from outside.", "diagnosis_ports_unreachable": "Port {port} is not reachable from outside.",
"diagnosis_ports_ok": "Port {port} is reachable from outside.", "diagnosis_ports_ok": "Port {port} is reachable from outside.",
"diagnosis_ports_needed_by": "Exposing this port is needed for service {0}", "diagnosis_ports_needed_by": "Exposing this port is needed for {1} features (service {0})",
"diagnosis_ports_forwarding_tip": "To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config", "diagnosis_ports_forwarding_tip": "To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config",
"diagnosis_http_could_not_diagnose": "Could not diagnose if domain is reachable from outside. Error: {error}", "diagnosis_http_could_not_diagnose": "Could not diagnose if domain is reachable from outside. Error: {error}",
"diagnosis_http_ok": "Domain {domain} is reachable from outside.", "diagnosis_http_ok": "Domain {domain} is reachable from outside.",

2
locales/fr.json
View file

@ -746,7 +746,7 @@
"migration_description_0014_remove_app_status_json": "Supprimer les fichiers d'application status.json hérités", "migration_description_0014_remove_app_status_json": "Supprimer les fichiers d'application status.json hérités",
"diagnosis_services_running": "Le service {service} s'exécute correctement !", "diagnosis_services_running": "Le service {service} s'exécute correctement !",
"diagnosis_services_conf_broken": "La configuration est cassée pour le service {service} !", "diagnosis_services_conf_broken": "La configuration est cassée pour le service {service} !",
"diagnosis_ports_needed_by": "Rendre ce port accessible est nécessaire pour le service {0}", "diagnosis_ports_needed_by": "Rendre ce port accessible est nécessaire pour les fonctionnalités de type {1} (service {0})",
"diagnosis_ports_forwarding_tip": "Pour résoudre ce problème, vous devez probablement configurer la redirection de port sur votre routeur Internet comme décrit sur https://yunohost.org/isp_box_config", "diagnosis_ports_forwarding_tip": "Pour résoudre ce problème, vous devez probablement configurer la redirection de port sur votre routeur Internet comme décrit sur https://yunohost.org/isp_box_config",
"diagnosis_http_connection_error": "Erreur de connexion : impossible de se connecter au domaine demandé, il est probablement injoignable.", "diagnosis_http_connection_error": "Erreur de connexion : impossible de se connecter au domaine demandé, il est probablement injoignable.",
"diagnosis_no_cache": "Pas encore de cache de diagnostique pour la catégorie « {category} »", "diagnosis_no_cache": "Pas encore de cache de diagnostique pour la catégorie « {category} »",