YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

First version of http exposure diagnosis

Browse source
This commit is contained in:
Alexandre Aubin 2019-07-31 01:08:21 +02:00
parent 6c48c131a8
commit f050b3c5b8
4 changed files with 64 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
data/hooks/diagnosis/16-http.py Normal file
View file

@ -0,0 +1,54 @@
#!/usr/bin/env python
import os
import random
import requests
from yunohost.diagnosis import Diagnoser
from yunohost.domain import domain_list
from yunohost.utils.error import YunohostError
class HttpDiagnoser(Diagnoser):
id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1]
cache_duration = 3600
def run(self):
nonce_digits = "0123456789abcedf"
all_domains = domain_list()["domains"]
for domain in all_domains:
nonce = ''.join(random.choice(nonce_digits) for i in range(16))
os.system("rm -rf /tmp/.well-known/ynh-diagnosis/")
os.system("mkdir -p /tmp/.well-known/ynh-diagnosis/")
os.system("touch /tmp/.well-known/ynh-diagnosis/%s" % nonce)
try:
r = requests.post('https://ynhdiagnoser.netlib.re/check-http', json={'domain': domain, "nonce": nonce}, timeout=30).json()
print(r)
if "status" not in r.keys():
raise Exception("Bad syntax for response ? Raw json: %s" % str(r))
elif r["status"] == "error" and ("code" not in r.keys() or r["code"] not in ["error_http_check_connection_error", "error_http_check_unknown_error"]):
if "content" in r.keys():
raise Exception(r["content"])
else:
raise Exception("Bad syntax for response ? Raw json: %s" % str(r))
except Exception as e:
print(e)
raise YunohostError("diagnosis_http_could_not_diagnose", error=e)
if r["status"] == "ok":
yield dict(meta={"domain": domain},
status="SUCCESS",
summary=("diagnosis_http_ok", {"domain": domain}))
else:
yield dict(meta={"domain": domain},
status="ERROR",
summary=("diagnosis_http_unreachable", {"domain": domain}))
def main(args, env, loggers):
return HttpDiagnoser(args, env, loggers).diagnose()

4
data/templates/nginx/server.tpl.conf
View file

@ -16,6 +16,10 @@ server {
return 301 https://$http_host$request_uri;
}
location /.well-known/ynh-diagnosis/ {
alias /tmp/.well-known/ynh-diagnosis/;
}
location /.well-known/autoconfig/mail/ {
alias /var/www/.well-known/{{ domain }}/autoconfig/mail/;
}

4
locales/en.json
View file

@ -178,9 +178,13 @@
"diagnosis_description_services": "Services status check",
"diagnosis_description_diskusage": "Disk usage",
"diagnosis_description_ports": "Ports exposure",
"diagnosis_description_http": "HTTP exposure",
"diagnosis_ports_could_not_diagnose": "Could not diagnose if ports are reachable from outside. Error: {error}",
"diagnosis_ports_unreachable": "Port {port} is not reachable from outside.",
"diagnosis_ports_ok": "Relevant ports are reachable from outside!",
"diagnosis_http_could_not_diagnose": "Could not diagnose if domain is reachable from outside. Error: {error}",
"diagnosis_http_ok": "Domain {domain} is reachable from outside.",
"diagnosis_http_unreachable": "Domain {domain} is unreachable through HTTP from outside.",
"domain_cannot_remove_main": "Cannot remove main domain. Set a new main domain first",
"domain_cert_gen_failed": "Could not generate certificate",
"domain_created": "Domain created",

3
src/yunohost/app.py
View file

@ -1463,7 +1463,8 @@ def app_ssowatconf():
for domain in domains:
skipped_urls.extend([domain + '/yunohost/admin', domain + '/yunohost/api'])
# Authorize ACME challenge url
# Authorize ynh remote diagnosis, ACME challenge and mail autoconfig urls
skipped_regex.append("^[^/]*/%.well%-known/ynh%-diagnosis/.*$")
skipped_regex.append("^[^/]*/%.well%-known/acme%-challenge/.*$")
skipped_regex.append("^[^/]*/%.well%-known/autoconfig/mail/config%-v1%.1%.xml.*$")