aboutsummaryrefslogtreecommitdiffstats
path: root/util/prosodyctl/check.lua
Commit message (Collapse)AuthorAgeFilesLines
* Merge 0.12->trunkMatthew Wild2024-03-271-0/+51
|\
| * prosodyctl check: Warn about invalid domain names in the config fileMatthew Wild2024-03-271-0/+51
| | | | | | | | | | This ensures that domain names of virtual hosts and components are valid in XMPP, and that they are encoded correctly.
* | util.prosodyctl.check: Disable https cert check if http_external_url setKim Alvefur2023-11-131-0/+4
| | | | | | | | | | This would indicate that a reverse proxy is used, which gets to be responsible for that since it probably holds the actual cert.
* | util.prosodyctl.check: Check cert for HTTPS if http module enabledKim Alvefur2023-11-131-3/+13
| |
* | util.prosodyctl.check: Update conditions for s2s cert checksKim Alvefur2023-11-131-3/+3
| | | | | | | | | | | | The 'anonymous_login' setting is deprecated and prosodyctl check config will tell you to change it to 'authentication = "internal_hashed"', so we shouldn't need to care about here anymore.
* | util.prosodyctl.check: Simplify conditions for c2s and s2s cert checksKim Alvefur2023-11-131-3/+3
| | | | | | | | This code is hard to follow and in need of some refactoring.
* | util.prosodyctl.check: Try to clarify check for misplaced k=v in ↵Kim Alvefur2023-11-111-2/+2
| | | | | | | | modules_enabled (thanks aab and Menel)
* | util.prosodyctl.check: Print DANE TLSA records for certificatesKim Alvefur2023-11-031-0/+10
| | | | | | | | Not the prosodyctl check dane I wanted to make but a start.
* | util.prosodyctl.check: Wrap each check in a functionKim Alvefur2023-11-031-13/+29
| | | | | | | | | | | | | | One small refactor but one huge step in the right direction Mostly because adding another check would make the line checking for a valid check exceed the column limit.
* | Merge 0.12->trunkKim Alvefur2023-08-301-1/+1
|\|
| * util.prosodyctl.check: Correct modern replacement for 'disallow_s2s'0.12.4Kim Alvefur2023-08-271-1/+1
| | | | | | | | | | The code would have suggested adding to modules_enabled instead of modules_disabled
* | Merge 0.12->trunkKim Alvefur2023-07-171-0/+5
|\|
| * util.prosodyctl.check: Hint about the 'external_addresses' config optionKim Alvefur2023-07-171-0/+5
| |
* | Merge 0.12->trunkKim Alvefur2023-07-171-41/+82
|\|
| * util.prosodyctl.check: Validate format of module list optionsKim Alvefur2023-07-171-0/+28
| | | | | | | | Should detect things like misplaced settings inside modules_enabled
| * util.prosodyctl.check: Get some config options via minimal moduleapi #896Kim Alvefur2023-07-171-41/+54
| | | | | | | | | | | | The module API has certain coercion features that are useful. Fixes traceback reported in #1812 and other duplicates
* | Merge 0.12->trunkKim Alvefur2023-05-311-4/+5
|\|
| * util.prosodyctl.check: Fix error where hostname can't be turned into A labelKim Alvefur2023-05-311-4/+5
| | | | | | | | | | | | | | | | | | Where gethostname or tohostname returns an invalid name, e.g. containing underscores or something, to_ascii would reject this and return nil, which triggers an error in the dns lookup. Reported by prova2 in the chat, for whom tohostname returned a long name containing underscores.
* | util: Prefix module imports with prosody namespaceKim Alvefur2023-03-171-25/+25
| |
* | Merge 0.12->trunkKim Alvefur2023-02-221-2/+2
|\|
| * util.prosodyctl.check: Suggest 'http_cors_override' instead of older CORS ↵Kim Alvefur2023-02-221-2/+2
| | | | | | | | | | | | | | | | settings The cross_domain_* settings were added here prior to http_cors_override being added back in 17d87fb2312a, so for a time there was no replacement, but now there is.
* | Merge 0.12->trunkKim Alvefur2023-01-141-4/+8
|\|
| * prosodyctl check dns: Check for Direct TLS SRV records even if not ↵Kim Alvefur2023-01-141-4/+8
| | | | | | | | | | | | | | configured (fix #1793) Existing such records may cause timeouts or errors in clients and servers trying to connect, despite prosodyctl check saying all is well
* | prosodyctl: check turn: More clearly indicate the error is from TURN serverMatthew Wild2022-10-061-1/+1
|/
* util.prosodyctl.check: Remove now redundant unbound config tweakKim Alvefur2022-05-261-4/+0
| | | | | | | This is now done in net.unbound itself Turning it back on in the config may still cause the problem of entries there masking the DNS values.
* util.prosodyctl.check: turn: Report lack of TURN services as a problem #1749Kim Alvefur2022-05-031-0/+1
| | | | | Rationale: It seems unlikely that someone who has not configured any TURN service runs 'prosodyctl check turn' expecting this to be okay.
* util.prosodyctl: check turn: ensure a result is always returned from a check ↵Matthew Wild2022-04-131-2/+2
| | | | (thanks eTaurus)
* prosodyctl: check config: Report paths of loaded configuration files (fixed ↵Matthew Wild2022-03-281-0/+7
| | | | #1729)
* prosodyctl: check turn: Fail with error if our own address is supplied for ↵Matthew Wild2022-03-191-0/+6
| | | | the ping test
* prosodyctl: check config: Skip bare JID components in orphan checkMatthew Wild2022-03-191-1/+1
|
* prosodyctl: check turn: warn about external port mismatches behind NATMatthew Wild2022-03-111-5/+11
| | | | | | | Some NATs don't preserve port numbers, which can cause the TURN server's reported relay address to be incorrect (the TURN server has no way to predict what the external port is, so it can't be corrected in config like an IP mismatch can).
* prosodyctl: check turn: compare correct addresses for relay mismatch ↵Matthew Wild2022-03-051-2/+5
| | | | detection (thanks Zash)
* prosodyctl: check turn: Add check for private IP returned from STUN.Matthew Wild2022-03-051-0/+4
|
* prosodyctl: check turn: improve warning text to suggest issuesMatthew Wild2022-03-051-1/+5
|
* prosodyctl: check turn: fix traceback when server does not provide realm/nonceMatthew Wild2022-03-051-4/+12
| | | | As coturn when installed out of the box on Debian (because auth isn't enabled?)
* prosodyctl: check turn: fix formatting of multiple warningsMatthew Wild2022-03-051-2/+3
|
* prosodyctl: check turn: always show debug info even if test failsMatthew Wild2022-03-051-11/+15
|
* prosodyctl: check turn: Clearer error when unable to resolve external ↵Matthew Wild2022-03-051-1/+1
| | | | service host
* prosodyctl: check: include TURN checks by defaultMatthew Wild2022-03-051-2/+2
|
* prosodyctl: check: Slightly improved argument handlingMatthew Wild2022-03-051-1/+11
|
* prosodyctl: check turn: show relayed address(es) in verbose modeMatthew Wild2022-03-051-0/+7
|
* prosodyctl: check turn: Allow specifying port for the ping serviceMatthew Wild2022-03-051-2/+9
|
* prosodyctl: check turn: Add support for testing data relay with an external ↵Matthew Wild2022-03-051-4/+88
| | | | STUN server via --ping
* Merge config-updates+check-turn from timberMatthew Wild2022-03-041-2/+163
|\
| * util.prosodyctl: check turn: New command to verify STUN/TURN service is ↵Matthew Wild2022-03-041-2/+163
| | | | | | | | operational
* | prosodyctl: check dns: Allow admin to specify undiscoverable external IPs in ↵Matthew Wild2022-03-021-0/+5
| | | | | | | | config
* | prosodyctl: check dns: List discovered addresses for diagnostic purposesMatthew Wild2022-03-021-0/+16
| | | | | | | | | | | | It is very common to get the "unknown address" warning with this command, but people do not always understand it, or know how to debug it. Now we clearly show the addresses that prosodyctl discovered.
* | util.prosodyctl: check: warn about unreferenced components, suggest disco_itemsMatthew Wild2022-03-021-0/+35
| |
* | util.prosodyctl: Warn about enabled public registration in 'check config'Matthew Wild2022-03-021-0/+28
|/
* util.prosodyctl.check: Fix reset of libunbound before DNS checksKim Alvefur2022-02-011-1/+1
| | | | | | | Probably worked anyway but settings might not always have been applied depending on what order things happens in. Error was hidden by the pcall, which was sorta intentional...