Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | prosodyctl: check dns: List discovered addresses for diagnostic purposes | Matthew Wild | 2022-03-02 | 1 | -0/+16 |
| | | | | | | It is very common to get the "unknown address" warning with this command, but people do not always understand it, or know how to debug it. Now we clearly show the addresses that prosodyctl discovered. | ||||
* | util.prosodyctl: check: warn about unreferenced components, suggest disco_items | Matthew Wild | 2022-03-02 | 1 | -0/+35 |
| | |||||
* | util.prosodyctl: Warn about enabled public registration in 'check config' | Matthew Wild | 2022-03-02 | 1 | -0/+28 |
| | |||||
* | util.prosodyctl.check: Fix reset of libunbound before DNS checks | Kim Alvefur | 2022-02-01 | 1 | -1/+1 |
| | | | | | | | Probably worked anyway but settings might not always have been applied depending on what order things happens in. Error was hidden by the pcall, which was sorta intentional... | ||||
* | util.prosodyctl.check: Fix A/AAAA check for proxy65 and http | Kim Alvefur | 2022-01-30 | 1 | -2/+2 |
| | | | | | | When there are no records to return the return value from dns.lookup() might be nil or might be a table containing zero records, depending on which DNS library is used | ||||
* | util.prosodyctl.check: Include multiplexed ports in DNS checks #1704 | Kim Alvefur | 2022-01-30 | 1 | -0/+13 |
| | |||||
* | util.prosodyctl.cert: Look for certs matching 'http_host' | Kim Alvefur | 2022-01-27 | 1 | -0/+4 |
| | | | | | This should ensure any certificate needed for HTTP services will also be included in the certificate import. | ||||
* | util.prosodyctl.check: Fix use of LuaSocket URL parser | Kim Alvefur | 2022-01-27 | 1 | -1/+1 |
| | |||||
* | util.prosodyctl.check: Add HTTP related DNS checks | Kim Alvefur | 2022-01-27 | 1 | -8/+41 |
| | | | | | Since XEP-0363 is essentially mandatory now this will hopefully help diagnose some common issues. | ||||
* | util.prosodyctl.cert: Look for certificates in a consistent order | Kim Alvefur | 2022-01-26 | 1 | -0/+9 |
| | | | | | | | | | Shortest first, then alphabetically, so that it prefers the base domain over subdomains. Fixes that it might otherwise pick a random sub-domain for filename on each run, cluttering the certs directory and potentially tricking Prosody into using an older certificate that might be about to expire. | ||||
* | util.prosodyctl.cert: Check success of copy operations, warn on fail | Kim Alvefur | 2022-01-19 | 1 | -4/+9 |
| | | | | | Debugging a case where certs are not imported correctly but prosodyctl still reports success. Hoping this will shed some light on it. | ||||
* | util.prosodyctl.cert: Pass variables via formatting instead of concatenation | Kim Alvefur | 2022-01-19 | 1 | -5/+5 |
| | | | | | Prevents potential weirdness in case there's any %s or such in a host, file or directory name, since show_warning() is printf(). | ||||
* | util.prosodyctl.cert: Fix boolean logic bug | Kim Alvefur | 2022-01-09 | 1 | -1/+1 |
| | | | | | | | Boolean logic, never correct on the first try. We want to skip copying the same cert if it _has_ been imported already, not if it has not. | ||||
* | util.prosodyctl.check: Parameterize replacement instructions | Kim Alvefur | 2022-01-08 | 1 | -11/+25 |
| | | | | | This ought to make it easier to translate in the future. And easier to reword, now! | ||||
* | util.prosodyctl.check: Move word to ease future translations | Kim Alvefur | 2022-01-08 | 1 | -13/+13 |
| | | | | | | | | | | | Recent experience with translations in the context of Snikket highlighted that sentences spread across concatenated strings like this makes the experience less than pleasant for translators. We don't have translation yet, but it is a future goal and why not? The duplication can be solved with a parameterized function for the common cases. | ||||
* | util.prosodyctl.check: Use same wording about 'daemonize' and 'no_daemonize' | Kim Alvefur | 2022-01-08 | 1 | -1/+1 |
| | | | | Why would they use different wording? | ||||
* | util.prosodyctl.check: Remove obsolete settings from known globals | Kim Alvefur | 2021-12-25 | 1 | -2/+0 |
| | |||||
* | util.prosodyctl.check: Add some more obsolete settings | Kim Alvefur | 2021-12-25 | 1 | -0/+6 |
| | |||||
* | util.prosodyctl.cert: Copy SAN/wildcard certs only once | Kim Alvefur | 2021-12-22 | 1 | -1/+5 |
| | |||||
* | prosodyctl cert: use the indexing functions for better UX | Jonas Schäfer | 2021-12-21 | 1 | -13/+15 |
| | | | | | | These provide (a) a way to deal with random assortments of certs and (b) avoid unnecessary error messages and warnings, according to #1669 anyway, which this fixes. | ||||
* | core.certmanager: Rename preset option to 'tls_preset' | Kim Alvefur | 2021-12-22 | 1 | -0/+1 |
| | | | | TLS good, SSL bad. | ||||
* | util.prosodyctl.check: Support direct TLS connectivity checks | Kim Alvefur | 2021-11-28 | 1 | -0/+6 |
| | | | | | | Currently only supported with OJN Assumption: the direct_tls_ports are not empty when set. | ||||
* | util.prosodyctl.check: Add mod_http_openmetrics settings to known globals | Kim Alvefur | 2021-11-25 | 1 | -0/+2 |
| | |||||
* | util.prosodyctl.check: Highlight inconsistency of AAAA records and ↵ | Kim Alvefur | 2021-11-20 | 1 | -0/+4 |
| | | | | use_ipv6=false | ||||
* | util.prosodyctl.check: Respect use_ipv4/v6 in proxy65 check | Kim Alvefur | 2021-11-20 | 1 | -4/+4 |
| | | | | | | | Previously it would complain about lack of an AAAA record for proxy65_target even in an IPv6-less environment. Thanks to libertas for unintentionally calling attention to this. | ||||
* | util.prosodyctl.check: Take IPv6 support in LuaSocket into account | Kim Alvefur | 2021-11-20 | 1 | -1/+1 |
| | | | | Shouldn't really matter these days, but portmanager checks this way. | ||||
* | util.prosodyctl.shell: Bring back banner set from config! | Kim Alvefur | 2021-11-12 | 1 | -0/+2 |
| | | | | I miss my custom ANSI-colored greeting! | ||||
* | util.prosodyctl.shell: Allow setting custom prompt (admin_shell_prompt) | Matthew Wild | 2021-11-11 | 1 | -4/+6 |
| | |||||
* | util.prosodyctl.check: Add two known globals from mod_http | Kim Alvefur | 2021-10-03 | 1 | -0/+2 |
| | |||||
* | prosodyctl: Add alternate XMPP Blackbox Exporter connectivity check | Kim Alvefur | 2021-09-30 | 1 | -3/+71 |
| | | | | | Reduces the reliance on observe.jabber.network and enables alternatives for those who wish to have that. | ||||
* | prosodyctl: Use HTTP client in promise mode for connectivity check | Kim Alvefur | 2021-09-30 | 1 | -26/+14 |
| | | | | | Feels a bit cleaner to hide away the async.waiter() and return value handling. Also line count reduction! | ||||
* | mod_register_limits: Reword some options | Kim Alvefur | 2021-09-19 | 1 | -0/+4 |
| | | | | Remember to remove the compatibility things in some future version | ||||
* | util.prosodyctl.check: Suggest replacing 'use_libevent' with 'network_backend' | Kim Alvefur | 2021-09-14 | 1 | -1/+1 |
| | | | | It's basically deprecated | ||||
* | util.prosodyctl.check: Nudge towards plural port options | Kim Alvefur | 2021-09-14 | 1 | -1/+3 |
| | | | | The singulars are supposed to be deprecated | ||||
* | util.prosodyctl.check: Fix to not treat some options as misplaced | Kim Alvefur | 2021-09-14 | 1 | -0/+2 |
| | | | | | All 'net' providers generate a _port option which must be in the global section, but this mistakenly also warns about these options as well. | ||||
* | util.prosodyctl.check: Suggest replacements for deprecated options #1684 | Kim Alvefur | 2021-09-14 | 1 | -14/+28 |
| | |||||
* | util.prosodyctl.check: Remove stray debug print() | Kim Alvefur | 2021-09-12 | 1 | -1/+0 |
| | |||||
* | util.prosodyctl.check: Ignore unused "ok" variable [luacheck] | Kim Alvefur | 2021-09-12 | 1 | -1/+1 |
| | |||||
* | util.prosodyctl.check: Refuse to do ojn test unless prosody is running | Kim Alvefur | 2021-09-11 | 1 | -0/+9 |
| | | | | | Other tests don't require a running prosody and I forgot to start it when testing. | ||||
* | prosodyctl: Add external connectivity check based on observe.jabber.network | Jonas Schäfer | 2020-05-06 | 1 | -9/+87 |
| | | | | | | | This uses the (experimental) observe.jabber.network API to perform external connectivity checks. The idea is to complement the checks prosodyctl can already do with a (nearly) complete s2s/c2s handshake from a remote party to test the entire stack. | ||||
* | mod_c2s: Rename Direct TLS listener 'c2s_direct_tls' for clarity | Kim Alvefur | 2021-09-09 | 1 | -1/+1 |
| | | | | And to follow existing naming practices better than 'legacy_ssl' did. | ||||
* | util.prosodyctl.check: Add TODO about replacements for deprecated settings | Kim Alvefur | 2021-09-09 | 1 | -0/+1 |
| | |||||
* | util.prosodyctl.check: Check for server-to-server Direct TLS records | Kim Alvefur | 2021-09-09 | 1 | -1/+24 |
| | |||||
* | util.prosodyctl.check: Normalize away trailing dot in some messages too | Kim Alvefur | 2021-07-04 | 1 | -8/+13 |
| | |||||
* | util.prosodyctl.check: Normalize potential to form without trailing '.' | Kim Alvefur | 2021-07-04 | 1 | -0/+2 |
| | | | | | | In some cases you might end up with both 'xmpp.example.com' and 'xmpp.example.com.', which are the same thing so no point in doing the same checks twice. | ||||
* | util.prosodyctl.check: Point out if A/AAAA exists despite disabled IPvX | Kim Alvefur | 2021-07-04 | 1 | -0/+10 |
| | | | | | | Clients would try to connect and receive an error or timeout, increasing the time it takes to establish a connection. Probably not what you want. If you really want IPv6 or IPv4 disabled, best remove the A or AAAA record. | ||||
* | util.prosodyctl.check: Warn if both use_ipv4 and use_ipv6 are set to false | Kim Alvefur | 2021-07-04 | 1 | -0/+6 |
| | | | | Why would you do this?! | ||||
* | util.prosodyctl.check: Silence IP protocol mismatches when disabled | Kim Alvefur | 2021-07-04 | 1 | -2/+4 |
| | | | | | If you set 'use_ipv4 = false' then you probably don't care much for the host not resolving to the IPv4 address, and same with 'use_ipv6'. | ||||
* | util.prosodyctl.check: Reload unbound to ensure hosts.txt is ignored | Kim Alvefur | 2021-07-03 | 1 | -1/+3 |
| | | | | | | If unbound was initialized prior to this then the config change here wouldn't apply, and it will again think that 127.0.1.1 has been found in DNS. | ||||
* | util.prosodyctl.check: Collect options from all global plugins | Kim Alvefur | 2021-05-27 | 1 | -0/+45 |
| |