From 0448e825130dc890f1fcee0229455520538a614e Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Thu, 27 Jan 2022 12:36:50 +0100 Subject: util.prosodyctl.check: Add HTTP related DNS checks Since XEP-0363 is essentially mandatory now this will hopefully help diagnose some common issues. --- util/prosodyctl/check.lua | 49 +++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 41 insertions(+), 8 deletions(-) (limited to 'util/prosodyctl/check.lua') diff --git a/util/prosodyctl/check.lua b/util/prosodyctl/check.lua index 102f459b..1b1a26cc 100644 --- a/util/prosodyctl/check.lua +++ b/util/prosodyctl/check.lua @@ -592,17 +592,18 @@ local function check(arg) target_hosts:remove("localhost"); end + local function check_address(target) + local A, AAAA = dns.lookup(idna.to_ascii(target), "A"), dns.lookup(idna.to_ascii(target), "AAAA"); + local prob = {}; + if use_ipv4 and not A then table.insert(prob, "A"); end + if use_ipv6 and not AAAA then table.insert(prob, "AAAA"); end + return prob; + end + if modules:contains("proxy65") then local proxy65_target = configmanager.get(host, "proxy65_address") or host; if type(proxy65_target) == "string" then - local A, AAAA = dns.lookup(idna.to_ascii(proxy65_target), "A"), dns.lookup(idna.to_ascii(proxy65_target), "AAAA"); - local prob = {}; - if use_ipv4 and not A then - table.insert(prob, "A"); - end - if use_ipv6 and not AAAA then - table.insert(prob, "AAAA"); - end + local prob = check_address(proxy65_target); if #prob > 0 then print(" File transfer proxy "..proxy65_target.." has no "..table.concat(prob, "/") .." record. Create one or set 'proxy65_address' to the correct host/IP."); @@ -612,6 +613,38 @@ local function check(arg) end end + local known_http_modules = set.new { "bosh"; "http_files"; "http_file_share"; "http_openmetrics"; "websocket" }; + local function contains_match(hayset, needle) + for member in hayset do if member:find(needle) then return true end end + end + + if modules:contains("http") or not set.intersection(modules, known_http_modules):empty() + or contains_match(modules, "^http_") or contains_match(modules, "_web$") then + + local http_host = configmanager.get(host, "http_host") or host; + local http_internal_host = http_host; + local http_url = configmanager.get(host, "http_external_url"); + if http_url then + local url_parse = require "socket.url"; + local external_url_parts = url_parse(http_url); + if external_url_parts then + http_host = external_url_parts.host; + else + print(" The 'http_external_url' setting is not a valid URL"); + end + end + + local prob = check_address(http_host); + if #prob > 1 then + print(" HTTP service " .. http_host .. " has no " .. table.concat(prob, "/") .. " record. Create one or change " + .. (http_url and "'http_external_url'" or "'http_host'").." to the correct host."); + end + + if http_host ~= http_internal_host then + print(" Ensure the reverse proxy sets the HTTP Host header to '" .. http_internal_host .. "'"); + end + end + if not use_ipv4 and not use_ipv6 then print(" Both IPv6 and IPv4 are disabled, Prosody will not listen on any ports"); print(" nor be able to connect to any remote servers."); -- cgit v1.2.3