External-Mirrors/nextcloudpi
2
0
Fork 0
mirror of https://github.com/nextcloud/nextcloudpi.git synced 2026-01-09 14:42:01 -03:30
Code Issues Packages Projects Releases Wiki Activity

ncp-diag, web-ui: Integrate new port check backend

Browse Source 
Signed-off-by: Tobias K <6317548+theCalcaholic@users.noreply.github.com>
Signed-off-by: Tobias Knöppler <6317548+theCalcaholic@users.noreply.github.com>
This commit is contained in:
Victor-ray, S 2023-01-11 00:15:29 +01:00 committed by Tobias Knöppler
parent 74200976ad
commit bc0abc6c48
No known key found for this signature in database
GPG Key ID: 3510056072886A8F
4 changed files with 81 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
bin/ncp-diag
View File

@ -1,6 +1,5 @@
#!/bin/bash #!/bin/bash
# NextcloudPi diagnostics report
# NextCloudPi diagnostics report
# #
# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com> # Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
# GPL licensed (see end of file) * Use at your own risk! # GPL licensed (see end of file) * Use at your own risk!
@ -10,13 +9,13 @@
# #
# More at https://ownyourbits.com # More at https://ownyourbits.com
# #
# shellcheck disable=SC1091
source /usr/local/etc/library.sh source /usr/local/etc/library.sh
# Distro, NCP version and tag # Distro, NCP version and tag
echo "NextCloudPi version|$( cat /usr/local/etc/ncp-version )" echo "NextcloudPi version|$( cat /usr/local/etc/ncp-version )"
[[ -f /usr/local/etc/ncp-baseimage ]] && echo "NextCloudPi image|$( cat /usr/local/etc/ncp-baseimage )" [[ -f /usr/local/etc/ncp-baseimage ]] && echo "NextcloudPi image|$( cat /usr/local/etc/ncp-baseimage )"
echo "OS|$(cat /etc/issue | sed 's| \\n \\l||'). $(uname -r) ($(uname -m))" echo "OS|$(sed 's| \\n \\l||' /etc/issue). $(uname -r) ($(uname -m))"
# Data # Data
DATADIR="$( grep datadirectory /var/www/nextcloud/config/config.php | DATADIR="$( grep datadirectory /var/www/nextcloud/config/config.php |
@ -31,7 +30,7 @@ echo "USB devices|$USBDEVS"
echo "datadir|$DATADIR$DIRINFO" echo "datadir|$DATADIR$DIRINFO"
[[ "$DIRINFO" == "" ]] && { [[ "$DIRINFO" == "" ]] && {
echo "data in SD|$( [[ $( stat -fc%d / ) == $( stat -fc%d "$DATADIR" ) ]] && echo yes || echo no )" echo "data in SD|$( [[ $( stat -fc%d / ) == $( stat -fc%d "$DATADIR" ) ]] && echo yes || echo no )"
echo "data filesystem|$( stat -fc%T $DATADIR )" echo "data filesystem|$( stat -fc%T "$DATADIR" )"
echo "data disk usage|$( df -h "$DATADIR" | tail -1 | awk '{ print $3"/"$2 }')" echo "data disk usage|$( df -h "$DATADIR" | tail -1 | awk '{ print $3"/"$2 }')"
} }
echo "rootfs usage|$( df -h / | tail -1 | awk '{ print $3"/"$2 }')" echo "rootfs usage|$( df -h / | tail -1 | awk '{ print $3"/"$2 }')"
@ -66,63 +65,76 @@ echo "Internet check|$( ping -W 2 -w 1 -q github.com &>/dev/null && echo ok || e
function is_port_open() function is_port_open()
{ {
local port_url tmp_file token ipv4_portcheck_args ipv6_portcheck_args # The URL leads to an application I've deployed for NCP on https://fly.io using a Docker container I made.
tmp_file=$(mktemp) # The image for the container is available on Docker Hub (zendai/checkport:sanic) if you wish to deploy one yourself.
trap 'rm -rf ${tmp_file}' EXIT ERR SIGINT SIGQUIT SIGABRT SIGTERM SIGHUP # The code for the Sanic server and Docker image is available at: https://github.com/ZendaiOwl/Build/tree/master/Docker/Python/Sanic/checkport
# I only have a free tier with limited outbound data per month, 100GB p/month.
local port="${1?}" # If we go over 100GB outbound data in a month, I will start being charged for the data going over that limit.
local publicIPv4="${2}" # I used a low level Python socket library & fortunately each request only consumes aprox. ~ 60-74 bytes p/second.
local publicIPv6="${3}" # Meaning 100GB should be plenty, it should be enough to handle a little less
# than 450 request p/second a month, unless my calculations are wrong.
readonly port_url="https://portchecker.co" # Thank you :pray: from Victor-ray, S. https://github.com/ZendaiOwl
local -r PORTURL="https://checkport.zendai.net.eu.org/check"
if [[ -z "$publicIPv4" ]] && [[ -z "$publicIPv6" ]] local TYPE="${1?}" IPType
# Checks both port 80 & 443 for IPv4/IPv6 and returns the result or [N/A] [N/A]
if ! [[ "$TYPE" =~ ^(0|4|6)$ ]]
then then
echo -n "Error - IPv4 & IPv6: [N/A] Couldn't get public IP." echo "Invalid type: $TYPE" 1>&2
return 1 return 1
fi elif [[ "$TYPE" == 0 ]]
token=$(wget -T2 -t1 -qO- --keep-session-cookies --save-cookies "${tmp_file}" "${port_url}" | grep -oP "_csrf\" value=\"\K.*\"" )
readonly ipv4_portcheck_args=(-T2 -t1 -qO- --load-cookies "${tmp_file}" "${port_url}/check" --post-data "target_ip=${publicIPv4}&port=${port}&_csrf=${token::-1}")
readonly ipv6_portcheck_args=(-T2 -t1 -qO- --load-cookies "${tmp_file}" "${port_url}/check" --post-data "target_ip=${publicIPv6}&port=${port}&_csrf=${token::-1}")
[[ -n "${token}" ]] || {
echo -n "Error - Couldn't obtain a token for port check"
return 1
}
local ipv4_port_access=False
local ipv6_port_access=False
[[ -n "$publicIPv4" ]] && \
grep -q '<span class="green">open</span>' <(wget "${ipv4_portcheck_args[@]}") && \
ipv4_port_access=True
[[ -n "$publicIPv6" ]] && \
grep -q '<span class="green">open</span>' <(wget "${ipv6_portcheck_args[@]}") && \
ipv6_port_access=True
local result=""
if [[ "${ipv4_port_access}" == True ]] || [[ "${ipv6_port_access}" == True ]]
then then
result="open (" # Public IPv4/6 is not available
echo -e "[N/A]\n[N/A]"
else else
result="closed" IPType="--ipv6"
[[ "$TYPE" -eq 6 ]] || IPType="--ipv4"
curl --silent --max-time 4 "$IPType" "$PORTURL" | jq -r '."80",."443"'
fi fi
[[ "${ipv4_port_access}" == True ]] && result="${result}ipv4)"
[[ "${ipv6_port_access}" == True ]] && result="${result/)/ \& }ipv6)"
echo -n "$result"
} }
publicIPv4=$(curl --silent --max-time 4 --ipv4 "https://ipv4.icanhazip.com" 2>/dev/null) || unset publicIPv4
echo "Public IPv4|${publicIPv4:-"not found"}"
publicIPv6=$(curl --silent --max-time 4 --ipv6 "https://ipv6.icanhazip.com" 2>/dev/null) || unset publicIPv6
echo "Public IPv6|${publicIPv6:-"not found"}"
publicIPv4=$(curl -s -m4 -4 "https://icanhazip.com" 2>/dev/null) || unset publicIPv4 # Reads each line as an array index element to input into IPv4PORTS array
echo "public IPv4|${publicIPv4:-"not found"}" if [[ -n "$publicIPv4" ]]
publicIPv6=$(curl -s -m4 -6 "https://icanhazip.com" 2>/dev/null) || unset publicIPv6 then
echo "public IPv6|${publicIPv6:-"not found"}" mapfile -t IPv4PORTS < <(is_port_open 4)
else
mapfile -t IPv4PORTS < <(is_port_open 0)
fi
echo "Port check 80|$( is_port_open 80 "$publicIPv4" "$publicIPv6" )" # Reads each line as an array index element to input into IPv6PORTS array
echo "Port check 443|$( is_port_open 443 "$publicIPv4" "$publicIPv6" )" if [[ -n "$publicIPv6" ]]
then
mapfile -t IPv6PORTS < <(is_port_open 6)
else
mapfile -t IPv6PORTS < <(is_port_open 0)
fi
# Checks if Port 80 is open on IPv4 or IPv6
if [[ "${IPv4PORTS[0]}" == "open" ]] || [[ "${IPv6PORTS[0]}" == "open" ]]
then
PORT80="open"
elif [[ "${IPv4PORTS[0]}" == "[N/A]" ]] && [[ "${IPv6PORTS[0]}" == "[N/A]" ]]
then
PORT80="[N/A]"
else
PORT80="closed"
fi
# Checks if Port 443 is open on IPv4 or IPv6
if [[ "${IPv4PORTS[1]}" == "open" ]] || [[ "${IPv6PORTS[1]}" == "open" ]]
then
PORT443="open"
elif [[ "${IPv4PORTS[1]}" == "[N/A]" ]] && [[ "${IPv6PORTS[1]}" == "[N/A]" ]]
then
PORT443="[N/A]"
else
PORT443="closed"
fi
echo "Port 80|$PORT80"
echo "Port 443|$PORT443"
# LAN # LAN
IFACE=$( ip r | grep "default via" | awk '{ print $5 }' | head -1 ) IFACE=$( ip r | grep "default via" | awk '{ print $5 }' | head -1 )
@ -130,14 +142,14 @@ GW=$( ip r | grep "default via" | awk '{ print $3 }' | head -1 )
IP="$(get_ip)" IP="$(get_ip)"
echo "IP|$IP" echo "IP|$IP"
echo "gateway|$GW" echo "Gateway|$GW"
echo "Interface|$IFACE" echo "Interface|$IFACE"
# Certificates # Certificates
CERTS="$( grep "SSLCertificateFile */etc/letsencrypt/live/" /etc/apache2/sites-available/nextcloud.conf \ CERTS="$( grep "SSLCertificateFile */etc/letsencrypt/live/" /etc/apache2/sites-available/nextcloud.conf \
| sed 's|.*SSLCertificateFile */etc/letsencrypt/live/||;s|/fullchain.pem||' )" | sed 's|.*SSLCertificateFile */etc/letsencrypt/live/||;s|/fullchain.pem||' )"
[[ "$CERTS" == "" ]] && CERTS=none [[ "$CERTS" == "" ]] && CERTS=none
echo "certificates|$CERTS" echo "Certificates|$CERTS"
RESOLV="$( ping -c1 -w1 "$CERTS" 2>/dev/null | head -1 | grep -oP '\d{1,3}(.\d{1,3}){3}' )" RESOLV="$( ping -c1 -w1 "$CERTS" 2>/dev/null | head -1 | grep -oP '\d{1,3}(.\d{1,3}){3}' )"
echo "NAT loopback|$( [[ "$RESOLV" == "$IP" ]] && echo yes || echo no )" echo "NAT loopback|$( [[ "$RESOLV" == "$IP" ]] && echo yes || echo no )"

4
bin/ncp-report
View File

@ -38,8 +38,8 @@ echo "<--! Paste this in GitHub report -->"
## ##
open_summary "NextCloudPi diagnostics" open_summary "NextcloudPi diagnostics"
bash /usr/local/bin/ncp-diag | sed -r 's=(IP|certificates|gateway).*=\1|***REMOVED SENSITIVE VALUE***=g' | column -t -s'|' bash /usr/local/bin/ncp-diag | sed -r 's=(IP|Certificates|Gateway|Public IPv4|Public IPv6).*=\1|***REMOVED SENSITIVE VALUE***=g' | column -t -s'|'
close_summary close_summary
## ##

4
bin/ncp-suggestions
View File

@ -23,10 +23,10 @@ is_active_app dnsmasq && \
grep -q "NAT loopback|no" <<<"$OUT" && \ grep -q "NAT loopback|no" <<<"$OUT" && \
echo -e "\nYou should enable dnsmasq to use your domain inside home" echo -e "\nYou should enable dnsmasq to use your domain inside home"
grep -q "certificates|none" <<<"$OUT" && \ grep -q "Certificates|none" <<<"$OUT" && \
echo -e "\nYou should run Lets Encrypt for trusted encrypted access" echo -e "\nYou should run Lets Encrypt for trusted encrypted access"
grep -q "port check .*|closed" <<<"$OUT" && \ grep -q "Port .*|closed" <<<"$OUT" && \
echo -e "\nYou should open your ports for Lets Encrypt and external access" echo -e "\nYou should open your ports for Lets Encrypt and external access"
grep -q "USB devices|none" <<<"$OUT" || { grep -q "USB devices|none" <<<"$OUT" || {

14
ncp-web/wizard/index.php
View File

@ -1,6 +1,6 @@
<?php <?php
/* /*
NextCloudPi Wizard NextcloudPi Wizard
Copyleft 2017 by Pantelis Sarantos and Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com> Copyleft 2017 by Pantelis Sarantos and Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
GPL licensed (see end of file) * Use at your own risk! GPL licensed (see end of file) * Use at your own risk!
@ -27,7 +27,7 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
<title>NextCloudPi Wizard</title> <title>NextcloudPi Wizard</title>
<meta charset="utf-8"> <meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- Bootstrap --> <!-- Bootstrap -->
@ -57,7 +57,7 @@ HTML
<!-- Tab 1 content - Welcome --> <!-- Tab 1 content - Welcome -->
<div class="tab-pane" id="tab1"> <div class="tab-pane" id="tab1">
<div class="ncp-tab-pane"> <div class="ncp-tab-pane">
<h1>Welcome to NextCloudPi</h1> <h1>Welcome to NextcloudPi</h1>
<img id="ncp-welcome-logo" src="img/ncp-logo.svg"> <img id="ncp-welcome-logo" src="img/ncp-logo.svg">
<p>This wizard will help you configure your personal cloud.</p> <p>This wizard will help you configure your personal cloud.</p>
</div> </div>
@ -81,7 +81,7 @@ HTML
<!-- Format USB drive --> <!-- Format USB drive -->
<div class="ncp-hidden" id="format-usb"> <div class="ncp-hidden" id="format-usb">
<p class="instructions"> <p class="instructions">
If you want to prepare the USB drive to be used with NextCloudPi hit Format USB. Skip if already formated as ext4 or BTRFS. If you want to prepare the USB drive to be used with NextcloudPi hit Format USB. Skip if already formated as ext4 or BTRFS.
<br> <br>
<strong>Attention!</strong> This will format your USB drive as BTRFS and <strong>will destroy any current data.</strong> <strong>Attention!</strong> This will format your USB drive as BTRFS and <strong>will destroy any current data.</strong>
</p> </p>
@ -111,7 +111,7 @@ HTML
<h3>Port forwarding</h3> <h3>Port forwarding</h3>
<p class="instructions"> <p class="instructions">
To access from the outside, your need to forward ports 80 and 443 to your RPi IP address <br> To access from the outside, your need to forward ports 80 and 443 to your RPi IP address <br>
You can have NextCloudPi try to do this automatically for you<br> You can have NextcloudPi try to do this automatically for you<br>
To do it manually yourself, you must access your router interface, usually at <a href="http://192.168.1.1" target="_blank">http://192.168.1.1</a><br> To do it manually yourself, you must access your router interface, usually at <a href="http://192.168.1.1" target="_blank">http://192.168.1.1</a><br>
</p> </p>
<div class="buttons-area"> <div class="buttons-area">
@ -200,7 +200,7 @@ HTML
<!-- Tab 4 content - Finish --> <!-- Tab 4 content - Finish -->
<div class="tab-pane" id="tab4"> <div class="tab-pane" id="tab4">
<div class="ncp-tab-pane"> <div class="ncp-tab-pane">
<p class="instructions"> NextCloudPi is ready!</p> <p class="instructions"> NextcloudPi is ready!</p>
<div class="linkbox"> <div class="linkbox">
<a id='gotonextcloud' href="#"><img id="nextcloud" src="img/nc-logo.png"></a> <a id='gotonextcloud' href="#"><img id="nextcloud" src="img/nc-logo.png"></a>
@ -208,7 +208,7 @@ HTML
</div> </div>
<div class="linkbox"> <div class="linkbox">
<a href=".."><img id="ncp-web" src="img/ncp-logo.svg"></a> <a href=".."><img id="ncp-web" src="img/ncp-logo.svg"></a>
<br>go back to NextCloudPi web panel <br>go back to NextcloudPi web panel
</div> </div>
</div> </div>