#!/usr/bin/env python3
"""
Criticality: High
Tests that all webserver services (vhosts) are available and reachable.
"""
import imp
import os
from pathlib import Path
import re
import requests
import socket
import sys
try:
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
except ImportError:
requests.packages.urllib3.disable_warnings()
"""
This script checks for all enabled vhosts in Nginx conf that:
* The response status code is 200, 401 or 403.
* The host is resolved as 127.0.0.1.
* The Wowza response is correct on /streaming/ (only for mediaserver vhosts).
"""
def get_configs(path: str) -> list:
configs_dir = Path(path)
configs = [c.resolve() for c in configs_dir.glob("*.conf")]
return configs
def get_vhosts(config: Path) -> list:
# remove comments and blank lines
sanitize = re.compile(r"(?:\s*#\s*.*)|(?:^\s*)", re.M)
# capture server blocks
servers = re.compile(r"^server\s+{(?:\s*(?!server\s{).)+", re.M)
with open(config) as config_fo:
config_content = sanitize.sub(r"", config_fo.read())
vhosts = servers.findall(config_content)
return vhosts
def get_hostnames(vhost: str) -> list:
# extract hostname(s) from server_name values
server_names = re.compile(r"^\s*server_name\s+(.*);$")
hostnames = []
for line in vhost.splitlines():
if server_names.match(line):
hostnames.extend(server_names.match(line)[1].split())
return hostnames
def get_ports(vhost: str) -> list:
# extract port(s) from listen values
listens = re.compile(r"^\s*listen\s+(?:.*:)?(\d+)\s*(ssl)?.*;$")
ports = []
for line in vhost.splitlines():
if listens.match(line):
ports.append(
(listens.match(line)[1], "https" if listens.match(line)[2] else "http")
)
return ports
def test_vhost(
ports_info=None,
domains=None,
resolution_ignored=None,
celerity_conf="",
nginx_file=None,
wowza_dir=None,
tested=0,
):
errors = 0
warnings = 0
name = nginx_file.stem
for port, proto in ports_info or [(80, False)]:
for domain in domains or ["localhost"]:
url = "%s://%s:%s" % (proto, domain, port)
sys.stdout.write('Testing url "%s" from %s:\n' % (url, name))
if name.startswith("mediaserver") and not tested:
if not celerity_conf or not re.search(
r"http[s]{0,1}://%s" % domain, celerity_conf
):
sys.stdout.write(
'\033[93mWarning:\033[0m Url "%s" not found in celerity conf; it should also be set in the MediaWorker.\n'
% url
)
warnings += 1
# test domain IP
ip_error = None
ip_warning = None
try:
ip = socket.gethostbyname(domain)
except Exception as e:
ip_error = "domain is not resolved: %s" % e
else:
if ip != "127.0.0.1":
ip_warning = "domain is resolved with %s instead of 127.0.0.1" % ip
sys.stdout.write(" IP: ")
if ip_error:
if resolution_ignored and domain in resolution_ignored:
sys.stdout.write("\033[94mIgnored (%s)\033[0m" % ip_error)
ip_error = None
else:
sys.stdout.write("\033[91mKO (%s)\033[0m" % ip_error)
elif ip_warning:
if resolution_ignored and domain in resolution_ignored:
sys.stdout.write("\033[94mIgnored (%s)\033[0m" % ip_warning)
ip_warning = None
else:
sys.stdout.write("\033[93mWarning (%s)\033[0m" % ip_warning)
else:
sys.stdout.write("\033[92mOK (127.0.0.1)\033[0m")
# test url
sys.stdout.write(", status: ")
req_error = False
try:
req = requests.get(
url, verify=False, proxies={"http": "", "https": ""}, timeout=30
)
req_time = int(1000 * req.elapsed.total_seconds())
except Exception as e:
code = str(e)
req_time = 0
else:
code = req.status_code
if (
domain != "localhost"
and code not in (200, 401, 403)
or domain == "localhost"
and code not in (200, 401, 403, 404)
):
sys.stdout.write("\033[91mKO (%s, %sms)\033[0m" % (code, req_time))
req_error = True
else:
if req_time > 10000:
sys.stdout.write("\033[93mOK (%s, %sms)\033[0m" % (code, req_time))
warnings += 1
else:
sys.stdout.write("\033[92mOK (%s, %sms)\033[0m" % (code, req_time))
if "mediaserver" in name and wowza_dir:
# test /streaming url
sys.stdout.write(", streaming: ")
try:
req = requests.get(
url + "/streaming/",
verify=False,
proxies={"http": "", "https": ""},
timeout=30,
)
req_time = int(1000 * req.elapsed.total_seconds())
except Exception as e:
code = str(e)
req_time = 0
else:
code = req.status_code
if code != 200:
sys.stdout.write(
"\033[91mKO (%s, %sms)\033[0m" % (code, req_time)
)
req_error = True
elif req_time > 10000:
sys.stdout.write(
"\033[93mOK (%s, %sms)\033[0m" % (code, req_time)
)
else:
sys.stdout.write(
"\033[92mOK (%s, %sms)\033[0m" % (code, req_time)
)
sys.stdout.write(".\n")
tested += 1
if ip_warning:
warnings += 1
if ip_error or req_error:
errors += 1
return tested, warnings, errors
def main():
# check that Nginx dir exists
nginx_dir = "/etc/nginx/sites-enabled"
if not os.path.exists(nginx_dir):
print('Nginx dir does not exists ("%s").' % nginx_dir)
sys.exit(2)
# check that Wowza is installed
wowza_dir = "/usr/local/WowzaStreamingEngine"
if not os.path.exists(wowza_dir):
print('Info: Wowza is not installed ("%s" does not exist).' % wowza_dir)
wowza_dir = None
else:
print(
"Info: Wowza is installed, /streaming/ will be tested on mediaserver vhosts."
)
# get envsetup conf
conf = dict()
os.chdir(os.path.dirname(__file__))
if os.path.isfile("../utils.py"):
es_utils = imp.load_source("es_utils", "../utils.py")
conf = es_utils.load_conf()
# get celerity conf
celerity_conf = ""
if os.path.exists("/etc/celerity/config.py"):
with open("/etc/celerity/config.py", "r") as fo:
celerity_conf = fo.read()
# get enabled vhosts
resolution_ignored = conf.get("TESTER_VHOST_RESOLUTION_IGNORED", "").split(",")
errors = 0
warnings = 0
nginx_confs = get_configs(nginx_dir)
for nginx_conf in nginx_confs:
tested = 0
vhosts = get_vhosts(nginx_conf)
for vhost in vhosts:
hostnames = get_hostnames(vhost)
ports = get_ports(vhost)
t, w, e = test_vhost(
ports,
hostnames,
resolution_ignored,
celerity_conf,
nginx_conf,
wowza_dir,
tested,
)
tested += t
warnings += w
errors += e
if errors:
print("%s url(s) did not correctly respond." % errors)
sys.exit(1)
elif warnings:
sys.exit(3)
if not tested:
print("No url found in Nginx sites-enabled dir.")
sys.exit(1)
if __name__ == "__main__":
main()