Show more information on page to diagnose initial problems

2026-01-27 10:19:34 +00:00 · 2021-08-22 14:53:14 +02:00
parent 5c6d01f37b
commit 64f7f23ec5
4 changed files with 75 additions and 6 deletions
--- a/31
+++ b/31
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash

-set -e
+set -euo pipefail

 LOGFILE=/home/labca/logs/commander.log

@@ -18,8 +18,15 @@ function wait_server() {

    local status=0
    local cnt=0
+
+    set +e
+    res=$(curl -o /dev/null -sSL --head --write-out '%{http_code}\n' $url 2>&1)
+    if [ $? -ne 0 ]; then
+        echo -n $res
+    fi
+    set -e
    while [ $cnt -lt 40 ] && [ "$status" != "200" ]; do
-        status=$(curl -o /dev/null -sSL --head --write-out '%{http_code}\n' $url)
+        status=$(curl -o /dev/null -sSL --head --write-out '%{http_code}\n' $url &>>$LOGFILE)
        let cnt=$cnt+1
        if [ "$status" != "200" ]; then
            sleep 5
@@ -70,13 +77,21 @@ case $txt in
    service nginx restart
    ;;
 "log-cert")
-    tail -200 /etc/nginx/ssl/acme_tiny.log
+    [ -f /etc/nginx/ssl/acme_tiny.log ] && tail -200 /etc/nginx/ssl/acme_tiny.log || /bin/true
+    exit 0
+    ;;
+"log-commander")
+    [ -f $LOGFILE ] && tail -200 $LOGFILE || /bin/true
    exit 0
    ;;
 "log-boulder")
    cd /home/labca/boulder
    docker-compose logs -f --no-color --tail=50 boulder
    ;;
+"log-boulder-notail")
+    cd /home/labca/boulder
+    docker-compose logs --no-color --tail=50 boulder
+    ;;
 "log-audit")
    cd /home/labca/boulder
    docker-compose logs --no-color boulder | grep "\[AUDIT\]" | grep -v "grpc: parseServiceConfig error unmarshaling  due to unexpected end of JSON input" | tail -50
@@ -92,11 +107,19 @@ case $txt in
    cd /home/labca/boulder
    docker-compose logs -f --no-color --tail=50 labca
    ;;
+"log-labca-notail")
+    cd /home/labca/boulder
+    docker-compose logs --no-color --tail=50 labca
+    ;;
+"log-labca-err")
+    [ -f /var/log/labca.err ] && tail -200 /var/log/labca.err || /bin/true
+    exit 0
+    ;;
 "log-web")
    tail -f -n 50 /var/log/nginx/access.log
    ;;
 "log-weberr")
-    tail -200 /var/log/nginx/error.log
+    [ -f /var/log/nginx/error.log ] && tail -200 /var/log/nginx/error.log || /bin/true
    exit 0
    ;;
 "log-components")
--- a/gui/dashboard.go
+++ b/gui/dashboard.go
@@ -47,6 +47,9 @@ func _parseLine(line string, loc *time.Location) Activity {

 	re := regexp.MustCompile("^.*\\|\\s*(\\S)(\\S+) (\\S+) (\\S+) (.*)$")
 	result := re.FindStringSubmatch(line)
+	if len(result) == 0 {
+		return activity
+	}

 	activity.Class = ""
 	if result[1] == "W" {
--- a/gui/main.go
+++ b/gui/main.go
@@ -186,10 +186,18 @@ func (cfg *SetupConfig) Validate(orgRequired bool) bool {
 		cfg.Errors["LockdownDomains"] = "Please enter one or more domains that this PKI host is locked down to"
 	}

+	if cfg.DomainMode == "lockdown" && strings.HasPrefix(cfg.LockdownDomains, ".") {
+		cfg.Errors["LockdownDomains"] = "Domain should not start with a dot"
+	}
+
 	if cfg.DomainMode == "whitelist" && strings.TrimSpace(cfg.WhitelistDomains) == "" {
 		cfg.Errors["WhitelistDomains"] = "Please enter one or more domains that are whitelisted for this PKI host"
 	}

+	if cfg.DomainMode == "whitelist" && strings.HasPrefix(cfg.WhitelistDomains, ".") {
+		cfg.Errors["WhitelistDomains"] = "Domain should not start with a dot"
+	}
+
 	return len(cfg.Errors) == 0
 }

@@ -234,8 +242,34 @@ func errorHandler(w http.ResponseWriter, r *http.Request, err error, status int)
 		}
 		fmt.Print(strings.Join(lines, "\n"))

-		render(w, r, "error", map[string]interface{}{"Message": "Some unexpected error occurred!"})
-		// TODO: send email eventually with info on the error
+		if viper.GetBool("config.complete") {
+			render(w, r, "error", map[string]interface{}{"Message": "Some unexpected error occurred!"})
+		} else {
+			// ONLY in the setup phase to prevent leaking too much details to users
+			var FileErrors []interface{}
+			data := getLog(w, r, "cert")
+			if data != "" {
+				FileErrors = append(FileErrors, map[string]interface{}{"FileName": "/etc/nginx/ssl/acme_tiny.log", "Content": data})
+			}
+			data = getLog(w, r, "commander")
+			if data != "" {
+				FileErrors = append(FileErrors, map[string]interface{}{"FileName": "/home/labca/logs/commander.log", "Content": data})
+			}
+			data = getLog(w, r, "labca-notail")
+			if data != "" {
+				FileErrors = append(FileErrors, map[string]interface{}{"FileName": "docker-compose logs labca", "Content": data})
+			}
+			data = getLog(w, r, "boulder-notail")
+			if data != "" {
+				FileErrors = append(FileErrors, map[string]interface{}{"FileName": "docker-compose logs boulder", "Content": data})
+			}
+			data = getLog(w, r, "labca-err")
+			if data != "" {
+				FileErrors = append(FileErrors, map[string]interface{}{"FileName": "/var/log/labca.err", "Content": data})
+			}
+
+			render(w, r, "error", map[string]interface{}{"Message": "Some unexpected error occurred!", "FileErrors": FileErrors})
+		}
 	}
 }

--- a/gui/templates/views/error.tmpl
+++ b/gui/templates/views/error.tmpl
@@ -1,4 +1,13 @@
 {{ define "body" }}
    <h3>OOPS</h3>
    <p>{{ .Message }}</p>
+    {{ if .FileErrors }}
+    <br/>
+    <h4>Diagnostics</h4>
+    <p>These log files might help you determine what the problem is:</p>
+        {{ range $item := .FileErrors }}
+            <p><b>{{ $item.FileName }}</b></p>
+            <pre>{{ $item.Content }}</pre>
+        {{ end }}
+    {{ end }}
 {{ end }}