X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=prosodyctl;h=1c4d84cd6e3856d659d6c239f77b8b277a429ec5;hb=20085c41a50f9df35e2647775b3846945f78483c;hp=8fdf3488cea6bb0bc5cdbf048f35469a502d968e;hpb=c269396a37a8bef1b71982f2cdd336324eb72d07;p=prosody.git diff --git a/prosodyctl b/prosodyctl index 8fdf3488..1c4d84cd 100755 --- a/prosodyctl +++ b/prosodyctl @@ -236,6 +236,7 @@ local show_message, show_warning = prosodyctl.show_message, prosodyctl.show_warn local show_usage = prosodyctl.show_usage; local getchar, getpass = prosodyctl.getchar, prosodyctl.getpass; local show_yesno = prosodyctl.show_yesno; +local show_prompt = prosodyctl.show_prompt; local read_password = prosodyctl.read_password; local prosodyctl_timeout = (config.get("*", "core", "prosodyctl_timeout") or 5) * 2; @@ -485,6 +486,80 @@ function commands.restart(arg) return commands.start(arg); end +function commands.about(arg) + if arg[1] == "--help" then + show_usage([[about]], [[Show information about this Prosody installation]]); + return 1; + end + + require "util.array"; + local keys = require "util.iterators".keys; + + print("Prosody "..(prosody.version or "(unknown version)")); + print(""); + print("# Prosody directories"); + print("Data directory: ", CFG_DATADIR or "./"); + print("Plugin directory:", CFG_PLUGINDIR or "./"); + print("Config directory:", CFG_CONFIGDIR or "./"); + print("Source directory:", CFG_SOURCEDIR or "./"); + print(""); + print("# Lua environment"); + print("Lua version: ", _G._VERSION); + print(""); + print("Lua module search paths:"); + for path in package.path:gmatch("[^;]+") do + print(" "..path); + end + print(""); + print("Lua C module search paths:"); + for path in package.cpath:gmatch("[^;]+") do + print(" "..path); + end + print(""); + local luarocks_status = (pcall(require, "luarocks.loader") and "Installed ("..(luarocks.cfg.program_version or "2.x+")..")") + or (pcall(require, "luarocks.require") and "Installed (1.x)") + or "Not installed"; + print("LuaRocks: ", luarocks_status); + print(""); + print("# Lua module versions"); + local module_versions, longest_name = {}, 8; + for name, module in pairs(package.loaded) do + if type(module) == "table" and rawget(module, "_VERSION") + and name ~= "_G" and not name:match("%.") then + if #name > longest_name then + longest_name = #name; + end + module_versions[name] = module._VERSION; + end + end + local sorted_keys = array.collect(keys(module_versions)):sort(); + for _, name in ipairs(array.collect(keys(module_versions)):sort()) do + print(name..":"..string.rep(" ", longest_name-#name), module_versions[name]); + end + print(""); +end + +function commands.reload(arg) + if arg[1] == "--help" then + show_usage([[reload]], [[Reload Prosody's configuration and re-open log files]]); + return 1; + end + + if not prosodyctl.isrunning() then + show_message("Prosody is not running"); + return 1; + end + + local ok, ret = prosodyctl.reload(); + if ok then + + show_message("Prosody log files re-opened and config file reloaded. You may need to reload modules for some changes to take effect."); + return 0; + end + + show_message(error_messages[ret]); + return 1; +end -- ejabberdctl compatibility function commands.register(arg) @@ -538,6 +613,113 @@ function commands.unregister(arg) return 1; end +local openssl = require "util.openssl"; + +local cert_commands = {}; + +function cert_commands.config(arg) + if #arg >= 1 and arg[1] ~= "--help" then + local conf_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".cnf"; + if os.execute("test -f "..conf_filename) == 0 + and not show_yesno("Overwrite "..conf_filename .. "?") then + return nil, conf_filename; + end + local conf = openssl.config.new(); + conf:from_prosody(hosts, config, arg); + for k, v in pairs(conf.distinguished_name) do + local nv; + if k == "commonName" then + v = arg[1] + elseif k == "emailAddress" then + v = "xmpp@" .. arg[1]; + end + nv = show_prompt(("%s (%s):"):format(k, nv or v)); + nv = (not nv or nv == "") and v or nv; + conf.distinguished_name[k] = nv ~= "." and nv or nil; + end + local conf_file = io.open(conf_filename, "w"); + conf_file:write(conf:serialize()); + conf_file:close(); + print(""); + show_message("Config written to " .. conf_filename); + return nil, conf_filename; + else + show_usage("cert config HOSTNAME", "generates config for OpenSSL") + end +end + +function cert_commands.key(arg) + if #arg >= 1 and arg[1] ~= "--help" then + local key_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".key"; + if os.execute("test -f "..key_filename) == 0 then + if not show_yesno("Overwrite "..key_filename .. "?") then + return nil, key_filename; + end + os.remove(key_filename); -- We chmod this file to not have write permissions + end + local key_size = tonumber(arg[2] or show_prompt("Choose key size (2048):") or 2048); + if openssl.genrsa{out=key_filename, key_size} then + os.execute(("chmod 400 '%s'"):format(key_filename)); + show_message("Key written to ".. key_filename); + return nil, key_filename; + end + show_message("There was a problem, see OpenSSL output"); + else + show_usage("cert key HOSTNAME ", "Generates a RSA key") + end +end + +function cert_commands.request(arg) + if #arg >= 1 and arg[1] ~= "--help" then + local req_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".req"; + if os.execute("test -f "..req_filename) == 0 + and not show_yesno("Overwrite "..req_filename .. "?") then + return nil, req_filename; + end + local _, key_filename = cert_commands.key({arg[1]}); + local _, conf_filename = cert_commands.config({arg[1]}); + if openssl.req{new=true, key=key_filename, utf8=true, config=conf_filename, out=req_filename} then + show_message("Certificate request written to ".. req_filename); + else + show_message("There was a problem, see OpenSSL output"); + end + else + show_usage("cert request HOSTNAME", "Generates a certificate request") + end +end + +function cert_commands.generate(arg) + if #arg >= 1 and arg[1] ~= "--help" then + local cert_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".cert"; + if os.execute("test -f "..cert_filename) == 0 + and not show_yesno("Overwrite "..cert_filename .. "?") then + return nil, cert_filename; + end + local _, key_filename = cert_commands.key({arg[1]}); + local _, conf_filename = cert_commands.config({arg[1]}); + local ret; + if key_filename and conf_filename and cert_filename + and openssl.req{new=true, x509=true, nodes=true, key=key_filename, + days=365, sha1=true, utf8=true, config=conf_filename, out=cert_filename} then + show_message("Certificate written to ".. cert_filename); + else + show_message("There was a problem, see OpenSSL output"); + end + else + show_usage("cert generate HOSTNAME", "Generates a self-signed certificate") + end +end + +function commands.cert(arg) + if #arg >= 1 and arg[1] ~= "--help" then + local subcmd = table.remove(arg, 1); + if type(cert_commands[subcmd]) == "function" then + return cert_commands[subcmd](arg); + end + end + show_usage("cert config|request|generate|key", "Helpers for X.509 certificates.") +end + --------------------- if command and command:match("^mod_") then -- Is a command in a module @@ -588,7 +770,7 @@ if not commands[command] then -- Show help for all commands print("Where COMMAND may be one of:\n"); local hidden_commands = require "util.set".new{ "register", "unregister", "addplugin" }; - local commands_order = { "adduser", "passwd", "deluser", "start", "stop", "restart" }; + local commands_order = { "adduser", "passwd", "deluser", "start", "stop", "restart", "reload", "about" }; local done = {};