happyDomain/checker-matrix
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial commit

Browse source
This commit is contained in:
nemunaire 2026-04-08 04:18:24 +07:00
commit 2bb91d33d4
16 changed files with 878 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

46
checker/collect.go Normal file
View file

@ -0,0 +1,46 @@
package checker
import (
"context"
"encoding/json"
"fmt"
"net/http"
"strings"
sdk "git.happydns.org/checker-sdk-go/checker"
)
func (p *matrixProvider) Collect(ctx context.Context, opts sdk.CheckerOptions) (any, error) {
domain, _ := opts["serviceDomain"].(string)
if domain == "" {
return nil, fmt.Errorf("serviceDomain is required")
}
domain = strings.TrimSuffix(domain, ".")
testerURI, _ := opts["federationTesterServer"].(string)
if testerURI == "" {
testerURI = "https://federationtester.matrix.org/api/report?server_name=%s"
}
req, err := http.NewRequestWithContext(ctx, http.MethodGet, fmt.Sprintf(testerURI, domain), nil)
if err != nil {
return nil, fmt.Errorf("unable to build the request: %w", err)
}
resp, err := http.DefaultClient.Do(req)
if err != nil {
return nil, fmt.Errorf("unable to perform the test: %w", err)
}
defer resp.Body.Close()
if resp.StatusCode >= 300 {
return nil, fmt.Errorf("federation tester returned status %d; check https://federationtester.matrix.org/#%s", resp.StatusCode, domain)
}
var data MatrixFederationData
if err := json.NewDecoder(resp.Body).Decode(&data); err != nil {
return nil, fmt.Errorf("failed to decode federation tester response: %w", err)
}
return &data, nil
}

62
checker/definition.go Normal file
View file

@ -0,0 +1,62 @@
package checker
import (
"time"
sdk "git.happydns.org/checker-sdk-go/checker"
)
// Version is the checker version reported in CheckerDefinition.Version.
//
// It defaults to "built-in", which is appropriate when the checker package is
// imported directly (built-in or plugin mode). Standalone binaries (like
// main.go) should override this from their own Version variable at the start
// of main(), which makes it easy for CI to inject a version with a single
// -ldflags "-X main.Version=..." flag instead of targeting the nested
// package path.
var Version = "built-in"
// Definition returns the CheckerDefinition for the matrix federation checker.
func Definition() *sdk.CheckerDefinition {
return &sdk.CheckerDefinition{
ID: "matrixim",
Name: "Matrix Federation Tester",
Version: Version,
Availability: sdk.CheckerAvailability{
ApplyToService: true,
LimitToServices: []string{"abstract.MatrixIM"},
},
HasHTMLReport: true,
ObservationKeys: []sdk.ObservationKey{ObservationKeyMatrix},
Options: sdk.CheckerOptionsDocumentation{
RunOpts: []sdk.CheckerOptionDocumentation{
{
Id: "serviceDomain",
Type: "string",
Label: "Matrix domain",
Placeholder: "matrix.org",
Default: "matrix.org",
AutoFill: sdk.AutoFillDomainName,
Required: true,
},
},
AdminOpts: []sdk.CheckerOptionDocumentation{
{
Id: "federationTesterServer",
Type: "string",
Label: "Federation Tester Server",
Placeholder: "https://federationtester.matrix.org/api/report?server_name=%s",
Default: "https://federationtester.matrix.org/api/report?server_name=%s",
},
},
},
Rules: []sdk.CheckRule{
Rule(),
},
Interval: &sdk.CheckIntervalSpec{
Min: 5 * time.Minute,
Max: 7 * 24 * time.Hour,
Default: 24 * time.Hour,
},
}
}

21
checker/provider.go Normal file
View file

@ -0,0 +1,21 @@
package checker
import (
sdk "git.happydns.org/checker-sdk-go/checker"
)
// Provider returns a new matrix federation observation provider.
func Provider() sdk.ObservationProvider {
return &matrixProvider{}
}
type matrixProvider struct{}
func (p *matrixProvider) Key() sdk.ObservationKey {
return ObservationKeyMatrix
}
// Definition implements sdk.CheckerDefinitionProvider.
func (p *matrixProvider) Definition() *sdk.CheckerDefinition {
return Definition()
}

376
checker/report.go Normal file
View file

@ -0,0 +1,376 @@
package checker
import (
"encoding/json"
"fmt"
"html/template"
"strings"
)
// ── HTML report ───────────────────────────────────────────────────────────────
type matrixCertData struct {
SubjectCommonName string
IssuerCommonName string
SHA256Fingerprint string
DNSNames []string
}
type matrixConnectionData struct {
Address string
TLSVersion string
CipherSuite string
Certs []matrixCertData
AllChecksOK bool
CheckDetails []matrixCheckItem
Errors []string
Open bool
}
type matrixCheckItem struct {
Label string
OK bool
}
type matrixConnErrData struct {
Address string
Message string
}
type matrixSRVRecord struct {
Target string
Port uint16
Priority uint16
Weight uint16
}
type matrixHostData struct {
Name string
CName string
Addrs []string
}
type matrixTemplateData struct {
FederationOK bool
Version string
VersionError string
WellKnownServer string
WellKnownResult string
SRVSkipped bool
SRVCName string
SRVRecords []matrixSRVRecord
SRVError string
Hosts []matrixHostData
Addrs []string
Connections []matrixConnectionData
ConnectionErrors []matrixConnErrData
}
var matrixHTMLTemplate = template.Must(
template.New("matrix").Parse(`<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Matrix Federation Report</title>
<style>
*, *::before, *::after { box-sizing: border-box; }
:root {
font-family: system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif;
font-size: 14px;
line-height: 1.5;
color: #1f2937;
background: #f3f4f6;
}
body { margin: 0; padding: 1rem; }
code { font-family: ui-monospace, monospace; font-size: .9em; }
h2 { font-size: 1rem; font-weight: 700; margin: 0 0 .6rem; }
h3 { font-size: .9rem; font-weight: 600; margin: 0 0 .4rem; }
.hd {
background: #fff;
border-radius: 10px;
padding: 1rem 1.25rem;
margin-bottom: .75rem;
box-shadow: 0 1px 3px rgba(0,0,0,.08);
}
.hd h1 { margin: 0 0 .4rem; font-size: 1.15rem; font-weight: 700; }
.badge {
display: inline-flex; align-items: center;
padding: .2em .65em;
border-radius: 9999px;
font-size: .78rem; font-weight: 700;
letter-spacing: .02em;
}
.ok { background: #d1fae5; color: #065f46; }
.fail { background: #fee2e2; color: #991b1b; }
.version { color: #6b7280; font-size: .82rem; margin-top: .35rem; }
.section {
background: #fff;
border-radius: 8px;
padding: .85rem 1rem;
margin-bottom: .6rem;
box-shadow: 0 1px 3px rgba(0,0,0,.07);
}
details {
background: #fff;
border-radius: 8px;
margin-bottom: .45rem;
box-shadow: 0 1px 3px rgba(0,0,0,.07);
overflow: hidden;
}
.section details {
box-shadow: none;
border-radius: 6px;
border: 1px solid #e5e7eb;
margin-bottom: .4rem;
}
summary {
display: flex; align-items: center; gap: .5rem;
padding: .65rem 1rem;
cursor: pointer;
user-select: none;
list-style: none;
}
summary::-webkit-details-marker { display: none; }
summary::before {
content: "▶";
font-size: .65rem;
color: #9ca3af;
transition: transform .15s;
flex-shrink: 0;
}
details[open] > summary::before { transform: rotate(90deg); }
.conn-addr { font-weight: 600; flex: 1; font-size: .9rem; font-family: ui-monospace, monospace; }
.details-body { padding: .6rem 1rem .85rem; border-top: 1px solid #f3f4f6; }
table { border-collapse: collapse; width: 100%; font-size: .85rem; }
th, td { text-align: left; padding: .3rem .5rem; border-bottom: 1px solid #f3f4f6; }
th { font-weight: 600; color: #6b7280; }
.check-ok { color: #059669; }
.check-fail { color: #dc2626; }
.errmsg { color: #dc2626; font-size: .85rem; margin: .25rem 0 0; }
.note { color: #6b7280; font-size: .85rem; }
ul { margin: .25rem 0; padding-left: 1.2rem; }
li { margin-bottom: .15rem; }
</style>
</head>
<body>
<div class="hd">
<h1>Matrix Federation</h1>
{{if .FederationOK}}
<span class="badge ok">Federation OK</span>
{{- else}}
<span class="badge fail">Federation FAIL</span>
{{- end}}
{{if .Version}}<div class="version">Server: <code>{{.Version}}</code>{{if .VersionError}} &mdash; {{.VersionError}}{{end}}</div>{{end}}
</div>
{{if .Connections}}
<div class="section">
<h2>Connections ({{len .Connections}})</h2>
{{range .Connections}}
<details{{if .Open}} open{{end}}>
<summary>
<span class="conn-addr">{{.Address}}</span>
{{if .AllChecksOK}}<span class="badge ok">All checks OK</span>{{else}}<span class="badge fail">Checks failed</span>{{end}}
</summary>
<div class="details-body">
{{if or .TLSVersion .CipherSuite}}
<h3>TLS</h3>
<p class="note">{{.TLSVersion}}{{if and .TLSVersion .CipherSuite}} &mdash; {{end}}{{.CipherSuite}}</p>
{{end}}
{{if .Certs}}
<h3>Certificates</h3>
<table>
<tr><th>Subject</th><th>Issuer</th><th>DNS Names</th><th>Fingerprint (SHA-256)</th></tr>
{{range .Certs}}
<tr>
<td><code>{{.SubjectCommonName}}</code></td>
<td><code>{{.IssuerCommonName}}</code></td>
<td>{{range .DNSNames}}<code>{{.}}</code> {{end}}</td>
<td><code>{{.SHA256Fingerprint}}</code></td>
</tr>
{{end}}
</table>
{{end}}
{{if .CheckDetails}}
<h3 style="margin-top:.7rem">Checks</h3>
<table>
{{range .CheckDetails}}
<tr>
<td>{{if .OK}}<span class="check-ok">&#10003;</span>{{else}}<span class="check-fail">&#10007;</span>{{end}}</td>
<td>{{.Label}}</td>
</tr>
{{end}}
</table>
{{end}}
{{range .Errors}}<p class="errmsg">&#9888; {{.}}</p>{{end}}
</div>
</details>
{{end}}
</div>
{{end}}
{{if .ConnectionErrors}}
<div class="section">
<h2>Connection Errors ({{len .ConnectionErrors}})</h2>
{{range .ConnectionErrors}}
<p><code>{{.Address}}</code><br><span class="errmsg">{{.Message}}</span></p>
{{end}}
</div>
{{end}}
<div class="section">
<h2>Well-Known</h2>
{{if .WellKnownServer}}
<p>Server: <code>{{.WellKnownServer}}</code></p>
{{else if .WellKnownResult}}
<p class="note">{{.WellKnownResult}}</p>
{{else}}
<p class="note">Not found.</p>
{{end}}
</div>
<div class="section">
<h2>DNS Resolution</h2>
{{if .SRVSkipped}}
<p class="note">SRV lookup skipped{{if .SRVCName}} (CNAME: <code>{{.SRVCName}}</code>){{end}}</p>
{{else if .SRVError}}
<p class="errmsg">SRV error: {{.SRVError}}</p>
{{else if .SRVRecords}}
<h3>SRV Records</h3>
<table>
<tr><th>Target</th><th>Port</th><th>Priority</th><th>Weight</th></tr>
{{range .SRVRecords}}
<tr>
<td><code>{{.Target}}</code></td>
<td>{{.Port}}</td>
<td>{{.Priority}}</td>
<td>{{.Weight}}</td>
</tr>
{{end}}
</table>
{{else}}
<p class="note">No SRV records found.</p>
{{end}}
{{if .Hosts}}
<h3 style="margin-top:.6rem">Resolved Hosts</h3>
{{range .Hosts}}
<p style="margin:.25rem 0">
<code>{{.Name}}</code>
{{if .CName}} &rarr; <code>{{.CName}}</code>{{end}}
{{if .Addrs}}: {{range .Addrs}}<code>{{.}}</code> {{end}}{{end}}
</p>
{{end}}
{{else if .Addrs}}
<h3 style="margin-top:.6rem">Addresses</h3>
<ul>{{range .Addrs}}<li><code>{{.}}</code></li>{{end}}</ul>
{{end}}
</div>
</body>
</html>`),
)
// GetHTMLReport implements sdk.CheckerHTMLReporter.
func (p *matrixProvider) GetHTMLReport(raw json.RawMessage) (string, error) {
var r MatrixFederationData
if err := json.Unmarshal(raw, &r); err != nil {
return "", fmt.Errorf("failed to unmarshal matrix report: %w", err)
}
data := matrixTemplateData{
FederationOK: r.FederationOK,
WellKnownServer: r.WellKnownResult.Server,
WellKnownResult: r.WellKnownResult.Result,
SRVSkipped: r.DNSResult.SRVSkipped,
SRVCName: r.DNSResult.SRVCName,
Addrs: r.DNSResult.Addrs,
}
// Version
if r.Version.Name != "" || r.Version.Version != "" {
data.Version = strings.TrimSpace(r.Version.Name + " " + r.Version.Version)
}
data.VersionError = r.Version.Error
// SRV records
for _, s := range r.DNSResult.SRVRecords {
data.SRVRecords = append(data.SRVRecords, matrixSRVRecord{
Target: s.Target,
Port: s.Port,
Priority: s.Priority,
Weight: s.Weight,
})
}
// SRV error
if r.DNSResult.SRVError != nil {
data.SRVError = r.DNSResult.SRVError.Message
}
// Hosts
for name, h := range r.DNSResult.Hosts {
data.Hosts = append(data.Hosts, matrixHostData{
Name: name,
CName: h.CName,
Addrs: h.Addrs,
})
}
// Successful connections
for addr, cr := range r.ConnectionReports {
conn := matrixConnectionData{
Address: addr,
TLSVersion: cr.Cipher.Version,
CipherSuite: cr.Cipher.CipherSuite,
AllChecksOK: cr.Checks.AllChecksOK,
Errors: cr.Errors,
Open: !cr.Checks.AllChecksOK,
}
for _, cert := range cr.Certificates {
conn.Certs = append(conn.Certs, matrixCertData{
SubjectCommonName: cert.SubjectCommonName,
IssuerCommonName: cert.IssuerCommonName,
SHA256Fingerprint: cert.SHA256Fingerprint,
DNSNames: cert.DNSNames,
})
}
conn.CheckDetails = []matrixCheckItem{
{"Matching server name", cr.Checks.MatchingServerName},
{"Certificate valid until future", cr.Checks.FutureValidUntilTS},
{"Valid certificates", cr.Checks.ValidCertificates},
{"Has Ed25519 key", cr.Checks.HasEd25519Key},
{"All Ed25519 checks OK", cr.Checks.AllEd25519ChecksOK},
}
data.Connections = append(data.Connections, conn)
}
// Failed connections
for addr, ce := range r.ConnectionErrors {
data.ConnectionErrors = append(data.ConnectionErrors, matrixConnErrData{
Address: addr,
Message: ce.Message,
})
}
var buf strings.Builder
if err := matrixHTMLTemplate.Execute(&buf, data); err != nil {
return "", fmt.Errorf("failed to render matrix HTML report: %w", err)
}
return buf.String(), nil
}

81
checker/rule.go Normal file
View file

@ -0,0 +1,81 @@
package checker
import (
"context"
"fmt"
"strings"
sdk "git.happydns.org/checker-sdk-go/checker"
)
// Rule returns a new matrix federation check rule.
func Rule() sdk.CheckRule {
return &matrixRule{}
}
type matrixRule struct{}
func (r *matrixRule) Name() string {
return "matrix_federation"
}
func (r *matrixRule) Description() string {
return "Checks whether Matrix federation is working correctly"
}
func (r *matrixRule) ValidateOptions(opts sdk.CheckerOptions) error {
return nil
}
func (r *matrixRule) Evaluate(ctx context.Context, obs sdk.ObservationGetter, opts sdk.CheckerOptions) sdk.CheckState {
var data MatrixFederationData
if err := obs.Get(ctx, ObservationKeyMatrix, &data); err != nil {
return sdk.CheckState{
Status: sdk.StatusError,
Message: fmt.Sprintf("Failed to get Matrix federation data: %v", err),
Code: "matrix_federation_error",
}
}
domain, _ := opts["serviceDomain"].(string)
domain = strings.TrimSuffix(domain, ".")
if data.FederationOK {
version := strings.TrimSpace(data.Version.Name + " " + data.Version.Version)
return sdk.CheckState{
Status: sdk.StatusOK,
Message: fmt.Sprintf("Running %s", version),
Code: "matrix_federation_ok",
Meta: map[string]any{
"version": version,
},
}
}
var statusLine string
if data.DNSResult.SRVError != nil && data.WellKnownResult.Result != "" {
statusLine = fmt.Sprintf("%s OR %s", data.DNSResult.SRVError.Message, data.WellKnownResult.Result)
} else if len(data.ConnectionErrors) > 0 {
var msg strings.Builder
for srv, cerr := range data.ConnectionErrors {
if msg.Len() > 0 {
msg.WriteString("; ")
}
msg.WriteString(srv)
msg.WriteString(": ")
msg.WriteString(cerr.Message)
}
statusLine = fmt.Sprintf("Connection errors: %s", msg.String())
} else if data.WellKnownResult.Server != domain {
statusLine = fmt.Sprintf("Bad homeserver_name: got %s, expected %s", data.WellKnownResult.Server, domain)
} else {
statusLine = fmt.Sprintf("Federation broken. Check https://federationtester.matrix.org/#%s", domain)
}
return sdk.CheckState{
Status: sdk.StatusCrit,
Message: statusLine,
Code: "matrix_federation_fail",
}
}

72
checker/types.go Normal file
View file

@ -0,0 +1,72 @@
// Package checker implements the Matrix federation checker for happyDomain.
//
// It queries a Matrix Federation Tester instance (by default the public one
// hosted at https://federationtester.matrix.org) to verify that a Matrix
// homeserver is correctly federating, then exposes the result both as an
// observation and as a rich HTML report.
package checker
import (
sdk "git.happydns.org/checker-sdk-go/checker"
)
// ObservationKeyMatrix is the observation key for Matrix federation test data.
const ObservationKeyMatrix sdk.ObservationKey = "matrix_federation"
// MatrixFederationData is the full payload returned by the Matrix Federation
// Tester API and stored as the observation.
type MatrixFederationData struct {
WellKnownResult struct {
Server string `json:"m.server"`
Result string `json:"result"`
CacheExpiresAt int64 `json:"CacheExpiresAt"`
} `json:"WellKnownResult"`
DNSResult struct {
SRVSkipped bool `json:"SRVSkipped"`
SRVCName string `json:"SRVCName"`
SRVRecords []struct {
Target string `json:"Target"`
Port uint16 `json:"Port"`
Priority uint16 `json:"Priority"`
Weight uint16 `json:"Weight"`
} `json:"SRVRecords"`
SRVError *struct {
Message string `json:"Message"`
} `json:"SRVError"`
Hosts map[string]struct {
CName string `json:"CName"`
Addrs []string `json:"Addrs"`
} `json:"Hosts"`
Addrs []string `json:"Addrs"`
} `json:"DNSResult"`
ConnectionReports map[string]struct {
Certificates []struct {
SubjectCommonName string `json:"SubjectCommonName"`
IssuerCommonName string `json:"IssuerCommonName"`
SHA256Fingerprint string `json:"SHA256Fingerprint"`
DNSNames []string `json:"DNSNames"`
} `json:"Certificates"`
Cipher struct {
Version string `json:"Version"`
CipherSuite string `json:"CipherSuite"`
} `json:"Cipher"`
Checks struct {
AllChecksOK bool `json:"AllChecksOK"`
MatchingServerName bool `json:"MatchingServerName"`
FutureValidUntilTS bool `json:"FutureValidUntilTS"`
HasEd25519Key bool `json:"HasEd25519Key"`
AllEd25519ChecksOK bool `json:"AllEd25519ChecksOK"`
ValidCertificates bool `json:"ValidCertificates"`
} `json:"Checks"`
Errors []string `json:"Errors"`
} `json:"ConnectionReports"`
ConnectionErrors map[string]struct {
Message string `json:"Message"`
} `json:"ConnectionErrors"`
Version struct {
Name string `json:"name"`
Version string `json:"version"`
Error string `json:"error,omitempty"`
} `json:"Version"`
FederationOK bool `json:"FederationOK"`
}