Announcing Discourse Doctor

Following the example from Discourse-doctor 👩‍⚕️, I’ve created discourse-doctor, now included in discourse_docker. If you run ./discourse-doctor, you’ll see something like:

DISCOURSE DOCTOR Tue Jul 24 08:50:32 UTC 2018
OS: Linux twonames 4.4.0-130-generic #156-Ubuntu SMP Thu Jun 14 08:53:28 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux


Found containers/app.yml

==================== YML SETTINGS ====================
DISCOURSE_HOSTNAME=twonames.ltcmp.net
SMTP_ADDRESS=mail.domain.com
DEVELOPER_EMAILS=REDACTED 
SMTP_PASSWORD=REDACTED 
SMTP_PORT=587
SMTP_USER_NAME=postmaster@cakeme.ltcmp.net
LETSENCRYPT_ACCOUNT_EMAIL=REDACTED 

==================== DOCKER INFO ====================
DOCKER VERSION: Docker version 18.05.0-ce, build f150324

DOCKER PROCESSES (docker ps -a)

CONTAINER ID        IMAGE                         COMMAND                  CREATED             STATUS                    PORTS                                      NAMES
c75f29870c3b        local_discourse/app           "/sbin/boot"             5 days ago          Up 5 days                 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp   app
adc8de3e5156        discourse/base:2.0.20180613   "/bin/bash -c 'cd /p…"   5 days ago          Exited (137) 5 days ago                                              quirky_zhukovsky


Discourse container app is running


==================== PLUGINS ====================
          - git clone https://github.com/discourse/docker_manager.git

No non-official plugins detected.

See https://github.com/discourse/discourse/blob/master/lib/plugin/metadata.rb for the official list.

========================================
Discourse version at twonames.ltcmp.net: Discourse 2.1.0.beta2 
Discourse version at localhost: Discourse 2.1.0.beta2 


==================== MEMORY INFORMATION ====================
OS: Linux
RAM (MB): 1016

              total        used        free      shared  buff/cache   available
Mem:            992         577          69          28         345         184
Swap:          2047         301        1746

==================== DISK SPACE CHECK ====================
---------- OS Disk Space ----------
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda1        25G   12G   13G  48% /

---------- Container Disk Space ----------
Filesystem      Size  Used Avail Use% Mounted on
overlay          25G   12G   13G  48% /
/dev/vda1        25G   12G   13G  48% /shared
/dev/vda1        25G   12G   13G  48% /var/log

==================== DISK INFORMATION ====================
Disk /dev/vda: 25 GiB, 26843545600 bytes, 52428800 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 603625F3-7AE2-40CB-B05E-0BD7EA2D57E4

Device      Start      End  Sectors  Size Type
/dev/vda1  227328 52428766 52201439 24.9G Linux filesystem
/dev/vda14   2048    10239     8192    4M BIOS boot
/dev/vda15  10240   227327   217088  106M Microsoft basic data

Partition table entries are not in disk order.

==================== END DISK INFORMATION ====================

==================== MAIL TEST ====================
For a robust test, get an address from http://www.mail-tester.com/
Mail test skipped.

==================== DONE! ====================
The output of this program may be available at http://twonames.ltcmp.net/YzUwYjE5MzlmN2EyZTAz.txt
You should inspect that file carefully before sharing the URL.

You can examine the output of this script with 
LESS=-Ri less /tmp/discourse-debug.txt

BUT FIRST, make sure that you know the first three commands below!!!

Commands to know when viewing the file with the above command (called 'less'): 
q              -- quit
/error<ENTER>  -- search for the word 'error'
n              -- search for the next occurrence
g              -- go to the beginning of the file
f              -- go forward a page
b              -- go back a page
G              -- go to the end of the file

If the container isn’t running, discourse-doctor will attempt a rebuild and add the output of the build to the log file, which, if the container cranks up enough to have nginx, will be accessible via a URL, saving folks the trouble of uploading to something like pastebin. Passwords and email addresses are redacted by the script. Domain names are left intact, as there is rarely reason to hide your site given that it’s on the Internet already.

Right now, you have to know that discourse-doctor exists, but in the next few days, I’ll submit a PR to have launcher and discourse-setup recommend it.

Next Steps

  • have launcher recommend discourse-doctor
  • have discourse-setup recommend discourse-doctor
  • make the mail test rake task do some actual testing rather than just sending , like . . .
    – test connectivity to the port
    – does password work
    – SPF, DKIM, dmarc
    – tell them they can’t use gmail (should also add this to discourse-setup )
    – tell them what email address is in the from: line
  • have launcher disallow mixed case domain names
  • if rebuild rails, re-start old container – this is both trivial and huge, as I think few people know that if the rebulid fails you can just restart the container.
  • (tentative) do some kind of yml linting. It looks like launcher does some kind of yaml parsing in host_run . But part of me says “You break it. You bought it.”
  • consider handling files other than app.yml
  • have the doctor comment out plugins not from discourse github organization

If you have comments or suggestions, please let me know!

28 Likes

Just ran this on a machine where the site was stopped. Was expecting a simple set of checks to be run and reported, was not expecting a rebuild with downloads to occur and the site to be started up. :grinning: Luckily I am only using the machine for learning at present so no harm. Maybe there should be a question asking the user if they want something that significant before proceeding.

The Doctor assumes that you want your site to be live. :wink:

Most of the checks that it does can be done only on a working installation.

2 Likes

Then I guess I need Discourse Autopsy.

7 Likes

Was this ever added @pfaffman ?

I’m trying to debug Amazon SES not working and here’s the output from the discourse-doctor:

==================== MAIL TEST ====================
For a robust test, get an address from http://www.mail-tester.com/
Or just send a test message to yourself.
Email address for mail test? ('n' to skip) [rich@xxx.xxx]:
Sending mail to rich@xxx.xxx. . .
unknown shorthand flag: 'w' in -w
See 'docker exec --help'.

Replacing: SMTP_PASSWORD
Replacing: LETSENCRYPT_ACCOUNT_EMAIL
Replacing: DEVELOPER_EMAILS
Replacing: DISCOURSE_DB_PASSWORD
Replacing: Sending mail to

==================== DONE! ====================
Would you like to serve a publicly available version of this file? (Y/n)Y
unknown shorthand flag: 'w' in -w
See 'docker exec --help'.
The output of this program may be available at http://example.com/NTQyYTg2YzVjYzg1NTYx.txt
You should inspect that file carefully before sharing the URL.

You can examine the output of this script with
LESS=-Ri less /tmp/discourse-debug.txt

BUT FIRST, make sure that you know the first three commands below!!!

Commands to know when viewing the file with the above command (called 'less'):
q              -- quit
/error<ENTER>  -- search for the word 'error'
n              -- search for the next occurrence
g              -- go to the beginning of the file
f              -- go forward a page
b              -- go back a page
G              -- go to the end of the file

No email arrives.

And I don’t know why…

The public version of the file is either not created, or not accessible as I simply get a not-found error when visiting the URL.

Looks like the way that the public link used to work is broken. It s mostly never used. That should be deleted.

The smtp test does check if it’s able to connect, but doesn’t do dns checks.

That’s docker exec error suggests that something is wrong there.

I’ll see about adding a note about the sending address. That’s still a common problem. Discourse sends from the forum subdomain and often the mail server expects the apex domain…

For your email issue, have you checked Troubleshooting email on a new Discourse install?

2 Likes

As no diagnostic information is provided in the console I was hoping the .txt file would give me some details.

I also note the txt file url is http rather than https (not that it alters anything here anyway).

Hmm. Perhaps that docker error means that it’s no longer running the SMTP test at all.

You should see the troubleshooting guide and run the rake task that tests smtp.

Will do, thanks for the replies.

1 Like

After running ./discourse-doctor script, I have answered Yes to “Would you like to serve a publicly available version of this file?” and now I can see, that email credentials (login, password) are exposed.

Where and how can I permanently delete the logs/files generated by ./discourse-doctor?

Hmm. Sorry about that. I guess something must have changed that makes clean_up_log_file() not work correctly anymore, though I am not sure why.

Does the URL for sharing the file even work? I’m pretty sure that it didn’t last I checked.

You can rm /var/discourse/shared/standalone/public/*.txt. Or look there for the actual name of the file and remove it.

1 Like

I have tried to find exact name of the file (name taken from URL) in root directory. I deleted 2 files, but URL still showed full the log info. Finally, I decided to terminated the virtual machine. Anyway, it was important experience for me: “be really careful when you play with credentials”

:wink:

2 Likes

yup, I get the same Docker error and no email