diff --git a/preflight.sh b/preflight.sh index bd64815..9f908f9 100755 --- a/preflight.sh +++ b/preflight.sh @@ -96,7 +96,7 @@ check_runners_conf() { } check 5 "runners.conf file exists" check_runners_conf if [[ ! -f "${SCRIPT_DIR}/runners.conf" ]]; then - log_error " → runners.conf not found. Copy runners.conf.example to runners.conf." + log_error " → runners.conf not found. Run ./setup/configure_runners.sh to create it." fi # --------------------------------------------------------------------------- @@ -187,16 +187,22 @@ check_runners_ini_format() { errors=$((errors + 1)) fi - # repos: must be "all" or a name from REPO_NAMES + # repos: must be "all" or a known repo name. + # Comma-separated values mean configure_runners.sh didn't expand — warn the user. if [[ "$repos" != "all" ]] && [[ -n "$repos" ]]; then - local repos_valid=false - local _rn - for _rn in ${REPO_NAMES:-}; do - if [[ "$repos" == "$_rn" ]]; then repos_valid=true; break; fi - done - if ! $repos_valid; then - log_error " → [$section] repos='$repos' (must be 'all' or a name from REPO_NAMES)" + if [[ "$repos" == *,* ]]; then + log_error " → [$section] repos='$repos' contains commas — run ./setup/configure_runners.sh to expand into separate sections" errors=$((errors + 1)) + else + local repos_valid=false + local _rn + for _rn in ${REPO_NAMES:-}; do + if [[ "$repos" == "$_rn" ]]; then repos_valid=true; break; fi + done + if ! $repos_valid; then + log_error " → [$section] repos='$repos' (must be 'all' or a name from REPO_NAMES: ${REPO_NAMES:-})" + errors=$((errors + 1)) + fi fi fi @@ -433,27 +439,35 @@ else fi # --------------------------------------------------------------------------- -# Check 14: DNS resolves +# Check 14a: python3 available for DNS resolution checks # --------------------------------------------------------------------------- -check_dns() { - # Fail closed when required values are missing. - [[ -n "${GITEA_DOMAIN:-}" ]] || return 1 - [[ -n "${UNRAID_IP:-}" ]] || return 1 - - local resolved - # Use python3 (bundled with macOS) for DNS — avoids dependency on dig/host/nslookup - resolved=$(python3 -c "import socket; print('\n'.join(r[4][0] for r in socket.getaddrinfo('${GITEA_DOMAIN}', None, socket.AF_INET)))" 2>/dev/null | sort -u) || return 1 - [[ -n "$resolved" ]] || return 1 - - # Pass only if one of the domain's A records exactly matches UNRAID_IP. - if printf '%s\n' "$resolved" | grep -Fxq "${UNRAID_IP}"; then - return 0 - fi - return 1 +check_python3() { + command -v python3 >/dev/null 2>&1 } -check 14 "DNS: ${GITEA_DOMAIN:-} resolves to ${UNRAID_IP:-}" check_dns -if ! check_dns 2>/dev/null; then - log_error " → ${GITEA_DOMAIN:-GITEA_DOMAIN} does not resolve to ${UNRAID_IP:-UNRAID_IP}." +check 14a "python3 available for DNS resolution checks" check_python3 +if ! check_python3 2>/dev/null; then + log_error " → python3 is required for DNS validation (Check 14b). Install it (e.g. brew install python)." +fi + +# --------------------------------------------------------------------------- +# Check 14b: DNS resolves (informational — only needed for Phase 8 TLS) +# --------------------------------------------------------------------------- +if ! check_python3 2>/dev/null; then + log_warn "[14b] DNS: skipped — python3 not found (install python3 to run DNS validation before Phase 8)" +elif [[ -n "${GITEA_DOMAIN:-}" ]] && [[ -n "${UNRAID_IP:-}" ]]; then + dns_resolved=$(python3 -c "import socket; print('\n'.join(r[4][0] for r in socket.getaddrinfo('${GITEA_DOMAIN}', None, socket.AF_INET)))" 2>/dev/null | sort -u) || dns_resolved="" + if [[ -n "$dns_resolved" ]] && printf '%s\n' "$dns_resolved" | grep -Fxq "${UNRAID_IP}"; then + log_success "[14b] DNS: ${GITEA_DOMAIN} resolves to ${UNRAID_IP}" + PASS_COUNT=$((PASS_COUNT + 1)) + else + if [[ -z "$dns_resolved" ]]; then + log_warn "[14b] DNS: ${GITEA_DOMAIN} does not resolve (needed before Phase 8)" + else + log_warn "[14b] DNS: ${GITEA_DOMAIN} resolves to ${dns_resolved} but expected ${UNRAID_IP} (needed before Phase 8)" + fi + fi +else + log_warn "[14b] DNS: skipped — GITEA_DOMAIN or UNRAID_IP not set" fi # ---------------------------------------------------------------------------