55 lines
1.3 KiB
Python
55 lines
1.3 KiB
Python
"""Run all read-only audit checks for a tenant domain."""
|
|
|
|
from __future__ import annotations
|
|
|
|
from typing import Any
|
|
|
|
from . import dns, vm112, webmail
|
|
|
|
CHECK_LABELS = {
|
|
"carbonio": "Carbonio domain",
|
|
"nginx_vhost": "carbonio-nginx vhost",
|
|
"cert_le": "Let's Encrypt certificate",
|
|
"dns_mx": "MX record",
|
|
"dns_spf": "SPF",
|
|
"dns_dkim": "DKIM",
|
|
"dns_dmarc": "DMARC",
|
|
"webmail_http": "Webmail HTTPS",
|
|
}
|
|
|
|
TENANT_API_BASE = {
|
|
1: None, # filled from env in run_audit
|
|
}
|
|
|
|
|
|
def run_audit(
|
|
tenant_id: int,
|
|
domain: str,
|
|
*,
|
|
vm112_api: str | None = None,
|
|
mail_public_ip: str | None = None,
|
|
) -> dict[str, dict[str, Any]]:
|
|
domain = domain.lower().strip()
|
|
results: dict[str, dict[str, Any]] = {}
|
|
|
|
if tenant_id == 1:
|
|
api_base = vm112_api or "http://10.10.10.112:8090"
|
|
results.update(vm112.collect(domain, api_base))
|
|
|
|
results.update(dns.collect(domain, mail_public_ip=mail_public_ip))
|
|
results.update(webmail.collect(domain))
|
|
|
|
for check_id, label in CHECK_LABELS.items():
|
|
results.setdefault(
|
|
check_id,
|
|
{
|
|
"check_id": check_id,
|
|
"label": label,
|
|
"status": "skip",
|
|
"message": "Check not run",
|
|
"evidence": {},
|
|
},
|
|
)
|
|
results[check_id]["label"] = label
|
|
|
|
return results
|