319 lines
10 KiB
Bash
319 lines
10 KiB
Bash
#!/bin/bash
|
||
# MYP Connection Refused Debug & Fix Script
|
||
# Diagnostiziert und behebt Connection Refused Probleme auf Raspberry Pi
|
||
|
||
set -e
|
||
|
||
# Farben für Output
|
||
RED='\033[0;31m'
|
||
GREEN='\033[0;32m'
|
||
YELLOW='\033[1;33m'
|
||
BLUE='\033[0;34m'
|
||
CYAN='\033[0;36m'
|
||
NC='\033[0m'
|
||
|
||
echo -e "${CYAN}=========================================================${NC}"
|
||
echo -e "${CYAN}MYP CONNECTION REFUSED - DEBUG & FIX${NC}"
|
||
echo -e "${CYAN}Raspberry Pi Diagnose und Reparatur${NC}"
|
||
echo -e "${CYAN}=========================================================${NC}"
|
||
echo ""
|
||
|
||
# Basis-Informationen sammeln
|
||
echo -e "${BLUE}📊 SYSTEM-INFORMATIONEN:${NC}"
|
||
echo -e " 🖥️ Hostname: $(hostname)"
|
||
echo -e " 🌐 IP-Adressen: $(hostname -I | tr ' ' '\n' | head -3 | tr '\n' ' ')"
|
||
echo -e " ⏰ Zeit: $(date)"
|
||
echo -e " 👤 Benutzer: $(whoami)"
|
||
echo ""
|
||
|
||
# 1. SERVICE-STATUS PRÜFEN
|
||
echo -e "${YELLOW}🔍 1. SERVICE-STATUS DIAGNOSE${NC}"
|
||
echo "=================================================="
|
||
|
||
services=("myp-https" "myp-app" "myp-kiosk" "kiosk-watchdog")
|
||
|
||
for service in "${services[@]}"; do
|
||
echo -e "${BLUE}Prüfe Service: $service${NC}"
|
||
|
||
if systemctl is-enabled "$service" >/dev/null 2>&1; then
|
||
echo -e " ✅ Service ist aktiviert"
|
||
else
|
||
echo -e " ❌ Service ist NICHT aktiviert"
|
||
fi
|
||
|
||
if systemctl is-active "$service" >/dev/null 2>&1; then
|
||
echo -e " ✅ Service läuft"
|
||
else
|
||
echo -e " ❌ Service läuft NICHT"
|
||
echo -e " 📋 Status: $(systemctl is-active "$service" 2>/dev/null || echo 'unknown')"
|
||
fi
|
||
|
||
# Zeige letzte Logs
|
||
echo -e " 📝 Letzte Logs:"
|
||
journalctl -u "$service" --no-pager -n 3 --since "5 minutes ago" 2>/dev/null | sed 's/^/ /' || echo " Keine Logs verfügbar"
|
||
echo ""
|
||
done
|
||
|
||
# 2. PORT-STATUS PRÜFEN
|
||
echo -e "${YELLOW}🔍 2. PORT-STATUS DIAGNOSE${NC}"
|
||
echo "=================================================="
|
||
|
||
ports=("443" "5000" "80")
|
||
|
||
for port in "${ports[@]}"; do
|
||
echo -e "${BLUE}Prüfe Port: $port${NC}"
|
||
|
||
# Prüfe ob Port belegt ist
|
||
if netstat -tulpn 2>/dev/null | grep -q ":$port "; then
|
||
echo -e " ✅ Port $port ist belegt"
|
||
process=$(netstat -tulpn 2>/dev/null | grep ":$port " | awk '{print $7}' | head -1)
|
||
echo -e " 📋 Prozess: $process"
|
||
else
|
||
echo -e " ❌ Port $port ist FREI (sollte belegt sein!)"
|
||
fi
|
||
|
||
# Teste Verbindung
|
||
if timeout 3 bash -c "</dev/tcp/localhost/$port" 2>/dev/null; then
|
||
echo -e " ✅ Verbindung zu localhost:$port erfolgreich"
|
||
else
|
||
echo -e " ❌ Verbindung zu localhost:$port FEHLGESCHLAGEN"
|
||
fi
|
||
echo ""
|
||
done
|
||
|
||
# 3. MYP-APP SPEZIFISCHE DIAGNOSE
|
||
echo -e "${YELLOW}🔍 3. MYP-APP DIAGNOSE${NC}"
|
||
echo "=================================================="
|
||
|
||
APP_DIR="/opt/myp"
|
||
|
||
echo -e "${BLUE}Prüfe MYP-Installation:${NC}"
|
||
if [ -d "$APP_DIR" ]; then
|
||
echo -e " ✅ MYP-Verzeichnis existiert: $APP_DIR"
|
||
|
||
if [ -f "$APP_DIR/app.py" ]; then
|
||
echo -e " ✅ app.py gefunden"
|
||
else
|
||
echo -e " ❌ app.py FEHLT!"
|
||
fi
|
||
|
||
if [ -f "$APP_DIR/requirements.txt" ]; then
|
||
echo -e " ✅ requirements.txt gefunden"
|
||
else
|
||
echo -e " ❌ requirements.txt FEHLT!"
|
||
fi
|
||
|
||
# Prüfe Berechtigungen
|
||
echo -e " 📋 Berechtigungen: $(ls -ld "$APP_DIR" | awk '{print $1, $3, $4}')"
|
||
|
||
else
|
||
echo -e " ❌ MYP-Verzeichnis FEHLT: $APP_DIR"
|
||
fi
|
||
|
||
# 4. PYTHON-UMGEBUNG PRÜFEN
|
||
echo -e "${YELLOW}🔍 4. PYTHON-UMGEBUNG DIAGNOSE${NC}"
|
||
echo "=================================================="
|
||
|
||
echo -e "${BLUE}Python-Installation:${NC}"
|
||
if command -v python3 >/dev/null 2>&1; then
|
||
echo -e " ✅ Python3: $(python3 --version)"
|
||
else
|
||
echo -e " ❌ Python3 NICHT GEFUNDEN!"
|
||
fi
|
||
|
||
if command -v python3.11 >/dev/null 2>&1; then
|
||
echo -e " ✅ Python3.11: $(python3.11 --version)"
|
||
else
|
||
echo -e " ❌ Python3.11 NICHT GEFUNDEN!"
|
||
fi
|
||
|
||
echo -e "${BLUE}Kritische Python-Module:${NC}"
|
||
critical_modules=("flask" "requests" "werkzeug" "jinja2")
|
||
|
||
for module in "${critical_modules[@]}"; do
|
||
if python3 -c "import $module" 2>/dev/null; then
|
||
version=$(python3 -c "import $module; print(getattr($module, '__version__', 'unknown'))" 2>/dev/null)
|
||
echo -e " ✅ $module: $version"
|
||
else
|
||
echo -e " ❌ $module FEHLT!"
|
||
fi
|
||
done
|
||
|
||
# 5. SSL-ZERTIFIKAT PRÜFEN
|
||
echo -e "${YELLOW}🔍 5. SSL-ZERTIFIKAT DIAGNOSE${NC}"
|
||
echo "=================================================="
|
||
|
||
SSL_DIR="$APP_DIR/ssl"
|
||
CERT_FILE="$SSL_DIR/cert.pem"
|
||
KEY_FILE="$SSL_DIR/key.pem"
|
||
|
||
if [ -d "$SSL_DIR" ]; then
|
||
echo -e " ✅ SSL-Verzeichnis existiert"
|
||
|
||
if [ -f "$CERT_FILE" ]; then
|
||
echo -e " ✅ SSL-Zertifikat gefunden"
|
||
|
||
# Prüfe Zertifikat-Gültigkeit
|
||
if openssl x509 -in "$CERT_FILE" -noout -checkend 86400 2>/dev/null; then
|
||
echo -e " ✅ Zertifikat ist gültig"
|
||
expiry=$(openssl x509 -in "$CERT_FILE" -noout -enddate 2>/dev/null | cut -d= -f2)
|
||
echo -e " 📅 Läuft ab: $expiry"
|
||
else
|
||
echo -e " ❌ Zertifikat ist ABGELAUFEN oder UNGÜLTIG!"
|
||
fi
|
||
else
|
||
echo -e " ❌ SSL-Zertifikat FEHLT: $CERT_FILE"
|
||
fi
|
||
|
||
if [ -f "$KEY_FILE" ]; then
|
||
echo -e " ✅ SSL-Key gefunden"
|
||
echo -e " 📋 Key-Berechtigungen: $(ls -l "$KEY_FILE" | awk '{print $1, $3, $4}')"
|
||
else
|
||
echo -e " ❌ SSL-Key FEHLT: $KEY_FILE"
|
||
fi
|
||
else
|
||
echo -e " ❌ SSL-Verzeichnis FEHLT: $SSL_DIR"
|
||
fi
|
||
|
||
# 6. FIREWALL-STATUS
|
||
echo -e "${YELLOW}🔍 6. FIREWALL-DIAGNOSE${NC}"
|
||
echo "=================================================="
|
||
|
||
if command -v ufw >/dev/null 2>&1; then
|
||
echo -e "${BLUE}UFW Firewall:${NC}"
|
||
ufw_status=$(ufw status 2>/dev/null | head -1)
|
||
echo -e " 📋 Status: $ufw_status"
|
||
|
||
if echo "$ufw_status" | grep -q "active"; then
|
||
echo -e " 🔥 Firewall ist AKTIV - prüfe Ports..."
|
||
for port in 443 5000 80; do
|
||
if ufw status 2>/dev/null | grep -q "$port"; then
|
||
echo -e " ✅ Port $port ist geöffnet"
|
||
else
|
||
echo -e " ❌ Port $port ist BLOCKIERT!"
|
||
fi
|
||
done
|
||
else
|
||
echo -e " ✅ Firewall ist inaktiv"
|
||
fi
|
||
else
|
||
echo -e " ℹ️ UFW nicht installiert"
|
||
fi
|
||
|
||
# 7. AUTOMATISCHE REPARATUR-VERSUCHE
|
||
echo ""
|
||
echo -e "${CYAN}=========================================================${NC}"
|
||
echo -e "${CYAN}🔧 AUTOMATISCHE REPARATUR-VERSUCHE${NC}"
|
||
echo -e "${CYAN}=========================================================${NC}"
|
||
|
||
echo -e "${YELLOW}Reparatur 1: Services neu starten${NC}"
|
||
for service in "myp-https" "myp-app"; do
|
||
if systemctl is-enabled "$service" >/dev/null 2>&1; then
|
||
echo -e " 🔄 Starte $service neu..."
|
||
if systemctl restart "$service" 2>/dev/null; then
|
||
echo -e " ✅ $service erfolgreich neu gestartet"
|
||
sleep 2
|
||
if systemctl is-active "$service" >/dev/null 2>&1; then
|
||
echo -e " ✅ $service läuft jetzt"
|
||
else
|
||
echo -e " ❌ $service läuft immer noch nicht"
|
||
fi
|
||
else
|
||
echo -e " ❌ Fehler beim Neustart von $service"
|
||
fi
|
||
fi
|
||
done
|
||
|
||
echo ""
|
||
echo -e "${YELLOW}Reparatur 2: Manuelle App-Start-Versuche${NC}"
|
||
if [ -f "$APP_DIR/app.py" ]; then
|
||
echo -e " 🐍 Teste Python-App direkt..."
|
||
cd "$APP_DIR"
|
||
|
||
# Teste verschiedene Python-Versionen
|
||
for python_cmd in "python3.11" "python3" "python"; do
|
||
if command -v "$python_cmd" >/dev/null 2>&1; then
|
||
echo -e " 🧪 Teste mit $python_cmd..."
|
||
timeout 10 "$python_cmd" -c "
|
||
import sys
|
||
sys.path.insert(0, '/opt/myp')
|
||
try:
|
||
from app import app
|
||
print('✅ App-Import erfolgreich')
|
||
app.run(host='0.0.0.0', port=5000, debug=False)
|
||
except Exception as e:
|
||
print(f'❌ App-Fehler: {e}')
|
||
import traceback
|
||
traceback.print_exc()
|
||
" 2>&1 | head -10 | sed 's/^/ /'
|
||
break
|
||
fi
|
||
done
|
||
fi
|
||
|
||
echo ""
|
||
echo -e "${YELLOW}Reparatur 3: SSL-Zertifikate regenerieren${NC}"
|
||
if [ ! -f "$CERT_FILE" ] || ! openssl x509 -in "$CERT_FILE" -noout -checkend 86400 2>/dev/null; then
|
||
echo -e " 🔐 Regeneriere SSL-Zertifikate..."
|
||
|
||
if [ -f "/opt/myp/fix_ssl_raspberry.sh" ]; then
|
||
echo -e " 🛠️ Führe SSL-Fix aus..."
|
||
chmod +x "/opt/myp/fix_ssl_raspberry.sh"
|
||
"/opt/myp/fix_ssl_raspberry.sh" 2>&1 | tail -5 | sed 's/^/ /'
|
||
else
|
||
echo -e " ⚠️ SSL-Fix-Skript nicht gefunden - manuelle SSL-Erstellung..."
|
||
mkdir -p "$SSL_DIR"
|
||
cd "$SSL_DIR"
|
||
|
||
# Einfache SSL-Zertifikat-Erstellung
|
||
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes \
|
||
-subj "/C=DE/ST=BW/L=Stuttgart/O=Mercedes/CN=m040tbaraspi001" 2>/dev/null && \
|
||
echo -e " ✅ SSL-Zertifikate erstellt" || \
|
||
echo -e " ❌ SSL-Erstellung fehlgeschlagen"
|
||
fi
|
||
fi
|
||
|
||
# 8. FINAL-TEST
|
||
echo ""
|
||
echo -e "${CYAN}=========================================================${NC}"
|
||
echo -e "${CYAN}🎯 FINAL-VERBINDUNGSTEST${NC}"
|
||
echo -e "${CYAN}=========================================================${NC}"
|
||
|
||
echo -e "${BLUE}Teste Verbindungen nach Reparatur:${NC}"
|
||
|
||
for url in "http://localhost:5000" "https://localhost:443" "http://127.0.0.1:5000"; do
|
||
echo -e " 🌐 Teste: $url"
|
||
if timeout 5 curl -s -o /dev/null -w "%{http_code}" "$url" 2>/dev/null | grep -q "200\|302\|404"; then
|
||
echo -e " ✅ $url ist erreichbar!"
|
||
else
|
||
echo -e " ❌ $url nicht erreichbar"
|
||
fi
|
||
done
|
||
|
||
# 9. EMPFEHLUNGEN
|
||
echo ""
|
||
echo -e "${CYAN}=========================================================${NC}"
|
||
echo -e "${CYAN}💡 EMPFEHLUNGEN${NC}"
|
||
echo -e "${CYAN}=========================================================${NC}"
|
||
|
||
echo -e "${GREEN}Nächste Schritte:${NC}"
|
||
echo -e "1. ${BLUE}Service-Logs prüfen:${NC}"
|
||
echo -e " journalctl -u myp-https -f"
|
||
echo -e " journalctl -u myp-app -f"
|
||
echo ""
|
||
echo -e "2. ${BLUE}Manuelle App-Start zum Debugging:${NC}"
|
||
echo -e " cd /opt/myp"
|
||
echo -e " python3 app.py"
|
||
echo ""
|
||
echo -e "3. ${BLUE}Port-Verfügbarkeit prüfen:${NC}"
|
||
echo -e " netstat -tulpn | grep -E ':(443|5000|80)'"
|
||
echo ""
|
||
echo -e "4. ${BLUE}Firewall-Ports öffnen (falls nötig):${NC}"
|
||
echo -e " sudo ufw allow 443"
|
||
echo -e " sudo ufw allow 5000"
|
||
echo ""
|
||
echo -e "5. ${BLUE}Setup-Skript erneut ausführen:${NC}"
|
||
echo -e " cd /opt/myp && sudo ./setup.sh"
|
||
|
||
echo ""
|
||
echo -e "${GREEN}🏁 Connection Refused Diagnose abgeschlossen!${NC}" |