gristlabs_grist-core/app/common/BootProbe.ts

import { SandboxInfo } from 'app/common/SandboxInfo';

export type BootProbeIds =
    'boot-page' |
    'health-check' |
    'reachable' |
    'host-header' |
    'sandboxing' |
    'system-user' |
    'authentication' |
    'websockets' |
    'session-secret'
;

export interface BootProbeResult {
  verdict?: string;
  // Result of check.
  // "success" is a positive outcome.
  // "none" means no fault detected (but that the test is not exhaustive
  // enough to claim "success").
  // "fault" is a bad error, "warning" a ... warning, "hmm" almost a debug message.
  status: 'success' | 'fault' | 'warning' | 'hmm' | 'none';
  details?: Record<string, any>;
}

export interface BootProbeInfo {
  id: BootProbeIds;
  name: string;
}

export type SandboxingBootProbeDetails = SandboxInfo;
(core) add a sandbox check to admin panel, and start reconciling boot and admin pages Summary: This adds a basic sandbox check to the admin panel. It also makes the "probes" used in the boot page available from the admin panel, though they are not yet displayed. The sandbox check is built as a probe. In the interests of time, a lot of steps had to be deferred: * Reconcile fully the admin panel and boot page. Specifically, the admin panel should be equally robust to common configuration problems. * Add tests for the sandbox check. * Generalize to multi-server setups. The read-out will not yet be useful for setups where doc workers and home servers are configured separately. Test Plan: Added new test Reviewers: jarek, georgegevoian Reviewed By: georgegevoian Differential Revision: https://phab.getgrist.com/D4241 5 months ago			`import { SandboxInfo } from 'app/common/SandboxInfo';`
make a /boot/GRIST_BOOT_KEY page for diagnosing configuration problems (#850) This is a start at a page for diagnosing problems while setting up Grist. Starting to add some diagnostics based on feedback in github issues. We should make Grist installation easier! But when there is a problem it should be easier to diagnose than it is now, and this may help. The page is ugly and doesn't have many diagnostics yet, but we can iterate. Visit `/boot` on a Grist server for tips on how to use this feature. 7 months ago
			`export type BootProbeIds =`
			`'boot-page' \|`
			`'health-check' \|`
			`'reachable' \|`
			`'host-header' \|`
(core) add a sandbox check to admin panel, and start reconciling boot and admin pages Summary: This adds a basic sandbox check to the admin panel. It also makes the "probes" used in the boot page available from the admin panel, though they are not yet displayed. The sandbox check is built as a probe. In the interests of time, a lot of steps had to be deferred: * Reconcile fully the admin panel and boot page. Specifically, the admin panel should be equally robust to common configuration problems. * Add tests for the sandbox check. * Generalize to multi-server setups. The read-out will not yet be useful for setups where doc workers and home servers are configured separately. Test Plan: Added new test Reviewers: jarek, georgegevoian Reviewed By: georgegevoian Differential Revision: https://phab.getgrist.com/D4241 5 months ago			`'sandboxing' \|`
Displays the current authentication mechanism in the admin panel (#981) * Adds authentication mechanism to admin panel Adds field to the "Security settings" admin display, showing the currently configured authentication mechanism. * Adds 14px margin to admin panel names 4 months ago			`'system-user' \|`
reconcile boot and admin pages further (#963) This adds some remaining parts of the boot page to the admin panel, and then removes the boot page. 4 months ago			`'authentication' \|`
Improve session ID security (#1059) Follow-up of #994. This PR revises the session ID generation logic to improve security in the absence of a secure session secret. It also adds a section in the admin panel "security" section to nag system admins when GRIST_SESSION_SECRET is not set. Following is an excerpt from internal conversation. TL;DR: Grist's current implementation generates semi-secure session IDs and uses a publicly known default signing key to sign them when the environment variable GRIST_SESSION_SECRET is not set. This PR generates cryptographically secure session IDs to dismiss security concerns around an insecure signing key, and encourages system admins to configure their own signing key anyway. > The session secret is required by expressjs/session to sign its session IDs. It's designed as an extra protection against session hijacking by randomly guessing session IDs and hitting a valid one. While it is easy to encourage users to set a distinct session secret, this is unnecessary if session IDs are generated in a cryptographically secure way. As of now Grist uses version 4 UUIDs as session IDs (see app/server/lib/gristSessions.ts - it uses shortUUID.generate which invokes uuid.v4 under the hood). These contain 122 bits of entropy, technically insufficient to be considered cryptographically secure. In practice, this is never considered a real vulnerability. To compare, RSA2048 is still very commonly used in web servers, yet it only has 112 bits of security (>=128 bits = "secure", rule of thumb in cryptography). But for peace of mind I propose using crypto.getRandomValues to generate real 128-bit random values. This should render session ID signing unnecessary and hence dismiss security concerns around an insecure signing key. 3 months ago			`'websockets' \|`
			`'session-secret'`
make a /boot/GRIST_BOOT_KEY page for diagnosing configuration problems (#850) This is a start at a page for diagnosing problems while setting up Grist. Starting to add some diagnostics based on feedback in github issues. We should make Grist installation easier! But when there is a problem it should be easier to diagnose than it is now, and this may help. The page is ugly and doesn't have many diagnostics yet, but we can iterate. Visit `/boot` on a Grist server for tips on how to use this feature. 7 months ago			`;`

			`export interface BootProbeResult {`
			`verdict?: string;`
reconcile boot and admin pages further (#963) This adds some remaining parts of the boot page to the admin panel, and then removes the boot page. 4 months ago			`// Result of check.`
			`// "success" is a positive outcome.`
			`// "none" means no fault detected (but that the test is not exhaustive`
			`// enough to claim "success").`
			`// "fault" is a bad error, "warning" a ... warning, "hmm" almost a debug message.`
			`status: 'success' \| 'fault' \| 'warning' \| 'hmm' \| 'none';`
make a /boot/GRIST_BOOT_KEY page for diagnosing configuration problems (#850) This is a start at a page for diagnosing problems while setting up Grist. Starting to add some diagnostics based on feedback in github issues. We should make Grist installation easier! But when there is a problem it should be easier to diagnose than it is now, and this may help. The page is ugly and doesn't have many diagnostics yet, but we can iterate. Visit `/boot` on a Grist server for tips on how to use this feature. 7 months ago			`details?: Record<string, any>;`
			`}`

			`export interface BootProbeInfo {`
			`id: BootProbeIds;`
			`name: string;`
			`}`

(core) add a sandbox check to admin panel, and start reconciling boot and admin pages Summary: This adds a basic sandbox check to the admin panel. It also makes the "probes" used in the boot page available from the admin panel, though they are not yet displayed. The sandbox check is built as a probe. In the interests of time, a lot of steps had to be deferred: * Reconcile fully the admin panel and boot page. Specifically, the admin panel should be equally robust to common configuration problems. * Add tests for the sandbox check. * Generalize to multi-server setups. The read-out will not yet be useful for setups where doc workers and home servers are configured separately. Test Plan: Added new test Reviewers: jarek, georgegevoian Reviewed By: georgegevoian Differential Revision: https://phab.getgrist.com/D4241 5 months ago			`export type SandboxingBootProbeDetails = SandboxInfo;`