#!/bin/bash # 网络诊断脚本 # 用途:诊断git和CI无法访问的问题 set -e # 颜色定义 RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # 日志函数 log_info() { echo -e "${BLUE}[INFO]${NC} $1" } log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1" } log_warning() { echo -e "${YELLOW}[WARNING]${NC} $1" } log_error() { echo -e "${RED}[ERROR]${NC} $1" } separator() { echo "======================================================================" } # 测试网络连通性 test_connectivity() { separator log_info "测试网络连通性" separator echo "" log_info "测试DNS解析..." # 测试Git服务器 log_info "Git服务器 (git.f.novalon.cn):" if nslookup git.f.novalon.cn > /dev/null 2>&1; then log_success "DNS解析成功" nslookup git.f.novalon.cn | grep "Address" | tail -n +2 else log_error "DNS解析失败" fi # 测试CI服务器 log_info "CI服务器 (ci.f.novalon.cn):" if nslookup ci.f.novalon.cn > /dev/null 2>&1; then log_success "DNS解析成功" nslookup ci.f.novalon.cn | grep "Address" | tail -n +2 else log_error "DNS解析失败" fi echo "" log_info "测试网络连接..." # 测试HTTPS连接 log_info "Git服务器HTTPS连接:" if curl -I --connect-timeout 5 https://git.f.novalon.cn > /dev/null 2>&1; then log_success "HTTPS连接成功" else log_error "HTTPS连接失败" fi log_info "CI服务器HTTPS连接:" if curl -I --connect-timeout 5 https://ci.f.novalon.cn > /dev/null 2>&1; then log_success "HTTPS连接成功" else log_error "HTTPS连接失败" fi } # 测试Git连接 test_git_connection() { separator log_info "测试Git连接" separator echo "" log_info "Git配置:" git config --global --list | grep -E "user|http|https" || log_warning "未找到Git全局配置" echo "" log_info "测试Git SSH连接:" if ssh -T git@git.f.novalon.cn -o ConnectTimeout=5 2>&1 | grep -q "welcome\|authenticated"; then log_success "SSH连接成功" else log_warning "SSH连接失败(可能未配置SSH密钥)" fi echo "" log_info "测试Git HTTPS连接:" if git ls-remote https://git.f.novalon.cn/novalon/novalon-website.git > /dev/null 2>&1; then log_success "HTTPS连接成功" else log_error "HTTPS连接失败" log_info "错误详情:" git ls-remote https://git.f.novalon.cn/novalon/novalon-website.git 2>&1 | head -10 fi } # 测试CI连接 test_ci_connection() { separator log_info "测试CI连接" separator echo "" log_info "测试CI Web界面:" HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" --connect-timeout 5 https://ci.f.novalon.cn) if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "302" ]; then log_success "CI Web界面可访问 (HTTP $HTTP_CODE)" else log_error "CI Web界面不可访问 (HTTP $HTTP_CODE)" fi echo "" log_info "测试CI API:" if curl -s --connect-timeout 5 https://ci.f.novalon.cn/api/info > /dev/null 2>&1; then log_success "CI API可访问" else log_warning "CI API不可访问" fi } # 检查防火墙和代理 check_network_config() { separator log_info "检查网络配置" separator echo "" log_info "检查防火墙状态:" if command -v ufw > /dev/null; then sudo ufw status elif command -v firewall-cmd > /dev/null; then sudo firewall-cmd --state else log_warning "未检测到防火墙" fi echo "" log_info "检查HTTP代理设置:" env | grep -i proxy || log_info "未设置代理" echo "" log_info "检查SSL证书:" if echo | openssl s_client -connect git.f.novalon.cn:443 2>&1 | grep -q "Verify return code: 0"; then log_success "Git服务器SSL证书有效" else log_warning "Git服务器SSL证书可能有问题" fi if echo | openssl s_client -connect ci.f.novalon.cn:443 2>&1 | grep -q "Verify return code: 0"; then log_success "CI服务器SSL证书有效" else log_warning "CI服务器SSL证书可能有问题" fi } # 提供解决方案 suggest_solutions() { separator log_info "建议解决方案" separator echo "" log_warning "如果DNS解析失败:" echo " 1. 检查DNS服务器配置: cat /etc/resolv.conf" echo " 2. 尝试使用公共DNS: sudo echo 'nameserver 8.8.8.8' >> /etc/resolv.conf" echo " 3. 检查网络连接: ping 8.8.8.8" echo "" log_warning "如果HTTPS连接失败:" echo " 1. 检查防火墙规则: sudo ufw status" echo " 2. 检查代理设置: env | grep -i proxy" echo " 3. 更新CA证书: sudo update-ca-certificates" echo "" log_warning "如果Git连接超时:" echo " 1. 增加超时时间: git config --global http.lowSpeedLimit 0" echo " 2. 增加超时时间: git config --global http.postBuffer 524288000" echo " 3. 使用SSH代替HTTPS: git remote set-url origin git@git.f.novalon.cn:novalon/novalon-website.git" echo "" log_warning "如果CI无法访问:" echo " 1. 检查CI服务状态: sudo systemctl status woodpecker-agent" echo " 2. 检查CI日志: sudo journalctl -u woodpecker-agent -f" echo " 3. 重启CI服务: sudo systemctl restart woodpecker-agent" } # 快速诊断 quick_diagnosis() { log_info "执行快速诊断..." # 测试基本网络连接 if ping -c 1 8.8.8.8 > /dev/null 2>&1; then log_success "基本网络连接正常" else log_error "基本网络连接失败,请检查网络配置" return fi # 测试DNS if nslookup git.f.novalon.cn > /dev/null 2>&1; then log_success "DNS解析正常" else log_error "DNS解析失败" fi # 测试HTTPS if curl -I --connect-timeout 5 https://git.f.novalon.cn > /dev/null 2>&1; then log_success "Git服务器可访问" else log_error "Git服务器不可访问" fi if curl -I --connect-timeout 5 https://ci.f.novalon.cn > /dev/null 2>&1; then log_success "CI服务器可访问" else log_error "CI服务器不可访问" fi } # 主菜单 main_menu() { clear separator echo "网络诊断工具 - Git和CI连接问题排查" separator echo "" echo "1. 快速诊断" echo "2. 测试网络连通性" echo "3. 测试Git连接" echo "4. 测试CI连接" echo "5. 检查网络配置" echo "6. 显示建议解决方案" echo "7. 完整诊断(所有测试)" echo "0. 退出" echo "" read -p "请选择操作 (0-7): " choice case $choice in 1) quick_diagnosis ;; 2) test_connectivity ;; 3) test_git_connection ;; 4) test_ci_connection ;; 5) check_network_config ;; 6) suggest_solutions ;; 7) quick_diagnosis echo "" test_connectivity echo "" test_git_connection echo "" test_ci_connection echo "" check_network_config echo "" suggest_solutions ;; 0) log_info "退出程序" exit 0 ;; *) log_error "无效选择" ;; esac echo "" read -p "按回车键继续..." main_menu } # 主函数 main() { log_info "网络诊断工具启动" if [ "$1" = "--quick" ]; then quick_diagnosis else main_menu fi } main "$@"