Merge pull request 'feat: health endpoint with 16 diagnostic checks (#54)' (#23) from dev into main
Universal: Cascade Main → Dev / Cascade main → branches (push) Successful in 2s
Universal: Cascade Main → Dev / Cascade main → branches (push) Successful in 2s
This commit was merged in pull request #23.
This commit is contained in:
+34
-20
@@ -31,37 +31,51 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||
- License/subscription check
|
||||
- System email template branding (DB approach)
|
||||
|
||||
## [02.01.35] - 2026-05-22
|
||||
## [02.01.37] - 2026-05-23
|
||||
|
||||
### Added
|
||||
- Health check endpoint at `/?mokowaas=health` with token authentication (#54)
|
||||
- Database connectivity and latency check
|
||||
- Filesystem writability and disk space check
|
||||
- Cache status and extension count checks
|
||||
- Auto-generated API token (separate from Joomla user tokens)
|
||||
- Grafana auto-provisioning: Infinity datasource + shared dashboard
|
||||
- Grafana plugin install via API (replaces deprecated CLI)
|
||||
- Dashboard with endpoint dropdown for multi-site monitoring
|
||||
- Provisioning on plugin install/update via script.php postflight
|
||||
- Error logging for all Grafana heartbeat attempts (HTTP code + cURL error)
|
||||
- Health check endpoint at `/?mokowaas=health` with 16 diagnostic checks (#54)
|
||||
- Core checks: database latency, filesystem writability/size, cache, extensions
|
||||
- Backup checks: Akeeba Backup last backup date/status/size, days since, frequency
|
||||
- Security checks: Admin Tools WAF status, blocked requests 24h/7d
|
||||
- SSL certificate: expiry date, days left, issuer (degraded <30d, error <7d)
|
||||
- Scheduled tasks: Joomla task scheduler status, failed tasks 24h
|
||||
- Error log: PHP error log size, recent errors, last error message
|
||||
- Database size: total MB, table count, top 5 largest tables
|
||||
- Content stats: articles, categories, menu items, modules
|
||||
- User activity: total users, active sessions, failed logins 24h, last login
|
||||
- Mail system: mailer type, from address, SMTP host, queue count
|
||||
- SEO health: robots.txt, sitemap, htaccess, SEF status
|
||||
- Template info: site/admin template names, override count
|
||||
- Configuration drift: debug mode, error reporting, force SSL, caching
|
||||
- Human-readable `reason` field explaining degraded/error status
|
||||
- Site size reporting (images, media, tmp, cache, logs directories)
|
||||
- Heartbeat provisioning via receiver at bench.mokoconsulting.tech
|
||||
- Grafana datasource auto-provisioning via YAML (no API token needed)
|
||||
- ntfy notifications on heartbeat registration (mokowaas-heartbeat topic)
|
||||
- Grafana dashboard with 9 rows covering all 16 health checks
|
||||
- Auto-generated health API token (separate from Joomla user tokens)
|
||||
|
||||
### Changed
|
||||
- Health endpoint always enabled — no config toggle needed
|
||||
- Grafana credentials hardcoded and obfuscated (XOR+base64)
|
||||
- Grafana provisioning uses heartbeat receiver pattern (replaces direct API)
|
||||
- Removed config fields: enable_health_endpoint, grafana_url, grafana_api_key
|
||||
- Grafana dashboard rebuilt: plugin-only panels, no Prometheus blackbox dependency
|
||||
- Migrated .gitea/ to .mokogitea/ directory standard
|
||||
- Updated all workflow references from MokoStandards to moko-platform
|
||||
- Updated all references from MokoStandards to moko-platform
|
||||
- Renamed Gitea references to MokoGitea in docs
|
||||
|
||||
### Fixed
|
||||
- SSL certificate verification disabled for Grafana cURL calls (shared hosting compatibility)
|
||||
- cURL follow redirects enabled for Grafana API
|
||||
- updates.xml download URL uses correct `development` tag (was `dev`)
|
||||
- Grafana API token upgraded to Admin SA with datasource write permissions
|
||||
- SSL verification disabled for Grafana cURL calls (shared hosting)
|
||||
- cURL follow redirects enabled
|
||||
- updates.xml download URL uses correct `development` tag
|
||||
|
||||
### Security
|
||||
- Grafana API key obfuscated in source (not stored in plain text)
|
||||
- Token rotated on each stable release cycle
|
||||
- Plugin hidden from plugin list for non-master users
|
||||
- Plugin settings restricted to master user only
|
||||
- Self-healing lock (enforceLocked) runs every page load
|
||||
- Uninstall blocked in preflight
|
||||
- Health endpoint requires HTTPS + bearer token
|
||||
- Heartbeat shared secret for receiver authentication
|
||||
|
||||
## [02.01.08] - 2026-04-07
|
||||
|
||||
|
||||
@@ -59,7 +59,11 @@ The MokoWaaS plugin operationalizes a unified naming convention, brand-controlle
|
||||
- **Joomla 5.x / 6.x Compatible**: Built using modern Joomla plugin architecture with dependency injection
|
||||
- **Multi-Language Support**: en-GB and en-US locales
|
||||
- **Admin & Frontend Coverage**: Dashboard, footer, login, installer, system info, update component, error pages, and more
|
||||
- **Governance Compliant**: Aligned with [MokoStandards](https://github.com/mokoconsulting-tech/MokoStandards)
|
||||
- **Health Monitoring**: 16 diagnostic checks via `/?mokowaas=health` — database, filesystem, cache, extensions, Akeeba Backup, Admin Tools, SSL, cron, errors, DB size, content, users, mail, SEO, templates, config
|
||||
- **Grafana Integration**: Auto-provisions Infinity datasource via heartbeat receiver — 9-row dashboard with all health metrics
|
||||
- **ntfy Notifications**: Heartbeat events pushed to `mokowaas-heartbeat` topic
|
||||
- **Plugin Protection**: Hidden from non-super-admins, self-healing lock, uninstall blocked
|
||||
- **Governance Compliant**: Aligned with [moko-platform](https://git.mokoconsulting.tech/MokoConsulting/moko-platform)
|
||||
|
||||
## System Requirements
|
||||
|
||||
|
||||
Reference in New Issue
Block a user