ellmos-servercommander-mcp 0.1.0-alpha.3 → 0.1.0-alpha.5

package/README.md

@@ -12,9 +12,9 @@ German README: [README_de.md](README_de.md)
 
 - Transport: stdio via the Python MCP SDK
 - Package status: public alpha package under `ellmos-ai`
-- Current core: MCP tool listing, MCP tool dispatch, config loading, `sc_logs_analyze`, `sc_health_check`
-- Safe alpha handlers: `sc_deploy` builds local SHA256 manifests in dry-run mode; `sc_mail_*` does not perform IMAP/SMTP operations yet
-- i18n: localized MCP tool descriptions for `en`, `de`, `es`, `zh`, `ja`, `ru` with English fallback
+- Current core: MCP tool listing, MCP tool dispatch, config loading, HTTP health checks, richer access-log analysis
+- Safe alpha handlers: `sc_deploy` builds local SHA256 manifests and configuration diagnostics in dry-run mode; `sc_mail_*` reports mail configuration gaps without IMAP/SMTP operations
+- i18n: localized MCP tool descriptions, input-schema field descriptions, and unknown-tool errors for `en`, `de`, `es`, `zh`, `ja`, `ru` with English fallback
 
 ## Install
 
@@ -66,10 +66,10 @@ Secrets should be referenced through environment variables, for example `$MAIL_P
 ## Tools
 
 - `sc_health_check`: checks HTTP endpoints and reports status code plus latency
-- `sc_logs_analyze`: analyzes Apache/Nginx access logs from inline text or a local file
-- `sc_deploy`: creates a deployment plan with a local SHA256 manifest, but does not upload yet
-- `sc_deploy_status`: shows configured deploy profiles and the current alpha history status
-- `sc_mail_list`, `sc_mail_read`, `sc_mail_send`, `sc_mail_search`: safe alpha status responses without IMAP/SMTP connections
+- `sc_logs_analyze`: analyzes Apache/Nginx access logs from inline text or a local file, including status classes, bytes, referers, error paths, and suspicious request markers
+- `sc_deploy`: creates a deployment plan with a local SHA256 manifest and profile diagnostics, but does not upload yet
+- `sc_deploy_status`: shows configured deploy profiles, selected-profile diagnostics, and the current alpha history status
+- `sc_mail_list`, `sc_mail_read`, `sc_mail_send`, `sc_mail_search`: safe alpha status responses with mail configuration diagnostics and no IMAP/SMTP connections
 
 ## Development
 
@@ -81,4 +81,4 @@ npm run smoke
 npm pack --dry-run
 ```
 
-Next useful step: extract real SFTP, IMAP/SMTP, and extended traffic-analysis modules from `.UMBRUCH` into credential-free adapters with local tests.
+Next useful step: add explicitly configured execution adapters for SFTP and IMAP/SMTP, keep dry-run defaults, and extend log analysis with persisted reports.

package/README_de.md

@@ -12,9 +12,9 @@ Englische Standard-README: [README.md](README.md)
 
 - Transport: stdio über das Python-MCP-SDK
 - Paketstatus: öffentliches Alpha-Paket unter `ellmos-ai`
-- Aktiver Kern: MCP-Tool-Liste, MCP-Tool-Dispatch, Config-Lader, `sc_logs_analyze`, `sc_health_check`
-- Sichere Alpha-Handler: `sc_deploy` erstellt lokale SHA256-Manifeste im Dry-run, `sc_mail_*` führt noch keine IMAP/SMTP-Aktionen aus
-- i18n: lokalisierte MCP-Tool-Beschreibungen für `en`, `de`, `es`, `zh`, `ja`, `ru` mit Englisch-Fallback
+- Aktiver Kern: MCP-Tool-Liste, MCP-Tool-Dispatch, Config-Lader, HTTP-Health-Checks, erweiterte Access-Log-Analyse
+- Sichere Alpha-Handler: `sc_deploy` erstellt lokale SHA256-Manifeste und Konfigurationsdiagnosen im Dry-run, `sc_mail_*` meldet Mail-Konfigurationslücken ohne IMAP/SMTP-Aktionen
+- i18n: lokalisierte MCP-Tool-Beschreibungen, Input-Schema-Feldbeschreibungen und Unknown-Tool-Fehler für `en`, `de`, `es`, `zh`, `ja`, `ru` mit Englisch-Fallback
 
 ## Installation
 
@@ -66,10 +66,10 @@ Secrets sollen als Umgebungsvariablen referenziert werden, zum Beispiel `$MAIL_P
 ## Tools
 
 - `sc_health_check`: prüft HTTP-Endpunkte und meldet Status-Code plus Latenz
-- `sc_logs_analyze`: analysiert Apache-/Nginx-Access-Logs aus Text oder Datei
-- `sc_deploy`: erstellt einen Deployment-Plan mit lokalem SHA256-Manifest, führt aber noch keinen Upload aus
-- `sc_deploy_status`: zeigt konfigurierte Deploy-Profile und den aktuellen Alpha-History-Status
-- `sc_mail_list`, `sc_mail_read`, `sc_mail_send`, `sc_mail_search`: sichere Alpha-Statusantworten ohne IMAP/SMTP-Verbindung
+- `sc_logs_analyze`: analysiert Apache-/Nginx-Access-Logs aus Text oder Datei, inklusive Statusklassen, Bytes, Referern, Fehlerpfaden und verdächtigen Request-Markern
+- `sc_deploy`: erstellt einen Deployment-Plan mit lokalem SHA256-Manifest und Profildiagnose, führt aber noch keinen Upload aus
+- `sc_deploy_status`: zeigt konfigurierte Deploy-Profile, ausgewählte Profildiagnosen und den aktuellen Alpha-History-Status
+- `sc_mail_list`, `sc_mail_read`, `sc_mail_send`, `sc_mail_search`: sichere Alpha-Statusantworten mit Mail-Konfigurationsdiagnosen und ohne IMAP/SMTP-Verbindung
 
 ## Entwicklung
 
@@ -81,4 +81,4 @@ npm run smoke
 npm pack --dry-run
 ```
 
-Der nächste sinnvolle Schritt ist die Extraktion der echten SFTP-, IMAP/SMTP- und erweiterten Traffic-Module aus `.UMBRUCH` in credential-freie Adapter mit lokalen Tests.
+Der nächste sinnvolle Schritt ist, explizit konfigurierte Ausführungsadapter für SFTP und IMAP/SMTP zu ergänzen, Dry-run als Standard beizubehalten und Log-Analysen um persistierte Reports zu erweitern.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ellmos-servercommander-mcp",
-  "version": "0.1.0-alpha.3",
+  "version": "0.1.0-alpha.5",
   "description": "Alpha MCP server for server operations: deploy dry-runs, mail status, log analysis, and health checks.",
   "type": "commonjs",
   "license": "MIT",

package/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "ellmos-servercommander-mcp"
-version = "0.1.0a3"
+version = "0.1.0a5"
 description = "MCP server for server operations: deploy, mail, log analysis, health checks."
 readme = "README.md"
 license = "MIT"

package/src/servercommander/__init__.py

@@ -1,3 +1,3 @@
 """ellmos-servercommander-mcp - server operations via MCP."""
 
-__version__ = "0.1.0a3"
+__version__ = "0.1.0a5"

package/src/servercommander/deploy.py

@@ -33,6 +33,7 @@ async def sc_deploy(
         "local_path": local_path or profile_config.get("local_path"),
         "remote_path": remote_path or profile_config.get("remote_path"),
         "protocol": profile_config.get("protocol", "sftp"),
+        "port": profile_config.get("port", 22),
     }
     missing = [key for key in ("host", "user", "local_path", "remote_path") if not plan.get(key)]
     manifest = _build_manifest(plan["local_path"]) if plan.get("local_path") else None
@@ -43,6 +44,7 @@ async def sc_deploy(
         "missing": missing,
         "plan": plan,
         "manifest": manifest,
+        "diagnostics": _deploy_diagnostics(profile_config, plan, manifest),
     }
 
 
@@ -58,6 +60,7 @@ async def sc_deploy_status(
         "message": "Deployment history storage is not implemented yet.",
         "profiles": profiles,
         "selected_profile": selected,
+        "diagnostics": _deploy_diagnostics(selected or {}, selected or {}, None) if profile else None,
     }
 
 
@@ -98,3 +101,24 @@ def _file_entry(path: Path, root: Path) -> dict[str, Any]:
         "size": path.stat().st_size,
         "sha256": digest.hexdigest(),
     }
+
+
+def _deploy_diagnostics(profile_config: dict[str, Any], plan: dict[str, Any], manifest: dict[str, Any] | None) -> dict[str, Any]:
+    protocol = str(plan.get("protocol") or "sftp").lower()
+    auth_methods = []
+    if profile_config.get("key_path"):
+        auth_methods.append("key_path")
+    if profile_config.get("password"):
+        auth_methods.append("password")
+    if not auth_methods:
+        auth_methods.append("agent_or_prompt")
+    local_status = manifest.get("status") if manifest else "not_checked"
+    return {
+        "protocol_supported": protocol == "sftp",
+        "protocol": protocol,
+        "port": int(plan.get("port") or 22),
+        "auth_methods_configured": auth_methods,
+        "local_status": local_status,
+        "execution_enabled": False,
+        "next_step": "Review the dry-run plan and enable a future SFTP executor only after credential handling is finalized.",
+    }

package/src/servercommander/i18n.py

@@ -2,7 +2,9 @@
 
 from __future__ import annotations
 
+from copy import deepcopy
 from dataclasses import dataclass
+from typing import Any
 
 DEFAULT_LOCALE = "en"
 SUPPORTED_LOCALES = ("en", "de", "es", "zh", "ja", "ru")
@@ -19,6 +21,132 @@ ALIASES = {
     "zh-hans": "zh",
     "ja-jp": "ja",
     "ru-ru": "ru",
+    "ru-by": "ru",
+    "zh-sg": "zh",
+    "zh-hk": "zh",
+    "zh-tw": "zh",
+    "es-419": "es",
+    "es-ar": "es",
+    "es-cl": "es",
+    "es-co": "es",
+}
+
+DEFAULT_SCHEMA_DESCRIPTIONS: dict[str, str] = {
+    "body": "Email body text.",
+    "dry_run": "Build the plan without executing deployment.",
+    "endpoints": "HTTP endpoint URLs to check.",
+    "folder": "Mail folder name.",
+    "format": "Log format hint.",
+    "limit": "Maximum number of results.",
+    "local_path": "Local source path.",
+    "log_path": "Local access-log file path.",
+    "log_text": "Inline access-log text.",
+    "message_id": "Message identifier.",
+    "profile": "Deployment profile name.",
+    "query": "Search query.",
+    "remote_path": "Remote target path.",
+    "subject": "Email subject.",
+    "timeout": "Request timeout in seconds.",
+    "to": "Email recipient.",
+    "top_paths": "Number of top paths to include.",
+}
+
+SCHEMA_TRANSLATIONS: dict[str, dict[str, str]] = {
+    "de": {
+        "body": "Textkörper der E-Mail.",
+        "dry_run": "Plan erstellen, ohne das Deployment auszuführen.",
+        "endpoints": "Zu prüfende HTTP-Endpunkt-URLs.",
+        "folder": "Name des Mail-Ordners.",
+        "format": "Hinweis auf das Logformat.",
+        "limit": "Maximale Anzahl von Ergebnissen.",
+        "local_path": "Lokaler Quellpfad.",
+        "log_path": "Lokaler Pfad zur Access-Log-Datei.",
+        "log_text": "Access-Log-Text direkt als Eingabe.",
+        "message_id": "Nachrichtenkennung.",
+        "profile": "Name des Deployment-Profils.",
+        "query": "Suchanfrage.",
+        "remote_path": "Entfernter Zielpfad.",
+        "subject": "E-Mail-Betreff.",
+        "timeout": "Request-Timeout in Sekunden.",
+        "to": "E-Mail-Empfänger.",
+        "top_paths": "Anzahl der wichtigsten Pfade.",
+    },
+    "es": {
+        "body": "Texto del cuerpo del correo.",
+        "dry_run": "Crear el plan sin ejecutar el despliegue.",
+        "endpoints": "URLs de endpoints HTTP a comprobar.",
+        "folder": "Nombre de la carpeta de correo.",
+        "format": "Pista sobre el formato del log.",
+        "limit": "Número máximo de resultados.",
+        "local_path": "Ruta local de origen.",
+        "log_path": "Ruta local del archivo de access log.",
+        "log_text": "Texto de access log en línea.",
+        "message_id": "Identificador del mensaje.",
+        "profile": "Nombre del perfil de despliegue.",
+        "query": "Consulta de búsqueda.",
+        "remote_path": "Ruta remota de destino.",
+        "subject": "Asunto del correo.",
+        "timeout": "Timeout de la petición en segundos.",
+        "to": "Destinatario del correo.",
+        "top_paths": "Cantidad de rutas principales a incluir.",
+    },
+    "zh": {
+        "body": "邮件正文。",
+        "dry_run": "只生成计划，不执行部署。",
+        "endpoints": "要检查的 HTTP 端点 URL。",
+        "folder": "邮件文件夹名称。",
+        "format": "日志格式提示。",
+        "limit": "最大结果数量。",
+        "local_path": "本地源路径。",
+        "log_path": "本地访问日志文件路径。",
+        "log_text": "内联访问日志文本。",
+        "message_id": "消息标识符。",
+        "profile": "部署配置名称。",
+        "query": "搜索查询。",
+        "remote_path": "远程目标路径。",
+        "subject": "邮件主题。",
+        "timeout": "请求超时时间（秒）。",
+        "to": "邮件收件人。",
+        "top_paths": "要包含的热门路径数量。",
+    },
+    "ja": {
+        "body": "メール本文。",
+        "dry_run": "デプロイを実行せずに計画を作成します。",
+        "endpoints": "確認する HTTP エンドポイント URL。",
+        "folder": "メールフォルダ名。",
+        "format": "ログ形式のヒント。",
+        "limit": "結果の最大数。",
+        "local_path": "ローカルのソースパス。",
+        "log_path": "ローカルのアクセスログファイルパス。",
+        "log_text": "インラインのアクセスログテキスト。",
+        "message_id": "メッセージ識別子。",
+        "profile": "デプロイプロファイル名。",
+        "query": "検索クエリ。",
+        "remote_path": "リモートの宛先パス。",
+        "subject": "メール件名。",
+        "timeout": "リクエストタイムアウト（秒）。",
+        "to": "メール受信者。",
+        "top_paths": "含める上位パスの数。",
+    },
+    "ru": {
+        "body": "Текст письма.",
+        "dry_run": "Создать план без выполнения деплоя.",
+        "endpoints": "URL HTTP endpoints для проверки.",
+        "folder": "Название почтовой папки.",
+        "format": "Подсказка формата лога.",
+        "limit": "Максимальное количество результатов.",
+        "local_path": "Локальный исходный путь.",
+        "log_path": "Локальный путь к access-log файлу.",
+        "log_text": "Текст access-log напрямую.",
+        "message_id": "Идентификатор сообщения.",
+        "profile": "Название профиля деплоя.",
+        "query": "Поисковый запрос.",
+        "remote_path": "Удаленный целевой путь.",
+        "subject": "Тема письма.",
+        "timeout": "Таймаут запроса в секундах.",
+        "to": "Получатель письма.",
+        "top_paths": "Количество популярных путей.",
+    },
 }
 
 TRANSLATIONS: dict[str, dict[str, str]] = {
@@ -31,6 +159,7 @@ TRANSLATIONS: dict[str, dict[str, str]] = {
         "tool.sc_mail_search": "Alpha-Mail-Status für die Mail-Suche.",
         "tool.sc_logs_analyze": "Analysiert Apache-/Nginx-Access-Logs aus Text oder Datei.",
         "tool.sc_health_check": "Prüft HTTP-Endpunkte und meldet Status-Codes plus Latenz.",
+        "error.unknown_tool": "Unbekanntes ServerCommander-Tool: {name}",
     },
     "es": {
         "tool.sc_deploy": "Crea un plan de despliegue seguro. Alpha: solo dry-run.",
@@ -41,6 +170,7 @@ TRANSLATIONS: dict[str, dict[str, str]] = {
         "tool.sc_mail_search": "Estado alpha para buscar correo.",
         "tool.sc_logs_analyze": "Analiza logs de acceso Apache/Nginx desde texto o archivo.",
         "tool.sc_health_check": "Comprueba endpoints HTTP y devuelve código de estado y latencia.",
+        "error.unknown_tool": "Herramienta ServerCommander desconocida: {name}",
     },
     "zh": {
         "tool.sc_deploy": "创建安全部署计划。Alpha 版仅支持 dry-run。",
@@ -51,6 +181,7 @@ TRANSLATIONS: dict[str, dict[str, str]] = {
         "tool.sc_mail_search": "用于搜索邮件的 Alpha 状态。",
         "tool.sc_logs_analyze": "从文本或文件分析 Apache/Nginx 访问日志。",
         "tool.sc_health_check": "检查 HTTP 端点并返回状态码和延迟。",
+        "error.unknown_tool": "未知 ServerCommander 工具：{name}",
     },
     "ja": {
         "tool.sc_deploy": "安全なデプロイ計画を作成します。Alpha では dry-run のみです。",
@@ -61,6 +192,7 @@ TRANSLATIONS: dict[str, dict[str, str]] = {
         "tool.sc_mail_search": "メール検索用の Alpha 状態を返します。",
         "tool.sc_logs_analyze": "テキストまたはファイルから Apache/Nginx アクセスログを分析します。",
         "tool.sc_health_check": "HTTP エンドポイントを確認し、ステータスコードとレイテンシを返します。",
+        "error.unknown_tool": "不明な ServerCommander ツール: {name}",
     },
     "ru": {
         "tool.sc_deploy": "Создает безопасный план деплоя. Alpha: только dry-run.",
@@ -71,6 +203,7 @@ TRANSLATIONS: dict[str, dict[str, str]] = {
         "tool.sc_mail_search": "Alpha-статус поиска почты.",
         "tool.sc_logs_analyze": "Анализирует access-логи Apache/Nginx из текста или файла.",
         "tool.sc_health_check": "Проверяет HTTP endpoints и возвращает коды статуса и задержку.",
+        "error.unknown_tool": "Неизвестный инструмент ServerCommander: {name}",
     },
 }
 
@@ -96,3 +229,22 @@ class I18n:
         if self.locale == DEFAULT_LOCALE:
             return default or key
         return TRANSLATIONS.get(self.locale, {}).get(key) or default or key
+
+    def localize_schema(self, schema: dict[str, Any]) -> dict[str, Any]:
+        """Return a copy of a JSON schema with localized property descriptions."""
+        localized = deepcopy(schema)
+        properties = localized.get("properties")
+        if isinstance(properties, dict):
+            for name, property_schema in properties.items():
+                if not isinstance(property_schema, dict):
+                    continue
+                description = self._schema_description(name, property_schema.get("description"))
+                if description:
+                    property_schema["description"] = description
+        return localized
+
+    def _schema_description(self, name: str, default: str | None = None) -> str | None:
+        fallback = default or DEFAULT_SCHEMA_DESCRIPTIONS.get(name)
+        if self.locale == DEFAULT_LOCALE:
+            return fallback
+        return SCHEMA_TRANSLATIONS.get(self.locale, {}).get(name) or fallback

package/src/servercommander/logs.py

@@ -18,6 +18,7 @@ LOG_PATTERN = re.compile(
 )
 
 BOT_MARKERS = ("bot", "crawler", "spider", "slurp", "bingpreview")
+SUSPICIOUS_MARKERS = ("../", "%2e%2e", "/wp-admin", "/.env", "/phpmyadmin", "/admin", "/login")
 
 
 async def sc_logs_analyze(
@@ -36,8 +37,13 @@ async def sc_logs_analyze(
     status_classes: Counter[str] = Counter()
     method_counts: Counter[str] = Counter()
     path_counts: Counter[str] = Counter()
+    error_path_counts: Counter[str] = Counter()
     agent_counts: Counter[str] = Counter()
+    referer_counts: Counter[str] = Counter()
+    hosts: set[str] = set()
+    total_bytes = 0
     bot_requests = 0
+    suspicious_requests = 0
     parsed_lines = 0
 
     for line in lines:
@@ -45,28 +51,49 @@ async def sc_logs_analyze(
         if not match:
             continue
         parsed_lines += 1
+        hosts.add(match.group("host"))
         status = match.group("status")
         status_counts[status] += 1
         status_classes[f"{status[0]}xx"] += 1
         method_counts[match.group("method")] += 1
-        path_counts[match.group("path")] += 1
+        path = match.group("path")
+        path_counts[path] += 1
+        if int(status) >= 400:
+            error_path_counts[path] += 1
+        size = match.group("size")
+        if size.isdigit():
+            total_bytes += int(size)
+        referer = match.group("referer") or ""
+        if referer and referer != "-":
+            referer_counts[referer] += 1
         agent = match.group("agent") or ""
         if agent:
             agent_counts[agent] += 1
         if any(marker in agent.lower() for marker in BOT_MARKERS):
             bot_requests += 1
+        if any(marker in path.lower() for marker in SUSPICIOUS_MARKERS):
+            suspicious_requests += 1
+
+    error_count = sum(count for status, count in status_counts.items() if int(status) >= 400)
+    error_rate = round(error_count / parsed_lines, 4) if parsed_lines else 0.0
 
     return {
         "status": "ok",
         "total_lines": len(lines),
         "parsed_lines": parsed_lines,
         "unparsed_lines": len(lines) - parsed_lines,
+        "unique_hosts": len(hosts),
+        "total_bytes": total_bytes,
+        "error_rate": error_rate,
         "status_counts": dict(status_counts),
         "status_classes": dict(status_classes),
         "method_counts": dict(method_counts),
         "top_paths": path_counts.most_common(int(top_paths)),
+        "top_error_paths": error_path_counts.most_common(int(top_paths)),
+        "top_referers": referer_counts.most_common(10),
         "top_agents": agent_counts.most_common(10),
         "bot_requests": bot_requests,
+        "suspicious_requests": suspicious_requests,
     }
 
 

package/src/servercommander/mail.py

@@ -40,11 +40,27 @@ def _mail_alpha_response(config: ServerCommanderConfig, action: str, request: di
     mail = config.mail
     username = resolve_env_value(mail.get("username", ""))
     password = resolve_env_value(mail.get("password", ""))
-    configured = bool(mail.get("imap_host") and mail.get("smtp_host") and username and password)
+    checks = {
+        "imap_host": bool(mail.get("imap_host")),
+        "smtp_host": bool(mail.get("smtp_host")),
+        "username": bool(username),
+        "password": bool(password),
+    }
+    configured = all(checks.values())
+    missing = [key for key, ok in checks.items() if not ok]
     return {
         "status": "not_implemented",
         "action": action,
         "configured": configured,
+        "missing": missing,
+        "checks": checks,
+        "capabilities": {
+            "list": False,
+            "read": False,
+            "send": False,
+            "search": False,
+            "config_diagnostics": True,
+        },
         "request": request,
         "message": "IMAP/SMTP execution is not implemented in the alpha server.",
     }

package/src/servercommander/server.py

@@ -39,7 +39,7 @@ class ServerCommanderRegistry:
             types.Tool(
                 name=tool.name,
                 description=self.i18n.t(f"tool.{tool.name}", tool.description),
-                inputSchema=tool.input_schema,
+                inputSchema=self.i18n.localize_schema(tool.input_schema),
             )
             for tool in self._tools
         ]
@@ -47,7 +47,8 @@ class ServerCommanderRegistry:
     async def call_tool(self, name: str, arguments: dict[str, Any] | None = None) -> dict[str, Any]:
         handler = self._handlers.get(name)
         if handler is None:
-            raise ValueError(f"Unknown ServerCommander tool: {name}")
+            message = self.i18n.t("error.unknown_tool", "Unknown ServerCommander tool: {name}").format(name=name)
+            raise ValueError(message)
         return await handler(**(arguments or {}))