October
Mon	Tue	Wed	Thu	Fri	Sat	Sun
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31

[07:43:55] <john_livingston> Bonjour yunohost. Le certificat de https://yunohost.org expire dans moins d'un mois, il se peut que le renouvellement auto ne se soit pas bien passé.
[10:07:44] <Aleks> uuuh it's still valid up to 21st october so ..? I think it gets renewed maybe 15 days prior to expiration ?
[10:11:41] <upacesky> I'm trying to install libreerp and it fails on a VPS server (Hetzner). I get this error log:
https://paste.yunohost.org/raw/ujajuhoqut
[10:22:02] <john_livingston> Aleks: usually letsencrypt renewal is 1 month before.
[10:23:27] <john_livingston> I'm part of Globenet, the hoster of yunohost.org, and we received a warning because of this expiration. If yunohost.org renews its certificates later, just ignore my message
[10:39:11] <lejocelyn[m]> Hi everyone, weird, my onlyoffice app, combined with Nextcloud is not working anymore
[10:39:14] <lejocelyn[m]> but I don't know why
[10:40:02] <lejocelyn[m]> I don't have any error message, it's just that if I try to edit a .odt file from Nextcloud, Onlyoffice is loading but not opening
[10:40:31] <lejocelyn[m]> ah actually, it says after a while "connection lost"
[10:43:03] <lejocelyn[m]> I've of course indicate the address of my onlyoffice server in the nextcloud connector (it used to work)
[10:43:31] <lejocelyn[m]> boh, I don't use it so often, so I guess I should remove it then
[10:51:49] <Tag> lejocelyn[m]: did you try to access the onlyoffice server url?
[10:52:15] <lejocelyn[m]> yes, it gave me a "doc" page
[10:52:28] <lejocelyn[m]> about API, example, etc.
[10:52:46] <Tag> So it seems to be working...
[10:53:16] <Tag> Alternatively I think you could try to install the onlyoffice server through the nextcloud apps directly
[10:53:33] <Tag> You'll need to remove the yunohost app first
[10:57:50] <Aleks> > <@upacesky:matrix.org> I'm trying to install libreerp and it fails on a VPS server (Hetzner). I get this error log:
> https://paste.yunohost.org/raw/ujajuhoqut

I would recommend against installing libreerp, Odoo is too big of an app
[10:58:10] <tag[m]> > <@lejocelyn:sans-nuage.fr> I don't have any error message, it's just that if I try to edit a .odt file from Nextcloud, Onlyoffice is loading but not opening

Oh maybe the error is in the javascript console. You can probably access it with F12. You could try to load the page and see if there's any error in the console.
Also, have a look to the Network tab in the console.
[11:00:20] <upacesky> > <@Alekswag:matrix.org> I would recommend against installing libreerp, Odoo is too big of an app

so you'd advice for an invoice app, an extra CRM and an extra accounting app?
[11:10:25] <Aleks> upacesky: i was on my phone, but to elaborate, Odoo is kind of a scary app (just like any ERP) because it's not trivial to tweak (at some point you *will* want to add modules or tweak models/views...) and upgrade while at the same time being critical for business operation
[11:11:07] <Aleks> i don't know what's the best choice between sticking to an ERP and having a bunch of different apps handling the various stuff ... depends on a lot of things
[11:11:31] <Aleks> but I would just be very careful with "Let's yolo-install Odoo and start using it for my business"
[11:11:40] <Aleks> (but maybe I'm a bit paranoid ;P)
[11:12:11] <upacesky> > <@Alekswag:matrix.org> upacesky: i was on my phone, but to elaborate, Odoo is kind of a scary app (just like any ERP) because it's not trivial to tweak (at some point you *will* want to add modules or tweak models/views...) and upgrade while at the same time being critical for business operation

well, I have used it already and wanted to install it for my freelance business, as I know odoo

But I'm open to alternatives
[11:12:23] <Aleks> hmokay
[11:12:54] <Aleks> as long as you kinda know how to maintain Odoo on the long run it may be okay ;P
[11:13:06] <Aleks> sooooo let's look at your log then
[11:15:07] <Aleks> hmpf it's a classic "apt not explaining why it doesn't want to do its job" ~_~
[11:16:55] <Aleks> let's try to bruteforce it with : `apt install --dry-run libfreetype-dev libjpeg62-turbo-dev libzip4 libzip-dev` (i'm suspecting one of these is the culprit)
[11:18:15] <Aleks> my frustration level is at 90%, only 10% left before i throw a tantrum a refactor everything
[11:22:30] <upacesky> https://aria.im/_matrix/media/v1/download/matrix.org/NQQvXKcXlivlUurWWaNYhVJb
[11:26:26] <Aleks> hmf yeah it sounds like an issue due to sury
[11:26:42] <Aleks> let's look at `apt policy libzip4` and `apt policy libzip-dev`
[11:28:22] <upacesky> https://aria.im/_matrix/media/v1/download/matrix.org/gbVhQXCEboXQshmvkGFgrWQg
[11:29:22] <upacesky> Aleks: sorry for the screenshots, I'm using the Hetzner console which doesn't let me copy/paste)
[11:29:33] <Aleks> nvm it's fine
[11:29:54] <Aleks> NB : the first command should be about `libzip4`, not `libzip`
[11:32:14] <upacesky> https://aria.im/_matrix/media/v1/download/matrix.org/HhipuZxcJkFPRRZtdhNoSgFi
[11:33:36] <Aleks> hmmmyeah sounds like it's a residue from debian10 maybe
[11:33:44] <Aleks> let's try downgrading it, that should be fine :
[11:34:03] <Aleks> `apt install libzip4=1.7.3-1 --dry-run`
[11:37:03] <upacesky> https://aria.im/_matrix/media/v1/download/matrix.org/ZuCjTsVqlAJlrjiVfRpygObK
[11:37:36] <Aleks> yup that sounds okay 👍️
[11:37:51] <Aleks> so let's actually do the operation with `apt install libzip4=1.7.3-1`
[11:38:48] <upacesky> Aleks: no risk that it breaks my functionning Nextcloud instance?
[11:39:14] <Aleks> nah the simulation from apt looks OK and it's basically the same version exactly
[11:39:26] <Aleks> it's a bit complex to explain the full story with sury etc but this is fine
[12:27:23] <Melchisedech[m]> Hi, is it ok if I ask a question I already asked a few days ago since nobody answered and Element says I’m the only one to have seen it ?
[12:27:41] <Aleks> eeh sure
[12:28:40] <Melchisedech[m]> Hi all,
I’m a bit worried about my server. I’ve got lines in some log files that make me think my server is used to send spam.
Especially in /var/log/mail.warn were I can read countless things like that :
postfix/smtpd[666840]: warning: hostname incisions.kvalwasser.com does not resolve to address 2.56.58.81
postfix/submission/smtpd[683944]: warning: unknown[93.177.75.74]: SASL LOGIN authentication failed: UGFzc3dvcmQ
warning: TLS library problem: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol:../ssl/statem/statem_srvr.c:1685:
Is it "normal" or am I right to be worried ?
[12:38:53] <Aleks> hmmm it's not that much surprising
[12:39:18] <Aleks> the second line is a bit weird though, let's try a google search with it ..
[12:40:45] <Aleks> ah yeah, "unsupported protocol", it's probably also a bot trying to oonnect using deprecated ciphers
[12:41:29] <Aleks> it's spooky but not that big of a deal, every server exposed to the internet is affected by bots trying to see if they can get in using stupid passwords, or they check for stupid vulnerabilities
[12:41:41] <Aleks> theoretically fail2ban is supposed to automatically ban those attempts
[12:43:28] <Melchisedech[m]> Thanks. Well, it does not. I had to manually add some rules so fail2ban finds it (postfix-sasl) but nothing gets banned :
[12:43:42] <Melchisedech[m]> 2022-10-02 03:39:48,346 fail2ban.filter [80383]: INFO [postfix-sasl] Found 93.177.75.130 - 2022-10-02 03:39:48
[12:43:54] <Melchisedech[m]> It never goes further.
[12:44:30] <Melchisedech[m]> And before I manually add this jail, nothing happened.
[12:44:39] <Melchisedech[m]> (at least in the logs)
[12:45:53] <Aleks> hmmm so the IP gets banned in that jail but you still see connection attempt from that IP *after* the ban timestamp ?
[12:46:29] <Melchisedech[m]> No, I have no line saying "This IP got banned"
[12:46:56] <Melchisedech[m]> Or "found" = "banned" maybe?
[12:47:08] <Aleks> ah indeed
[12:47:13] <Aleks> Found is not "banned"
[12:47:17] <Aleks> it just mean it found an occurence
[12:47:30] <Aleks> and after X occurence (typically 5 ?) the corresponding IP should get banned
[12:49:04] <Melchisedech[m]> Yes, that’s what I understood by reading the doc but the fact is that there are a few IPs (10 ? 12 ?) trying to connect each once a day
[12:49:41] <Melchisedech[m]> Sorry bad reading the logs.
[12:50:21] <Melchisedech[m]> Some IPs try to connect once an hour, others a few times a day, some others once a day
[12:50:52] <Melchisedech[m]> So I think none gets to the fail2ban threshold.
[12:53:56] <Aleks> yeah
[12:54:06] <Aleks> that's kind of the usual cat-and-mouse game between bots and fail2ban
[12:55:00] <Aleks> it could also be a "legit" bot, some bots are just trying to scan the internet to do statistics on what kind of ciphers are used around the world
[12:55:11] <Aleks> like a health check of the internet of some sort
[12:56:27] <Melchisedech[m]> Well, the fact is all the IP I checked on ip-tracker.org are considered clean.
[12:56:57] <Aleks> clean in what sense ?
[12:57:20] <Melchisedech[m]> It just says "Clean (not blacklisted)".
[12:58:16] <Aleks> hm yeah it depends a lot on what kind of "blacklisting" this relates to ... the first thing I think about is blacklist in the sense of "this IP got identified as a spam emitter"
[12:58:41] <Aleks> but a bot scanning for vulnerabilities or whatever is another story
[12:59:17] <Aleks> basically you scans from pretty much any "regular" network, eg using the WiFi in macdonalds or whatever
[12:59:43] <Aleks> so it's difficult to effectively "blacklist" every IP from which a scan appears to come from ...
[13:05:14] <Melchisedech[m]> That makes sense. One thing I didn’t say because I don’t know if it matters, is that my only external user (user that doesn’t live in my house) had his Gmail account hacked a few monthes ago and… he stored his password for my Yunohost instance in plain text. Some weeks ago, I realized that his account on my server was used to send spam (that’s when he told me about is Google account). I just deleted his user. But as I didn’t checked the logs on a regular basis before this incident, I don’t no if there’s any relation…
[13:05:51] <Melchisedech[m]> don’t know
[13:06:53] <Aleks> hmmmokay
[13:07:28] <Aleks> yeah it could be that somehow the bot behind the spamming is still try to get access back into the machine
[13:07:46] <Aleks> there can always be a lot of speculation about those
[13:10:13] <Melchisedech[m]> Sure. Maybe I could lower the ban threshold for this jail so that some IPs are banned.
[13:11:00] <zeroheure> Bonjour
[13:11:00] <zeroheure> Petit souci aprèse la migration : toutes les boites aux lettres ont été désactivées... c'est du moins le message affiché. Pour l'instant je n'ai rien trouvé dans les logs du serveur. Postfix se contente d'enregistrer que le mot de passe ne correspond pas.
[13:13:12] <Melchisedech[m]> Oh, just found this in /var/log/mail.warn . It occurred this night : postfix/submission/smtpd[1049778]: warning: non-SMTP command from unknown[20.97.27.86]: GET atl least 50 lines beginning like this are recorded in less than one minute and… the IP did not get banned (or even found) by fail2ban.
[13:18:07] <Aleks> > <@zeroheure:libera.chat> Petit souci aprèse la migration : toutes les boites aux lettres ont été désactivées... c'est du moins le message affiché. Pour l'instant je n'ai rien trouvé dans les logs du serveur. Postfix se contente d'enregistrer que le mot de passe ne correspond pas.

est-ce que tu peux partager le vrai message affiché ...
[13:20:29] <Melchisedech[m]> One last thing. I’ve got lines in my fail2ban log that seem strange to me. They look like this:
2022-10-02 04:13:21,238 fail2ban.filter [80383]: WARNING [etherpad_mypads] Simulate NOW in operation since found time has too large deviation None ~ 1664676801.238048 +/- 60
It also happens with Nextcloud. According to what I found on the Internet, it has no security impact but I wondered if other Yunohost user get those.

[13:23:05] <aixinhu> tituspijean:
[13:24:52] <Aleks> aixinhu: bro, could you please not ping specific people randomly for no reason ...
[13:30:32] <Melchisedech[m]> Hum, no sorry, again a thing. I’ve got lots of those lines in /var/log/mail.info (every 15 mins) :
Oct 2 01:00:03 domain postfix/smtpd[996472]: connect from localhost[127.0.0.1]
Oct 2 01:00:03 domain postfix/smtpd[996472]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 550 5.1.1 <user@domain.tld>: Recipient address rejected: User unknown in virtual mailbox table; from=<no-reply@localhost> to=<user@domain.tld> proto=ESMTP helo=<next.domain.tld>
Oct 2 01:00:03 domain postfix/smtpd[996472]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=0/1 data=0/1 quit=1 commands=3/5

where user is the user I deleted a few weeks ago
[13:31:03] <Melchisedech[m]> and next.domain.tld is my nextcloud subdomain
[13:38:15] <Aleks> ¯\_(ツ)_/¯
[13:38:24] <Aleks> sppoky bots are spooky yeah
[13:38:40] <Aleks> ah but it's the system trying to send an email to that user
[13:38:47] <Aleks> hm
[13:38:54] <Aleks> could be some remains of the user's existence somewhere
[13:39:15] <zeroheure> @Aleks[m] "WARNING - La boîte aux lettres est désactivée pour l'utilisateur xxx"
[13:39:20] <Aleks> from "no-reply"
[13:39:39] <Aleks> could be nextcloud trying to send an email to that user, idk ?
[13:39:52] <Aleks> zeroheure: et tu vois ça où exactement
[13:40:22] <zeroheure> Aleks si on veut changer de mot de passe par exemple
[13:41:25] <zeroheure> Aleks le webmail (n'importe lequel) ne peut plus ouvrir la BAL, POstfix indeque que le mot de passe est invalide
[13:41:53] <Aleks> changer le mot de passe depuis où ...?
[13:42:08] <Aleks> tu peux prendre un screenshot ?
[13:42:20] <zeroheure> ah oui pardon : depuis l'interface web admin
[13:42:53] <Aleks> bon du coup je regarderais si dans Utilisateurs > Groupes et permissions, les utilisateurs correspondant ont bien la permission Email d'activée
[13:45:30] <zeroheure> Bien vu, je n'y avais pas pensé. La permission a sauté pendant la migration, et je crois savoir comment. Je vais faire un rapport de bug complet là-dessus. MERCI
[13:45:43] <Melchisedech[m]> > <@Alekswag:matrix.org> could be nextcloud trying to send an email to that user, idk ?

Maybe, but the user is not listed in the nextcloud users list and… what kind of mail could it be?
[13:47:04] <Melchisedech[m]> Aleks: Ah mais tu parles français en fait… bon c’est pas grave pour parler technique l’anglais ça me va presque mieux
[13:47:44] <Aleks> 😜
[13:50:50] <Melchisedech[m]> Oh, I see that the /home/yunohost.app/nextcloud/data/user stil exist for the deleted user.
[13:51:00] <Melchisedech[m]> *directory
[13:53:16] <Melchisedech[m]> Let’s see if deleting it is of any incidence.
[14:23:33] <Melchisedech[m]> Aleks: Merci pour tout en tous cas. a+
[17:39:43] <jcdye> Bonsoir, je n'arrive pas à installer nextcloud sur mon yunohost rapsberry. J'ai plusieurs messages d'erreur qui semblent indiquer un soucis avec php8.0 entre autres
[17:42:11] <tituspijean> jcdye: Bonsoir, merci de partager le journal d'installation comprenant les erreurs précises.
[17:42:37] <jcdye> J'obtiens ce message : Vous ne pouvez pas faire ça maintenant car dpkg/apt (le gestionnaire de paquets du système) semble avoir laissé des choses non configurées. Vous pouvez essayer de résoudre ce problème en vous connectant via SSH et en exécutant `sudo apt install --fix-broken` et/ou `sudo dpkg --configure -a'.
[17:42:54] <jcdye> j'exécute les deux commandes citées, mais rien ne marche.
[22:22:31] <Melchisedech[m]> > <@melchisedech:matrix.org> Let’s see if deleting it is of any incidence.

It had no incidence but the user was not really deleted by Nextcloud. After reading the doc, I managed to do that from command line. So, removing a Yunohost user doesn’t cleanly delete it from a Nextcloud point of view. Should I fill a bug report ?