[00:41:23]
<rathantara[m]> no chance logging in to hubzilla user or admin, registration idem
[02:34:14]
<guilhem451[m]> Salamandar: pour le bridge irc je vous colle les erreurs de mon install. ok c encore en dev mais des fois que ca vous serait peut etre utile https://hastebin.hsnk.ynh.fr/ebuhiciwav.yaml
[02:34:39]
<guilhem451[m]> app: https://github.com/yunoHost-Apps/matrix-appservice-irc_ynh/
[03:20:56]
<linus69> Hey
[03:21:38]
<linus69> Can I run nextcloud, xmpp, and matrix all one one server with yunohost
[05:15:52]
<ponytail> > <linus69> Can I run nextcloud, xmpp, and matrix all one one server with yunohost
Yes, you can run them all with just one YUNO Host server.
[08:01:32]
<Salamandar[m]> @wilow451 ah oui merci pour l'info !!
[08:28:00]
<tuxakadjseb> Ami·e·s bipèdes, ¡ bien le bonjour !
[10:48:52]
<Salamandar[m]> @wilow451 l'erreur devrait être fixée (pas testé, mais l'erreur était plutôt claire)
[10:50:24]
<Salamandar[m]> > <@_bifrost_linus692fsupport40conferenceyunohostorg[m]:libera.chat> Can I run nextcloud, xmpp, and matrix all one one server with yunohost
I currently run email, nextcloud, matrix, irc, xmpp, forums, caldav/carddav, git server (gitea), and a dozen of other services
[10:50:29]
<Salamandar[m]> on 4GB of ram
[11:48:17]
<guilhem451[m]> bonjour
[12:05:42]
<kaonashi696> Hello, YunoHost does not update the domain name certificates by itself.... How can I fix that?
[12:08:35]
<yunohelper> Hello! It looks like you are asking for help. Make sure to read our guidelines: https://yunohost.org/en/help#how-to-ask-for-help. 💕
[12:09:29]
<tituspijean> kaonashi696 can you look into your system logs (webadmin: tools > logs) and see if there are logs about certificates renewal?
[12:11:19]
<kaonashi696> Nope, nothing
[12:12:01]
<tituspijean> Does your Diagnosis page report any issue?
[12:12:07]
<kaonashi696> https://aria.im/_matrix/media/v1/download/mozilla.org/0aaaa449b3412573d9ffa2467c135c795438a864
[12:12:24]
<kaonashi696> for example, "validity: -39"
[12:12:57]
<kaonashi696> https://aria.im/_matrix/media/v1/download/mozilla.org/f36c6233807b03dc702a7c6f86555d7010d06b28
[12:13:17]
<tituspijean> Run a new Diagnosis.
[12:14:46]
<kaonashi696> https://aria.im/_matrix/media/v1/download/mozilla.org/290618ba8ad55082bfc69fcb339bad59e618f334
[12:16:15]
<Aleks (he/him/il/lui)> You *wat*
[12:16:55]
<Aleks (he/him/il/lui)> Cheesus
[12:17:02]
<kaonashi696> okay
[12:17:05]
<kaonashi696> xd
[12:17:08]
<kaonashi696> "too many domains" xd
[12:17:27]
<tituspijean> I mean... that's kinda our fault then 😛
[12:17:57]
<Aleks (he/him/il/lui)> Nope, that's a feature and not a bug
[12:18:23]
<tituspijean> I meant it's a job for the wildcard certificates 😛
[12:19:16]
<tituspijean> Without this limit kaonashi696's server might get banned by LE, right?
[12:19:36]
<kaonashi696> I'm deleting some old domains
[12:19:45]
<kaonashi696> but can't it be done in several times?
[12:22:39]
<kaonashi696> and, what is the exact limit?
[12:27:48]
<Aleks (he/him/il/lui)> Like 30ish
[12:29:19]
<Aleks (he/him/il/lui)> > <@titus:pijean.ovh> Without this limit kaonashi696's server might get banned by LE, right?
Hmm i dont think ? The diagnosis is meant to check that the DNS setup is ok before attemtping the install on which there is indeed a rate limit ... But if the install does work, you dont hit the ratelimit
[14:53:46]
<bamf> hi, I have added a line with my user and `ALL=(ALL) NOPASSWD:ALL` via visudo, but I am still asked for a password. is there anything yunohost specific I have to configure?
[14:57:18]
<Aleks (he/him/il/lui)> ... what are you trying to achieve and what yunohost version are you on ...
[15:03:53]
<bamf> > <@Alekswag:matrix.org> ... what are you trying to achieve and what yunohost version are you on ...
Powered by YunoHost 11.1.3 (testing).
I want to use sudo without password. works on my other systems, but not on Yunohost.
```
04:03:18 xxx@xxx~ → sudo ls
[sudo] password for xxx:
```
[15:04:31]
<Aleks (he/him/il/lui)> go to the Webadmin > Tools > YunoHost Settings > Security > Check "Allow admins to use sudo without entering their password" (not sure about the exact naming)
[15:06:37]
<bamf> > <@Alekswag:matrix.org> go to the Webadmin > Tools > YunoHost Settings > Security > Check "Allow admins to use sudo without entering their password" (not sure about the exact naming)
thanks 👍️
[15:55:58]
<Salamandar[m]> FYI it's bad practice to do that :)
[16:20:59]
<bamf> I am the only user on this server and I think it's still a better practice than logging in via ssh as root :)
[16:46:52]
<Claus> What about *sudo -i*?
[17:39:41]
<bamf> > <@claus:blabla.blablub.de> What about *sudo -i*?
?
[17:44:04]
<Aleks (he/him/il/lui)> yes there is much bikeshedding about what is the "right way" to sudo, wether you should open an interactive shell as root or not, and everybody has a slightly different opinion about the issue as if it somewhat drastically impacts the security or whatever
[17:46:35]
<Aleks (he/him/il/lui)> just use whatever works for you, be it `sudo su`, `sudo -i`, `sudo` before each command, with or without password prompting, but just be extra careful when you run stuff as root
[17:47:02]
<Aleks (he/him/il/lui)> (and be triple extra careful when you run stuff with recursive effect)
[17:48:04]
<Aleks (he/him/il/lui)> Otherwise you will soon get familiar with the concept of ohnosecond ;P https://www.youtube.com/watch?v=X6NJkWbM1xk
[19:57:07]
<aaron> Hey yunohost-team, I have a question about the ssh service. It seems like there are constantly connections trying to get root access on my server: https://paste.yunohost.org/ceyeqopuze
Are these bots trying to connect to random servers that they find in the internet?
What can be done against that? changing the port for ssh is something that I already did
[19:59:40]
<Salamandar[m]> not much
[19:59:58]
<Salamandar[m]> yunohost already installs fail2ban : it reads the ssh logs and bans ips that have too many authentication errors
[20:00:18]
<Salamandar[m]> (i've been banned because of a typo I copy-pasted too many times…)
[20:02:12]
<aaron> okay thx.
I think it's interesting to see that - probably automated bots or?
[20:03:16]
<Salamandar[m]> yeah. Did you write your domain name into a messaging apps ? facebook ? or into google ?
[20:04:38]
<Salamandar[m]> Also I'm guessing those bots are scanning for new DNS entries. When a new domain appears, they'll try to brute force it.
[20:46:13]
<raccct> I looking for a `send later` or `schedule email` functionality. Is this possible with yunohost or is there a provider you can recommend me? Thank a lot!
[21:36:00]
<Claus> > <@Alekswag:matrix.org> yes there is much bikeshedding about what is the "right way" to sudo, wether you should open an interactive shell as root or not, and everybody has a slightly different opinion about the issue as if it somewhat drastically impacts the security or whatever
Well that's true - my post was intended to bring up a variant that doesn't need a password. But my description was quite poor..Please excuse.
[21:36:02]
<raccct> is there a trick in connecting nextcloud mail to yunohosts mailserver? or is that not recommended?
[21:55:50]
<Aleks (he/him/il/lui)> > <@Salamandar[m]:libera.chat> Also I'm guessing those bots are scanning for new DNS entries. When a new domain appears, they'll try to brute force it.
afaik they dont really need any DNS entry, there's not "that" many IPv4 addresses (like 4 billion or so) and you can easily scan all of them in just a week
[21:56:17]
<Aleks (he/him/il/lui)> (at least port 22)
[22:39:00]
<Salamandar[m]> > <@Alekswag[m]:libera.chat> > <@Salamandar[m]:libera.chat> Also I'm guessing those bots are scanning for new DNS entries. When a new domain appears, they'll try to brute force it.
>
> afaik they dont really need any DNS entry, there's not "that" many IPv4 addresses (like 4 billion or so) and you can easily scan all of them in just a week
Heh that's true
[22:39:06]
<Salamandar[m]> > <@Alekswag[m]:libera.chat> > <@Salamandar[m]:libera.chat> Also I'm guessing those bots are scanning for new DNS entries. When a new domain appears, they'll try to brute force it.
>
> afaik they dont really need any DNS entry, there's not "that" many IPv4 addresses (like 4 billion or so) and you can easily scan all of them in just a week
* Heh that's true
[22:44:17]
<tane> > <@raccct:libera.chat> is there a trick in connecting nextcloud mail to yunohosts mailserver? or is that not recommended?
No, i dont think so. I just put the smtp settings in, used plain password, changed the from email to postmaster but that is theming. 587, startttls, main domain. Works for me.