[05:48:49]
<craigvb[m]> how to I get yunohost to rebuild conf files? I'm guessing it's something with yunohost regen-conf but can't seem to get the right commands to get it to do them all
[06:07:15]
<tituspijean> craigvb[m] Have you checked `sudo yunohost tools regen-conf -h` ? It states when it "does them all".
[06:11:31]
<craigvb[m]> > <@titus[m]:libera.chat> craigvb[m] Have you checked `sudo yunohost tools regen-conf -h` ? It states when it "does them all".
Thanks titus!! I've added it to my book of don't forget these things <3
[06:19:18]
<craigvb[m]> should I have an resolv.conf file in /etc which is more than just a blank file like it is now?
[06:19:20]
<tituspijean> We have a definitely improvable documentation website, but the command line interface is very well documented 😇
[06:20:37]
<tituspijean> I dunno, does the regen-conf complain about it if you do a dry-run?
[06:22:48]
<tituspijean> Erf, I was checking mine, but it got modified when I was testing Tailscale. Though it does not affect the workings of my server, so you should be all good if it's empty.
[06:35:13]
<craigvb[m]> Everything seems in order... I just can't get my email client to connect using pop and there doesn't appear to be any emails coming in 🤷♂️ (pop3 client)
[06:38:00]
<craigvb[m]> i can send emails within the server (to domains self hosted) but nothing comes in from outside
[06:38:37]
<craigvb[m]> was working yesterday and has been for many many months...
[06:41:09]
<craigvb[m]> ✔️ sending emails works from webmail :)
[06:41:31]
<will[m]> I think it's just a regular firewall, those abbreviations would usually be additional firewalls on top of the default
[06:51:14]
<craigvb[m]> success :) the dovecot conf file didn't have pop3....
[06:55:01]
<craigvb[m]> does postfix have antispam configured by default somewhere? reading the logs I see my incoming emails getting rejected
[07:00:09]
<craigvb[m]> blocked using cbl.abuseat.org comes up in the log file everytime an email comes in from my gmail account for testing... is there a method of disabling any anti-spam features? I don't want any emails rejected
[07:09:59]
<tituspijean> Is there any details beside the "blocked using..." in your logs?
[07:10:37]
<craigvb[m]> yeah there is... I'll share it just have to go back and grab the link
[07:12:16]
<craigvb[m]> https://paste.yunohost.org/yuxihapuho
[07:19:59]
<tituspijean> Ok thanks! I am getting the same error on my vps. I have yet to understand why it occurs
[07:20:29]
<craigvb[m]> latest update?
[07:21:29]
<tituspijean> It's been a while I'm on testing, so no i don't think so
[07:22:23]
<craigvb[m]> won't be that then... is there anyway to turn off anti-spam protection? I didn't realise there was actually any built in even
[07:22:49]
<tituspijean> Amm
[07:23:05]
<phinero> https://aria.im/_matrix/media/v1/download/matrix.org/suAqouTLXPKDWOEgmcBYrgmt
[07:23:08]
<phinero> After the latest update got this warning. YunoHost 11.1.7
[07:23:59]
<craigvb[m]> yeah updated earlier today I think..... is 11.1.7 I'm running
[07:25:14]
<craigvb[m]> it wouldn't be so bad..but of course all the wife's emails go through that machine 😮
[07:26:14]
<craigvb[m]> or rather.... they used to until today 😇😁
[07:52:17]
<tituspijean> craigvb[m]: sorry I butt-texted. If you search for the error online, there is more info on why they don't like ur servers. Now onto what we can do to configure YunoHost to their liking
[08:24:48]
<sami5> bonjour, j'ai essayé à plusieurs reprises d'installer Ghost sur mon raspberri pi 3. L'installation finit toujours par s'interrompre. J'ai essayé de mettre à jour tout ce que je pouvais, j'ai aussi augmenté la swap, sans succès. Voici le log Yunopaste. https://paste.yunohost.org/raw/faqoyovibo
[09:28:27]
<craigvb[m]> > <@titus[m]:libera.chat> craigvb[m]: sorry I butt-texted. If you search for the error online, there is more info on why they don't like ur servers. Now onto what we can do to configure YunoHost to their liking
I thought it was my server rejecting the incoming emails from everywhere? I can send emails fine...
[10:01:38]
<craigvb[m]> ok... postfix, the file main.cf doesn't appear to be the one loading as I've commented out the reject with spamhause line in it but it's still using it, is there another config file that I should be looking at?
[10:12:07]
<Aleks (he/him/il/lui)> are you sure we're talking about incoming email from gmail being rejected because of blocklist and not the other way around ? x_x
[10:12:57]
<craigvb[m]> ugh... found it :) was the cbl.abuseat.org nor spamhaus.org that was blocking them all
[10:13:23]
<craigvb[m]> I've #'d out the line reject_rbl_client cbl.abuseat.org, and am now receiving emails
[10:14:01]
<craigvb[m]> Big question though... which config file am I meant to make the changes in as I simply edited the main.cf file
[12:25:36]
<tane> Or maybe it is because i am on adsl and the problem will magically solve itself when fibre is installed in a couple of weeks. Still, at least i test installed it on a laptop to see if there were problems instead of on the server :) good software, bad isp.
[13:48:18]
<pti-jean> Bonjour,
Je viens de passer à la version 11.1.7...
Si j'ai un utilisateur jean qui est admin... que je ne désire pas qu'il soit admin (pb sécurité)... Si je créais un utilisateur toto que je donne les droits admin, et que j’enlève ces droits à jean... Les alias seront-ils toujours redirigé vers jean ? (ce que je souhaite)
[13:49:23]
<pti-jean> Comment savoir vers qui ils sont redirigé (c'est alias) ?
[13:49:25]
<Aleks (he/him/il/lui)> non, les alias sont redirigés vers les membres du groupe admin
[13:49:54]
<Aleks (he/him/il/lui)> les alias sont liés au groupe admin donc implicitement c'est les membres du groupe qui recoivent les mails ...
[13:50:46]
<Aleks (he/him/il/lui)> ça parraît un peu incohérent de souhaiter que "jean" ne soit pas membre du groupe admins parce que "pb sécurité" (c'est-à-dire?), mais qu'il recoive quand meme les mails ... étant donné que les mails envoyés à root@, admin@ etc sont suceptibles de contenir des infos critiques pour la sécurité du serveur
[13:57:36]
<pti-jean> Je viens de trouver ça:
sudo yunohost user group info admins
[13:58:33]
<pti-jean> Comment ajouter ou supprimer des membres ?
[14:00:49]
<nalla22> > <pti-jean> Je viens de trouver ça:
> sudo yunohost user group info admins
Je pense que tu peux gérer les permissions directement dans l'interface web de yunohost (dans la partie utilisateurs)
[14:01:09]
<nalla22> Tu pourra ajouter et retirer des membres du groupe admin
[14:02:02]
<Aleks (he/him/il/lui)> oui, Utilisateurs > Groupes et permissions
[14:02:44]
<Aleks (he/him/il/lui)> et sinon en CLI quand tu sais pas faire un truc, toujours faire `--help` sur la section, par exemple `sudo yunohost user group --help`
[14:02:51]
<Aleks (he/him/il/lui)> puis `--help` sur la sous-commande etc...
[14:04:52]
<Pti-J43204047074> C'est moi pti-jean
[14:08:02]
<Pti-J43204047074> pb de sécurité pour l'utilisateur jean: Si je me connecte à mon compte Yunohost avec mon utilisateur jean... et que je me fais voler mon mot de passe par espionnage... le voleur aura accès à tout mon YunoHost en administateur!
[14:09:10]
<Pti-J43204047074> Alors que si jean n'est pas administrateur... le voleur ne pourra casser que le profil jean!
[14:10:33]
<Aleks (he/him/il/lui)> moui m'enfin du coup tu pourrais aussi te faire voler le mot de passe de ton autre compte admin
[14:10:47]
<Aleks (he/him/il/lui)> m'enfin après on est d'accord que ptete tu te connectes pas en admin tous les jours mais bon
[14:11:04]
<Pti-J43204047074> C'est ça!
[14:12:59]
<Pti-J43204047074> Donc, du coup ce sont les admins du groups admin qui reçoive les mails alias!
[14:14:47]
<Pti-J43204047074> Y a peut-être une solution... J'ai vu qu'on pouvait déclarer une adresse de redirection!
[14:16:09]
<Pti-J43204047074> Si mon utilisateur toto (admin) je redirection ses mail vers jean !??
[14:16:47]
<Aleks (he/him/il/lui)> 😬
[14:17:12]
<Aleks (he/him/il/lui)> i guess ...
[14:19:23]
<Aleks (he/him/il/lui)> m'enfin à mon sens ça décale bizarrement le problème ... genre dans le futur on pense intégrer une fonctionnalité de reset de mot de passe perdu. Or, si le reset de mot de passe perdu est envoyé à ton compte "jean", alors il suffit que l'attaquant ai accès à ta boite mail "jean" pour devenir admin du serveur
[14:19:57]
<Aleks (he/him/il/lui)> m'enfin bref la vraie solution ce serait la-feature-dont-on-ne-doit-pas-prononcer-le-nom
[14:25:28]
<Pti-J43204047074> Ça peut pas fonctionner... si jean reset son pw, et que le courriel de réinitialisation est envoyer à jean... jean sans mot de passe n'a pas accès à ses courriel! Pareil pour toto!
[14:26:14]
<Aleks (he/him/il/lui)> 🤔
[18:59:34]
<himbeere[m]> Is it possible (without a reinstall) to change the domain name for yunohost? For example when we did the setup we choose the name yuno.ourdomain.example and installed yunohost.
But now we would like to change the domain yunohost is running on to name.ourdomain.example
Is this easily possible without reinstalling?
[19:09:00]
<Aleks (he/him/il/lui)> yes, just go to the webadmin > Domain > the new domain > Set as default / main domain
[19:16:53]
<himbeere[m]> > <@Alekswag[m]:libera.chat> yes, just go to the webadmin > Domain > the new domain > Set as default / main domain
Thank you. And then I can remove the old DNS entries and create new ones for the new domain?
[19:18:48]
<Aleks (he/him/il/lui)> or you can keep them yes, whatever, yunohost is designed to host multiple domains/subdomains at the same time
[19:20:18]
<himbeere[m]> I thought thats just for the services yunohost is hosting such as cryptpad for example not yunohost itself
[19:23:27]
<Aleks (he/him/il/lui)> hmm, depends what you mean by "yunohost itself", if you mean the user portal, then yeah, the user portal is hosted on the main domain
[19:24:44]
<Aleks (he/him/il/lui)> (tough in the future we hope to improve the "multi-tenant" setup and have sort of multiple domains with their own portal (e.g. when hosting your.personalwebsite.com and your.footballclubwebsite.tld), and maybe being able to choose that the portal is behind a portal.domain.tld instead of just domain.tld)
[19:27:12]
<himbeere[m]> > <@Alekswag[m]:libera.chat> hmm, depends what you mean by "yunohost itself", if you mean the user portal, then yeah, the user portal is hosted on the main domain
I mean the user and the admin portal
[19:27:23]
<himbeere[m]> I want to change this domain
[19:27:37]
<Aleks (he/him/il/lui)> the admin portal is accessible behind any domain if i recall correctly
[19:27:56]
<tituspijean> yup
[19:28:01]
<Guillaume Bouzige> yeah it is, there is a wildcard dns for it
[19:28:19]
<Guillaume Bouzige> unless configured otherwise
[19:28:47]
<himbeere[m]> OK I will check. Thank you :)
[19:28:58]
<Guillaume Bouzige> > <@himbeere[m]:libera.chat> I want to change this domain
you need to change the default domain then
[19:35:47]
<himbeere[m]> > <@guillaume_bouzige[m]:libera.chat> > <@himbeere[m]:libera.chat> I want to change this domain
>
> you need to change the default domain then
Where can I do that?
[19:36:21]
<himbeere[m]> And is my assumption still correct that I have to re-do all DNS settings then?
[19:38:45]
<Aleks (he/him/il/lui)> you'll have to configure DNS for the new domain, yes
[19:52:55]
<craigvb[m]> Firstly, everything's working BUT ... I've got this coming in daily for my diagnosis report :
[WARNING] DNS resolution seems to be working, but it looks like you're using a custom /etc/resolv.conf.
- The file /etc/resolv.conf should be a symlink to /etc/resolvconf/run/resolv.conf itself pointing to 127.0.0.1 (dnsmasq). If you want to manually configure DNS resolvers, please edit /etc/resolv.dnsmasq.conf.
[19:53:25]
<craigvb[m]> now, /etc/resolv.conf is a blank file and /etc/resolvconf/run directory doesn't exist ?
[19:54:31]
<Aleks (he/him/il/lui)> 😬
[19:55:13]
<craigvb[m]> ot oh....
[19:55:28]
<Aleks (he/him/il/lui)> `echo 'nameserver 127.0.0.1' > /etc/resolv.conf` can fix the issue
[19:58:57]
<craigvb[m]> ahhh, I seem to have a corrupt file... resolv.conf is showing in the directory but if I edit it can't save it and your command comes up with no such file or directory :O
[20:00:29]
<craigvb[m]> rm'd the file/not file and works fine after that... might be a good idea to run a backup today
[20:01:40]
<craigvb[m]> will it need a restart after that change?
[20:08:09]
<Aleks (he/him/il/lui)> nope