[13:29:53]
<miro5001> https://www.theregister.com/2024/08/07/vulnerable_ssh_implementations_are_everywhere/
[14:02:24]
<Carlos Solís> Hello everyone, just found what might be a bug in the latest version of YNH - trying to run `yunohost tools update` gives me a series of errors:
```
Error: Failed to read info for archivist : Invalid version: '1.3.4~ynh2'
Error: Failed to read info for collabora : Invalid version: '22.05.14.3~ynh2'
Error: Failed to read info for element : Invalid version: '1.11.72~ynh1'
```
and so on. Did something happen in the catalog repository?
[14:03:45]
<Carlos Solís> Oddest thing is that I was able to install an application just yesterday, and now that appears as an "invalid version" too
[14:05:00]
<Aleks (he/him/il/lui)> sounds like you've installed stuff in global scope with pip ...
[14:05:05]
<Aleks (he/him/il/lui)> what application did you install
[14:15:12]
<Carlos Solís> Probably yt-dl, I'll see how to revert it.
[14:15:56]
<Carlos Solís> No wait, it must have been FediFetcher, I accidentally updated it with sudo yesterday
[14:16:17]
<Carlos Solís> Can I just run `pip uninstall -r requirements.txt`?
[14:16:35]
<Aleks (he/him/il/lui)> i don't know, i don't have all the context
[14:17:19]
<Carlos Solís> Yeah looks like it installed `packaging==24.1`
[14:17:23]
<Carlos Solís> As per the `requirements.txt`
[14:17:29]
<Carlos Solís> So I need to revert that.
[14:19:56]
<Carlos Solís> Aaaaand we're back! Rolling back to the distro's version is working
[14:20:23]
<Carlos Solís> Odd thing that they removed support for '~' between version 20 and version 24 though. Hopefully it doesn't come to bite us later.
[18:13:59]
<sa> Hello! What should I do to have the email of a domain on yunohost and the web of that same domain on an external machine which has a different public IP address?
[18:20:18]
<Aleks (he/him/il/lui)> you want to have email services on one server, and web services on another server ?
[18:30:03]
<sa> Yes, that's it
[18:31:19]
<sa> email services on a yunohost machine, web services on a non-ynh machine
[18:31:49]
<sa> And they have different public IP addresses
[18:37:51]
<Aleks (he/him/il/lui)> that's clearly not trivial, yunohost ain't designed with this capability in mind
[18:38:03]
<sa> I would like to use the same main domain for both services. I mean I would like to avoid having subdomains to differenciate services.
[18:38:54]
<sa> Ok, I thought I could somehow make it by playing with DNS records, but I'm no expert
[18:39:34]
<sa> So, then, you think I should go for the subdomain solution?
[18:50:51]
<sa> I have just asked an AI. It spitted out this:
https://paste.yunohost.org/ahamucohiv.md
[18:51:04]
<sa> What do you think?
[18:52:25]
<Aleks (he/him/il/lui)> "lol"
[18:53:41]
<sa> Ok, I see... : )
[18:54:02]
<sa> I don't know much about DNS
[18:56:44]
<sa> But I think once I configured email on a yunohost subdomain, however I was able to receive and send emails using only the domain part without the subdomain on the addresses of the messages. Is that possible? Or maybe I got confused somewhere...
[18:57:23]
<Aleks (he/him/il/lui)> DNS is the easy part, the complex part is configuring postfix to properly route everything, because strictly speaking you can't really just "not have" an email stack even where the web server leaves, because many web apps or system pieces (starting with yunohost) need to be able to send emails, either notifications for the admins, or stuff specific to the application like password reset or whatever
[18:57:50]
<Aleks (he/him/il/lui)> so we need to tell postfix that the actual server handling email is "the other server", even though they share the same domain name, and that basically changes half of the postfix config or something idk
[19:08:21]
<sa> Ok. Let me be more accurate, just in case that could open an easier way to a solution:
I run a yunohost machine with mynormaldomain.net, which is its default domain. On that domain I run many services (web and mail included). But that yunohost also have myseparateddomain.net, which is only configured for email services.
Now, on a different machine, non-yunohost, with different public IP address, I want to run web services for myseparateddomain.net
[19:18:30]
<sa> If I understood correctly, this more accurate scenario would avoid the problem you explained... right?
[19:31:06]
<Aleks (he/him/il/lui)> hmmmokay, if you want to host only web services on the other machine, i guess that lowers the complexity, maybe you can get away with it with a DNS tweak
[19:31:31]
<Aleks (he/him/il/lui)> but you gonna run into boring issue with lets encrypt / certificate management
[19:31:38]
<Aleks (he/him/il/lui)> though maybe that can be worked around using ugly hacks
[19:38:12]
<sa> If the boring certificate shit would not exist, how would be the correct DNS records?
[19:40:16]
<Aleks (he/him/il/lui)> just point the DNS A (and AAAA record, if you have IPv6) to the machine that runs the web services for myseparateddomain.net, and I suppose the MX record should point to the IP of your yunohost machine
[19:40:57]
<Aleks (he/him/il/lui)> (instead of pointing to myseparateddomain.net which in turns point to the IP ... but in this case you want it to point to another IP)
[19:41:11]
<Aleks (he/him/il/lui)> "MX records never point to an IP address."
[19:41:11]
<Aleks (he/him/il/lui)> ah
[19:41:13]
<Aleks (he/him/il/lui)> ogod
[19:41:15]
<Aleks (he/him/il/lui)> 🤦
[19:49:37]
<Aleks (he/him/il/lui)> I suppose you can create an A (possibly AAAA) DNS record `mail.myseparateddomain.net` pointing to the yunohost IP, and have the MX record point to this one
[19:49:44]
<Aleks (he/him/il/lui)> but maybe that'll create other shenanigans
[19:50:33]
<sa> shenanigans?
[19:50:53]
<Aleks (he/him/il/lui)> hopefully the next civilisation in earth history will throw the DNS legacy shit out of the window and start from scratch
[19:51:05]
<sa> : D
[19:52:02]
<Aleks (he/him/il/lui)> ah I thought shenanigans meant inconveniences?
[19:52:22]
<sa> Ok, now it means so : )
[19:53:10]
<sa> So, if I don't want many shenanigans, I guess I should play with this subdomain thing for the mail
[19:55:20]
<Aleks (he/him/il/lui)> possibly yeah
[19:56:26]
<sa> Ok, thank you for your great support, years pass by and you keep rocking. And I am sorry that I keep changing my usernames!
[19:56:46]
<Aleks (he/him/il/lui)> haha okay
[19:57:10]
<Aleks (he/him/il/lui)> pretty mysterious
[20:05:44]
<sa> : D
[22:38:55]
<irene (she/her)> is the yunohost 12 beta safe to migrate to if i'm only running Matrix Synapse? i intend to run Sharkey *in addition to Synapse* due to the `redis` v7 requirement and i want to be 100% sure everything will work as expected when and if i migrate ☺️
[22:38:57]
<tufek> well... who knows 100% 🤔
[22:43:55]
<tufek> Except Murphy's law
[22:47:42]
<Aleks (he/him/il/lui)> computers have a tendency to always find a good excuse to ruin your day no matter what
[22:48:04]
<Aleks (he/him/il/lui)> but yeah it says "beta" so it's as "safe" as "beta" goes ... (though even when we're out of beta we'll always find important things in the first months of the "stable" release) but on the other hand i've never seen any "unrecoverable" setup as long as you're willing to reach us on the chat and be patient / methodical about debugging whatever might go wrong
[22:48:21]
<Aleks (he/him/il/lui)> i would say : worst case scenario, you need to force-upgrade the app to regenerate the python venv (pretty boring but it works i guess)
[22:53:15]
<irene (she/her)> > <@Alekswag:matrix.org> but yeah it says "beta" so it's as "safe" as "beta" goes ... (though even when we're out of beta we'll always find important things in the first months of the "stable" release) but on the other hand i've never seen any "unrecoverable" setup as long as you're willing to reach us on the chat and be patient / methodical about debugging whatever might go wrong
absolutely; patience is the best way to get the highest quality support 😌 thank you aleks! i appreciate it
[22:53:52]
<miro5001> Make a snapshot. Try the beta version. Test most of the features. If it's OK, leave it, if not restore the snapshot