[04:31:00]
<boxingpreacher> Hello. I'm hoping someone can help. I tried to run the mastodon update and I appear to be partially fried. Mastodon is completely gone, and all I get in the admin of Yunohost is a blank screen.
[04:32:43]
<boxingpreacher> Okay, I may have freaked out a bit. I have eventually been able to reboot and re-login, and things are better. I need to figure out the status of the mastodon upgrade, but at least it's there.
[08:51:16]
<ic> Last few days having problems connecting to this MUC, either tries forever to connect or error message saying address unavailable. I have made no changes to hardware/software and all other MUCs connect as usual
[09:53:25]
<@chrichri:ween.de> * I have enabled the global configuration to force http redirects to https
* installed a reverse-proxy hack allowing http to the server being proxied
* found that I can only disable http-redirecting to https globally
The goal is to have an http reverse-proxy on my yunohost to proxy requests for a system on a different network segment that requests certificates from Let's encrypt.
[09:53:26]
<@chrichri:ween.de> Is there a way to disable http redirect to https for a single domain or application?
[09:59:43]
<hercut> > <@rodinux:matrix.org> Est-ce qu'il existe encore une conf ? `ls /etc/systemd/system/`
Bonjour,
Voici le retour.
```
bind9-pkcs11.service getty.target.wants nftables.service.d readeck.service smartd.service timers.target.wants yunomdns.service
bind9-resolvconf.service multi-user.target.wants ntpd.service redis.service sockets.target.wants ttrss.service yunoprompt.service
bind9.service mysqld.service ntpsec.timer rustdeskrelay.service sshd.service uwsgi-app@.service
cryptpad.service mysql.service ntp.service rustdesksignal.service sysinit.target.wants yunohost-api.service
default.target.wants network-online.target.wants pairdrop.service send.service syslog.service yunohost-firewall.service
facilmap.service network-pre.target.wants proc-hidepid.service slapd.service.d systemd-resolved.service.wants yunohost-portal-api.service
```
[10:01:36]
<hercut> Il me semble qu'on a regardé avec isAAAc :
https://matrix.to/#/!gvRsI7cG1o9SVr56:pijean.ovh/$69Ear8zTjHZMixKlOM2BLkbcqnx-DiiP0cfA8fhLd3E?via=matrix.org&via=aria-net.org&via=tchncs.de
[13:03:28]
<rodinux> > <@hercut:matrix.org> Bonjour,
> Voici le retour.
> ```
> bind9-pkcs11.service getty.target.wants nftables.service.d readeck.service smartd.service timers.target.wants yunomdns.service
> bind9-resolvconf.service multi-user.target.wants ntpd.service redis.service sockets.target.wants ttrss.service yunoprompt.service
> bind9.service mysqld.service ntpsec.timer rustdeskrelay.service sshd.service uwsgi-app@.service
> cryptpad.service mysql.service ntp.service rustdesksignal.service sysinit.target.wants yunohost-api.service
> default.target.wants network-online.target.wants pairdrop.service send.service syslog.service yunohost-firewall.service
> facilmap.service network-pre.target.wants proc-hidepid.service slapd.service.d systemd-resolved.service.wants yunohost-portal-api.service
> ```
En fait suprvisor est utilisé par cryptpad, c'est donc une dépendance nécessaire si tu utilises cryptpad !
[13:18:16]
<rodinux> Bon, en fait chez moi il n'est pas installé, mais j'ai bien des logs dans `/var/log/supervisor/supervisor.log`, mais qui datent ! peut-être de quand j'avais installé onlyoffice...
[13:33:14]
<hercut> > <@rodinux:matrix.org> Bon, en fait chez moi il n'est pas installé, mais j'ai bien des logs dans `/var/log/supervisor/supervisor.log`, mais qui datent ! peut-être de quand j'avais installé onlyoffice...
J'ai tenté de desinstallé l'apps
[13:33:42]
<hercut> et j'ai fait un `sudo yunohost diagnosis run`
[13:34:01]
<hercut> ```
Warning: Found 1 item(s) that could be improved for Base system.
Success! Everything looks OK for Internet connectivity!
Success! Everything looks OK for DNS records! (+ 1 ignored issue(s))
Success! Everything looks OK for Ports exposure!
Success! Everything looks OK for Web!
Success! Everything looks OK for Email! (+ 2 ignored issue(s))
Error: Failed to get status information via dbus for service supervisor, systemctl didn't recognize this service ('NoSuchUnit').
Warning: Found 1 item(s) that could be improved for Services status check.
Success! Everything looks OK for System resources!
Success! Everything looks OK for System configurations!
Success! Everything looks OK for Applications!
Warning: To see the issues found, you can go to the Diagnosis section of the webadmin, or run 'yunohost diagnosis show --issues --human-readable' from the command-line.
```
[13:34:24]
<hercut> j'ai donc fait : ce qu'il dit : yunohost diagnosis show --issues --human-readable
[13:36:37]
<rodinux> que vois-tu dans les logs ?
[13:37:01]
<hercut> > <@rodinux:matrix.org> que vois-tu dans les logs ?
```
=================================
Base system (basesystem)
=================================
[WARNING] There's been a suspiciously high number of authentication failures recently. You may want to make sure that fail2ban is running and is correctly configured, or use a custom port for SSH as explained in https://yunohost.org/security.
=================================
Services status check (services)
=================================
[WARNING] Service supervisor is unknown :(
- You can try to restart the service, and if it doesn't work, have a look at the service logs in the webadmin (from the command line, you can do this with 'yunohost service restart supervisor' and 'yunohost service log supervisor').
```
[13:37:27]
<hercut> si j'essaie de restart avec la commande donné
[13:37:29]
<hercut> ca part en vrille
[13:38:17]
<rodinux> tail /var/log/supervisor/supervisor.log
[13:38:45]
<hercut> ca repete ca une 100en de fois :
```
Nov 25 13:28:52 supervisorctl[649377]: Shut down
Nov 25 13:28:52 systemd[1]: supervisor.service: Deactivated successfully.
Nov 25 13:28:52 systemd[1]: Stopped supervisor.service - Supervisor process control system for UNIX.
Nov 25 13:29:37 systemd[1]: Started supervisor.service - Supervisor process control system for UNIX.
Nov 25 13:29:37 supervisord[649616]: 2024-11-25 13:29:37,791 CRIT Supervisor is running as root. Privileges were not dropped because no user is specified in the config file. If you intend to run as root, you can set user=root in the config file to avoid this message.
Nov 25 13:29:37 supervisord[649616]: 2024-11-25 13:29:37,791 WARN No file matches via include "/etc/supervisor/conf.d/*.conf"
Nov 25 13:29:37 supervisord[649616]: 2024-11-25 13:29:37,794 INFO RPC interface 'supervisor' initialized
Nov 25 13:29:37 supervisord[649616]: 2024-11-25 13:29:37,794 CRIT Server 'unix_http_server' running without any HTTP authentication checking
Nov 25 13:29:37 supervisord[649616]: 2024-11-25 13:29:37,794 INFO supervisord started with pid 649616
Nov 25 13:30:07 systemd[1]: Stopping supervisor.service - Supervisor process control system for UNIX...
Nov 25 13:30:07 supervisorctl[649686]: Shut down
```
[13:38:59]
<hercut> > <@rodinux:matrix.org> tail /var/log/supervisor/supervisor.log
tail: cannot open '/var/log/supervisor/supervisor.log' for reading: No such file or directory
[13:39:28]
<hercut> et avec sudo l me dit qu'il connais pas la commande
[13:45:45]
<rodinux> Il faudrait être juste sûr que tu n'as pas besoin de supervisor... c'est quoi la liste des tes applications ? `yunohost app list`
[13:46:36]
<hercut> oups ^^
[13:46:37]
<hercut> apps:
0:
description: Collaborative maps and routing with a straightforward interface
domain_path: jbv.cloud/example
id: facilmap
name: Facilmap
version: 4.1.2~ynh1
1:
description: Upload a file in a simple way and give a unique link to it
domain_path: jbv.cloud/jirafeau
id: jirafeau
name: Jirafeau
version: 4.6.0~ynh1
2:
description: Highly customizable link sharing platform
domain_path: celien.link/
id: linkstack
name: LinkStack
version: 4.8.0~ynh1
3:
description: Online storage, file sharing platform and various other applications
domain_path: jbv.cloud/nextcloud
id: nextcloud
name: Nextcloud
version: 29.0.9~ynh1
4:
description: Local file sharing in your browser
domain_path: drop.celien.link/
id: pairdrop
name: PairDrop
version: 1.10.7~ynh3
5:
description: Bookmark manager and a read later tool
domain_path: readeck.jbv.cloud/
id: readeck
name: Readeck
version: 0.15.6~ynh1
6:
description: Open Source Webmail software
domain_path: jbv.cloud/webmail
id: roundcube
name: Roundcube
version: 1.6.9~ynh1
7:
description: Remote control alternative for self-hosting
domain_path: rustdesk.celien.link/
id: rustdesk-server
name: RustDesk Server
version: 1.1.12~ynh1
8:
description: File sharing which allows to send encrypted files
domain_path: send.celien.link/
id: send
name: Send
version: 3.4.23~ynh5
9:
description: Save, sort, synchronize and share web addresses
domain_path: jbv.cloud/shaarli
id: shaarli
name: Shaarli
version: 0.13.0~ynh1
10:
description: Sign, stamp, and reorganize PDF files
domain_path: pdf.celien.link/
id: signaturepdf
name: Signaturepdf
version: 1.7.0~ynh2
11:
description: News feed (RSS/Atom) reader and aggregator
domain_path: rss.jbv.cloud/ttrss
id: ttrss
name: Tiny Tiny RSS
version: 20241106~ynh1
12:
description: Save and classify articles. Read them later
domain_path: jbv.cloud/wallabag
id: wallabag2
name: Wallabag
version: 2.5.4~ynh9
13:
description: Minimalist pastebin where the server has zero knowledge of pasted data
domain_path: jbv.cloud/zerobin
id: zerobin
name: Zerobin
version: 1.7.1~ynh2
[13:51:09]
<rodinux> je ne retrouve pas l'application facilmap dans le catalogue ??
[13:52:32]
<hercut> > <@rodinux:matrix.org> je ne retrouve pas l'application facilmap dans le catalogue ??
https://github.com/YunoHost-Apps/facilmap_ynh
[13:52:45]
<hercut> https://apps.yunohost.org/app/facilmap
[13:56:13]
<rodinux> Tu avais essayé de supprimer le paquet ?
[13:56:32]
<rodinux> le paquet supervisor ?
[13:57:32]
<hercut> > <@rodinux:matrix.org> le paquet supervisor ?
oui il me sembel qu'on a essayé
[13:58:52]
<hercut> On a fait ca :
`sudo apt install supervisor && sudo apt purge supervisor && yunohost diagnosis show --issues --human-readable`
[14:01:27]
<rodinux> `sudo apt-cache depends supervisor`
[14:03:36]
<hercut> > <@rodinux:matrix.org> `sudo apt-cache depends supervisor`
supervisor
PreDepends: init-system-helpers
Depends: lsb-base
sysvinit-utils
Depends: python3-pkg-resources
Depends: <python3:any>
python3
Suggests: supervisor-doc
[14:04:45]
<rodinux> `apt-cache policy supervisor`
[14:06:01]
<hercut> > <@rodinux:matrix.org> `apt-cache policy supervisor`
```
supervisor:
Installed: (none)
Candidate: 4.2.5-1
Version table:
4.2.5-1 500
500 http://deb.debian.org/debian bookworm/main amd64 Packages
```
[14:07:29]
<rodinux> Ok, il n'est pas installé.
[14:08:13]
<rodinux> `grep -i /etc/system/* supervisor`
[14:08:28]
<hercut> grep: supervisor: No such file or directory
[14:09:58]
<rodinux> pardon... grep -i supervisor /etc/system/\*
[14:10:32]
<hercut> > <@rodinux:matrix.org> pardon... grep -i supervisor /etc/system/\*
grep: /etc/system/*: No such file or directory
[14:13:16]
<rodinux> zut, je dis n'impitnawak !! `grep -i supervisor /etc/systemd/system/*`
[14:14:17]
<hercut> > <@rodinux:matrix.org> zut, je dis n'impitnawak !! `grep -i supervisor /etc/systemd/system/*`
```
grep: /etc/systemd/system/default.target.wants: Is a directory
grep: /etc/systemd/system/getty.target.wants: Is a directory
grep: /etc/systemd/system/multi-user.target.wants: Is a directory
grep: /etc/systemd/system/network-online.target.wants: Is a directory
grep: /etc/systemd/system/network-pre.target.wants: Is a directory
grep: /etc/systemd/system/nftables.service.d: Is a directory
grep: /etc/systemd/system/pairdrop.service: Permission denied
grep: /etc/systemd/system/readeck.service: Permission denied
grep: /etc/systemd/system/rustdeskrelay.service: Permission denied
grep: /etc/systemd/system/rustdesksignal.service: Permission denied
grep: /etc/systemd/system/send.service: Permission denied
grep: /etc/systemd/system/slapd.service.d: Is a directory
grep: /etc/systemd/system/sockets.target.wants: Is a directory
grep: /etc/systemd/system/sysinit.target.wants: Is a directory
grep: /etc/systemd/system/systemd-resolved.service.wants: Is a directory
grep: /etc/systemd/system/timers.target.wants: Is a directory
grep: /etc/systemd/system/ttrss.service: Permission denied
```
[14:14:51]
<Aleks (he/him/il/lui)> `sudo grep -nri /etc/systemd/system/*`
[14:15:26]
<hercut> > <@Alekswag:matrix.org> `sudo grep -nri /etc/systemd/system/*`
ca fait rien :/
[14:15:28]
<Aleks (he/him/il/lui)> hmmm
[14:15:34]
<Aleks (he/him/il/lui)> pardon faut metre le mot clef..
[14:15:49]
<Aleks (he/him/il/lui)> `sudo grep -nri supervisor /etc/systemd/system`
[14:16:01]
<hercut> > <@Alekswag:matrix.org> `sudo grep -nri supervisor /etc/systemd/system`
Toujours rien :(
[14:16:31]
<Aleks (he/him/il/lui)> si t'as fait la commande d'avant ça mouline dans le vide car ça attends que tu tapes des trucs, faut que tu fasses Crl+C pour récupérer la main
[14:17:47]
<hercut> > <@Alekswag:matrix.org> si t'as fait la commande d'avant ça mouline dans le vide car ça attends que tu tapes des trucs, faut que tu fasses Crl+C pour récupérer la main
nop toujorus rien
[14:18:23]
<Aleks (he/him/il/lui)> dans ce cas j'imagine que supervisor est pu installé ...?
[14:18:41]
<hercut> > <@Alekswag:matrix.org> dans ce cas j'imagine que supervisor est pu installé ...?
Pourtant j'ai l'impression qu'on trouve des trace encore ?
[14:18:49]
<Aleks (he/him/il/lui)> ¯\_(ツ)_/¯
[14:21:20]
<hercut> Quand je fais un diagnosis :
```
sudo yunohost diagnosis run
Warning: Found 1 item(s) that could be improved for Base system.
Success! Everything looks OK for Internet connectivity!
Success! Everything looks OK for DNS records! (+ 1 ignored issue(s))
Success! Everything looks OK for Ports exposure!
Success! Everything looks OK for Web!
Success! Everything looks OK for Email! (+ 2 ignored issue(s))
Error: Failed to get status information via dbus for service supervisor, systemctl didn't recognize this service ('NoSuchUnit').
Warning: Found 1 item(s) that could be improved for Services status check.
Success! Everything looks OK for System resources!
Success! Everything looks OK for System configurations!
Success! Everything looks OK for Applications!
Warning: To see the issues found, you can go to the Diagnosis section of the webadmin, or run 'yunohost diagnosis show --issues --human-readable' from the command-line.
```
[14:23:10]
<Aleks (he/him/il/lui)> je sais pas si c'est normal que supervisor soit plus là ou pas, mais si c'est normal alors il faut faire un `yunohost service remove supervisor`
[14:23:17]
<hercut> > <@Alekswag:matrix.org> je sais pas si c'est normal que supervisor soit plus là ou pas, mais si c'est normal alors il faut faire un `yunohost service remove supervisor`
C'etait si simple que ca ?
```
Info: (Cache still valid for Base system diagnosis. Won't re-diagnose it yet!)
Info: (Cache still valid for Internet connectivity diagnosis. Won't re-diagnose it yet!)
Info: (Cache still valid for DNS records diagnosis. Won't re-diagnose it yet!)
Info: (Cache still valid for Ports exposure diagnosis. Won't re-diagnose it yet!)
Info: (Cache still valid for Web diagnosis. Won't re-diagnose it yet!)
Info: (Cache still valid for Email diagnosis. Won't re-diagnose it yet!)
Info: (Cache still valid for Services status check diagnosis. Won't re-diagnose it yet!)
Info: (Cache still valid for System resources diagnosis. Won't re-diagnose it yet!)
Info: (Cache still valid for System configurations diagnosis. Won't re-diagnose it yet!)
Info: (Cache still valid for Applications diagnosis. Won't re-diagnose it yet!)
```
[14:23:54]
<Aleks (he/him/il/lui)> faut rajouter --force a la commande de diagnostique pour ignorer le cache
[14:25:53]
<hercut> > <@Alekswag:matrix.org> faut rajouter --force a la commande de diagnostique pour ignorer le cache
```
Warning: Found 1 item(s) that could be improved for Base system.
Success! Everything looks OK for Internet connectivity!
Success! Everything looks OK for DNS records! (+ 1 ignored issue(s))
Success! Everything looks OK for Ports exposure!
Success! Everything looks OK for Web!
Success! Everything looks OK for Email! (+ 2 ignored issue(s))
Success! Everything looks OK for Services status check!
Success! Everything looks OK for System resources!
Success! Everything looks OK for System configurations!
Success! Everything looks OK for Applications!
Warning: To see the issues found, you can go to the Diagnosis section of the webadmin, or run 'yunohost diagnosis show --issues --human-readable' from the command-line.
```
[14:25:54]
<hercut> Ca semble bon :)
[14:26:38]
<hercut> le warning vient de ca :
`[WARNING] There's been a suspiciously high number of authentication failures recently. You may want to make sure that fail2ban is running and is correctly configured, or use a custom port for SSH as explained in https://yunohost.org/security.`
[14:31:20]
<hercut> Je n'ai rien a faire pour se warning ?
[14:31:57]
<Aleks (he/him/il/lui)> c'est expliqué dans le message ...
[15:00:15]
<hercut> > <@Alekswag:matrix.org> c'est expliqué dans le message ...
Juste change le port en gros ?
[15:00:16]
<Aleks (he/him/il/lui)> par exemple oui
[15:00:17]
<hercut> Ca me fait peur Oo, mais je vais essayé :)
[15:00:17]
<hercut> Un port de predilection a utiliser au lieu du 22 ?
[15:00:18]
<hercut> Merci
[15:00:18]
<hercut> 2022 peut-etre ?
[15:04:56]
<hercut> ah mince :
Il est préférable d'utiliser un port inférieur à 1024 pour éviter les tentatives d'usurpation par des services non administrateurs sur la machine distante.
[15:05:36]
<thibault> Bonjour,
Depuis la migration de mon serveur (x86 qui fait tourner via proxmox une debian sur laquelle est installée yunohost) vers yunohost 12, je n'arrive pas à rediriger indéfiniment le port 8095 (pour wireguard). J'ai essayé via la web admin et via la ligne de commande. La redirection fonctionne pendant 2/3 jours et puis le port sort de la liste des ports redirigés sans action de ma part.
Est ce une difficulté rencontrée par d'autres ? Comment investiguer plus avant ?
D'avance merci beaucoup
[15:18:04]
<Aleks (he/him/il/lui)> heuu ok tu veux dire quoi par rediriger, tu veux dire ouvrir le port ?
[15:26:01]
<Paprika> Hello, Kavita’s install script is broken. This might be unique to LXCs in Proxmox.
Log: https://paste.yunohost.org/raw/aligozubos
[15:27:42]
<Paprika> This might be fixable if we were to use tar argument `—no-same-options`. Cannot test as it’s just a workaround and I cannot add additional arguments to the tar command in the install script.
[15:27:46]
<Paprika> This might be fixable if we were to use tar argument `—no-same-owner`. Cannot test as it’s just a workaround and I cannot add additional arguments to the tar command in the install script.
[15:28:14]
<Paprika> This might be fixable if we were to use tar argument `--no-same-owner`. Cannot test as it’s just a workaround and I cannot add additional arguments to the tar command in the install script.
[15:29:03]
<thibault> @Aleks oui ouvrir le port
[15:31:50]
<Aleks (he/him/il/lui)> hmben c'est chelou, la liste des ports ouvertes est genre dans /etc/yunohost/firewall.yml, normalement y'a que yunohost qui le modifie via les commandes "yunohost firewall" ou l'équivalent en webadmin ...
[15:32:22]
<Aleks (he/him/il/lui)> ou possiblement une restauration de backup système mais je doute que tu restaures ton systeme tous les 3 jours ?
[15:33:58]
<thibault> Non effectivement pas tous les 2/3 jours
[15:34:03]
<thibault> ☺️
[15:34:30]
<thibault> C'est très chelou
[15:35:39]
<thibault> La par exemple j'ai bien le 8095 d'ouvert
[15:36:10]
<thibault> et wireguard fonctionne mais demain ou après-demain le port sera fermé sans action de ma part
[15:36:49]
<thibault> Même pas en rouge dans la web admin mais bien pas dans la liste
[15:37:48]
<Paprika> This might be fixable if we were to use tar argument `--no-same-owner`. Cannot test as it’s just a workaround and I cannot add additional arguments to the tar command in the install script.
[15:38:42]
<thibault> Par ailleurs l'upnp est indiqué comme désactivé dans le bas de la page de la webadmin mais il y a bien des coches vertes dans la colonne UPnP de la webadmin
[15:40:07]
<thibault> Activer l UPnP via la webadmin indique comme message d'erreur erreur 500 could not open port via upnp
[15:41:14]
<thibault> Mais je ne sais pas s'il y a un lien avec la première difficulté évoquée (fermeture "automatique" ?? du port 8095)
[15:43:47]
<Aleks (he/him/il/lui)> un truc "facile" à faire c'est que si le port 8095 a redisparu tu peux regarder la dernière date de modification du fichier de conf avec `ls -l /etc/yunohost/firewall.yml`, ça devrait donner une info de quand exactement le probleme s'est déclenché, et correler ça avec d'autres trus
[15:54:40]
<thibault> @Aleks oui tu as raison ; je ferai ça merci
[17:54:57]
<Paprika> Made a temporary fix by altering the `tar` command args in `ynh_setup_source`. Edited helper is added in `_common.sh`. Consequently, install script is edited to call for the helper defined in `_common.sh`. The added argument allows the app to get installed and working.
Link for the fork: https://github.com/botagas/kavita_ynh
It's a hacky edit, but fixes the issue and allows the app to install.
[18:10:24]
<Paprika> Made a temporary fix by altering the `tar` command args in `ynh_setup_source`. Edited helper is added in `_common.sh`. Consequently, install script is edited to call for the helper defined in `_common.sh`. The added argument allows the app to get installed and working.
Link to the fork: https://github.com/botagas/kavita\_ynh
It's a hacky edit, but fixes the issue and allows the app to install.
[18:12:33]
<Paprika> Made a temporary fix by altering the `tar` command args in `ynh_setup_source`. Edited helper is added in `_common.sh`. Consequently, install script is edited to call for the helper defined in `_common.sh`. The added argument allows the app to get installed and working.
Link to the fork: https://github.com/botagas/kavita\_ynh
Link to the issue I opened: https://github.com/YunoHost-Apps/kavita_ynh/issues/54
It's a hacky edit, but fixes the issue and allows the app to install.