[04:39:38]
<craigvb> xmpp-upload won't verify after installing metronome... it used to, not anymore... (lets encrypt certificate) .. muc validates, domain validates xmpp upload just hangs :
Wrote file to /var/www/.well-known/acme-challenge-public/Nku9ts7OCtkBwCskvgr95v4CzSmgXv9rNL0_g1ywcf8, but couldn't download http://xmpp-upload.vanbeek.nz/.well-known/acme-challenge/Nku9ts7OCtkBwCskvgr95v4CzSmgXv9rNL0_g1ywcf8: Error:
Url: http://xmpp-upload.vanbeek.nz/.well-known/acme-challenge/Nku9ts7OCtkBwCskvgr95v4CzSmgXv9rNL0_g1ywcf8
Data: None
Response Code: None
Response:
[08:05:34]
<Michele Agostinelli> How to add some custom link in user portal only to certain group members?
[08:31:10]
<centralscrutinizer> > <@magostinelli:matrix.org> How to add some custom link in user portal only to certain group members?
L'unica cosa che mi viene in mente é questa https://github.com/YunoHost-Apps/my_webapp_ynh
Non saprei come farle indirizzare un link esterno però
[08:32:21]
<centralscrutinizer> Per renderla accessibile solo ai membri di un gruppo utenti puoi impostare i permessi dal portale di amministrazione
[09:49:46]
<rodinux> Always some problems with zabbix package !! upgrading the app from 5.0.41~ynh2 to 6.0~yh1 failed here logs https://paste.yunohost.org/raw/kakejazuco
[09:54:32]
<rodinux> the problem is tricky with dependencies, the upgrade system wants upgrade some zabbix-packages, but if you do that, after zabbix wants communicate with the database and reinitialize some stuffs... I thought upgrading the app before the sytmem will works but it didn't...
[09:54:36]
<Michele Agostinelli> > Per renderla accessibile solo ai membri di un gruppo utenti puoi impostare i permessi dal portale di amministrazione
Già la uso, c'è un app (scritta da me in php) accessibile a tutti (pubblica), che una una sottopagina (tipo /admin) il cui accesso è ristretto, come prima (con yunohost 11) vorrei far apparire questo link solo agli autorizzati.
L'unica cosa che mi viene in mente è dividere in due l'applicazione, da una parte la parte pubblica, dall'altra quella di admin.
[10:00:15]
<rodinux> So I after upgrade crash, zabbix did not restore the backup, but the app was still listed. I have removed the app and restore the backup manually
[10:01:14]
<rodinux> In the update system, I have
```
91:
current_version: 1:5.0.45-1+debian11
name: zabbix-agent
new_version: 1:5.0.45+dfsg-1+deb11u1
92:
current_version: 1:5.0.45-1+debian11
name: zabbix-frontend-php
new_version: 1:5.0.45+dfsg-1+deb11u1
93:
current_version: 1:5.0.45-1+debian11
name: zabbix-server-mysql
new_version: 1:5.0.45+dfsg-1+deb11u1
```
[10:02:08]
<rodinux> and for the app
```
apps:
current_version: 5.0.41~ynh2
description: Outil pour monitorer des réseaux, des serveurs, des VMs et autres services en ligne
domain_path: y2.numc.eu/zabbix
id: zabbix
logo: 9b0729fce7e4d0cd7de448f702cf44bb528dc1e46596107cd68dcbe41dd5ae34
name: Zabbix
new_version: 6.0~ynh1
notifications:
upgradable: yes
version: 5.0.41~ynh2
```
[10:14:29]
<rodinux> Just an important difference, before the upgrade crash the versions was different
```
91:
current_version: 1:5.0.45-1+debian11
name: zabbix-agent
new_version: 1:5.0.45+dfsg-1+deb11u1
92:
current_version: 1:5.0.45-1+debian11
name: zabbix-frontend-php
new_version: 1:5.0.45+dfsg-1+deb11u1
93:
current_version: 1:5.0.45-1+debian11
name: zabbix-server-mysql
new_version: 1:5.0.45+dfsg-1+deb11u1
[10:24:51]
<Lasse Gismo> Did the YNH11ToYNH12 restore but unfortunately didn't run the "full-upgrade" first, as recommended by Aleks, and got the known error with "Nextcloud not in the App list", then I ran the full-upgrade and after reboot rerun the app restore with the following errors:
https://paste.yunohost.org/raw/ikupunuhoc
https://paste.yunohost.org/raw/dekuyuxofu
https://paste.yunohost.org/raw/icosefaquh
https://paste.yunohost.org/raw/mejekekoxa
https://paste.yunohost.org/raw/asosefokoq
https://paste.yunohost.org/raw/oyozodagas
https://paste.yunohost.org/raw/giziyudilu
Does it matter to follow the "not recommended path", my fault, and do the full-upgrade later? Do I need to begin again with a fresh image? :-(
[12:26:30]
<Salamandar> Ah we saw this issue some time ago, it's fixable
[12:26:34]
<Salamandar> but i don't remember how
[12:26:41]
<Salamandar> you need to manually recreate the permissions
[12:26:55]
<Salamandar> or maybe manually upgrade --force the apps that have buggy perms
[13:37:01]
<Aleks (he/him/il/lui)> it feels like these are just logs of the aftermath after some other restoration worked (or didnt idk) so we would need the logs of everything that happens prior to that to understand the actual situation
[13:38:33]
<Predrag Tasevski> Hi team, I would need your help. I tried to restart the nginx and now it is not starting. I get the following error, yunohost 12:
```
tail /var/log/nginx/error.log
/usr/share/lua/5.1/json/decode.lua:84: in function 'decode'
/usr/share/ssowat/config.lua:83: in function 'get_config'
/usr/share/ssowat/init.lua:65: in main chunk
2025/01/06 13:21:44 [error] 8141#8141: init_by_lua_file error: /usr/share/lua/5.1/json/decode/state.lua:169: Value set when one already in slot
stack traceback:
[C]: in function 'assert'
/usr/share/lua/5.1/json/decode/state.lua:169: in function 'set_value'
/usr/share/lua/5.1/json/decode.lua:84: in function 'decode'
/usr/share/ssowat/config.lua:83: in function 'get_config'
/usr/share/ssowat/init.lua:65: in main chunk
```
[13:39:29]
<Aleks (he/him/il/lui)> hmkay and how did you come to be willing to restart nginx
[14:00:33]
<Predrag Tasevski> I had an issue with matrix lets encryption certificate expired and renew it. and the renew was not working hence I tried to restart the nginx
[14:00:59]
<Predrag Tasevski> I had an issue with matrix lets encryption certificate expired and renew it. and the renew was not working hence I tried to restart the nginx. Renew of the certificate worked but somehow it broke the nginx.
[14:01:15]
<Predrag Tasevski> and now I can not start it. I have access to the server via SSL.
[14:03:05]
<Predrag Tasevski> and now I can not start it. I have access to the server via SSH.
[14:06:11]
<Predrag Tasevski> is there any quick fix to restore it at least to make my server working again. As for not nothing is accessible
[14:09:46]
<Predrag Tasevski> you mean `yunohost tools regen-conf nginx --force`?
[14:09:46]
<isAAAc> a regen conf perhaps ? (don't do it before go done by someone else ;) )
[14:12:36]
<Predrag Tasevski> it did not worked
[14:14:06]
<Predrag Tasevski> still the status is failed:
```
systemctl status nginx.service
× nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; preset: enabled)
Active: failed (Result: exit-code) since Mon 2025-01-06 13:21:44 UTC; 50min ago
Docs: man:nginx(8)
Process: 8140 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 8141 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=1/FAILURE)
CPU: 324ms
Jan 06 13:21:44 domain.tech nginx[8141]: nginx: [error] init_by_lua_file error: /usr/share/lua/5.1/json/decode/state.lua:169: Value set when on>
Jan 06 13:21:44 domain.tech nginx[8141]: stack traceback:
Jan 06 13:21:44 domain.tech nginx[8141]: [C]: in function 'assert'
Jan 06 13:21:44 domain.tech nginx[8141]: /usr/share/lua/5.1/json/decode/state.lua:169: in function 'set_value'
Jan 06 13:21:44 domain.tech nginx[8141]: /usr/share/lua/5.1/json/decode.lua:84: in function 'decode'
Jan 06 13:21:44 domain.tech nginx[8141]: /usr/share/ssowat/config.lua:83: in function 'get_config'
Jan 06 13:21:44 domain.tech nginx[8141]: /usr/share/ssowat/init.lua:65: in main chunk
Jan 06 13:21:44 domain.tech systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
Jan 06 13:21:44 domain.tech systemd[1]: nginx.service: Failed with result 'exit-code'.
Jan 06 13:21:44 domain.tech systemd[1]: Failed to start nginx.service - A high performance web server and a reverse proxy server.
```
[14:18:12]
<Predrag Tasevski> any help will be highly appreciated. Thx in advance.
[14:27:30]
<Aleks (he/him/il/lui)> sounds like it's not happy about ssowat's conf
[14:27:37]
<Aleks (he/him/il/lui)> could it be that you tweaked it at some point ?
[14:28:22]
<Aleks (he/him/il/lui)> in particular the "persistent" one
[14:28:34]
<Aleks (he/him/il/lui)> what does `cat /etc/ssowat/conf.json.persistent` looks like ?
[15:15:38]
<huskyz> rodinux: hi, following your advice, I deleted everything and rebuilt from scratch, in this sequence:
- I deleted `cryptpad.domain.tld` and uninstalled cryptpad
- I recreated the domain `cryptpad.domain.tld` with certificate and disabled outgoing and incoming mails,
- I installed cryptpad
- I added the string `sandbox.cryptpad.domain.tld 3600 IN CNAME cryptpad.domain.tld.` in my provider's DNS zones
- I renewed the certificate of `cryptpad.domain.tld`
- I restarted the cryptpad service, as suggested in the yunohost post-installation guide
and now if I go to `cryptpad.domain.tld` it says “unable to contact server” and won't even load the homepage.
Where did I go wrong?
[15:26:24]
<Lasse Gismo> > <@Alekswag:matrix.org> it feels like these are just logs of the aftermath after some other restoration worked (or didnt idk) so we would need the logs of everything that happens prior to that to understand the actual situation
🤔 couldn't find any answer - pls. help.
[15:28:26]
<Aleks (he/him/il/lui)> my anwer is the message you quoted...
[15:28:28]
<rodinux> Here something similar https://github.com/YunoHost-Apps/cryptpad_ynh/issues/235
[15:28:32]
<rodinux> did you rewew the certificate let's encrypt also after ???
[15:29:15]
<rodinux> yunohost domain cert renew cryptpad.domain.tld --force
[15:30:31]
<huskyz> yes, after add the string `sandbox.cryptpad.domain.tld 3600 IN CNAME cryptpad.domain.tld.` in my provider's DNS zones. Without errors
[15:31:48]
<Lasse Gismo> > <@Alekswag:matrix.org> my anwer is the message you quoted...
Saw it after I answer you 🤷♂️ and no, these error logs are from after the app restore I did after the late full-upgrade. But well, will collect all since installation and come back.
[15:34:32]
<rodinux> it seems same error as the issue I shared with you... he found a workaround with changing this line on `/var/www/cryptpad/config/config.js`, but why ? I haven't do that !
```
Workaround:
// httpSafeOrigin: "https://sandbox.my.domain",
// !! WORKING !!
httpSafeOrigin: "https://my.domain",
```
[15:38:37]
<huskyz> > <@rodinux:matrix.org> yunohost domain cert renew cryptpad.domain.tld --force
```
root@xxxxx:/home/xxxxx# yunohost domain cert renew cryptpad.xxxxx.xxx --force
Info: Now attempting renewing of certificate for domain cryptpad.xxxxx.xxx !
Info: Parsing account key...
Info: Parsing CSR...
Info: Found domains: sandbox.cryptpad.xxxxx.xxx, cryptpad.xxxxx.xxx
Info: Getting directory...
Info: Directory found!
Info: Registering account...
Info: Already registered!
Info: Creating new order...
Info: Order created!
Info: Verifying cryptpad.xxxxx.xxx...
Info: cryptpad.xxxxx.xxx verified!
Info: Verifying sandbox.cryptpad.xxxxx.xxx...
Error: Wrote file to /var/www/.well-known/acme-challenge-public/dKTotSaXo0JApPWIQG866zGIzwG8B01Tktx3DctDet0, but couldn't download http://sandbox.cryptpad.xxxxx.xxx/.well-known/acme-challenge/dKTotSaXo0JApPWIQG866zGIzwG8B01Tktx3DctDet0: Error:
Url: http://sandbox.cryptpad.xxxxx.xxx/.well-known/acme-challenge/dKTotSaXo0JApPWIQG866zGIzwG8B01Tktx3DctDet0
Data: None
Response Code: None
Response: <urlopen error [Errno -2] Name or service not known>
Error: Certificate renewing for cryptpad.xxxxx.xxx failed!
Info: The operation 'Renew 'cryptpad.xxxxx.xxx' Let's Encrypt certificate' could not be completed. Please share the full log of this operation using the command 'yunohost log share 20250106-153214-letsencrypt_cert_renew-cryptpad.xxxxx.xxx' to get help
Error: Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 226, in get_crt
assert disable_check or _do_request(wellknown_url)[0] == keyauthorization
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 88, in _do_request
raise ValueError(
ValueError: Error:
Url: http://sandbox.cryptpad.xxxxx.xxx/.well-known/acme-challenge/dKTotSaXo0JApPWIQG866zGIzwG8B01Tktx3DctDet0
Data: None
Response Code: None
Response: <urlopen error [Errno -2] Name or service not known>
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 516, in _fetch_and_enable_new_certificate
signed_certificate = sign_certificate(
^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/yunohost/vendor/acme_tiny/acme_tiny.py", line 228, in get_crt
raise ValueError(
ValueError: Wrote file to /var/www/.well-known/acme-challenge-public/dKTotSaXo0JApPWIQG866zGIzwG8B01Tktx3DctDet0, but couldn't download http://sandbox.cryptpad.xxxxx.xxx/.well-known/acme-challenge/dKTotSaXo0JApPWIQG866zGIzwG8B01Tktx3DctDet0: Error:
Url: http://sandbox.cryptpad.xxxxx.xxx/.well-known/acme-challenge/dKTotSaXo0JApPWIQG866zGIzwG8B01Tktx3DctDet0
Data: None
Response Code: None
Response: <urlopen error [Errno -2] Name or service not known>
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 404, in certificate_renew
_fetch_and_enable_new_certificate(domain, no_checks=no_checks)
File "/usr/lib/python3/dist-packages/yunohost/certificate.py", line 529, in _fetch_and_enable_new_certificate
raise YunohostError("certmanager_cert_signing_failed")
yunohost.utils.error.YunohostError: Could not sign the new certificate
Error: Could not sign the new certificate
Error: Let's Encrypt certificate renew failed for cryptpad.xxxxx.xxx
```
[15:40:13]
<rodinux> did you have disable automatic dns in the webadmin ?
[15:41:48]
<rodinux> 😶🌫️
[15:42:16]
<huskyz> > <@rodinux:matrix.org> did you have disable automatic dns in the webadmin ?
No, you said it was not necessary. Do I mess up the other apps if I do that? Because the others work perfectly
[15:43:48]
<Predrag Tasevski> to be honest I do not know
[15:44:56]
<Predrag Tasevski> cat /etc/ssowat/conf.json.persistent
{
"permissions": {
"my_webapp.main": {
"auth_header": false,
"label": "OAuth",
"public": true,
"show_tile": false,
"uris": [
"chat.unicis.tech/oauth"
],
"users": []
}
}
"theme": "unicis",
}
[15:46:07]
<huskyz> https://aria.im/_bifrost/v1/media/download/AX_whgeWWCz2JOoi7RoNgayTMiJ2WV7JicQW91chBhW9AqPQapvgBI083E-hj-jesSstDjYFwg3Axs9WVo_pAURCeUQXHWfQAG1hdHJpeC5vcmcvWnBzTVlSaWZpSHNvQ1JNY1pHTENpRkNJ
[15:50:04]
<huskyz> Have been behind for 3 days, can't take it anymore. It is REALLY frustrating
[15:50:30]
<rodinux> It will not change anything... It is just a api to write the dns in the registar automatic...
[15:51:40]
<rodinux> it means you will look for suggest dns if adding a domain and add manually the suggested on the registar...
[15:53:12]
<rodinux> what returns `grep Origin /var/www/cryptpad/config/config.js`
[15:54:47]
<huskyz> > <@rodinux:matrix.org> what returns `grep Origin /var/www/cryptpad/config/config.js`
```
/* httpUnsafeOrigin is the URL that clients will enter to load your instance.
httpUnsafeOrigin: 'https://cryptpad.xxxxx.xxx',
/* httpSafeOrigin is the URL that is used for the 'sandbox' described above.
* httpSafeOrigin must be different from httpUnsafeOrigin.
httpSafeOrigin: "https://sandbox.cryptpad.xxxxx.xxx",
```
[15:55:21]
<rodinux> Oki...
[15:58:17]
<huskyz> If I run yunohost diagnostics it tells me:
*The configuration file `/etc/apt/sources.list.d/extra_php_version.list` seems to have been edited manually.*
But I haven`t touched anything. I think it started giving me this -yellow- error after I upgraded to yunohost12. Is this normal? Could it depend on this?
[15:59:51]
<rodinux> try `yunohost tools regen-conf apt -F`
[16:02:31]
<huskyz> But why does he do it? Does it have something to do with cryptpad?
[16:03:17]
<geoma> anybody got experience with MollySocket? I installed it but wont work, don't know if I am missing something
[16:05:45]
<rodinux> sorry, I don't know why, it should be more simple... I just understand that when you need renew the certificate of cryptpad he want found a path here `http://sandbox.cryptpad.xxxxx.xxx/.well-known` wich did not exist ! perhaps the dns did not have propage yet the entry CNAME ? just we need renew the certificate... Perhaps it is also good try restart nginx and or cryptpad ?
[16:06:05]
<Predrag Tasevski> just for the reference when I do `nginx -t` I get:
```
2025/01/06 16:05:15 [info] 49271#49271: Using 116KiB of shared memory for nchan in /etc/nginx/nginx.conf:61
2025/01/06 16:05:15 [info] 49271#49271: Using 131072KiB of shared memory for nchan in /etc/nginx/nginx.conf:61
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
```
[16:06:41]
<rodinux> nothing to do with cryptpad, I see this before few times since the migrations
[16:08:30]
<rodinux> ttps://forum.yunohost.org/t/manually-modified-extra-php-version-list-after-upgrade-to-bookworm/34466
[16:09:54]
<huskyz> If you want, you can check the different with `yunohost tools regen-conf apt --dry-run --with-diff` and force reset the recommended configuration with `yunohost tools regen-conf apt --force`
Try with the reset?
[16:10:43]
<Predrag Tasevski> I tried to remove synapse from the server, however was not able due to nginx failed, and I got the following error log https://paste.yunohost.org/raw/fusewequju
[16:11:23]
<Lasse Gismo> https://aria.im/_bifrost/v1/media/download/AS5DCTO81vySeaXtI8BLkMh8zfvhZ6IaZOfyu5XU7KUQ56RVAd4uJ7bOCl_tKLNirP2XQ2mFfYZlb6qccEc-LNNCeUQYj65AAG1hdHJpeC5vcmcvTUtvdGZ2cmJHeFBBV3JZZFh2SUNDUHBl
[16:11:24]
<Lasse Gismo> https://aria.im/_bifrost/v1/media/download/Afb-jFFAQpeN_GPv96OrfL25ZF-7huh9Ruf0gxvGuT_6ErahR1DBac3g9cRFAyYhZhO6r-xEHmQaL1MiQN_du_1CeUQYj65QAG1hdHJpeC5vcmcvVEx3UGlUb2dPRkdnTnpWRWx6TlloeEdZ
[16:12:14]
<rodinux> the first command `--dry-run --with-diff ` is to see what the regen-conf should change and `--force` apply the changes... don't worry
[16:12:19]
<huskyz> > <@huskyz:matrix.org> If you want, you can check the different with `yunohost tools regen-conf apt --dry-run --with-diff` and force reset the recommended configuration with `yunohost tools regen-conf apt --force`
>
> Try with the reset?
resolved. At least this one
[16:12:35]
<Lasse Gismo> https://paste.yunohost.org/raw/uhiyonodex
Hi Aleks.
What I did:
- prepared new image
- forgot to run a full-upgrade :-(
- created user and domain via web UI
- ran full restore - ended up with "nextcloud not part of the installead apps list" error
- ran "sudo apt update" and "sudo apt full-upgrade
- reboot
- ran apps restore - see image
- got all the last 7 app restore error logs
The list of logs starts with the very first:
https://paste.yunohost.org/raw/ijuzigiquq
https://paste.yunohost.org/raw/ututunobad
https://paste.yunohost.org/raw/ijetazufiw
https://paste.yunohost.org/raw/eyaqucikoj
https://paste.yunohost.org/raw/yadubuqata
https://paste.yunohost.org/raw/orutapuqag
https://paste.yunohost.org/raw/zezokanigu
https://paste.yunohost.org/raw/otupipafop
https://paste.yunohost.org/raw/vanemuwecu
https://paste.yunohost.org/raw/eloroqunej
https://paste.yunohost.org/raw/pazupuhevi
[16:13:52]
<huskyz> but cryptad from the new version is broken, you should put a notice in the app list
[16:15:29]
<rodinux> Yesterday I have install a fresh one, did you remember ??
[16:17:47]
<rodinux> I think there is stuff to make it better, we need just understand, something with the cert install renew.
[16:19:23]
<Predrag Tasevski> Ok I tried by removing synapse and associated sub-domain, and element app and subdomain. When I try to run again the `systemctl start nginx.service` get the same error Job for
```
nginx.service failed because the control process exited with error code.
See "systemctl status nginx.service" and "journalctl -xeu nginx.service" for details.
```
[16:20:15]
<Predrag Tasevski> Aleks (he/him/il/lui): can you help me out?
[16:21:21]
<rodinux> Can you try on your computer do a `dig https://sandbox.cryptpad.yourdomain.tld` ?
[16:23:22]
<Predrag Tasevski> cat /etc/ssowat/conf.json.persistent
```
{
"permissions": {
"my_webapp.main": {
"auth_header": false,
"label": "OAuth",
"public": true,
"show_tile": false,
"uris": [
"chat.domain.tech/oauth"
],
"users": []
}
}
"theme": "domain",
}
```
in a meantime, tried to remove the synapse app and element and assiated sub-domains, matrix.domain.tech and chat.domain.tech still the issue exist. Nginx is not starting
[16:23:48]
<Aleks (he/him/il/lui)> yes so `"theme": "domain",` is not valid json because it ends with a comma
[16:24:32]
<Aleks (he/him/il/lui)> and also there's no comma in the line before, the curly bracket ending the "permissions" block
[16:27:38]
<Predrag Tasevski> thx a lot this one fix the issue indeed.
[16:28:00]
<Predrag Tasevski> interesting that I upgraded the yunohost one month ago and the issue only showed now
[16:29:27]
<rodinux> What happens if you do first a diagnosis via the webadmin and try renew the certificate of cryptpad domain ?
[16:32:12]
<rodinux> I think is related to the auto configurations of the domains, when enable I imagine a script need look for `.well-know/`...
[16:43:46]
<huskyz> > <@rodinux:matrix.org> Can you try on your computer do a `dig https://sandbox.cryptpad.yourdomain.tld` ?
```
; <<>> DiG 9.18.28-0ubuntu0.22.04.1-Ubuntu <<>> https://sandbox.cryptpad.xxxxx.xxx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24779
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;https://sandbox.cryptpad.xxxxx.xxx. IN A
;; AUTHORITY SECTION:
xxxxx.xxx. 3600 IN SOA ns41.infomaniak.com. hostmaster.infomaniak.ch. 2025010601 10800 3600 605800 3600
;; Query time: 32 msec
;; SERVER: xxx.x.x.xx#xx(xxx.x.x.xx) (UDP)
;; WHEN: Mon Jan 06 17:40:06 CET 2025
;; MSG SIZE rcvd: 148
```
[16:44:51]
<rodinux> Ok
[16:45:30]
<huskyz> > <@rodinux:matrix.org> Yesterday I have install a fresh one, did you remember ??
but with a workaround
[16:47:06]
<rodinux> I could renew then the certificate, before I have the same error when trying renew the certificate
[16:47:45]
<rodinux> no, I just told you, desactivating the mails for the domain cryptpad and the auto dns
[16:48:21]
<huskyz> > <@rodinux:matrix.org> no, I just told you, desactivating the mails for the domain cryptpad and the auto dns
however it used to work without having to do these things, now it doesn't. And in the post-installation guide it is not specified to do this
[16:49:19]
<huskyz> a newbie like me ends up with an app that doesn't work. And I thought yunohost was a newbie distro
[16:50:11]
<huskyz> https://aria.im/_bifrost/v1/media/download/AZj74ws5jD_IbstERV1XIhnlgdoIczy7G9APvSx3ddsV0EBz156izumo1700hgEFcusyKBU03oOgKxdjwl828oFCeUQax-VgAG1hdHJpeC5vcmcvTmtUSFNnY2Z3cFh2ZU5wU2RXc09LRUFB
[16:52:08]
<huskyz> by the way, if I disable automatic dns from domain.tld then I have to put hands on the dns registar zones only when I add a new domain?
[16:53:18]
<rodinux> yes, and I think is not really stable enable it for infomaniak
[16:55:35]
<huskyz> > <@huskyz:matrix.org> sent an image.
and as far as these apps that are already installed, I don't have to change anything in the dns registar areas, right?
[16:56:10]
<rodinux> If this resolve the renew certificate for the domain cryptpad, we finally know what's wrong...
[16:56:44]
<rodinux> right
[16:57:19]
<huskyz> ok, let's try. I reinstall everything from scratch
[16:57:36]
<rodinux> Your dns zone is a file edited... Without reinstalling ?
[16:58:16]
<rodinux> I mean without reinstalling just renew the certificate
[17:00:11]
<huskyz> > <@rodinux:matrix.org> I mean without reinstalling just renew the certificate
too much late 😅
[17:00:14]
<rodinux> just try after `yunohost domain cert renew cryptpad.xxxxx.xxx --force`
[17:00:17]
<huskyz> In the dns registrar should I remove the string `sandbox.cryptpad.xxxxx.xxx 3600 IN CNAME cryptpad.xxxxx.xxx.` and add it back after installing cryptpad or do I leave it as is without touching anything?
[17:00:45]
<rodinux> I think you leave it
[17:01:05]
<huskyz> ok
[17:02:22]
<rodinux> on y crois 🤞
[17:11:55]
<huskyz> deleted `cryptpad.domain.tld`, uninstalled cryptpad, disabled automatic dns setting for `domain.tld`. So far so good. I go to create the domain `cryptpad.domain.tld` and it gives me an error, it says it can`t generate the certificate, which it used to do without problems
[17:12:03]
<huskyz> porco dio non ne posso più
[17:15:55]
<rodinux> do a diagnosis first before generate the certificate
[17:16:00]
<huskyz> > <@rodinux:matrix.org> do a diagnosis first before generate the certificate
I did it
[17:16:05]
<huskyz> porca madonna puttana
[17:17:36]
<rodinux> wtf
[17:19:33]
<rodinux> hummm, does the entry A and AAAA is still in the registar for `cryptpad.domain.tld
[17:19:36]
<huskyz> Error: "500"
Action: "PUT" /yunohost/api/domain/cryptpad.xxxxx.xxx/actions/cert.cert_.cert_install
[17:20:57]
<huskyz> Fuck cryptpad, I don't give a fuck anymore. 3 days of cursing
[17:22:55]
<huskyz> thank you for your time and your patience
[17:23:49]
<rodinux> Perhaps because I said you let the entry CNAME... if you remove it before ? and wait dns propaging ?
[17:24:26]
<huskyz> I don't know, I don't care anymore
[17:27:12]
<rodinux> 😢
[17:46:15]
<rodinux> I think I am wrong ! If finally yesterday I could renew the certificate, perhaps it is not because of the actions (about auto dns and mails) but just because it need waits a while with the cache dns and propagation before...
[17:48:44]
<rodinux> I was with the same error you have before trying renew the certificate, and after a while, it have been accepted...
[18:59:18]
<Paprika> Is the `ynh\_install\_app\_dependencies` still used? I've tried packaging an app, included `source /usr/share/yunohost/helpers` line in my install script, but if I try to call ynh\_install\_app\_dependencies, it fails with "command not found". I might be missing something.
[18:59:23]
<Paprika> Is the `ynh_install_app_dependencies` still used? I've tried packaging an app, included `source /usr/share/yunohost/helpers` line in my install script, but if I try to call ynh\_install\_app\_dependencies, it fails with "command not found". I might be missing something.
[18:59:38]
<Paprika> Is the `ynh_install_app_dependencies` still used? I've tried packaging an app, included `source /usr/share/yunohost/helpers` line in my install script, but if I try to call `ynh_install_app_dependencies`, it fails with "command not found". I might be missing something.
[18:59:48]
<orhtej2> > <@botagiuks:tiesiog.lt> Is the `ynh_install_app_dependencies` still used? I've tried packaging an app, included `source /usr/share/yunohost/helpers` line in my install script, but if I try to call `ynh_install_app_dependencies`, it fails with "command not found". I might be missing something.
no, with packaging v2 you should declare apt property in manifest
[19:00:02]
<orhtej2> https://github.com/YunoHost/example_ynh/blob/1bdcd685cc6726307e2f38bdbf9a597a3be91b1e/manifest.toml#L132
[19:00:10]
<orhtej2> it'll install/remove automatically
[19:02:47]
<isAAAc> i'm upgrading peertube, but i'm not sure if the process is stuck or not
[19:03:02]
<isAAAc> Info: [############++......] > Building Yarn dependencies...
[19:03:20]
<Aleks (he/him/il/lui)> would check `sudo ps -ef --forest | grep yarn -A3`
[19:03:25]
<isAAAc> 2025-01-06 15:45:28,946 DEBUG yunohost.hook.<lambda> - ! Corepack is about to download https://registry.yarnpkg.com/yarn/-/yarn-1.22.22.tgz
[19:04:03]
<isAAAc> root@krashboyz:/var/log/yunohost/operations# strace -p 1753225
strace: Process 1753225 attached
epoll_pwait(13, 0x7ffe5df3dd20, 1024, -1, NULL, 8) = -1 EINTR (Interrupted system call)
--- SIGWINCH {si_signo=SIGWINCH, si_code=SI_KERNEL} ---
[19:04:46]
<orhtej2> nice, that trash again x_x
[19:05:12]
<isAAAc> https://krashboyz.org/zerobin/?046286c92aeda01f#DVuXAx8F6CQU6CEyEM28HP9T1pHdq1tyMCaEqpPMrve6
[19:05:23]
<isAAAc> i kill it ?
[19:05:41]
<Aleks (he/him/il/lui)> idk it seems to be still ongoing so ?
[19:05:47]
<Aleks (he/him/il/lui)> or maybe orhtej2 has more insight about it
[19:08:28]
<orhtej2> > <@Alekswag:matrix.org> or maybe orhtej2 has more insight about it
`sudo yunohost app upgrade peertube -u https://github.com/YunoHost-Apps/peertube_ynh/tree/corepack_download_prompt` perhaps? (I've added missing `COREPACK_ENABLE_DOWNLOAD_PROMPT=0`)
[19:08:45]
<orhtej2> isAAAc: ^
[19:09:01]
<orhtej2> (kill the one running, it's permanently stuck)
[19:09:59]
<Aleks (he/him/il/lui)> ah yes that's because it's called with ynh_exec_as_app but it doesn't forward this bash variable hmpfrtrghvbn
[19:10:02]
<Aleks (he/him/il/lui)> (╯°□°)╯︵ ┻━┻
[19:10:05]
<isAAAc> oh
[19:10:29]
<isAAAc> i just detachfrom the tmux and reatttach, and it's moving back again
[19:11:02]
<isAAAc> 2025-01-06 20:09:48,329 DEBUG yunohost.hook.<lambda> - yarn install v1.22.22
2025-01-06 20:09:48,645 DEBUG yunohost.hook.<lambda> - [1/5] Validating package.json...
2025-01-06 20:09:48,663 DEBUG yunohost.hook.<lambda> - [2/5] Resolving packages...
2025-01-06 20:09:49,943 DEBUG yunohost.hook.<lambda> - [3/5] Fetching packages...
[19:11:32]
<isAAAc> 2025-01-06 20:11:22,392 DEBUG yunohost.hook.<lambda> - yarn install v1.22.22
[19:11:33]
<orhtej2> > <@Alekswag:matrix.org> ah yes that's because it's called with ynh_exec_as_app but it doesn't forward this bash variable hmpfrtrghvbn
yeeeeah that core fix is super ineffective :/
[19:12:22]
<Aleks (he/him/il/lui)> that core fix ?
[19:12:33]
<Aleks (he/him/il/lui)> ah it's supposed to be fixed ?
[19:13:14]
<orhtej2> https://github.com/YunoHost/yunohost/blob/e8c175231e78683c98e84f7fd637d234fb31c2cc/helpers/helpers.v2.1.d/nodejs#L26 it's here but never inherited when run as app (which one should run as)
[19:14:12]
<isAAAc> looks like the tmux detach + the ctrl+c on the log has awakened the upgrade process
[19:14:34]
<isAAAc> Success! peertube upgraded
[19:14:42]
<isAAAc> i check the result
[19:14:54]
<orhtej2> > Success! peertube upgraded
does it really say it's the latest version?
[19:15:05]
<orhtej2> strange, it must have forwarded something like `yes`
[19:15:35]
<isAAAc> version: 7.0.0~ynh1
[19:16:09]
<orhtej2> > version: 7.0.0~ynh1
I mean somewhere in peertube's UI
[19:16:19]
<orhtej2> YNH may claim whatever it wants ;P
[19:16:30]
<isAAAc> https://media.krashboyz.org/ it looks really not as before the upgrade
[19:16:54]
<isAAAc> https://media.krashboyz.org/about/instance 7.0 yes
[19:17:31]
<isAAAc> cool, beer time so 🍻 :D
[19:19:53]
<isAAAc> thx for your work, ynh team,
again
<3
[20:48:17]
<miro5001> Hi there.
About immich, would it be possible to add ldap support (via authelia as stated here https://github.com/immich-app/immich/issues/523#issuecomment-1224087678 ). I know that would mean to package authelia, then config immich > authelia > ldap
[20:55:36]
<pochi> I installed sharkey on my main domain and since then i cannot access the admin interface from domain.tld/yunohost/admin, It's just a blank page. I then uninstalled sharkey and i still can not access it. I can access it using the IP however. Can anyone help me fix this?
[20:55:36]
<orhtej2> > <@miro5001:matrix.org> Hi there.
> About immich, would it be possible to add ldap support (via authelia as stated here https://github.com/immich-app/immich/issues/523#issuecomment-1224087678 ). I know that would mean to package authelia, then config immich > authelia > ldap
don't we typically use Dex for that?
[20:57:18]
<Aleks (he/him/il/lui)> hmkay, if that means anything to you i think first thing would be to check what's happening in the "Network" tab in the developer tools that you can open with F12 on firefox
[20:58:01]
<Aleks (he/him/il/lui)> or alternatively you could check the output of `curl -Lv https://yourdomain.tld/yunohost/admin` to understand what it's returning that corresponds to the blank page
[20:58:34]
<marzagheddon> Hi everybody. I have a YH12 that isn't exposed to the web, I can access to it only in LAN via the .local domain. Is it possible to access to the same .local domain outside of the LAN via a VPN? If so is there some guide about how to config everything???
[20:59:42]
<orhtej2> > <@marzagheddon:matrix.org> Hi everybody. I have a YH12 that isn't exposed to the web, I can access to it only in LAN via the .local domain. Is it possible to access to the same .local domain outside of the LAN via a VPN? If so is there some guide about how to config everything???
something like headscale app should do that 🤷
[21:02:10]
<pochi> Aleks (he/him/il/lui): never mind, had to clear site data on browser and it fixed
[21:05:26]
<miro5001> > don't we typically use Dex for that?
I forgot about it. But if I remember correctly, dex requires a lot of ram to install. Authelia is single binary, which is extremely lightweight "observed memory usage normally under 30 megabytes"
[21:05:51]
<marzagheddon> would it be a safe configuration? or somewhat my YH could become accessible to hackers?
[21:08:01]
<marzagheddon> I am a noob
[21:11:03]
<orhtej2> it's [this thing](https://apps.yunohost.org/app/headscale), but you would have to have it running on some public server.
So long story short - I have no clue how to achieve what you're aiming for
[21:12:54]
<marzagheddon> lol
[21:14:27]
<marzagheddon> I also have a commercial vpn available
[21:14:27]
<marzagheddon> I'm open to suggestions
[21:23:27]
<Paprika> Just use the Wireguard Server YNH package or set up a VPN on your router. I believe that's the easiest way to go about it.
[21:23:28]
<marzagheddon> https://forum.yunohost.org/t/yunohost-only-local-and-vpn-local/23171
Here somebody says that If I did that I can't access via the .local domain
[21:23:32]
<marzagheddon> over the vpn
[21:24:16]
<marzagheddon> is there a guide? I'm a total noob (unluckily)
[21:30:21]
<marzagheddon> I read that it wouldn't work because wireguard doesn't support multicast
[21:45:37]
<marzagheddon> https://forum.yunohost.org/t/how-to-setup-only-local-yunohost-with-a-vpn-while-using-the-local-domain-only/34572 opened a thread
[22:29:37]
<Paprika> Oh yeah, you might need to set static dns for your local domains in your router.
[22:29:49]
<Paprika> Can't really say much. I use Wireguard Server to serve various devices my services via local domains on one of my instances. I use .test domains, but the same should be applicable for .local as well. YNH handles it all automatically via nginx, all you have to do is make sure the clients are able to reach your VPN server.
EDIT: Oh yeah, you might need to set static dns for your local domains in your router.
[23:37:22]
<Paprika> https://aria.im/_bifrost/v1/media/download/AfaCRjOBN7ueBqBdCYzFFw1maQ4GoS1EAADGwG5Ht8Jj4aP9mUMvpxP5UYABO4ctGTWxR1tyQAOf5IjCaz5EXlBCeUQyFLMgAHRpZXNpb2cubHQvb2xmeU9ueVpnVER3RnNoZlZ6bEVOaHZ6
[23:37:23]
<Paprika> I have successfully packaged Jellystat for Yunohost. This is proof that even someone like me who is not a programmer at all, can still package an app to use for themselves, without being a programmer. You just gotta know your way around, know how to google, and how to and where to ask.
[23:37:40]
<Paprika> I am shocked that it didn't break my install even, not even once.