Saturday, February 01, 2025
support@conference.yunohost.org
February
Mon Tue Wed Thu Fri Sat Sun
          1
 2
3
 4
 5
 6
 7
 8
 9
10
 11
 12
 13
 14
 15
 16
17
 18
 19
 20
 21
 22
 23
24 25
 26
 27
 28
    
             

[13:51:11] <James Richardson (tokenwizard)> https://aria.im/_bifrost/v1/media/download/AYZwA4Vw9TzFVUDStZ2kJ6FwxxfE5lOcETZsxUCjV6hbucPjQXw8lPU83Cq4oSoGX13mBn-08_cUY6jx1KYle79CeUxu315gAG1hdHJpeC50anNlcnZlci5kZXYvS01uTnNpa0NkZ0thYkZTU1lmYkNZdGZK
[13:51:11] <James Richardson (tokenwizard)> I did manage to get Cryptpad up and running and created an admin user with 2FA. It was working fine, but now when I try to log in, it asks for my 2FA code and after I enter it, I just get this. Anybody else have this issue?
[14:04:09] <James Richardson (tokenwizard)> Interestingly though, If I close the Cryptpad tab when this happens, I can click a link to a shared document and it opens up with me logged in. So maybe an issue redirecting after login? NEVERMIND. I'm not actually logged in. It shows me as a guest in the document.
[14:09:47] <rodinux> How did you add a 2FA un Cryptpad ??
[14:11:35] <James Richardson (tokenwizard)> While logged in I went to my Settings and there was an option in there. It let me scan the barcode with my 2FA app (Aegis OTP)
[14:12:22] <James Richardson (tokenwizard)> I'd caution against it though until we confirm it is working properly since I cannot log in now.
[14:16:54] <rodinux> Did it was added in the admin panel first ? Perhaps a solution is to create another user and add this user as admin with the plublic key in the config.json ??

[14:17:28] <James Richardson (tokenwizard)> I added my user in the config.json as admin before I enable 2FA.
[14:18:25] <James Richardson (tokenwizard)> Followed these steps
[14:18:26] <James Richardson (tokenwizard)> https://aria.im/_bifrost/v1/media/download/ASxaVv4MoyMGdc2N9UoUgaxeuzrb2wF5dukSdcCD4tQDMtqfrGNQqVPb7p0Rjyb03raD_7Cq-PRkqEyxefy3butCeUxwboeAAG1hdHJpeC50anNlcnZlci5kZXYvRmZxRWpIWGhZUE5icElkdUR4WGRLdEF6
[14:18:34] <rodinux> I mean if you can no more sign in with the 2FA...
[14:19:07] <James Richardson (tokenwizard)> Then enabled 2FA a bit later in the day.
[14:20:35] <James Richardson (tokenwizard)> But this may be more of a CryptPad issue that a YH one. I need to do some more digging.
[14:23:57] <rodinux> perhaps beacuse needs make sure that the date and time of your server remain fairly accurate (up to a 30 seconds shift), using NTP for instance.
[14:24:38] <James Richardson (tokenwizard)> Do you have functioning 2fa?
[14:24:40] <rodinux> I am reading this https://blog.cryptpad.org/2024/01/09/tutorial-two-factor-authentication/
[14:27:57] <James Richardson (tokenwizard)> Well, That gave me pause and I did in fact forget to set my timezone in the LXC that I spun up for YH. So I did that and I'm still having issues. I'm going to restart YH server and see if that helps.
[14:32:17] <James Richardson (tokenwizard)> No dice...
[14:32:59] <rodinux> In the config.js you have this
```
/* Registered users can be forced to protect their account
* with a Multi-factor Authentication (MFA) tool like a TOTP
* authenticator application.
*
* defaults to false
*/
//enforceMFA: false,


```
[14:33:13] <James Richardson (tokenwizard)> Server and local machine are within 1 second (and that was the time it took me to run the command locally after on the server lol
[14:33:14] <James Richardson (tokenwizard)> https://aria.im/_bifrost/v1/media/download/AWbd3ApmmDywOue5XQ0hhwPPshu9LdQOdSQLj-mHq2d6a1D4n4hNMnbs_nqEL5RzvoPLoWSUNkI2NtokdZfV5N5CeUxxR0JAAG1hdHJpeC50anNlcnZlci5kZXYvWHFtVXBLSkJZeWNteXdNcGJnT2tRdVJC
[14:35:10] <James Richardson (tokenwizard)> Hmm, I was able to "Recover my account" using my recovery phrase and that disabled 2fa. So it seems there is an issue with the 2fa validation.
[14:35:52] <rodinux> try configure ntp https://idroot.us/setting-up-ntp-server-client-debian-12/
[14:36:36] <rodinux> But perhaps you can first add another user admin without F2A...
[14:43:46] <rodinux> well in the post from cryptpad : Good practices

Activating and using 2FA in itself doesn't guarantee that your account would remain safe whatever what happens, it is just another safety net.

However, to ensure that it works as intended, there are some mistakes to avoid. For instance, some password managers can act as a storage for your 2FA secrets and even generate the verification codes for you. In the event that your password is also stored there, then you create a new single-point of failure in your password manager. For the sake of honesty, we should mention that is it still way better than not having any 2FA at all (as it adds a temporal factor in what your password manager outputs in case of phishing attacks for instance). It should be avoided in an ideal world, but we are not living in this world.

In general, you should avoid at all cost storing your passwords, secret keys and recovery keys in a place where it is easily accessible (for instance in a my_passwords.csv file in the clear on your drive, or in a plaintext cloud storage). The use of a password manager makes it easier for users to manage this part as long as one sets up the appropriate measures to keep it secure, for instance with the use of a strong primary password, or not leaving your computer unattended in an unlocked state.
[15:16:43] <James Richardson (tokenwizard)> Yeah, I use Bitwarden for passwords and Aegis OTP for all my 2FA accounts. Not having trouble with any others, just CryptPad for some reason.
[15:22:17] <James Richardson (tokenwizard)> > <@rodinux:matrix.org> In the config.js you have this
> ```
> /* Registered users can be forced to protect their account
> * with a Multi-factor Authentication (MFA) tool like a TOTP
> * authenticator application.
> *
> * defaults to false
> */
> //enforceMFA: false,
>
>
> ```

I don't have forced 2FA enabled. So you can register and use my instance without 2FA. Just be nice to get 2FA working as intended.
[15:31:28] <rodinux> yes, is better... I don't know why it did not works... perhaps something needed in nginx conf. Have you try disabling some extensions on your web navigator ??
[15:34:37] <James Richardson (tokenwizard)> You might be on to something here. I just re-enabled 2FA on my admin account and can't log in anymore. But I opened up a Private browsing windows with no add-ones and I can log in with my 2FA. Now to see what the HELL my browser is doing....
[15:35:40] <rodinux> Yes, some time an extension to disable....
[15:37:23] <James Richardson (tokenwizard)> Well, I disabled I don't care About Cookies, uBlock Origin, and Privacy Badger and still have the same problems. Interestingly, I have this exact same issue using Firefox on my phone that does not have any extensions installed that I am aware of. I guess we can chalk this up to a Browser issue, just seems odd I'm not having this issue on these browsers with any other account I have 2FA enabled with.
[15:37:25] <rodinux> or cache to remove and reboot the navigator ?
[15:39:30] <James Richardson (tokenwizard)> winner, winner, chicken dinner! I cleared all cookies for my YH server in my browser and now it works. Thanks for the tip!
[16:24:12] <matt> Hi everyone, I have a question about a piece of software that is missing from the catalog: FlareSolverr
[16:24:25] <matt> Do you guys use it? how did you install it?
[16:24:54] <matt> It seems that the best option, considering it is not in the catalog, is to install it from the terminal, using the provided shall script
[16:25:57] <matt> The official binary method is the container option, but that is not my cup a tea, and outside of the scope of Yunohost
[16:26:09] <matt> So if you have a suggestion, I am all for it. Thanks
[18:05:45] <thatoo> Hello,
I face an issue.
I have updated piwigo but the interface was completly broken so I delete piwigo and tried to restore from backup but then I got this error while deleting
`` ERROR 1010 (HY000) at line 1: Error dropping database (can't rmdir './piwigo', errno: 39 "Directory not empty") ``
and then this error while restoring : 
`` ERROR 1007 (HY000) at line 1: Can't create database 'piwigo'; database exists ``
but when I connect to my server by ssh and I do 
`` sudo mysql ``
`` MariaDB [(none)]> SHOW DATABASES; ``
then there isn't any "piwigo" database in the list of databases.
What should I do? 
[18:14:52] <thatoo> log when trying to restore : https://paste.yunohost.org/raw/maditamawe
[18:18:53] <thatoo> Well, it seems that when restoring failed, it manage to delete the database so I just needed to try a second time to restore and it worked.
[18:19:04] <thatoo> issue solved by itself :-)
[19:12:24] <isAAAc> removing the app, and restoring it , yes
there is already an open issue about this:
https://github.com/YunoHost-Apps/piwigo_ynh/issues/146
[20:07:56] <stiforr> Are instances of synapse running on a nohost.me domain banned from joining this room or is it just me?