[07:44:27]
<craigvb> Funkwhale .... Anyone managed to get symfonium to connect with subsonic with it? I seem to be missing something as sync always fails 🤔 I'm presuming here it uses port 443, as port 4040 instantly fails
[08:06:52]
<kirtap> The link refers to an "Page not found"-Error.
[08:54:53]
<Salamandar> Yes the bot is out of date. [@ljf:sans-nuage.fr](https://matrix.to/#/@ljf:sans-nuage.fr) where does it run ?
[09:11:06]
<少-初> Anyone? I want to join some non-Chinese Marxist or socialist discussion group chats, can anyone recommend one to me?
[09:38:33]
<Mehdi GUIRAUD> Hi everybody
[09:38:34]
<Mehdi GUIRAUD> Is it the right place to ask for help ?
[09:40:34]
<err404> yes
[09:49:08]
<Mehdi GUIRAUD> Nice, I'm having issues with ssowat. while trying to regen-conf, the ssowat seems to be incomplete. I've made a backup and now trying to reinstall, but now even the postinstall seems to fail.
```bash
root@home:~# yunohost tools regen-conf ssowat --dry-run
Error: YunoHost is not correctly installed. Please run 'yunohost tools postinstall'
root@home:~# yunohost tools regen-conf --force
Error: YunoHost is not correctly installed. Please run 'yunohost tools postinstall'
root@home:~# sudo FORCE_POSTINSTALL=true yunohost tools postinstall
Main domain: yunohost.local
Admin username: mguiraud
Admin full name: Mehdi GUIRAUD
New administration password: ***************
Confirm new administration password: ***************
Warning: The YunoHost project is a team of volunteers who have made common cause to create a free operating system for servers, called YunoHost. The YunoHost software is published under the AGPLv3 license (<https://www.gnu.org/licenses/agpl-3.0.txt>). In connection with this software, the project administers and makes available several technical and community services for various purposes. By using these services, you agree to be bound by the following Terms of Services: <https://yunohost.org/terms_of_services>.
I have read and understand the Terms of Services [Y/N]: Y
Info: Installing YunoHost…
Info: attribute 'virtualdomain' with value 'yunohost.local' is not unique
Info: The operation 'Postinstall your YunoHost server' could not be completed. Please share the full log of this operation using the command 'yunohost log share 20250601-094827-tools_postinstall-yunohost.local' to get help
Error: The domain already exists
```
[10:18:29]
<err404> ok, please share the full logs
[10:25:30]
<tituspijean[m]> I will fix this tonight :)
The code is in yunohost/magnetocassette :)
[10:40:37]
<Mehdi GUIRAUD> ## **YunoHost SSOwat Authentication Issue - Login Interface Hangs**
### **Problem Summary:**
After upgrading to YunoHost 12.0.17, the admin login interface at `https://home.chezmehdi.net/yunohost/admin` gets stuck on "Waiting for the server's response..." (in French: "Attente de la réponse du serveur...") when attempting to log in. The login button becomes unresponsive.
### **Root Cause Identified:**
The issue stems from **LDAP performance problems** causing authentication timeouts:
**LDAP Performance Issue:**
```bash
# sudo commands became extremely slow (10+ seconds)
root@home:/home/mguiraud# time sudo echo "test"
test
real 0m10.036s # Should be ~0.1s
```
**LDAP Service Errors:**
```
May 31 15:37:39 home nslcd[2203]: [15faca] <authz="mguiraud"> ldap_result() failed: Can't contact LDAP server
May 31 15:37:39 home nslcd[2203]: [15faca] <authz="mguiraud"> ldap_abandon() failed to abandon search: Can't contact LDAP server: Transport endpoint is not connected
```
**SSOwat Configuration Issues:**
The `/etc/ssowat/conf.json.persistent` file was empty `{}`, while `/etc/ssowat/conf.json` contained proper configuration:
```json
"core_skipped": {
"public": true,
"uris": [
"home.chezmehdi.net/yunohost/admin",
"home.chezmehdi.net/yunohost/api",
...
]
}
```
### **API Authentication Problem:**
The YunoHost API was rejecting public endpoints that should be accessible:
```bash
curl "http://127.0.0.1:6787/versions"
Authentication required # Should return version info without auth
```
### **System Configuration:**
- YunoHost version: 12.0.17
- yunohost-admin: 12.0.7.1
- SSOwat: 12.0.3
- Multiple domains configured
### **Temporary Workaround Applied:**
Modified `/etc/nsswitch.conf` to bypass LDAP for system authentication:
```bash
# Changed from:
passwd: files systemd ldap
sudoers: files ldap
# To:
passwd: files systemd
sudoers: files
```
This restored sudo performance but didn't resolve the web interface issue.
### **Current Status:**
Attempting clean reinstallation but encountering domain conflicts. The core issue appears to be SSOwat not properly reading its configuration and the API requiring authentication for endpoints that should be public.
### **Questions:**
1. Why does SSOwat not read `/etc/ssowat/conf.json` properly and use the empty `/etc/ssowat/conf.json.persistent` instead?
2. Has the API authentication behavior changed in 12.0.17 to require auth for `/versions` endpoint?
3. What's the recommended way to resolve persistent LDAP connectivity issues in YunoHost?
Any guidance on resolving this authentication loop would be greatly appreciated.
[10:41:52]
<Mehdi GUIRAUD> Sorry I've been trying for a long time. I'm figuring that I should have call your help earlier.
[11:11:42]
<tituspijean[m]> 1. IIRC it should merge the conf.json and conf.json.persistent files when regenerating the conf. You can trigger it with `yunohost app ssowatconf`
3. What's the output of `systemctl status slapd`?
[11:16:02]
<Mehdi GUIRAUD> here it is :
```Bash
@home:~$ sudo systemctl status slapd
[sudo] password for mguiraud:
● slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)
Loaded: loaded (/etc/init.d/slapd; generated)
Drop-In: /usr/lib/systemd/system/slapd.service.d
└─slapd-remain-after-exit.conf
/etc/systemd/system/slapd.service.d
└─ynh-override.conf
Active: active (running) since Sun 2025-06-01 11:55:24 CEST; 1h 19min ago
Docs: man:systemd-sysv-generator(8)
Process: 2041288 ExecStart=/etc/init.d/slapd start (code=exited, status=0/SUCCESS)
Tasks: 4 (limit: 8765)
CPU: 72ms
CGroup: /system.slice/slapd.service
└─2041294 /usr/sbin/slapd -h "ldap://localhost:389/ ldaps:/// ldapi:///" -g openldap -u openldap -F /etc/ldap/slapd.d
Jun 01 11:55:24 home.chezmehdi.net systemd[1]: Starting slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)...
Jun 01 11:55:24 home.chezmehdi.net slapd[2041293]: @(#) $OpenLDAP: slapd 2.5.13+dfsg-5 (Feb 8 2023 01:56:12) $
Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
Jun 01 11:55:24 home.chezmehdi.net slapd[2041294]: slapd starting
Jun 01 11:55:24 home.chezmehdi.net slapd[2041288]: Starting OpenLDAP: slapd.
Jun 01 11:55:24 home.chezmehdi.net systemd[1]: Started slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol).
```
[17:47:59]
<Gwên> Happy pride month 🥳
[23:45:36]
<Aleks (he/him/il/lui)> https://i.imgur.com/8lXztM7.jpeg