[03:40:07]
<Solrac> If possible, I'd leave example.com as main, but, redirect at the ynh nginx level, to apps.example
[03:40:41]
<Solrac> I ended up fixing the fstab with a live boot, mounting, and then nano-ing the fstab
[03:42:32]
<Solrac> My issue is that, I'd like for everything to wait for /home (home.mount) to finish, for the rest to succeed, and I'm not too sure how to do that... Not even Wireguard connects automatically, servicesremain failed, which just feels like, I need to do manual intervention
[03:43:09]
<Solrac> So, either a post-home-Mount script, or set the services to wait for home to be mounted
[07:31:09]
<FbIN> Where can I get the default YNH apt lists and keyrings?
[07:31:29]
<FbIN> I by mistake messed up by doing a wrong curl and echo :(
[07:32:04]
<FbIN> This is what I did in my mess:
curl -s https://packages.sury.org/php/apt.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/sury-keyring.gpg >/dev/null
echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/sury-keyring.gpg] https://packages.sury.org/apache2/ bookworm main' | sudo tee /etc/apt/sources.list.d/apache2.list >/dev/null
echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/sury-keyring.gpg] https://packages.sury.org/php/ bookworm main' | sudo tee /etc/apt/sources.list.d/php.list >/dev/null
[07:32:17]
<FbIN> Now I get:
E: Conflicting values set for option Signed-By regarding source https://packages.sury.org/php/ bookworm: /etc/apt/trusted.gpg.d/extra_php_version.gpg != /usr/share/keyrings/sury-keyring.gpg
E: The list of sources could not be read.
[07:33:45]
<FbIN> The get updates error traceback is: https://pb.fbin.in/?8d7facbbdb68bb78#HCEz5jKGsBCjb5ra9vaAwf1PR5XK4Pd3TQJTfRJym8N3
[07:34:43]
<FbIN> or rather, how can I fix this?
[07:39:57]
<FbIN> Okay, I think, I fixed it, but just need to be sure of the php expired keyring
[07:40:03]
<FbIN> can someone in YNH fix it pls
[07:43:49]
<Tagada> You could have run `yunohost tools regen-conf apt`
Your issue seems similar to this one https://forum.yunohost.org/t/something-went-wrong-while-updating-the-cache-of-apt-due-to-sury-version-2024/28570
[07:44:09]
<FbIN> > You could have run `yunohost tools regen-conf apt`
> Your issue seems similar to this one https://forum.yunohost.org/t/something-went-wrong-while-updating-the-cache-of-apt-due-to-sury-version-2024/28570
can I still run it now?
[07:46:20]
<Tagada> yup
[07:47:21]
<FbIN> thanks.
[07:49:11]
<FbIN> but how do I make the php stuff work? I mean the keyring has expired
[07:52:20]
<FbIN> > yup
🙏
[07:53:10]
<camille> humf can you share the error about the expired keyring ?
[07:53:55]
<FbIN> let me fetch the logs and respomd
[07:53:59]
<FbIN> *respond
[08:38:08]
<FbIN> > humf can you share the error about the expired keyring ?
https://pb.fbin.in/?c96598b7dd2e00f5#Cr9PQBWZQxdHXS4E6p4LkqUpJADHiZ1rR6NgH3pJHi1z
[08:38:11]
<FbIN> There you go
[08:40:18]
<FbIN> https://codeberg.org/oerdnj/deb.sury.org/issues/71
[08:41:16]
<FbIN> I am not willing to follow what sury suggests via the https://packages.sury.org/php/README.txt file, as I do not know if YNH may get corrupted again
[08:41:40]
<camille> Thanks for the logs! This is the quite the same issue as Mamie, you can follow this one https://forum.yunohost.org/t/something-went-wrong-while-updating-the-cache-of-apt-due-to-sury-version-2024/28570
[08:43:19]
<FbIN> > Thanks for the logs! This is the quite the same issue as Mamie, you can follow this one https://forum.yunohost.org/t/something-went-wrong-while-updating-the-cache-of-apt-due-to-sury-version-2024/28570
That one has the same solution as in the codeberg issue by another user, and sury says it is not the right way to do it. I am just confused, as this is prod env, and do not wish to do something which I may mess up, lols
[08:43:46]
<FbIN> camille, welcome, was eating so took time to respond
[08:44:53]
<FbIN> Also there is ayarn key error also in line 11 of my logs
[08:45:12]
<FbIN> so php (sury) & yarn both giving similar issues
[08:46:35]
<camille> And a topic about yarn https://forum.yunohost.org/t/yarn-repo-key-expired-edit-changed-again-is-it-ok-to-trust-it/41380/5
Usually, you can trust the yunohost forum :)
[08:50:00]
<FbIN> > Thanks for the logs! This is the quite the same issue as Mamie, you can follow this one https://forum.yunohost.org/t/something-went-wrong-while-updating-the-cache-of-apt-due-to-sury-version-2024/28570
https://pb.fbin.in/?50cbcc1faf771057#3bN8cMdnrZKaKV5mQp2RXL1PGmQz9ivd2p4FEk3zsVxC
I get these errors for php one. not yet tried for yarn though
[08:51:34]
<FbIN> Yarn one worked, but the sury one did not
[08:53:05]
<camille> I'm not sure what to do next... Can you create a topic on the forum about sury ?
[08:53:35]
<FbIN> > I'm not sure what to do next... Can you create a topic on the forum about sury ?
can I try the yarn rotation one on sury?
curl -sS https://packages.sury.org/php/apt.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/extra_php_version.gpg > /dev/null
[08:53:57]
<FbIN> Do you think this will work? otherwise I will raise an issue on ynh
[08:54:43]
<camille> I guess you can try it, it's broken already :')
[08:55:12]
<FbIN> agreed. just wanna be sure gpg --dearmor is correct there
[08:55:45]
<FbIN> *is correct for php as well, and was not specific to yarn
[08:56:37]
<camille> Not specific to yarn, for sure
[09:03:32]
<FbIN> okay, I fixed it
[09:03:40]
<FbIN> both php & apache2 ones
[09:06:56]
<FbIN> https://pb.fbin.in/?fc8e44107a0fa25b#4fQqKdkW8ctjUh2BZGokZCypqARLo2MG5hMEh8wpkMrS - steps to follow
[09:08:47]
<camille> how did you end up with apache2 on yunohost ? @_@
[09:09:17]
<FbIN> Ahh, I get you. I guess when I messed up earlier today
[09:09:22]
<FbIN> that was my bad. ignore that part
[09:09:47]
<FbIN> that is just in apt sources and no where else, so I will just delete it
[09:10:19]
<camille> wokay
[09:10:54]
<FbIN> yeah, I had copy pasted from my other server where I run a different control panel, and by mistake ran it here, lols
[09:19:15]
<rainer.szs> Server refused our key
[09:20:20]
<rainer.szs> There was another blackout tonight so the local ip changed again, I don't know if that could be the case
[09:20:37]
<rainer.szs> I made sure to set static DHCP this time
[09:22:49]
<rainer.szs> I can move files now, somehow
[09:26:11]
<rainer.szs> The key is refused from the server, I can move files only in the /home/user/Multimedia folder
[09:26:17]
<FbIN> > I'm not sure what to do next... Can you create a topic on the forum about sury ?
https://forum.yunohost.org/t/php-repo-key-expired-solved/41499
[09:26:33]
<rainer.szs> I don't understand if it's a key problem or a permission problem or both
[09:39:23]
<rainer.szs> I'm reading the security page for yunohost, there's a section about ssh keys, I'll follow the guide and let you know if it works in the end
[10:16:49]
<Tommi (they/he)> Hi all! Did anyone try to migrate Nextcloud from the default package to the one using PostgreSQL, in production?
https://forum.yunohost.org/t/how-to-install-migrate-nextcloud-with-postgresql/41424
[10:30:18]
<rainer.szs> I'm following [this part](https://doc.yunohost.org/en/admin/security/#ssh-authentication-via-key) of the yunohost security guide.
Previously on my client, whenever I executed `sudo ssh-copy-id -i ~/.ssh/id_rsa.pub rainer@(local ip)` I got the error sh: 1: cannot `create .ssh/authorized_keys: Permission denied`.
The permissions for ~/.ssh on my client were set to chmod 600, so I recursively set them to 700
```
-rwx------ 1 rainer rainer 403 feb 5 19:35 authorized_keys
-rwx------ 1 rainer rainer 411 feb 8 10:55 id_rsa
-rwx------ 1 rainer rainer 103 feb 8 10:55 id_rsa.pub
-rwx------ 1 rainer rainer 3270 feb 8 10:06 known_hosts
-rwx------ 1 rainer rainer 2292 gen 31 19:45 known_hosts.old
```
Even after setting the permission as 700 as indicated in the guide, I still get the error `sh: 1: cannot create .ssh/authorized_keys: Permission denied`. How can I fix this? Thanks
[10:30:44]
<rainer.szs> instead of rsa there's the actual ed(id) of course
[10:37:10]
<FbIN> > I'm following [this part](https://doc.yunohost.org/en/admin/security/#ssh-authentication-via-key) of the yunohost security guide.
> ...view rest of paste (15 lines): https://conference.yunohost.org/pastebin/28861f39-78cf-40a9-a133-49c679ea64e0
chmod 700 .ssh
chmod 600 .ssh/authorized_keys
[10:38:09]
<FbIN> also, check your sshd_config file once (just ooc)
[10:41:44]
<rainer.szs> ```
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/sshd_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed(id)_key
```
[10:42:35]
<rainer.szs> they're commented out
[10:42:55]
<FbIN> are you able to login via your vps/server provider terminal/panel and see if it works there?
[10:43:11]
<FbIN> this is an "if" it is the case situation
[10:43:33]
<rainer.szs> Do you mean my router control panel?
[10:43:50]
<FbIN> crrct
[10:44:04]
<rainer.szs> I can log in yes
[10:44:47]
<rainer.szs> What do I need to check?
[11:08:55]
<otm33> rainer.szs: If, from client, `ssh -i /path/to/your/private/key rainer@localip` works/worked, it may be an "issue" with filezilla/agent loaded keys.
You could try running filezilla that way : from CLI 1) disable ssh agent `unset SSH_AUTH_SOCK` 2) launch `filezilla` and try connecting withn Logon type key / Key file : ...
[11:10:45]
<rainer.szs> At the moment I'm not trying to use filezilla but to make the server more secure and trying to recieve less external attacks, sorry for the misunderstanding
[11:11:50]
<otm33> Did you try changing the ssh default port ? Bots scan port 22.
[11:12:30]
<rainer.szs> No I didn't
[11:14:02]
<otm33> From webadmin > tools > yunohost settings > security > SSH
[11:14:14]
<rainer.szs> Now I can't copy the key on the server with the command showed at step 1 of the security page, can I use scp or is ssh-copy-id required?
[11:18:08]
<otm33> if you change the default ssh port, you need to add to your command -p customsshport for ssh and -P customsshport for scp, afair
[12:00:31]
<rainer.szs> I copied the ssh key file with scp, now I'll change the ssh port
[12:30:35]
<Luc (he/him)> Hello there! I have a problem where I am unsure how to troubleshot further, I would appreciate any help or hint to understand what's happening
I have Yunohost with Nextcloud and Onlyoffice
I upgraded OnlyOffice from 9.2.1~ynh1 to 9.2.1~ynh2. It failed (logs: https://paste.yunohost.org/raw/atupijihif). After the fail the OnlyOffice services were restarting in loop
I uninstalled OnlyOffice and reinstalled the backup from just before the upgrade
Restoring the backup seem to have worked:
* The url of OnlyOffice correctly says "Document Server is running"
* The services are up with no weird logs
* From the admin page of Nextcloud, if I save the OnlyOffice settings, it successfully tests the connection.
But: when I try to open a file, I get an error: "ONLYOFFICE cannot be reached. Please contact admin"
I'm not sure where I can find logs for this error, there is nothing in /var/log/onlyoffice/docservice.log or in /var/log/nextcloud/nextcloud.log
[13:56:15]
<otm33> Luc (he/him): Can you reach your onlyoffice domain from a browser ?
[13:57:25]
<Luc (he/him)> yes!
[14:02:17]
<otm33> Both apps are public ?
[14:43:41]
<Luc (he/him)> yes, both apps public
[15:11:58]
<Luc (he/him)> it was all working fine before this so I don't think it's a setup problem (or if you think some of these steps could have changed one of the settings)
[15:46:08]
<otm33> OK. A few things I would check:
1) `/var/www/onlyoffice/config/local.json` (tokens and secrets)
2) nginx access and error logs for your onlyoffice domain (in real time with tail)
3) that onlyoffice.domain.tld/healthcheck returns "true"
[16:55:59]
<pie4_by_yuno> Hi dear WYNH community,
todays question: I've added keeweb on a subdomain : toolbox.piegoes.fr/keeweb , and I am failing at launching it (even from within yunohost): returning:
> Error loading app
> There was an error loading app settings. Please double check the app URL or contact your administrator.
on the webbrowser console, getting :
> NotFoundError: No such JSProcessActor 'BrowserToolboxDevToolsProcess'
> Missing resource in locale fr: devtools/client/toolbox.ftl
any insight warmly welcomed! Pierre
[18:02:20]
<Luc (he/him)> Thanks, you were right about checking the nginx log. When I try to open a document there is 403 error, which stands for "unauthorized" ; I could have seen it direclty in the dev tab of my browser.
[18:02:45]
<Luc (he/him)> 1) all seems good to me there
3) yes, it does return true
[18:09:38]
<Luc (he/him)> The only thing that I can think of is the field "List of web addresses authorized to integrate the OnlyOffice editor separated by space" in the OnlyOffice admin page
[18:10:36]
<Luc (he/him)> but here there is the value that I entered months ago and that was working properly, so I am unsure what this would need to change (also the value seems fine to me)
[18:14:10]
<otm33> Did you test with different browsers, in private tab etc ?
[18:16:16]
<Luc (he/him)> just did, same problem everywhere
[18:17:29]
<Luc (he/him)> maybe I could try to uninstall OO and reinstall it from scratch? there is nothing stored in the app, that would only mean I would get a new key to enter in the nextcloud admin, right?
[18:17:59]
<otm33> Sure.
[18:23:14]
<otm33> Other thing to try is checking if nextcloud returns the same jwt_secret : yunohost app shell nextcloud and then occ config:app:get onlyoffice jwt_secret but I guess it will be the same
[18:27:44]
<Luc (he/him)> ok, will check if reinstall is not fixing it
[18:33:07]
<Luc (he/him)> oooh, reinstalling did the trick
[18:33:17]
<Luc (he/him)> thanks a lot for the help!
[22:48:49]
<Solrac> Anyone these could help? 😅