Sympl issueshttps://gitlab.com/sympl.io/sympl/-/issues2023-05-09T08:43:21Zhttps://gitlab.com/sympl.io/sympl/-/issues/342sympl-web-generate-stats doesnt always generate statistics2023-05-09T08:43:21ZPaul Cammishsympl-web-generate-stats doesnt always generate statisticsIt looks to be checking the files to see if there have been any changes, where this is not really relevant - awffull is fine being passed the same information multiple times, or empty log files.It looks to be checking the files to see if there have been any changes, where this is not really relevant - awffull is fine being passed the same information multiple times, or empty log files.Sympl 12 (bookworm)Paul CammishPaul Cammishhttps://gitlab.com/sympl.io/sympl/-/issues/341Error: test_ssl_fetch_new_certificate(SSLTest): OpenSSL::X509::RequestError: ...2023-06-10T20:45:15ZPaul CammishError: test_ssl_fetch_new_certificate(SSLTest): OpenSSL::X509::RequestError: illegal zero content```
Error: test_ssl_fetch_new_certificate(SSLTest): OpenSSL::X509::RequestError: illegal zero content
/usr/lib/ruby/3.1.0/openssl/x509.rb:387:in `to_der'
/usr/lib/ruby/3.1.0/openssl/x509.rb:387:in `=='
/etc/sympl/test.d/tc_ssl.rb:745:in ...```
Error: test_ssl_fetch_new_certificate(SSLTest): OpenSSL::X509::RequestError: illegal zero content
/usr/lib/ruby/3.1.0/openssl/x509.rb:387:in `to_der'
/usr/lib/ruby/3.1.0/openssl/x509.rb:387:in `=='
/etc/sympl/test.d/tc_ssl.rb:745:in `test_ssl_fetch_new_certificate'
742: assert_equal(set.bundle, [ca_cert])
743: assert_equal(set.key, key)
744: assert_equal(set.certificate, cert)
=> 745: assert_equal(set.request, request)
746:
747: assert_equal("0", @domain.ssl_next_set_name)
748: set.name = "0"
```Sympl 12 (bookworm)https://gitlab.com/sympl.io/sympl/-/issues/340CI: "TMPDIR is not writable: /tmp/user/0" (Bookworm)2023-05-04T13:41:04ZPaul CammishCI: "TMPDIR is not writable: /tmp/user/0" (Bookworm)Theres quite a few warnings/errors being thrown in the CI with
```
TMPDIR is not writable: /tmp/user/0
TMP is not writable: /tmp/user/0
TEMP is not writable: /tmp/user/0
```Theres quite a few warnings/errors being thrown in the CI with
```
TMPDIR is not writable: /tmp/user/0
TMP is not writable: /tmp/user/0
TEMP is not writable: /tmp/user/0
```Sympl 12 (bookworm)Paul CammishPaul Cammishhttps://gitlab.com/sympl.io/sympl/-/issues/339domain/mailbox.rb - "warning: constant Struct::Passwd is deprecated" (Bookworm)2023-05-04T13:41:21ZPaul Cammishdomain/mailbox.rb - "warning: constant Struct::Passwd is deprecated" (Bookworm)A number of ruby warnings for `Struct::Passwd` used in mails domain/mailbox.rb.A number of ruby warnings for `Struct::Passwd` used in mails domain/mailbox.rb.Sympl 12 (bookworm)https://gitlab.com/sympl.io/sympl/-/issues/337Build: docker build image not based on bookworm2023-05-02T12:02:32ZPaul CammishBuild: docker build image not based on bookwormThe docker build image is currently a clone of the buster image, so is building things slightly wrong, which may account for errors in `sympl-firewall`.
This should be fixed up ASAP.The docker build image is currently a clone of the buster image, so is building things slightly wrong, which may account for errors in `sympl-firewall`.
This should be fixed up ASAP.Sympl 12 (bookworm)https://gitlab.com/sympl.io/sympl/-/issues/335Failures: Dovecot2023-05-02T12:02:04ZPaul CammishFailures: DovecotLooks like some breaking changes to the dovecot config in Bookworm, notably mentions of:
```
configuration error - unknown item 'NONEXISTENT' (notify administrator)
configuration error - unknown item 'PREVENT_NO_AUTH' (notify administrat...Looks like some breaking changes to the dovecot config in Bookworm, notably mentions of:
```
configuration error - unknown item 'NONEXISTENT' (notify administrator)
configuration error - unknown item 'PREVENT_NO_AUTH' (notify administrator)
```
...in the logs when installing.Sympl 12 (bookworm)https://gitlab.com/sympl.io/sympl/-/issues/334Failure: test_acl_check_antivirus(Exim4ConfigTest)2023-05-04T13:42:09ZPaul CammishFailure: test_acl_check_antivirus(Exim4ConfigTest)```
Failure: test_acl_check_antivirus(Exim4ConfigTest)
/etc/sympl/test.d/tc_exim4.rb:280:in `block in do_acl_script'
/etc/sympl/test.d/tc_exim4.rb:263:in `open'
/etc/sympl/test.d/tc_exim4.rb:263:in `do_acl_script'
/etc/sympl/test.d/tc_ex...```
Failure: test_acl_check_antivirus(Exim4ConfigTest)
/etc/sympl/test.d/tc_exim4.rb:280:in `block in do_acl_script'
/etc/sympl/test.d/tc_exim4.rb:263:in `open'
/etc/sympl/test.d/tc_exim4.rb:263:in `do_acl_script'
/etc/sympl/test.d/tc_exim4.rb:414:in `test_acl_check_antivirus'
411: system('sync ; date=$(date "+%Y-%m-%d %H:%M:%S") ; systemctl reload clamav-daemon.service ; timeout 120 journalctl -u clamav-daemon.service --since="$date" --follow | while read line ; do if [ $( echo $line | grep -c "[0-9]* signatures" ) -eq 1 ]; then killall "journalctl" 2>&1 >/dev/null ; fi ; done ; sleep 1')
412:
413: # OK the file is there now, so reject (as per default)
=> 414: do_acl_script('exim4_acl_tests/antivirus_reject')
415:
416: # OK, now the file contains "tag" so accept, and tag
417: File.open(File.join(config_dir, "antivirus"),"w+"){|fh| fh.puts("tag my mail")}
ACL test failed after line 21 of exim4_acl_tests/antivirus_reject (OK id=1ptavD-0002QU-1n)
<550> expected but was
<250>
diff:
? 550
? 2
? ?
```Sympl 12 (bookworm)https://gitlab.com/sympl.io/sympl/-/issues/333symbiosis_utmp.so fails to load2023-05-02T15:52:19ZPaul Cammishsymbiosis_utmp.so fails to loadsymbiosis_utmp.so is failing to load, possibly because it's currently built with the wrong toolset (bullseye not bookworm).symbiosis_utmp.so is failing to load, possibly because it's currently built with the wrong toolset (bullseye not bookworm).Sympl 12 (bookworm)https://gitlab.com/sympl.io/sympl/-/issues/332Error: test_smtp_capabilities(TestEximLive)2023-06-10T20:43:59ZPaul CammishError: test_smtp_capabilities(TestEximLive)```
Error: test_smtp_capabilities(TestEximLive): OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 peeraddr=10.0.2.15:25 state=error: sslv3 alert illegal parameter
/usr/lib/ruby/3.1.0/net/protocol.rb:46:in `connect_nonblock'
/usr/li...```
Error: test_smtp_capabilities(TestEximLive): OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 peeraddr=10.0.2.15:25 state=error: sslv3 alert illegal parameter
/usr/lib/ruby/3.1.0/net/protocol.rb:46:in `connect_nonblock'
/usr/lib/ruby/3.1.0/net/protocol.rb:46:in `ssl_socket_connect'
/usr/lib/ruby/gems/3.1.0/gems/net-smtp-0.3.1/lib/net/smtp.rb:673:in `tlsconnect'
/usr/lib/ruby/gems/3.1.0/gems/net-smtp-0.3.1/lib/net/smtp.rb:649:in `do_start'
/usr/lib/ruby/gems/3.1.0/gems/net-smtp-0.3.1/lib/net/smtp.rb:604:in `start'
/etc/sympl/test.d/tc_exim4_live.rb:67:in `test_smtp_capabilities'
64: smtp = Net::SMTP.new('public_ip', 25)
65: smtp.debug_output = $stdout if $DEBUG
66:
=> 67: smtp.start do
68: assert(smtp.capable_starttls?,"STARTTLS is not advertised on port 25")
69: assert(!smtp.capable_plain_auth?, "AUTH PLAIN advertised without TLS on public IP")
70: assert(!smtp.capable_login_auth?, "AUTH LOGIN advertised without TLS on public IP")
```Sympl 12 (bookworm)https://gitlab.com/sympl.io/sympl/-/issues/331Failure: test_cgi(TestHTTP)2023-05-26T10:54:12ZPaul CammishFailure: test_cgi(TestHTTP)```
Failure: test_cgi(TestHTTP)
/etc/sympl/test.d/tc_http.rb:140:in `block in test_cgi'
137:
138: system ('sympl-web-configure')
139:
=> 140: assert_equal( "500", getCode( "/cgi-bin/test.cgi", @domain.name )...```
Failure: test_cgi(TestHTTP)
/etc/sympl/test.d/tc_http.rb:140:in `block in test_cgi'
137:
138: system ('sympl-web-configure')
139:
=> 140: assert_equal( "500", getCode( "/cgi-bin/test.cgi", @domain.name ),
141: "Fetching /cgi-bin/test.cgi did not return 500" )
142:
143: assert_equal( "500", getCode( "/cgi-bin/test.cgi", "www.#{@domain.name}" ),
/etc/sympl/test.d/tc_http.rb:131:in `test_cgi'
Fetching /cgi-bin/test.cgi did not return 500
<"500">(UTF-8) expected but was
<"404">(ASCII-8BIT)
diff:
? 500
? 4 4
? ? ?
? Encoding: UTF -8
? ASCII BIT
? ??? +++
```Sympl 12 (bookworm)https://gitlab.com/sympl.io/sympl/-/issues/317sympl-mail: /srv/example.com/mailboxes is required to accept mail2021-09-23T21:15:58ZPaul Cammishsympl-mail: /srv/example.com/mailboxes is required to accept mailDue to the changes in Exim in Debian 11, the config now expects the /srv/example.com/mailboxes directory to exist for incoming mail, and fails if it doesn't (ie: theres aliases or default forward, etc).
Reported in https://forum.sympl.h...Due to the changes in Exim in Debian 11, the config now expects the /srv/example.com/mailboxes directory to exist for incoming mail, and fails if it doesn't (ie: theres aliases or default forward, etc).
Reported in https://forum.sympl.host/t/mail-aliases-in-config-aliases/234Paul CammishPaul Cammish2021-09-24https://gitlab.com/sympl.io/sympl/-/issues/316install: fails on Debian 11 without gnupg if debconf-set-selections already i...2021-08-23T07:37:11ZPaul Cammishinstall: fails on Debian 11 without gnupg if debconf-set-selections already installed# Summary
Using a fresh Debian 11 image on Linode, the install script exits at the following line due to lack of gnupg
```
root@localhost:~# wget -qO- https://mirror.mythic-beasts.com/mythic/support@mythic-beasts.com.gpg.key | apt-key ...# Summary
Using a fresh Debian 11 image on Linode, the install script exits at the following line due to lack of gnupg
```
root@localhost:~# wget -qO- https://mirror.mythic-beasts.com/mythic/support@mythic-beasts.com.gpg.key | apt-key add -
E: gnupg, gnupg2 and gnupg1 do not seem to be installed, but one of them is required for this operation
```
# Steps to reproduce
Using a fresh Debian 11 image on Linode, the install script exits at the following line due to lack of gnupg
- create linode with Debian 11 image
- follow documentation to install (https://wiki.sympl.host/view/Installing_Sympl)
- a) `wget https://gitlab.mythic-beasts.com/sympl/install/raw/master/install.sh`
- b) `bash install.sh`
- watch installer die at `Adding repository key...`
- specifically, `apt-key` fails to add the gpg public key due to missing dependency, see logs below
EDIT: It appears that `gnupg` is already listed as a dependency in the install script, but never installed since `debconf-set-selections` is already installed on the Linode image
# Example Project
Follow documentation (https://wiki.sympl.host/view/Installing_Sympl) on Debian 11 image which doesn't contain a gnupg package, such as Linode's Debian 11 image
# What is the current bug behavior?
Installer dies part way though, as above
# What is the expected correct behavior?
Installer completes successfully! :sunglasses:
# Relevant logs and/or screenshots
Before running script
```
root@localhost:~# which debconf-set-selections
/usr/bin/debconf-set-selections
```
Installer failing:
```
-----------------------------------------------------------------------
Sympl Installer v20210818
-----------------------------------------------------------------------
This script will help you install Sympl on a Debian Linux or Raspberry
Pi OS server with minimal hassle, and give you some intial pointers.
Installing initial dependencies...
All packages are up to date.
Installing Sympl from 'bullseye' repository.
Setting defaults...
Adding repository key...root@localhost:~#
```
Failing line ran separately:
```
root@localhost:~# wget -qO- https://mirror.mythic-beasts.com/mythic/support@mythic-beasts.com.gpg.key | apt-key add -
E: gnupg, gnupg2 and gnupg1 do not seem to be installed, but one of them is required for this operation
```
# Possible fixes
Lines causing issues:
- `if [ "x$(which debconf-set-selections)" = "x" ]; then`
- `wget -qO- https://mirror.mythic-beasts.com/mythic/support@mythic-beasts.com.gpg.key | apt-key add -`
Either remove the check around dependency `debconf-set-selections` installation, or separate `gnupg` into a separate dependency installation block
/cc @kelduumPaul CammishPaul Cammishhttps://gitlab.com/sympl.io/sympl/-/issues/315sympl-mail: sympl-mail-poppassd fails to start in Bullseye IPv6-only2021-08-23T07:35:18ZPaul Cammishsympl-mail: sympl-mail-poppassd fails to start in Bullseye IPv6-onlyIt seems that on an IPv6-only instance running Bullseye falls fowl of a change in Ruby which prevents it from binding to 127.0.0.1, but adding a IPv4 address on loopback means it's okay, and this is fine with prior debian versions.
As a...It seems that on an IPv6-only instance running Bullseye falls fowl of a change in Ruby which prevents it from binding to 127.0.0.1, but adding a IPv4 address on loopback means it's okay, and this is fine with prior debian versions.
As a short-term work-around, adjusting https://gitlab.mythic-beasts.com/sympl/sympl/-/blob/bullseye/mail/sbin/sympl-mail-poppassd and changing:
```ruby
EventMachine.run do
begin
EventMachine.start_server "127.0.0.1", port, Symbiosis::Email::PoppassHandler
rescue StandardError => err
syslog.info "Caught #{err.to_s} "
EM.stop
end
end
```
to:
```ruby
EventMachine.run do
begin
EventMachine.start_server "127.0.0.1", port, Symbiosis::Email::PoppassHandler
rescue StandardError => err
begin
EventMachine.start_server "::", port, Symbiosis::Email::PoppassHandler
rescue StandardError => err
syslog.info "Caught #{err.to_s} "
EM.stop
end
end
end
```
Will have it fallback and still bind to 127.0.0.1. This also binds to other addresses, but it's firewalled so shouldn't be an issue.Sympl 11 for Debian BullseyePaul CammishPaul Cammishhttps://gitlab.com/sympl.io/sympl/-/issues/309sympl11 - Re-enable stable CI2021-08-13T16:08:34ZPaul Cammishsympl11 - Re-enable stable CINo stable branch at present with public packages to test against, so CI was disabled temporarily in 05713c43.
Will need re-enabling once the stable branch has been publicly built.No stable branch at present with public packages to test against, so CI was disabled temporarily in 05713c43.
Will need re-enabling once the stable branch has been publicly built.Sympl 11 for Debian BullseyePaul CammishPaul Cammish2021-06-01https://gitlab.com/sympl.io/sympl/-/issues/308sympl11 - Re-enable testing CI2021-08-13T16:12:17ZPaul Cammishsympl11 - Re-enable testing CINo testing branch at present with public packages to test against, so CI was disabled temporarily in 05713c43.
Will need re-enabling once the testing branch has been publicly built.No testing branch at present with public packages to test against, so CI was disabled temporarily in 05713c43.
Will need re-enabling once the testing branch has been publicly built.Sympl 11 for Debian BullseyePaul CammishPaul Cammishhttps://gitlab.com/sympl.io/sympl/-/issues/307Sympl 11: sympl-mail - Update exim configurations (historic)2021-02-12T18:21:16ZPaul CammishSympl 11: sympl-mail - Update exim configurations (historic)Changes to the Exim configuration were needed to pass the existing test suite.
These were done in 7dc9c294 15c8c20f 5a1b47ae 33d97665 6b4fbe1c
See also #304 which is related as it involved a workaround.Changes to the Exim configuration were needed to pass the existing test suite.
These were done in 7dc9c294 15c8c20f 5a1b47ae 33d97665 6b4fbe1c
See also #304 which is related as it involved a workaround.Sympl 11 for Debian Bullseyehttps://gitlab.com/sympl.io/sympl/-/issues/305Update copyright dates to 2023, and license to GPL32023-05-26T10:55:17ZPaul CammishUpdate copyright dates to 2023, and license to GPL3The licence for Sympl 11 should be updated to the more modern GPL3, which is a bit clearer in a few cases.
Similarly, copyright dates should also be updated.The licence for Sympl 11 should be updated to the more modern GPL3, which is a bit clearer in a few cases.
Similarly, copyright dates should also be updated.Sympl 12 (bookworm)https://gitlab.com/sympl.io/sympl/-/issues/291sympl-webmail: Getting roundcube to work2020-04-22T11:49:34ZPaul Cammishsympl-webmail: Getting roundcube to workNot that I use roundcube - but it's useful backup. The system seems to have the right database tables, but cannot access them and there are some other minor tiny changes to make to it work. Now it maybe that it does work... I couldn't ge...Not that I use roundcube - but it's useful backup. The system seems to have the right database tables, but cannot access them and there are some other minor tiny changes to make to it work. Now it maybe that it does work... I couldn't get it to log me in. So I did this lot:
1) Install apt install php-net-idna2
the install script complains about this
2) ```cd /usr/share/roundcube```
```ln -s /var/lib/roundcube/temp```
Roundcube is looking in /var/lib/roundcube or so it says.
3) Change /etc/defaults.inc.php
This line:
```
$config['db_dsnw'] = 'mysql://roundcube:@localhost/roundcubemail';
```
points to roundcubeemail - where the mysql database is roundcube. So change that.
Now run dpkg-reconfigure roundcube-core
it creates debian-db.php, which contains a password. This still isn't roundcube's password,
so
```
# mysql mysql
> alter user 'roundcube'@'localhost' identified by 'THE PASSWORD IN THE FILE';
> FLUSH PRIVILEGES;
```
check that the password works - and add it into /etc/defaults.inc.php after the colon.
It should all now spring into life.Paul CammishPaul Cammishhttps://gitlab.com/sympl.io/sympl/-/issues/274ChangeLog needs updating with the major changes.2019-12-13T16:51:16ZPaul CammishChangeLog needs updating with the major changes.As per !146, the changelog needs some updates with the service affecting changes.As per !146, the changelog needs some updates with the service affecting changes.Paul CammishPaul Cammishhttps://gitlab.com/sympl.io/sympl/-/issues/271sympl-core: On each install, check the user is in the right groups2020-01-28T00:25:25ZPaul Cammishsympl-core: On each install, check the user is in the right groupsAt the moment, the `sympl` user is only added to the relevant groups (notably www-data) when the user is created, rather than on installation of `sympl-core`.
This can cause some issues if the sympl user already exists (from a removed i...At the moment, the `sympl` user is only added to the relevant groups (notably www-data) when the user is created, rather than on installation of `sympl-core`.
This can cause some issues if the sympl user already exists (from a removed install, or it was created before installing), so it would be safer to check each time `sympl-core` is installed.Paul CammishPaul Cammish