Sympl issueshttps://gitlab.com/sympl.io/sympl/-/issues2019-04-14T21:25:48Zhttps://gitlab.com/sympl.io/sympl/-/issues/177Symbiosis: Stats default to On2019-04-14T21:25:48ZPaul CammishSymbiosis: Stats default to OnImported from https://www.github.com/BytemarkHosting/symbiosis/issues/51
I strongly believe Stats should be disabled OR the stats http page be password protected by default.Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/51
I strongly believe Stats should be disabled OR the stats http page be password protected by default.https://gitlab.com/sympl.io/sympl/-/issues/176Symbiosis: SSL symlinks broken on hostname change2019-07-17T15:54:09ZPaul CammishSymbiosis: SSL symlinks broken on hostname changeImported from https://www.github.com/BytemarkHosting/symbiosis/issues/42
When the hostname of a system running Symbiosis is changed the symbolic links for the self signed certificates in <code>/etc/ssl</code> are broken.
The symbolic l...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/42
When the hostname of a system running Symbiosis is changed the symbolic links for the self signed certificates in <code>/etc/ssl</code> are broken.
The symbolic links in <code>/etc/ssl</code> continue to point at <code>/srv/original-server-name/...</code>.
This then prevents the Apache service from starting as the SSL files are missing/invalid.Backloghttps://gitlab.com/sympl.io/sympl/-/issues/175Symbiosis: Some thoughts about Symbiosis firewall management2019-04-17T20:20:11ZPaul CammishSymbiosis: Some thoughts about Symbiosis firewall managementImported from https://www.github.com/BytemarkHosting/symbiosis/issues/136
The Symbiosis firewall seems to work well, but I have issues with it, which may be caused by my lack of understanding of the nuances of ruby, I guess. Mostly I w...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/136
The Symbiosis firewall seems to work well, but I have issues with it, which may be caused by my lack of understanding of the nuances of ruby, I guess. Mostly I want to stop the bots that relentlessly look for logins and passwords, while at present I think that Exim is doing a reasonable job of keeping spam out.
This attempts to explain my understanding of what is happening, so please bear with me - and maybe you wlll see if I have it wrong.
**What's there**
I am interested in improving the action of /usr/sbin/symbiosis-firewall-blacklist which runs every 15 minutes (or so) and is responsible for creating and deleting files in /etc/symbiosis/firewall/blacklist.d. The files are named for IP addresses (and have .auto) appended to them when created by the script. IP files can be created here to put into the firewall, and are ignored by the system. The files contain port numbers, 'all' or be empty (which implies 'all') - the port numbers are loaded into iptables and block attempts to connect from the named IP to the appropriate port.
The symbiosis-firewall-blacklist script has two distinct phases:
1) It creates a list of candidate IPs (and ports) using the files in /etc/symbiosis/firewall/patterns.d to scan log files. Once it has a list of candidates it creates the files in blacklist.d.
2) It then looks for files to delete.
So let's look at phase 1:
Each file in the patterns.d directory contains the name of a log file. This file is scanned looking for a regular expression match to find likely candidates for blocking. The script uses an sqlite3 database (in /var/lib/symbiosis/firewall-blacklist-logtail.db) to remember where it was in the file the last time it looked at that file. (I suspect that this is the cause of some people's uncertainty about this system. If you add a pattern which you've found in a log file, then it won't be activated until the problem happens again and re-appears in the log file so it can be seen.) However doing this makes sense for efficiency reasons.
The script uses pattern.rb to scan the log file. When matches are found it creates a two dimensional hash
`results[ip][port] = hit (actual code is results[ip.to_s][port] += 1)`
so for each port in the pattern.d file, the ip is awarded a single hit. My guess is that this method was used because different pattern files may locate the same bad IP and may also repeat ports. However it means that total hit counts are multiplied by the number of ports in the matched pattern file.
So it's found some lines in a logfile matching the regular expression. Now it wants to decide if any of these entries are worthy of being blacklisted.
This happens if any of the hit counts are greater than 20 (by default), or the value supplied by the -a (--block-after). While it's doing this, it's summing all the hits for the ip and writes them to another sqlite3 database (/var/lib/symbiosis/firewall-blacklist-count.db) along with the IP and a timestamp.
It now looks to see if this IP has been really bad, and is worth blocking completely. It creates a sum of the hits recorded for this IP in the last 24 hours and if this is over 100 (default) or the value determined from -b (--block-all-after) then this IP is set up to be blocked completely for all ports.
So now if it has some candidates, it will create files with the ip address as the names and attach .auto.
Phase 2 is reasonably simple. It looks for the modification time of the file, and if it's expired it's removed.
**Thoughts**
The Phase 1 algorithm really needs improving and I would say that this is really an urgently needed change. In many cases the system is not reactive enough - and I see that people are using other systems because it's not good enough.
When looking for candidates, the system only 'knows' about the matches it has found in the current slice of the log file that it's inspecting for that pass. For my site, this is typically 3 or 6. My system is not busy so not a lot happens every 15 minutes. The window for selecting candidates is much too small - and is essentially avoidable by delaying attacks.
Second, the system completely ignores the history that it has carefully stored away in the sqlite3 file. Mostly I find that these robots come back from the same IP address often several days later. The system should make much better use of the history that it has gathered.
Third, the current system will theoretically generate port specific matches in iptables. But it's not clear how often this will happen, and frankly I don't care, I'd be happy to completely block every bad site from everything. As an aside it would be good if the code making the firewall understood about 'multiport dports' to make less lines in the filters.
The current selection code is:
```
results.each do |ip, ports|
#
# tot up on a per-ip basis
#
total_for_ip = 0
ports.each do |port, hits|
total_for_ip += hits
blacklist[ip] << port if hits > @block_after
end
#
# Record our count
#
@count_db.set_count_for(ip, total_for_ip, timestamp)
#
# Get the hits for the last 24 hours
#
total_for_ip = @count_db.get_count_for(ip, timestamp - 86400)
#
# If an IP has exceeded the number of matches, block it from all ports.
#
if total_for_ip > @block_all_after
blacklist[ip] = %w(all)
end
end
```
I am no ruby programmer - so this is a syntactic guess but maybe this will be an improvement - without changing patterns.rb.
If you want to correct the syntax for me please do.
```
results.each do |ip, ports|
#
# get history for this ip for the last day
# and this ought to be a parameter to the script
# because I'd like to change this
# (@block_period defaults to 1 I think)
#
historysecs = timestamp - 3600*@block_period
past_for_ip = @count_db.get_count_for(ip, historysecs)
#
# tot up on a per-ip basis
#
total_for_ip = 0
ports.each do |port, hits|
total_for_ip += hits
# notice change here to include history
blacklist[ip] << port if hits + past_for_ip > @block_after
end
#
# Record our count
#
@count_db.set_count_for(ip, total_for_ip, timestamp)
#
# Get the hits for the some period, which can also be the epoch
# and again should be a parameter - block_all_period can perhap default to 3
#
historysecs = 0
if @block_all_period > 0
historysecs = timestamp - 3600*@block_all_period
end
total_for_ip = @count_db.get_count_for(ip, historysecs)
#
# If an IP has exceeded the number of matches, block it from all ports.
#
if total_for_ip > @block_all_after
blacklist[ip] = %w(all)
end
end
```
So this:
a) includes the history for some period when working out the bad guys
b) includes the history for some longer period when evaluating really bad guys
c) Now has an extra lookup for each ip,
This may cause problems if this hits ip addresses that should be in use. There are no tools for removing good guys from the history file. Maybe this can be supplied as a small tool. Perhaps when an address is placed in the whitelist directory, the address should be removed from the blacklist database if it's there.Future Planshttps://gitlab.com/sympl.io/sympl/-/issues/174Symbiosis: Skel missing file references2019-06-20T13:24:53ZPaul CammishSymbiosis: Skel missing file referencesImported from https://www.github.com/BytemarkHosting/symbiosis/issues/135
When a new domain directory is created within `/srv/`, Symbiosis Stretch will create appropriate `config`, and `public` sub-directories.
The `/srv/domain.com/pu...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/135
When a new domain directory is created within `/srv/`, Symbiosis Stretch will create appropriate `config`, and `public` sub-directories.
The `/srv/domain.com/public/htdocs/index.html` file generated refers to incorrect file paths, as it looks for `/bytemark/bytemark.css` and `/bytemark/bytemark.png`, but the `bytemark/` directory doesn't exist.
Additionally, the index points to the Jessie Symbiosis docs, where they should be for Stretch.Sympl v9.0 (for Debian Stretch)https://gitlab.com/sympl.io/sympl/-/issues/173Symbiosis: Simple database creator2020-09-15T21:31:03ZPaul CammishSymbiosis: Simple database creatorImported from https://www.github.com/BytemarkHosting/symbiosis/issues/46
A typical usage scenario for Symbiosis is a user creating a new site, then uploading a PHP webapp and expecting it to work.
The problem is, once they've uploaded ...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/46
A typical usage scenario for Symbiosis is a user creating a new site, then uploading a PHP webapp and expecting it to work.
The problem is, once they've uploaded the PHP content, they need to create a MySQL database, which can only currently be done over the command-line or PHPMyadmin.
An interesting feature would allow a user to create a "database" file in the /srv/domain.tld/config directory, containing a user and password. Symbiosis would detect the presence of this file, and if a database named after the domain didn't already exist, would create a new database, and GRANT the right permissions to it allowing local access with the username/password in the file. The user could then install say, Wordpress with *only* SFTP.Future Planshttps://gitlab.com/sympl.io/sympl/-/issues/172Symbiosis: Run-parts when SSL certificates are updated2019-06-20T17:51:21ZPaul CammishSymbiosis: Run-parts when SSL certificates are updatedImported from https://www.github.com/BytemarkHosting/symbiosis/issues/62
Similar to other tools for Lets Encrypt, could Symbiosis do a run-parts on a certain directory if it exists (e.g /etc/symbiosis/ssl-update.d) to allow other servic...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/62
Similar to other tools for Lets Encrypt, could Symbiosis do a run-parts on a certain directory if it exists (e.g /etc/symbiosis/ssl-update.d) to allow other services to act on an automated SSL renewal?
I'm thinking this could hook into HAProxy, but could be useful for mail and stuff too.
Ideally environment variables would be passed to the hook in the same style as https://github.com/hlandau/acme/blob/master/_doc/SCHEMA.md#hooksSympl v9.0 (for Debian Stretch)https://gitlab.com/sympl.io/sympl/-/issues/171Symbiosis: Roundcube sieve breaks following dist-upgrade from Symbiosis Jessi...2019-06-07T10:51:35ZPaul CammishSymbiosis: Roundcube sieve breaks following dist-upgrade from Symbiosis Jessie to StretchImported from https://www.github.com/BytemarkHosting/symbiosis/issues/118
Roundcube returns an `Unable to connect to managesieve server` warning when attempting to access the `Filters` or `Vacation` setting. This is due to a change in t...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/118
Roundcube returns an `Unable to connect to managesieve server` warning when attempting to access the `Filters` or `Vacation` setting. This is due to a change in the sieve directory structure when moving from Jessie to Stretch.
In Symbiosis Jessie, the structure is as follows:
<pre>
root@symbiosis2:/usr/share/roundcube# ls -al /srv/symbiosis2.default.aladlow.uk0.bigv.io/mailboxes/root/
total 24
drwxr-sr-x 4 admin admin 4096 May 11 11:31 .
drwxr-sr-x 4 admin admin 4096 May 17 12:57 ..
drwx--S--- 9 admin admin 4096 May 27 16:05 Maildir
-rw-r--r-- 1 admin admin 105 May 27 12:51 password
lrwxrwxrwx 1 admin admin 23 May 11 11:30 sieve -> sieve.d/roundcube.sieve
drwx--S--- 3 admin admin 4096 May 11 11:30 sieve.d
</pre>
And in Symbiosis Stretch:
<pre>
root@symbiosis2:/usr/share/roundcube# ls -al /srv/symbiosis2.default.aladlow.uk0.bigv.io/mailboxes/root/
total 20
drwxr-sr-x 4 admin admin 4096 May 27 16:08 .
drwxr-sr-x 4 admin admin 4096 May 17 12:57 ..
lrwxrwxrwx 1 admin admin 21 May 27 16:08 .dovecot.sieve -> sieve/roundcube.sieve
drwx--S--- 9 admin admin 4096 May 27 16:05 Maildir
-rw-r--r-- 1 admin admin 105 May 27 12:51 password
drwx--S--- 3 admin admin 4096 May 27 16:08 sieve
</pre>
To resolve this, the `sieve.d` directory should be renamed to `sieve`, and the `sieve` symlink to `.dovecot.sieve`.Sympl v9.0 (for Debian Stretch)https://gitlab.com/sympl.io/sympl/-/issues/170Symbiosis: Request: Write mysql root credentials to /root/.my.cnf when imaging.2019-06-09T23:33:49ZPaul CammishSymbiosis: Request: Write mysql root credentials to /root/.my.cnf when imaging.Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/56
(Note: This may be something for imager, or Stretch, but applied to Symbiosis *images* only)
It's never clear that the `root`, `admin` and mysql `root@localhost` ...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/56
(Note: This may be something for imager, or Stretch, but applied to Symbiosis *images* only)
It's never clear that the `root`, `admin` and mysql `root@localhost` users all have the same password in a newly imaged machine, which leads to users likely changing the root/admin passwords like they should, and not making note of the `root@localhost` password we set for mysql.
Simply writing the below to `/root/.my.cnf` (with relevant permissions) would make password recovery simpler, and allow the user to log in directly.
```config
[client]
user=root
password="<example>"
```
There's a small outside risk to this, by keeping it in `/root` would negate most of this, and make things simpler for users.Sympl v9.0 (for Debian Stretch)Paul CammishPaul Cammishhttps://gitlab.com/sympl.io/sympl/-/issues/169Symbiosis: Replace the default site .html file with some Symbiosis documentation2019-06-20T13:22:59ZPaul CammishSymbiosis: Replace the default site .html file with some Symbiosis documentationImported from https://www.github.com/BytemarkHosting/symbiosis/issues/63
@jamielinux's good idea;
Replace:
![screen_shot_2017-05-31_at_16 33 05](https://user-images.githubusercontent.com/317667/27084986-c99e5000-5045-11e7-9256-bd9f52c...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/63
@jamielinux's good idea;
Replace:
![screen_shot_2017-05-31_at_16 33 05](https://user-images.githubusercontent.com/317667/27084986-c99e5000-5045-11e7-9256-bd9f52cab638.png)
With help documentation in some form. Maybe full, maybe single page
Would a high level view of the steps required to setup a standard website work?Sympl v9.0 (for Debian Stretch)https://gitlab.com/sympl.io/sympl/-/issues/166Symbiosis: reject-www-data rule unintentionally removed from ip6tables when f...2019-06-07T14:36:07ZPaul CammishSymbiosis: reject-www-data rule unintentionally removed from ip6tables when file contains only IPv4 addressesImported from https://www.github.com/BytemarkHosting/symbiosis/issues/76
When an IPv4 address is added to the reject-www-data rule, the rule is removed from ip6tables.
1. Run `ip6tables -L -v -n` and notice the reject-www-data table is...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/76
When an IPv4 address is added to the reject-www-data rule, the rule is removed from ip6tables.
1. Run `ip6tables -L -v -n` and notice the reject-www-data table is present
2. Add 10.0.0.1 to `/etc/symbiosis/firewall/outgoing.d/50-reject-www-data`
3. Run `ip6tables -L -v -n` and notice the reject-www-data table is *no longer* presentBackloghttps://gitlab.com/sympl.io/sympl/-/issues/165Symbiosis: Publish CAA (DNS TXT) records to improve security2019-04-14T20:59:45ZPaul CammishSymbiosis: Publish CAA (DNS TXT) records to improve securityImported from https://www.github.com/BytemarkHosting/symbiosis/issues/134
Certification Authority Authorization (CAA), specified in RFC 6844 in 2013, is a proposal to improve the strength of the PKI ecosystem with a new control to restr...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/134
Certification Authority Authorization (CAA), specified in RFC 6844 in 2013, is a proposal to improve the strength of the PKI ecosystem with a new control to restrict which CAs can issue certificates for a particular domain name. It prevents bad people obtaining certificates from rogue or sloppy certification authorities.
It's a simple DNS text record to say, for example:
`example.org. CAA 128 issue "letsencrypt.org"`
At minimum, we could publish this record for a domain that's protected by a LetsEncrypt certificate.
https://blog.qualys.com/ssllabs/2017/03/13/caa-mandated-by-cabrowser-forumFuture Planshttps://gitlab.com/sympl.io/sympl/-/issues/164Symbiosis: Plaintext FTP should be disabled by default2019-04-17T20:30:58ZPaul CammishSymbiosis: Plaintext FTP should be disabled by defaultImported from https://www.github.com/BytemarkHosting/symbiosis/issues/50
`/etc/pure-ftpd/conf/TLS` currently appears to be set to 1 which means "Accept both normal sessions and SSL/TLS ones." - my opinion would be that for the next rele...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/50
`/etc/pure-ftpd/conf/TLS` currently appears to be set to 1 which means "Accept both normal sessions and SSL/TLS ones." - my opinion would be that for the next release, we should change this to 2, or even 3. Options are below.
```
-Y tls behavior
-Y 0 (default) disables SSL/TLS security mechanisms.
-Y 1 Accept both normal sessions and SSL/TLS ones.
-Y 2 refuses connections that aren't using SSL/TLS security
mechanisms, including anonymous ones.
-Y 3 refuses connections that aren't using SSL/TLS security
mechanisms, and refuse cleartext data channels as well.
The server must have been compiled with SSL/TLS support and a
valid certificate must be in place to accept encrypted sessions.
```https://gitlab.com/sympl.io/sympl/-/issues/163Symbiosis: PHP 7.1/7.2 support2020-09-15T21:33:38ZPaul CammishSymbiosis: PHP 7.1/7.2 supportImported from https://www.github.com/BytemarkHosting/symbiosis/issues/128
(https://forum.bytemark.co.uk/t/symbiosis-stretch-update/2848/30)
PHP7.0's EOL is 3/12/18, which is a little short, given that PHP7.2 is only 'officially' availa...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/128
(https://forum.bytemark.co.uk/t/symbiosis-stretch-update/2848/30)
PHP7.0's EOL is 3/12/18, which is a little short, given that PHP7.2 is only 'officially' available in Buster, and PHP7.1 in Sid.
We already run 7.1 and 7.2 in containers (Systemd-nspawn, Docker) for some customers using Symbiosis, but the setup procedure is mostly manual.
Ideally we'd want to be able to create a file e.g. `/srv/domain.com/config/php` containing `7.1<` or `7.2` to automatically use the appropriate Apache template for that domain.Future Planshttps://gitlab.com/sympl.io/sympl/-/issues/162Symbiosis: PHP 'upload_max_filesize' and 'post_max_size' values default perha...2019-04-14T21:31:36ZPaul CammishSymbiosis: PHP 'upload_max_filesize' and 'post_max_size' values default perhaps too lowImported from https://www.github.com/BytemarkHosting/symbiosis/issues/123
The default values of `2M` for `upload_max_filesize` and `8M` for `post_max_size` are fairly conservative, and can be fairly limiting as larger uploads have becom...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/123
The default values of `2M` for `upload_max_filesize` and `8M` for `post_max_size` are fairly conservative, and can be fairly limiting as larger uploads have become more common etc.
These two variables are often manually increased straight off the bat with a new Symbiosis install, so it would be useful to set these to a higher default value from the get go.https://gitlab.com/sympl.io/sympl/-/issues/161Symbiosis: Package d-push for stretch?2019-06-07T14:35:45ZPaul CammishSymbiosis: Package d-push for stretch?Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/52
d-push was removed from debian before stretch because it wasn't php7 compatible in time. It is now compatible with PHP7, so we could choose to package it ourselves...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/52
d-push was removed from debian before stretch because it wasn't php7 compatible in time. It is now compatible with PHP7, so we could choose to package it ourselves.
We should determine if anyone actually uses d-push to sync emails to their mobile device and how important it is to them - i.e. whether or not they can just use IMAP instead.
I'd be very surprised if anyone was unable to use IMAP. We're talking early 2000s MS stuff here I'd expect.https://gitlab.com/sympl.io/sympl/-/issues/160Symbiosis: Optional symbiosis-httpd-logger package fails under load2019-04-14T20:58:39ZPaul CammishSymbiosis: Optional symbiosis-httpd-logger package fails under loadImported from https://www.github.com/BytemarkHosting/symbiosis/issues/113
Under high loads with a large number of sites (and therefore large number of instances of the logger), the symbiosis-httpd-logger process stalls and fails to writ...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/113
Under high loads with a large number of sites (and therefore large number of instances of the logger), the symbiosis-httpd-logger process stalls and fails to write logs, apparently causing Apache to stall and spin up more processes to deal with the incoming traffic.
A workaround for this seems to be to be to adjust the Apache templates for HTTP/HTTPS sites to log directly to disk, saving the extra processor time and RAM, however this means the `logs` directories won't be automatically generated (should be fixable in symbiosis-httpd-configure or elsewhere, and log files will not be owned by admin:admin (which is not a huge problem, as they are cycled automatically, and still readable by admin).https://gitlab.com/sympl.io/sympl/-/issues/159Symbiosis: On Stretch, man pages for symbiosis-common scripts are empty2019-04-14T20:53:51ZPaul CammishSymbiosis: On Stretch, man pages for symbiosis-common scripts are emptyImported from https://www.github.com/BytemarkHosting/symbiosis/issues/117
Looks like a problem finding ruby libraries during generation of the packages.Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/117
Looks like a problem finding ruby libraries during generation of the packages.https://gitlab.com/sympl.io/sympl/-/issues/158Symbiosis: On Stretch, httpd.postinst doesn't correctly preserve `no-stats` s...2019-06-07T10:51:39ZPaul CammishSymbiosis: On Stretch, httpd.postinst doesn't correctly preserve `no-stats` settingsImported from https://www.github.com/BytemarkHosting/symbiosis/issues/124
This is what I think should happen:
1. If `no-stats` is present and not set to `false`: remove, as this is the default now.
2. If `no-stats` is present and set t...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/124
This is what I think should happen:
1. If `no-stats` is present and not set to `false`: remove, as this is the default now.
2. If `no-stats` is present and set to `false`: move to `stats` and truncate, ensuring stats are enabled.
3. If `no-stats` isn't present: create `stats`.
4. Otherwise do nothing.
Patrick advised that we can potentially not do (3) and just put in release notes that the default is now that stats are disabled by default, as we use webalizer which is old and clunky and potentially many customers don't use it.Sympl v9.0 (for Debian Stretch)https://gitlab.com/sympl.io/sympl/-/issues/157Symbiosis: Mysql user of admin with admin password for mysql access2019-06-20T13:21:36ZPaul CammishSymbiosis: Mysql user of admin with admin password for mysql accessImported from https://www.github.com/BytemarkHosting/symbiosis/issues/61
Just had a customer who processed a migration from symb6 to symb8 and managed to overwrite the mysql db in the process.
Wondered if there might be some traction i...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/61
Just had a customer who processed a migration from symb6 to symb8 and managed to overwrite the mysql db in the process.
Wondered if there might be some traction in having an admin user with the admin password as a mysql user that we can control access for a little more, no access to the mysql folder for example...
Sympl v9.0 (for Debian Stretch)https://gitlab.com/sympl.io/sympl/-/issues/155Symbiosis: monit: Use systemd timer to launch instead of cron2019-04-14T20:52:49ZPaul CammishSymbiosis: monit: Use systemd timer to launch instead of cronImported from https://www.github.com/BytemarkHosting/symbiosis/issues/55
This requires a .timer as well as a .service file](https://wiki.archlinux.org/index.php/Systemd/Timers). It also means that sysvinit isn't really supported, unles...Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/55
This requires a .timer as well as a .service file](https://wiki.archlinux.org/index.php/Systemd/Timers). It also means that sysvinit isn't really supported, unless a check is put in place to remove the cron job or otherwise disable it.