All Activity

Ok, now I have another issue: The SSL certificate for the panel won't renew. Running the cron debug I get the following: root@server:~# php /var/www/html/froxlor/scripts/froxlor_master_cronjob.php --force --debug [information] TasksCron: Searching for tasks to do [information] TasksCron: Task10 started - setting filesystem quota sh: 1: /usr/sbin/repquota: not found [information] Running Let's Encrypt cronjob prior to regenerating webserver config files [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Sun Aug 1 13:37:42 AEST 2021] Already uptodate! [Sun Aug 1 13:37:42 AEST 2021] Upgrade success! [Sun Aug 1 13:37:42 AEST 2021] Installing cron job 2 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null [information] Updated Let's Encrypt certificate for <URL1> [information] Updated Let's Encrypt certificate for <URL2> [information] Updated Let's Encrypt certificate for <URL3> [information] Updated Let's Encrypt certificate for <URL4> [information] Updated Let's Encrypt certificate for <URL5> [information] Updated Let's Encrypt certificate for <URL6> [information] Updated Let's Encrypt certificate for <URL7> [information] Updated Let's Encrypt certificate for <URL8> [information] Let's Encrypt certificates have been updated [information] apache::createIpPort: creating ip/port settings for <IP address> [notice] <IP address>:80 :: namevirtualhost-statement no longer needed for apache-2.4 [debug] <IP address>:80 :: inserted vhostcontainer [information] apache::createIpPort: creating ip/port settings for <IP address> [debug] System certificate file "/etc/apache2/apache2.pem" does not seem to exist. Disabling SSL-vhost for "<panel URL>" [debug] System certificate key-file "/etc/apache2/apache2.key" does not seem to exist. Disabling SSL-vhost for "<panel URL>" [error] <panel URL> :: empty certificate file! Cannot create ssl-directives [debug] <IP address> :: inserted vhostcontainer [information] apache::createVirtualHosts: creating vhost container for domain 14, customer <Customer2> [information] apache::createVirtualHosts: creating vhost container for domain 9, customer <Customer1> [information] apache::createVirtualHosts: creating vhost container for domain 4, customer <Customer1> [information] apache::createVirtualHosts: creating vhost container for domain 16, customer <Customer2> [information] apache::createVirtualHosts: creating vhost container for domain 10, customer <Customer1> [information] apache::createVirtualHosts: creating vhost container for domain 8, customer <Customer1> [information] apache::createVirtualHosts: creating vhost container for domain 6, customer <Customer1> [information] apache::createVirtualHosts: creating vhost container for domain 18, customer <Customer1> [information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/ [information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/ [information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/ [information] Froxlor\Cron\Http\Apache::reload: reloading Froxlor\Cron\Http\Apache [notice] Checking system's last guid I can't access the panel anymore now because secure connection cannot be made. I can't figure out how to access via the unsecured HTTP protocol instead, but I'm thinking to disable and reenable LetsEncrypt from within the panel that might sort this out. Any ideas?

Apologies. Just found the answer in the bug tracker. Looks like this has been corrected. Solution below for anyone with similar issue. Link to Bug

I've just recently upgraded to Froxlor Version 0.10.27 and my Cronjobs are failing. Cronjob status shows that it is active. After trying to force run the cronjob, I get the following error. root@server:~# /usr/bin/php /var/www/html/froxlor/scripts/froxlor_master_cronjob.php --force PHP Parse error: syntax error, unexpected end of file in /var/www/html/froxlor/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php on line 618 I've taken a look at the AcmeSh.php file and can't find anything wrong with it on line 618. Other things tried: - Removed all SSL certificates manually via FTP and removed from Froxlor list. - Disabled Cloudflare CDN proxy. - Restarted server. AcmeSh.php

Danke für deine Hilfe und unglaublich Respekt wie du es schaffst Froxlor so gut und Stabil zu programmieren.

Du hast doch froxlor installiert, diese Daten solltest du durchaus kennen. Ansonsten schaue in der froxlor/lib/userdata.inc.php nach

Wie heißt die Datenbank von Froxlor und welches Passwort muss ich dort werwenden? Phymyadmin habe ich installiert.

I managed to resolve my issue by manually configuring Rspamd to inject the keys Froxlor created. I realize it's a low priority as there are few people as stubborn as I am when it comes to running a DNS server and hosting my own mail server, but it would be nice to incorporate opendkim and rspamd configurations into Froxlor. I am extremely grateful to the Froxlor community for the present solution. I'd like to contribute these feature requests myself; however, I'm reluctant because I don't think you'd want me sticking my dirty novice hands into the community food bowl!

In the immortal words of Homer Simpson, "D'oh!" I think I found it! I was running Rspamd in order to supply DKIM and it was occupying port 53 with records for the NS1 and NS2. So when the named-checkzone ran it detected that there were pre-existing A records and refused to load the zone! Doop, vielen dank für deine geduld mit mir !

https://intodns.com/radicalcomputingconcepts.com

HA! Please forgive me....I mistyped the domain in my named-checkzone query. Fat fingers and not enough coffee! root@mail:/etc/bind/domains# named-checkzone radicalcomputingconcepts.com /etc/bind/domains/radicalcomputingconcepts.com.zone zone radicalcomputingconcepts.com/IN: NS 'ns1.radicalcomputingconcepts.com' has no address records (A or AAAA) zone radicalcomputingconcepts.com/IN: NS 'ns2.radicalcomputingconcepts.com' has no address records (A or AAAA) zone radicalcomputingconcepts.com/IN: not loaded due to errors. FYI, Glue records are in place at the registrar and have been for almost a decade or more... root@mail# dig ns com ; <<>> DiG 9.11.5-P4-5.1+deb10u5-Debian <<>> ns com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37906 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;com. IN NS ;; ANSWER SECTION: com. 86400 IN NS g.gtld-servers.net. com. 86400 IN NS a.gtld-servers.net. com. 86400 IN NS e.gtld-servers.net. com. 86400 IN NS d.gtld-servers.net. com. 86400 IN NS j.gtld-servers.net. com. 86400 IN NS k.gtld-servers.net. com. 86400 IN NS c.gtld-servers.net. com. 86400 IN NS f.gtld-servers.net. com. 86400 IN NS l.gtld-servers.net. com. 86400 IN NS b.gtld-servers.net. com. 86400 IN NS m.gtld-servers.net. com. 86400 IN NS i.gtld-servers.net. com. 86400 IN NS h.gtld-servers.net. ;; Query time: 88 msec ;; SERVER: 213.186.33.99#53(213.186.33.99) ;; WHEN: Fri Jul 30 12:43:11 EDT 2021 ;; MSG SIZE rcvd: 256 root@mail:/etc/bind# dig ns radicalcomputingconcepts.com @e.gtld-servers.net ; <<>> DiG 9.11.5-P4-5.1+deb10u5-Debian <<>> ns radicalcomputingconcepts.com @e.gtld-servers.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57187 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 3 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;radicalcomputingconcepts.com. IN NS ;; AUTHORITY SECTION: radicalcomputingconcepts.com. 172800 IN NS ns1.radicalcomputingconcepts.com. radicalcomputingconcepts.com. 172800 IN NS ns2.radicalcomputingconcepts.com. ;; ADDITIONAL SECTION: ns1.radicalcomputingconcepts.com. 172800 IN A 149.56.97.154 ns2.radicalcomputingconcepts.com. 172800 IN A 96.81.53.27 ;; Query time: 68 msec ;; SERVER: 2001:502:1ca1::30#53(2001:502:1ca1::30) ;; WHEN: Fri Jul 30 12:44:09 EDT 2021 ;; MSG SIZE rcvd: 125

Froxlor cannot create glue records. Please read the bind docs and general DNS docs

I added a domain in froxlor control panel for radicalcomputingconcepts.com. The zone file looks like this: $TTL 600 $ORIGIN radicalcomputingconcepts.com. @ 600 IN SOA ns1.radicalcomputingconcepts.com. steve.keystonedesign.com. 2021073002 3600 900 604800 600 @ 600 IN A 149.56.97.154 www 600 IN A 149.56.97.154 @ 600 IN NS ns1.radicalcomputingconcepts.com. @ 600 IN NS ns2.radicalcomputingconcepts.com. running named-checkzone yields: named-checkzone radicalcomputingconepts.com /etc/bind/domains/radicalcomputingconcepts.com.zone /etc/bind/domains/radicalcomputingconcepts.com.zone:3: ignoring out-of-zone data (radicalcomputingconcepts.com) /etc/bind/domains/radicalcomputingconcepts.com.zone:5: ignoring out-of-zone data (radicalcomputingconcepts.com) /etc/bind/domains/radicalcomputingconcepts.com.zone:6: ignoring out-of-zone data (www.radicalcomputingconcepts.com) /etc/bind/domains/radicalcomputingconcepts.com.zone:7: ignoring out-of-zone data (radicalcomputingconcepts.com) /etc/bind/domains/radicalcomputingconcepts.com.zone:8: ignoring out-of-zone data (radicalcomputingconcepts.com) /etc/bind/domains/radicalcomputingconcepts.com.zone:12: ignoring out-of-zone data (mail.radicalcomputingconcepts.com) /etc/bind/domains/radicalcomputingconcepts.com.zone:13: ignoring out-of-zone data (mail.radicalcomputingconcepts.com) zone radicalcomputingconepts.com/IN: has 0 SOA records zone radicalcomputingconepts.com/IN: has no NS records zone radicalcomputingconepts.com/IN: not loaded due to errors. I can find no documentation on the Froxlor site nor in the forums on configuration of GLUE records...please advise

What about the radicalcomputingconcepts.com zone? And do you have GLUE records for it?

I've installed ipv6 information into my network interfaces and eliminated the bind errors in syslog. From and external host name resolution fails for the primary domain, the domain specified in the system settings, and dig responses are missing answer sections: syslog: Restarting bind9 (via systemctl): bind9.service. root@mail:/home/steve# tail -f /var/log/syslog Jul 29 18:11:27 mail named[6374]: zone flatironscannabis.com/IN: sending notifies (serial 2021072900) Jul 29 18:11:27 mail named[6374]: zone jaith.net/IN: sending notifies (serial 2021072900) Jul 29 18:11:27 mail named[6374]: zone mailinglist.boulevardbread.com/IN: sending notifies (serial 2021072900) Jul 29 18:11:27 mail named[6374]: zone ragustudio.com/IN: sending notifies (serial 2021072900) Jul 29 18:11:27 mail named[6374]: zone oddballsinvitations.net/IN: sending notifies (serial 2021072900) Jul 29 18:11:27 mail named[6374]: zone boulevardbread.com/IN: sending notifies (serial 2021072900) Jul 29 18:11:27 mail named[6374]: managed-keys-zone: Key 20326 for zone . acceptance timer complete: key now trusted Jul 29 18:11:27 mail named[6374]: resolver priming query complete external host resolution: ping mail.radicalcomputingconcepts.com ping: cannot resolve mail.radicalcomputingconcepts.com: Unknown host ping radicalcomputingconcepts.com ping: cannot resolve radicalcomputingconcepts.com: Unknown host zone files for hosts that are failing resolution: $TTL 600 $ORIGIN radicalcomputingconcepts.com. @ 600 IN SOA ns1.radicalcomputingconcepts.com. steve.keystonedesign.com. 2021072901 3600 900 604800 600 @ 600 IN A 149.56.97.154 www 600 IN A 149.56.97.154 @ 600 IN NS ns1.radicalcomputingconcepts.com. @ 600 IN NS ns2.radicalcomputingconcepts.com. $TTL 600 $ORIGIN mail.radicalcomputingconcepts.com. @ 600 IN SOA ns1.radicalcomputingconcepts.com. steve.keystonedesign.com. 2021072901 3600 900 604800 600 @ 600 IN A 149.56.97.154 @ 600 IN NS ns1.radicalcomputingconcepts.com. @ 600 IN NS ns2.radicalcomputingconcepts.com. @ 600 IN CAA 0 issue "letsencrypt.org" missing answer sections from dig: dig radicalcomputingconcepts.com ; <<>> DiG 9.11.5-P4-5.1+deb10u5-Debian <<>> radicalcomputingconcepts.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 31804 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: e05667de07e9c60614b1b8ed610328e82bba2257178535e9 (good) ;; QUESTION SECTION: ;radicalcomputingconcepts.com. IN A ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Jul 29 18:17:12 EDT 2021 ;; MSG SIZE rcvd: 85

It appears I still had ipv6 enabled. I disabled it by adding GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1" GRUB_CMDLINE_LINUX="ipv6.disable=1" to /etc/default/grub and restarting. Upon restart, postfix is broken and cannot authenticate via SASL: warning: SASL: Connect to private/auth failed: Connection refused Jul 29 15:07:01 mail postfix/smtpd[1490]: fatal: no SASL authentication mechanisms Jul 29 15:07:01 mail postfix/master[1147]: warning: process /usr/lib/postfix/sbin/smtpd pid 1481 exit status 1 Jul 29 15:07:01 mail postfix/master[1147]: warning: /usr/lib/postfix/sbin/smtpd: bad command startup -- throttling Jul 29 15:07:01 mail postfix/master[1147]: warning: process /usr/lib/postfix/sbin/smtpd pid 1482 exit status 1 Jul 29 15:07:01 mail postfix/master[1147]: warning: process /usr/lib/postfix/sbin/smtpd pid 1483 exit status 1 I appear to have a conflict with Bind9 and IPv6? Please advise

Naja dann bist du ja der Admin, einfach direkt in der Datenbank (phpmyadmin oder MySQL via Shell) in der Tabelle "panel_admins" das Feld "type_2fa" auf 0 und "data_2fa" leeren

Es ist der Admin Account.

Admin oder customer Account?

So habe heute mal noch ein bisschen probiert und es geht jetzt 🙈 Ich musste nur "disable_plaintext_auth = no" zum Ende der dovecot.conf schieben anstatt zum Anfang. Zu mehrere kleine Probleme gehört Einstellung von FCGID. Nach erfolgreicher Einstellung in Froxlor und installieren der nötigen Pakete wurde mir auf der Website immer ERROR 500 ausgegeben. Im Endeffekt war es ein Berechtigungsfehler. Froxlor hat z.b. die /var/www/php-fcgi-scripts/nicozieten/ziedden.de/php-fcgi-starter immer mit root:root Berechtigung geschrieben und mit Attribut i somit konnte man nicht mal schnell die Berechtigung ändern in meinen Falle. alleine das herausfinden das zum ändern das Attribut i nicht vorhanden sein dar (was bei lsattr angezeigt wird). Allerdings wird dieses nach ändern bei jeden Serverneustart wieder zurück gesetzt. Nun habe ich mir einen kleinen Script gebastelt der das automatisch macht und diesen am Ende der /var/www/froxlor/scripts/froxlor_master_cronjob.php ausführen lassen. Nun ist alles selbst nach Serverneustart i.O. (Und ja ich brauche FCGID weil ich zwei php Versionen brauche) ich bin an Dovecot halt verendet weil das "disable_plaintext_auth = no" ja vorhanden war noch leider an der falschen stelle anscheinend.

Hi, ich habe mein Handy geschrottet. In meinem neuem Handy ist Froxlor 2FA nicht eingerichtet. Wie kann ich nun 2FA neu Einrichten?

Welche an "menge" Probleme hattest du denn, würde ich mich mal interessieren... Vorweg, Froxlor ist "nur" ein Hilfsmittel mehr und weniger nicht. Es nimmt dir nicht zu 100% die Arbeit ab, wenn man man von der Materie wie ein Linux Server keine Ahnung hat, sollte man sich erst mal einlesen... Wie d00p bereits angemerkt hat, kann man dir ohne Logs usw. nicht Helfen, woran dein Problem genau liegt. In der "/etc/dovecot/dovecot.conf" kannst du folgendes setzen für "debug" auth_verbose = yes auth_verbose_passwords = no auth_debug = yes auth_debug_passwords = yes mail_debug = yes verbose_ssl = yes danach dovecot neu starten und in den logs schauen. Alternativ kannst du auch per SSH folgendes benutzen: Verwenden Sie zum einfachen Testen der Authentifizierung: doveadm auth test user@domain password Verwenden Sie zum Nachschlagen von Userdb-Informationen für einen Benutzer: doveadm user user@domain Um eine vollständige Anmeldung mit passdb- und userdb-Suche zu simulieren, verwenden Sie: doveadm auth login user@domain password

Did you take a look at the bind/system logs?

I've got a Froxlor install on Debian Buster configured with Bind9 as an authoritative nameserver and I'm experiencing missing information in the dig results. dig ns1.radicalcomputingconcepts.com ; <<>> DiG 9.10.6 <<>> ns2.radicalcomputingconcepts.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 27849 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;ns2.radicalcomputingconcepts.com. IN A ;; Query time: 94 msec ;; SERVER: 2001:558:feed::1#53(2001:558:feed::1) ;; WHEN: Wed Jul 28 17:35:38 MDT 2021 ;; MSG SIZE rcvd: 61 ============= Prior to installing Bind9 I had DjbDns installed and results looked like this: dig ns1.radicalcomputingconcepts.com ; <<>> DiG 9.10.6 <<>> ns1.radicalcomputingconcepts.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17268 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;ns1.radicalcomputingconcepts.com. IN A ;; ANSWER SECTION: ns1.radicalcomputingconcepts.com. 86339 IN A 149.56.97.154 ns1.radicalcomputingconcepts.com. 86339 IN A 149.56.97.154 ;; Query time: 85 msec ;; SERVER: 2603:300b:7d6:1800:82b2:34ff:fe4b:1789#53(2603:300b:7d6:1800:82b2:34ff:fe4b:1789) ;; WHEN: Wed Jul 28 17:37:23 MDT 2021 ;; MSG SIZE rcvd: 82 =================== Further irregularities occur as the parent domain to the NS is not responsive to DNS lookups and ping attempts: ping radicalcomputingconcepts.com ping: cannot resolve radicalcomputingconcepts.com: Unknown host AND the domain of my froxlor server as set in the system settings also becomes unresponsive as well ping mail.radicalcomputingconcepts.com ping: cannot resolve mail.radicalcomputingconcepts.com: Unknown host There is nothing unusual about the Bind installation and all the services have been configured according to the tempates

Plain Auth vllt? Bitte Mal Auszug aus der Mail.log o.ä. besser noch mail_debug=on in dovecot