Jump to content
Froxlor Forum

veto

Members
  • Posts

    50
  • Joined

  • Last visited

Posts posted by veto

  1. Yes, this was an issue. I needed to install the latest dkimpy-milter via backports to be able to use keytable and singingtable.

    after I add a source backport i installed it with:

    apt -t buster-backports install dkimpy-milter

     

    but now it complains that the froxlor generated file like dkim-keys.conf is not compatible for the KeyTable. I also can not find any SigningTable for it.

     

    When i switch to opendkim i'm getting similar issues.

     

     

     

  2. config file:

    etc # cat dkimpy-milter.conf
    # This is a basic configuration that can easily be adapted to suit a standard
    # installation. For more advanced options, see dkimpy-milter.conf(5) and/or
    # /usr/share/doc/dkimpy-milter/examples/opendkim.conf.sample.

    # Log to syslog
    Syslog            yes

    # Required to use local socket with MTAs that access the socket as a non-
    # privileged user (e.g. Postfix)
    UMask            007

    # Sign for example.com with key in /etc/dkimkeys/dkim.key using
    # selector '2007' (e.g. 2007._domainkey.example.com)
    Domain            *
    #KeyFile            /etc/mail/dkim.key
    KeyFile                /etc/postfix/dkim/dkim1.priv
    Selector        default
    # Commonly-used options; the commented-out versions show the defaults.
    #Canonicalization    relaxed/simple
    Mode            sv
    MacroList        dameon_name|ORIGINATING
    MacroListVerify        daemon_name|VERIFYING
    # Socket local:/var/run/dkimpy-milter/dkimpy-milter.sock
    #
    # ##  Socket socketspec
    # ##
    # ##  Names the socket where this filter should listen for milter connections
    # ##  from the MTA.  Required.  Should be in one of these forms:
    # ##
    # ##  inet:port@address           to listen on a specific interface
    # ##  inet:port                   to listen on all interfaces
    # ##  local:/path/to/socket       to listen on a UNIX domain socket
    #
    Socket            inet:8892@localhost

    ##  PidFile filename
    ###      default /var/run/dkimpy-milter/dkimpy-milter.pid
    ###
    ###  Name of the file where the filter should write its pid before beginning
    ###  normal operations.
    #
    PidFile            /var/run/dkimpy-milter/dkimpy-milter.pid

    ##  Userid userid
    ###      default dkimpy-milter
    ###
    ###  Change to user "userid" before starting normal operation?  May include
    ###  a group ID as well, separated from the userid by a colon.
    #
    UserID            dkimpy-milter

     

    the log  is recorded to /var/log/syslog and it's working

    but no log of error or info when I try to send the email

  3. Hi,

    I'm trying to setup dkimpy-milter with frolxor.

    The installation via apt-get in debian was quick.

    The setup in foroxlor under DomainKey settings was successfully and i see all the needed files in  /etc/postfix/dkim/

    in main.cf I added:

    milter_default_action = accept
    milter_protocol = 2
    smtpd_milters = inet:localhost:8892

     

    and in master.cf i add:

    smtp      inet  n       -       y       -       -       smtpd
      -o smtpd_milters=inet:localhost:8892
      -o milter_macro_daemon_name=VERIFYING

    submission inet n       -       y       -       -       smtpd
       -o syslog_name=postfix/submission
       -o smtpd_tls_security_level=encrypt
       -o smtpd_sasl_auth_enable=yes
       -o milter_macro_daemon_name=ORIGINATING
       -o smtpd_milters=inet:localhost:8891

     

     

    But when I send an email via a Sylpheed mail client, I cannot find yet any dkim entry in the mail header.

    I cannot find much documentation about it.

    for any help, thanks.

     

     

     

  4. hi,

    Is Froxlor already compatible with PHP8.0 ?

     

    For the moment I could successfully install it, but once I log in I'm getting:

     

    Fatal error: Uncaught ArgumentCountError: Too few arguments to function Froxlor\PhpHelper::phpErrHandler(), 4 passed and exactly 5 expected in /var/www/froxlor/lib/Froxlor/PhpHelper.php:115 Stack trace: #0 /var/www/froxlor/index.php(117): Froxlor\PhpHelper::phpErrHandler() #1 {main} thrown in /var/www/froxlor/lib/Froxlor/PhpHelper.php on line 115

  5. THX for answer,
    its enabled, I did not forget it this time,  but I don't see the useradd  in the configuration>debian10>webserver

    to avoid confusion I configured the default https server lighttpd to port 81, this way I can access froxlor even when the apache2 server crash and this was the reason of this

    chown -R www-data:www-data /var/www/froxlor/

    error login.

    (it switched back to lighttpd server because apache2 crashed)

     

    I set up a test virtual domain called shopautomat.com and now i can get this error when i try to access a php site:

    [Wed Nov 11 09:02:56.662423 2020] [proxy:error] [pid 1524:tid 140093503301376] (13)Permission denied: AH02454: FCGI: attempt to connect to Unix domain socket /var/lib/apache2/fastcgi/1-shopautomat-shopautomat.com-php-fpm.socket (*) failed
    [Wed Nov 11 09:02:56.662527 2020] [proxy_fcgi:error] [pid 1524:tid 140093503301376] [client 183.88.219.47:1668] AH01079: failed to make connection to backend: httpd-UDS

    Spoiler

     

     

     

     

     

  6. I  setup  apache mpm_event  with php7.4-fpm and all seems to work fine.

    I used this help: https://www.digitalocean.com/community/tutorials/how-to-configure-apache-http-with-mpm-event-and-php-fpm-on-ubuntu-18-04

    But after i setup and configured Froxlor and start it with the command in the cronjob

    /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --tasks 1

    many problems started and the hole Froxlor website was not more accessible.

    I forgot some checkboxes in combinations. Finally, is running again but now I cannot log in and I get the error: 

    Whoops!

    The configuration file lib/userdata.inc.php cannot be read from the webserver.

    This mostly happens due to wrong ownership.
    Try the following command to correct the ownership:

     

     

    chown -R www-data:www-data /var/www/froxlor/

     

     

    after doing this chmod i can login, but after a restart or cronjob run it went automatically back to  froxlorlocal froxlorlocal user/group.

     

     

     

     

     

  7. and this is my /etc/cron.d/froxlor file:

     

    root@grallator /etc/cron.d/ # cat froxlor
    # automatically generated cron-configuration by froxlor
    # do not manually edit this file as it will be re-generated periodically.
    PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
    #
    */5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --tasks 1> /dev/null
    0 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --traffic 1> /dev/null
    5 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --usage_report 1> /dev/null
    0 */6 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --mailboxsize 1> /dev/null
    */5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt 1> /dev/null
    10 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --backup 1> /dev/null

     

  8. Thanks,

    I run it with /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --force --debug

    and now the host domain grallator.com has a letsencrypt cert domain and its working:)

    But just 2 days ago on this server the virtualhost huahin.vin is not getting a letsencrypt cert.

    I'm facing this problem since a couple of months with other domains on other new installations.

    Now I see that there is a folder ~/.acme.sh/ in my root and it holds as well certs related files like:

    ca.cer  fullchain.cer  huahin.vin.cer  huahin.vin.conf  huahin.vin.conf.removed  huahin.vin.csr  huahin.vin.csr.conf  huahin.vin.key

    I was aware of to the /etc/ssl/froxlor-custom/ where i have my certs what the apache server use:

    -rw------- 1 root root 1648 Oct 31 11:37 huahin.vin_CA.pem
    -rw------- 1 root root 1648 Oct 31 11:37 huahin.vin_chain.pem
    -rw------- 1 root root 2264 Oct 31 11:37 huahin.vin.crt
    -rw------- 1 root root 3912 Oct 31 11:37 huahin.vin_fullchain.pem
    -rw------- 1 root root 3247 Oct 31 11:37 huahin.vin.key

     

    I don't understand the functionality of this .~/.acme.sh

     

     

    this is what im getting when i run the froxlor letsencrypt script:

     

    root@grallator /etc/cron.d/ # /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug --force
    [information] Checking for LetsEncrypt client upgrades before renewing certificates:
    [Sat 31 Oct 2020 11:59:10 AM +07] Already uptodate!
    [Sat 31 Oct 2020 11:59:10 AM +07] Upgrade success!
    [Sat 31 Oct 2020 11:59:10 AM +07] Installing cron job
    4 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
    [information] Updated Let's Encrypt certificate for huahin.vin
    [information] Updated Let's Encrypt certificate for changnooy.city
    [information] Updated Let's Encrypt certificate for changnooi.city
    [information] Let's Encrypt certificates have been updated
    [information] TasksCron: Searching for tasks to do
    sh: 1: /etc/init.d/dkim-filter: not found
    [information] Dkim-milter reloaded
    [information] Task4 started - Rebuilding froxlor_bind.conf
    [information] Cleaning dns zone files from /etc/bind/domains/
    [debug] domId    domain                                  ismainbutsubto parent domain                           list of child domain ids
    [debug] 11       changnooi.city                          0              -                                       
    [debug] 10       changnooy.city                          0              -                                       
    [debug] 8        huahin.vin                              0              -                                       
    [debug] none     grallator.com                           0              -                                       
    [information] `/etc/bind/domains/changnooi.city.zone` written
    [debug] Generating dns config for changnooi.city
    [information] `/etc/bind/domains/changnooy.city.zone` written
    [debug] Generating dns config for changnooy.city
    [information] `/etc/bind/domains/huahin.vin.zone` written
    [debug] Generating dns config for huahin.vin
    [information] `/etc/bind/domains/grallator.com.zone` written
    [debug] Generating dns config for grallator.com
    [information] froxlor_bind.conf written
    [information] Bind daemon reloaded
    [information] Task4 finished
    [information] Running Let's Encrypt cronjob prior to regenerating webserver config files
    [information] Checking for LetsEncrypt client upgrades before renewing certificates:
    [Sat 31 Oct 2020 11:59:11 AM +07] Already uptodate!
    [Sat 31 Oct 2020 11:59:11 AM +07] Upgrade success!
    [Sat 31 Oct 2020 11:59:11 AM +07] Installing cron job
    4 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
    [information] Updated Let's Encrypt certificate for huahin.vin
    [information] Updated Let's Encrypt certificate for changnooy.city
    [information] Updated Let's Encrypt certificate for changnooi.city
    [information] Let's Encrypt certificates have been updated
    [information] apache::createIpPort: creating ip/port settings for  103.22.183.243:80
    [notice] 103.22.183.243:80 :: namevirtualhost-statement no longer needed for apache-2.4
    [debug] 103.22.183.243:80 :: inserted vhostcontainer
    [information] apache::createIpPort: creating ip/port settings for  103.22.183.243:443
    [debug] 103.22.183.243:443 :: inserted vhostcontainer
    [information] apache::createVirtualHosts: creating vhost container for domain 11, customer changnooy
    [information] apache::createVirtualHosts: creating vhost container for domain 10, customer changnooy
    [information] apache::createVirtualHosts: creating vhost container for domain 8, customer huahin
    [information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
    [information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/
    [information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
    [information] Froxlor\Cron\Http\ApacheFcgi::reload: running service php7.4-fpm restart
    [information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi
    [notice] Creating passwd file
    [notice] Writing 3 entries to passwd file
    [notice] Succesfully wrote passwd file
    [notice] Creating group file
    [notice] Writing 3 entries to group file
    [notice] Succesfully wrote group file
    [notice] Creating shadow file
    [notice] Writing 3 entries to shadow file
    [notice] Succesfully wrote shadow file
    [notice] Checking system's last guid

     

     

     

     

     

     

     

     

  9. when i setup the configuration for the nginx webserver after i enabled letsencrypt in settings>ssl settings

    i'm getting the  config options  for the file /etc/apache2/conf-enabled/acme.conf

    so fare this all worked perfect and froxlor got and included the letsencrypt cert and key to the nginx server settings.

    now i liked to have the apache2 server running as an backup server on port 81,

    but than apache2  by default finds this nginx setting in /etc/apache2/conf-enabled/acme.conf and runs into an error

    is this ok to put his into /etc/apache2/ for ngnix?

     

    Screenshot_2020-03-21 admin - Froxlor Server Management Panel.png

×
×
  • Create New...