Jump to content
Froxlor Forum

llucps

Members
  • Content Count

    45
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by llucps

  1. Hi d00p, I'll wait for the 0.9.x packages. But if I installed froxlor using Debian packages, can I update using the auto-update? or would it screw up my froxlor system? I'm just curious. Thanks.
  2. Yes you're right. The funny thing is why bind is not complaining when I do it wrong and starts complaining when I do it right. And yes, despite of getting that warning, everything works perfectly. I was just curious to know why. Thanks
  3. Umm.. yes I'm using the latest version 0.9.37-1 from the Debian repos. If I put: @ IN TXT “v=spf1 a mx -all” It creates this line: @ 18000 IN TXT "@ IN TXT “v=spf1 a mx -all”" If instead I put just: "v=spf1 a mx -all" It creates this line: @ 18000 IN TXT "v=spf1 a mx -all" and then bind starts to complain and giving this warning for each domain: warning: zone xxxxxxxx.com/IN: 'xxxxxxxx.com' found SPF/TXT record but no SPF/SPF record found, add matching type SPF record
  4. Fixed.. On Domain SPF settings I changed the entry: "v=spf1 a mx -all" for this: @ IN TXT “v=spf1 a mx -all” and it works perfectly now without warning or errors. Thanks,
  5. Yes you were right.. I specified all the nameservers, the AXFR, MX and imap, pop3 smtp creation and it works now.. The only little warning that I get for each of the domains is this: warning: zone xxxxxxxx.com/IN: 'xxxxxxxx.com' found SPF/TXT record but no SPF/SPF record found, add matching type SPF record I guess i could add the with new DNS editor integrated in Froxlor. It looks like I can't specify a SPF Type usign the DNS Editor.. although it seems it's adding the SPF anyway. Thanks a lot!
  6. Oh I wasn't aware that changed so much., good to know. This is the error I'm getting if I use the zone file generated by Froxlor 0.9.37.1: 11-Aug-2016 12:18:32.459 general: error: zone xxxxxxxxxx.com/IN: has no NS records 11-Aug-2016 12:18:32.459 general: error: zone xxxxxxxxxx.com/IN: not loaded due to errors. This is how I set up my nameserver settings initially (from 2014) which I haven't modify any setting... and I guess the problem is here... Nameserver, MX servers, AXFR servers as well as the option to create mail, imap, pop3 and smtp entries are empty... Could the problem be here? The ns-records that you mentioned is from the auto-generated zone file which are overwritten everytime Froxlor lunches the cron job.. so Froxlor had to create it. Thanks
  7. Hi, A couple of days ago I screwed my DNS Zone from my hosting provider manager.. and becasue of that I reset the DNS Zone and change the DNS.. yes I know my fault .. but happend. So since then the Zone file from each of my domains (they are virtual hosts) mysteriously changed a bit and bind9 started to give me errors, basically complaning about the zone file and being unable to loaded. I know they changed, because I restored a copy of the zone files from a previous back-up. Here is the old zone file from one the domains (which works perfectly): $TTL 604800 @ IN SOA ns xxx.xxxxxx.com. ( 2016080212 ; serial 8H ; refresh 2H ; retry 1W ; expiry 11h) ; minimum @ IN NS ns ns IN A 37.187.177.177 @ IN MX 10 mail @ IN TXT "v=spf1 a mx -all" @ IN SPF "v=spf1 a mx -all" mail IN TXT "v=spf1 a mx -all" mail IN SPF "v=spf1 a mx -all" dkim_34._domainkey IN TXT ("v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQ" "KBgQDGF5JeukrcQzbnPsbx/8yqhhguKxim7/oh8ycCQfauh7WG" "BoTNNVQleA16a2gGr5qeVHLxJWsHQiYXvd4wCCVbiTBkecl+x/" "6ZgL12vnSzprL4IKNLu1nNWhxuEX3tN82KbX1tJGteNa/zbzaE" "zqvYCRAYcjSE7FkHVZyrClD2dQIDAQAB;t=s") _adsp._domainkey IN TXT "dkim=all" mail IN A 37.187.177.177 imap IN A 37.187.177.177 smtp IN A 37.187.177.177 pop3 IN A 37.187.177.177 @ IN A 37.187.177.177 www IN A 37.187.177.177 And this is the new zone that Froxlor automatically generates after I messed up with the DNS Zone from my hosting provider... but I don't recall to change anything from Froxlor domain settings (this zone file doesn't work at all and bind9 is unable to load it, giving en error. $TTL 604800 $ORIGIN janetgreco.com. @ 18000 IN SOA squeakyhost.com lluc.squeakycarrot.com. ( 2016081100 ; serial 1800 ; refresh (30 mins) 900 ; retry (15 mins) 604800 ; expire (7 days) 1200 ) ; minimum (20 mins) @ 18000 IN A 37.187.177.177 www 18000 IN A 37.187.177.177 @ 18000 IN TXT "v=spf1 a mx -all" dkim_34._domainkey 18000 IN TXT ("v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQ" "KBgQDGF5JeukrcQzbnPsbx/8yqhhguKxim7/oh8ycCQfauh7WG" "BoTNNVQleA16a2gGr5qeVHLxJWsHQiYXvd4wCCVbiTBkecl+x/" "6ZgL12vnSzprL4IKNLu1nNWhxuEX3tN82KbX1tJGteNa/zbzaE" "zqvYCRAYcjSE7FkHVZyrClD2dQIDAQAB;t=s") _adsp._domainkey 18000 IN TXT "dkim=all" As you can see changes quite a bit and I have no idea why For now I created another directory inside /etc/bind containing all the zone files from my back-up and I specified the file here (and doing this all is working again): The problem is from now on Froxlor generates the zonfiles which don't work at all and I have no idea why? Mainly because before I screwed it up the files generated by Froxlor worked perfectly. Here you have an screenshot of one of my domain settings.. (all the other domains that I have share exactly the same settings: Anyone see a reason for this? I would like to find out why?.. specially to generate the zone files automatically again. Thanks.
  8. Thanks. Perfect I'll wait for the next version. Lluc
  9. I did it! it's working now For some reason when I enable Let's encrypt on one of the domains, if I force the cronjob and check the 35_froxlor_ssl_vhost_xxxxxxxxx.com.conf file I see is using the certificate from the system hostname domain (the one setu pin PORTS/IP).. If i force the cronjob again then it gets the Let's encrypt certificate. Although I have one last question which is how can I use Let's encrypted on the system hostname instead of the self-signed that I'm using now.. I don't see how it can done. Thanks for your help
  10. Yes it is.. # automatically generated cron-configuration by froxlor # do not manually edit this file as it will be re-generated periodically. PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # */5 * * * * root /usr/bin/nice -n 5 /usr/bin/php5 -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --tasks 1> /dev/null 0 */6 * * * root /usr/bin/nice -n 5 /usr/bin/php5 -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --mailboxsize 1> /dev/null */5 * * * * root /usr/bin/nice -n 5 /usr/bin/php5 -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt 1> /dev/null Also according to the logs, it seems it's trying to look for a token.. but that directory doesn't really exists, that directory is on /var/www/froxlor.well/known/acme-challenge: Could not get Let's Encrypt certificate for xxxxxxxx.com: Please check http://xxxxxxxx.com/.well-known/acme-challenge/8fyzyv9H_IW2BNwwNGlKaME1NVurzavIZN9ut-QpZao - token not available Any ideas? Thanks Lluc
  11. Thanks for your help, Yes I put my sef-signed certificate back to IP/Port settings.. so now the 10_froxlor_ipandport_xxxxxxxxxxx.443.conf has the ceritifcate and doesn't give me the [error] xxxxxx.com :: empty certificate file! Cannot create ssl-directives error. That's good. But if I try to access to the domain that has Let's Encrypt activated (I disabled wildcard and changed to www) I see that is using my self-signed certificated instead of using a Let's encrypt.. and I don't see any errors on the log: The settings for that domain are: SSL IP address(es): activated Use Let's Encrypt: Yes ServerAlias value for the domain: WWW (wwww.domain.tld) On System/Settings/SSL Settings: Let's Encrypt environment: Live Let's Encrypt country code : ES Let's Encrypt state: Spain Path for Let's Encrypt challenges: /var/www/froxlor (which is correct) Key size for new Let's Encrypt certificates 4096 Re-use Let's Encrypt key / CSR No How can I check that is Let's encrypt is generating the certificate? It seems is not doing anything at all. Thanks, Lluc
  12. Hi everyone, I've been struggling to make Let's Encrypt work on my own server.. specially because it's not really clear what I have to do, sorry about that On my IP/PORT settings the Webserver Config SSL fields port 443 (all of them are empty) and also on System/Settings/SSL Settings Path to the SSL certificate, Path to the SSL Keyfile and Path to the SSL CertificateChainFile. Before I had setup my own certificate which was for my own use only but I assumed that if Let's Encrypt is activated because creates a certificate for each of the domains, the general SSL settings won't be needed anymore.. The problem is if I leave the IP/Ports settings and System/Settings/SSL Settings with no values and Let's Encrypt is activated I get this error: [error] xxxxxx.com :: empty certificate file! Cannot create ssl-directives If I put the previous values on the SSL settings doesn't give any error.. but Let's encrypt doesn't generate any certificate for the domains that have Let's Encrypt activated.. I created the acme.conf with the right permissions and the /var/www/froxlor/.well-known/acme-challenge was created successfully but is empty. I'm pretty sure that I'm doing something wrong but I can't figure out what it is. More progress.. I put back the my self-created certificate on IP/Port SSL settings and on the log says: Could not get Let's Encrypt certificate for xxxxxxxx.com: Please check http://xxxxxxxxxx.com/.well-known/acme-challenge/7wcMM9v04yGEmDB97po3ljdpjzxYaJuxa-IHeC4tKvs - token not available Thank you, Lluc
  13. Yes, that's the issue. I'll try to google it again and see if I find the solution. Thanks,
  14. I usaually never reboot my VPS, but once in a while I have found that it has been rebooted obviously no for me but maybe for the hosting provider due an update or any othe reason.. so when that happens I'm not aware of it and apache2 doesn't start automatically.. I mean, it's not the end of the world but it would be great to find the reason why of this and better if I could fix it.. I imagine tha start-script runs the same /etc/init.d/apache2 start command.. Do you know where I could check this? Thanks.
  15. I guess you mean running apache through /etc/init.d/apache2 start? If so, when I do it manually it works perfectly but not when the system is rebooted.. in that case apache2 doesnt' start and gives the "bad user name" error according to the apache2.log file. And because of this I've no clue where to look or check. Thanks.
  16. Thanks, I figured that out later see my previous message.
  17. Sorry I don't understand what you mean, can you be more specific? I guess all this problems come from the variables not being loaded when the system is booted.. and that's why I get the "bad user name". Thanks!
  18. Yes I did that.. I checked the option "Use modifications for apache 2.4" on settings/apache. I found that if I run "apache2 -V" I get this: [Mon Sep 21 15:16:00.924565 2015] [core:warn] [pid 2115] AH00111: Config variable ${APACHE_LOCK_DIR} is not defined [Mon Sep 21 15:16:00.924643 2015] [core:warn] [pid 2115] AH00111: Config variable ${APACHE_PID_FILE} is not defined [Mon Sep 21 15:16:00.924699 2015] [core:warn] [pid 2115] AH00111: Config variable ${APACHE_RUN_USER} is not defined [Mon Sep 21 15:16:00.924706 2015] [core:warn] [pid 2115] AH00111: Config variable ${APACHE_RUN_GROUP} is not defined [Mon Sep 21 15:16:00.924732 2015] [core:warn] [pid 2115] AH00111: Config variable ${APACHE_LOG_DIR} is not defined [Mon Sep 21 15:16:00.956456 2015] [core:warn] [pid 2115] AH00111: Config variable ${APACHE_RUN_DIR} is not defined [Mon Sep 21 15:16:00.957843 2015] [core:warn] [pid 2115] AH00111: Config variable ${APACHE_LOG_DIR} is not defined [Mon Sep 21 15:16:00.957880 2015] [core:warn] [pid 2115] AH00111: Config variable ${APACHE_LOG_DIR} is not defined [Mon Sep 21 15:16:00.961476 2015] [core:warn] [pid 2115] AH00111: Config variable ${APACHE_LOG_DIR} is not defined [Mon Sep 21 15:16:00.961506 2015] [core:warn] [pid 2115] AH00111: Config variable ${APACHE_LOG_DIR} is not defined AH00526: Syntax error on line 92 of /etc/apache2/apache2.conf: Invalid Mutex directory in argument file:${APACHE_LOCK_DIR} It seems like that this variables are not defined.. could it be because the /etc/apache2/envvars is not loaded? If I run "source /etc/apache2/envvars" does the trick and then I running the "apache2 -V" I get this: ServerRoot: "/etc/apache2" Main DocumentRoot: "/var/www/html" Main ErrorLog: "/var/log/apache2/error.log" Mutex fcgid-proctbl: using_defaults Mutex ssl-stapling: using_defaults Mutex ssl-cache: using_defaults Mutex default: dir="/var/lock/apache2" mechanism=fcntl Mutex mpm-accept: using_defaults Mutex fcgid-pipe: using_defaults Mutex watchdog-callback: using_defaults Mutex rewrite-map: using_defaults PidFile: "/var/run/apache2/apache2.pid" Define: DUMP_VHOSTS Define: DUMP_RUN_CFG Define: MODSEC_2.5 Define: MODSEC_2.8 User: name="www-data" id=33 Group: name="www-data" id=33 But if I reboot the server.. the variables are not loaded.. umm.. I'm really confused. Thanks for your help d00p.
  19. Hi everyone, I recently upgraded my debian wheezy server to jessie right after I also upgraded Froxlor to the last version (0.9.34-1) and I have a problem that I couldn't find out the solution yet. The problem is that the apache2 service doesn't start automatically when the server is rebooted, but it works if I do run the command (/etc/init.d/apache2 start) manually with root. I checked the apache2 log file and it gives an error of bad user name "squeaky"... please note that squeaky is one of the virtual users created by Froxlor. ? apache2.service - LSB: Apache2 web server Loaded: loaded (/etc/init.d/apache2) Active: failed (Result: exit-code) since Mon 2015-09-21 13:31:09 CEST; 18s ago Process: 333 ExecStart=/etc/init.d/apache2 start (code=exited, status=1/FAILURE) Sep 21 13:31:09 xxxxxxx.com apache2[333]: Starting web server: apache2 failed! Sep 21 13:31:09 xxxxxxx.com apache2[333]: The apache2 configtest failed. ... (warning). Sep 21 13:31:09 xxxxxxx.com apache2[333]: Output of config test was: Sep 21 13:31:09 xxxxxxx.com apache2[333]: [Mon Sep 21 13:31:09.323851 2015] [alias:warn] [pid 392] AH00671: The Alias directive in /etc/apache2/conf.d/owncloud....lier Alias. Sep 21 13:31:09 xxxxxxx.com apache2[333]: AH00543: apache2: bad user name squeaky Sep 21 13:31:09 xxxxxxx.com apache2[333]: Action 'configtest' failed. Sep 21 13:31:09 xxxxxxx.com apache2[333]: The Apache error log may have more information. Sep 21 13:31:09 xxxxxxx.com systemd[1]: apache2.service: control process exited, code=exited status=1 Sep 21 13:31:09 xxxxxxx.com systemd[1]: Failed to start LSB: Apache2 web server. Sep 21 13:31:09 xxxxxxx.com systemd[1]: Unit apache2.service entered failed state. Here you have my apache2.conf file: # This is the main Apache server configuration file. It contains the # configuration directives that give the server its instructions. # See http://httpd.apache.org/docs/2.2/ for detailed information about # the directives and /usr/share/doc/apache2-common/README.Debian.gz about # Debian specific hints. # # # Summary of how the Apache 2 configuration works in Debian: # The Apache 2 web server configuration in Debian is quite different to # upstream's suggested way to configure the web server. This is because Debian's # default Apache2 installation attempts to make adding and removing modules, # virtual hosts, and extra configuration directives as flexible as possible, in # order to make automating the changes and administering the server as easy as # possible. # It is split into several files forming the configuration hierarchy outlined # below, all located in the /etc/apache2/ directory: # # /etc/apache2/ # |-- apache2.conf # | `-- ports.conf # |-- mods-enabled # | |-- *.load # | `-- *.conf # |-- conf.d # | `-- * # `-- sites-enabled # `-- * # # # * apache2.conf is the main configuration file (this file). It puts the pieces # together by including all remaining configuration files when starting up the # web server. # # In order to avoid conflicts with backup files, the Include directive is # adapted to ignore files that: # - do not begin with a letter or number # - contain a character that is neither letter nor number nor _-:. # - contain .dpkg # # Yet we strongly suggest that all configuration files either end with a # .conf or .load suffix in the file name. The next Debian release will # ignore files not ending with .conf (or .load for mods-enabled). # # * ports.conf is always included from the main configuration file. It is # supposed to determine listening ports for incoming connections, and which # of these ports are used for name based virtual hosts. # # * Configuration files in the mods-enabled/ and sites-enabled/ directories # contain particular configuration snippets which manage modules or virtual # host configurations, respectively. # # They are activated by symlinking available configuration files from their # respective *-available/ counterparts. These should be managed by using our # helpers a2enmod/a2dismod, a2ensite/a2dissite. See # their respective man pages for detailed information. # # * Configuration files in the conf.d directory are either provided by other # packages or may be added by the local administrator. Local additions # should start with local- or end with .local.conf to avoid name clashes. All # files in conf.d are considered (excluding the exceptions noted above) by # the Apache 2 web server. # # * The binary is called apache2. Due to the use of environment variables, in # the default configuration, apache2 needs to be started/stopped with # /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not # work with the default configuration. # Global configuration # # # ServerRoot: The top of the directory tree under which the server's # configuration, error, and log files are kept. # # NOTE! If you intend to place this on an NFS (or otherwise network) # mounted filesystem then please read the LockFile documentation (available # at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>); # you will save yourself a lot of trouble. # # Do NOT add a slash at the end of the directory path. # #ServerRoot "/etc/apache2" # # The accept serialization lock file MUST BE STORED ON A LOCAL DISK. # #LockFile ${APACHE_LOCK_DIR}/accept.lock Mutex file:${APACHE_LOCK_DIR} default # # PidFile: The file in which the server should record its process # identification number when it starts. # This needs to be set in /etc/apache2/envvars # PidFile ${APACHE_PID_FILE} # # Timeout: The number of seconds before receives and sends time out. # Timeout 300 # # KeepAlive: Whether or not to allow persistent connections (more than # one request per connection). Set to "Off" to deactivate. # KeepAlive On # # MaxKeepAliveRequests: The maximum number of requests to allow # during a persistent connection. Set to 0 to allow an unlimited amount. # We recommend you leave this number high, for maximum performance. # MaxKeepAliveRequests 100 # # KeepAliveTimeout: Number of seconds to wait for the next request from the # same client on the same connection. # KeepAliveTimeout 5 ## ## Server-Pool Size Regulation (MPM specific) ## # prefork MPM # StartServers: number of server processes to start # MinSpareServers: minimum number of server processes which are kept spare # MaxSpareServers: maximum number of server processes which are kept spare # MaxClients: maximum number of server processes allowed to start # MaxRequestsPerChild: maximum number of requests a server process serves <IfModule mpm_prefork_module> StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxClients 150 MaxRequestsPerChild 0 </IfModule> # worker MPM # StartServers: initial number of server processes to start # MinSpareThreads: minimum number of worker threads which are kept spare # MaxSpareThreads: maximum number of worker threads which are kept spare # ThreadLimit: ThreadsPerChild can be changed to this maximum value during a # graceful restart. ThreadLimit can only be changed by stopping # and starting Apache. # ThreadsPerChild: constant number of worker threads in each server process # MaxClients: maximum number of simultaneous client connections # MaxRequestsPerChild: maximum number of requests a server process serves <IfModule mpm_worker_module> StartServers 2 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxClients 150 MaxRequestsPerChild 0 </IfModule> # event MPM # StartServers: initial number of server processes to start # MinSpareThreads: minimum number of worker threads which are kept spare # MaxSpareThreads: maximum number of worker threads which are kept spare # ThreadsPerChild: constant number of worker threads in each server process # MaxClients: maximum number of simultaneous client connections # MaxRequestsPerChild: maximum number of requests a server process serves <IfModule mpm_event_module> StartServers 2 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxClients 150 MaxRequestsPerChild 0 </IfModule> # These need to be set in /etc/apache2/envvars User ${APACHE_RUN_USER} Group ${APACHE_RUN_GROUP} # # AccessFileName: The name of the file to look for in each directory # for additional configuration directives. See also the AllowOverride # directive. # AccessFileName .htaccess # # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. # <Files ~ "^\.ht"> Require all denied </Files> # # DefaultType is the default MIME type the server will use for a document # if it cannot otherwise determine one, such as from filename extensions. # If your server contains mostly text or HTML documents, "text/plain" is # a good value. If most of your content is binary, such as applications # or images, you may want to use "application/octet-stream" instead to # keep browsers from trying to display binary files as though they are # text. # # It is also possible to omit any default MIME type and let the # client's browser guess an appropriate action instead. Typically the # browser will decide based on the file's extension then. In cases # where no good assumption can be made, letting the default MIME type # unset is suggested instead of forcing the browser to accept # incorrect metadata. # DefaultType None # # HostnameLookups: Log the names of clients or just their IP addresses # e.g., www.apache.org (on) or 204.62.129.132 (off). # The default is off because it'd be overall better for the net if people # had to knowingly turn this feature on, since enabling it means that # each client request will result in AT LEAST one lookup request to the # nameserver. # HostnameLookups Off # ErrorLog: The location of the error log file. # If you do not specify an ErrorLog directive within a <VirtualHost> # container, error messages relating to that virtual host will be # logged here. If you *do* define an error logfile for a <VirtualHost> # container, that host's errors will be logged there and not here. # ErrorLog ${APACHE_LOG_DIR}/error.log # # LogLevel: Control the number of messages logged to the error_log. # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. # LogLevel warn # Include module configuration: Include mods-enabled/*.load Include mods-enabled/*.conf # Include list of ports to listen on and which to use for name based vhosts Include ports.conf # # The following directives define some format nicknames for use with # a CustomLog directive (see below). # If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i # LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %O" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent # Include of directories ignores editors' and dpkg's backup files, # see the comments above for details. # Include generic snippets of statements Include conf.d/ # Include the virtual host configurations: Include sites-enabled/ # Disable Apache Web Server Signature ServerSignature Off ServerTokens Prod <Directory /> Options -Indexes AllowOverride All </Directory> I tried different things like defining statically the User and Group for www-data, www-data instead of gettings the variables set on /etc/apache2/envvars but with no luck.. and I have no clue why this is happening when before with weezy it worked just fine.. I only have packages installed from the stable branch... so I didn't have any problem to upgrade to jessie except this one.. Anyone can help me with this? Thanks in advance.
×
×
  • Create New...