Jump to content
Froxlor Forum

ripieces

Members
  • Posts

    14
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by ripieces

  1. Looking (again / more properly) at the MasterCron.php code Froxlor already uses a locking mechanism based on the PID - however I think this is doomed to fail in my opinion, since cron jobs can run in parallel with different PIDs. (this is wrong info sorry) I tried to run two scripts in parallel, one that does the nss extrausers files and one that does the chown many times each, all went through without any error, so that must be s.th. else.
  2. froxlorlocal is the user we have for the PHP-FPM enabled froxlor-VHOST, hm.
  3. d00p pointed this out on GitHub, this is actually a very good question / fact :S I still think it's related to libnss-extrausers, but that's really weird.
  4. I opened an issue to track the problem on the issue tracker (I hope that is the right thing to do, I am not sure) https://github.com/Froxlor/Froxlor/issues/928 Also added notes about a solution there, but not sure if good. We could continue the discussion here to avoid spamming users that folow it there.
  5. I switched both servers to libnss-extrausers back then for the same reason, because libnss-mysql would make things eally slow and sometimes even stall a bit. This could be indeed the reason, since up to 4 tasks can run at the same time with the default /etc/cron.d/froxlor: # automatically generated cron-configuration by froxlor # do not manually edit this file as it will be re-generated periodically. PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # */5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --tasks 1> /dev/null 0 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --traffic 1> /dev/null 5 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --usage_report 1> /dev/null 0 */6 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --mailboxsize 1> /dev/null */5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt 1> /dev/null 10 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --backup 1> /dev/null And each of these tasks can cause a refresh of the extrausers if more than 1 job was run: https://github.com/Froxlor/Froxlor/blob/8f850ee7f3c9339db0c09793496474fe6ab1f41c/lib/Froxlor/Cron/MasterCron.php#L114 https://github.com/Froxlor/Froxlor/blob/8f850ee7f3c9339db0c09793496474fe6ab1f41c/lib/Froxlor/Cron/MasterCron.php#L131
  6. Sadly it didn't help on the h2 one, it just happened again Edit: Just so you can see I really entered the commands: root@h2 ~ # grep -r froxlorlocal /etc /etc/subgid-:froxlorlocal:1279648:65536 /etc/subgid:froxlorlocal:1279648:65536 /etc/gshadow-:froxlorlocal:!::www-data /etc/passwd-:froxlorlocal:x:9999:9999:,,,:/home/froxlorlocal:/bin/false /etc/shadow:froxlorlocal:*:17141:0:99999:7::: /etc/subuid-:froxlorlocal:1279648:65536 /etc/gshadow:www-data:*::froxlorlocal /etc/gshadow:froxlorlocal:!::www-data /etc/shadow-:froxlorlocal:*:17141:0:99999:7::: /etc/php/7.3/fpm/pool.d/h2.vgstudios.co.il.conf:listen.owner = froxlorlocal /etc/php/7.3/fpm/pool.d/h2.vgstudios.co.il.conf:listen.group = froxlorlocal /etc/php/7.3/fpm/pool.d/h2.vgstudios.co.il.conf:user = froxlorlocal /etc/php/7.3/fpm/pool.d/h2.vgstudios.co.il.conf:group = froxlorlocal /etc/group-:froxlorlocal:x:9999:www-data /etc/subuid:froxlorlocal:1279648:65536 /etc/passwd:froxlorlocal:x:9999:9999:,,,:/home/froxlorlocal:/bin/false /etc/group:www-data:x:33:froxlorlocal /etc/group:froxlorlocal:x:9999:www-data
  7. Thank you very much for your reply. I will report back if it solved it in a few days (I have doubts and need to test it).
  8. We have a server with many "customers" (90+, because I tend to separate websites by customers when they are not related) and we get these errors very randomly by email and with about an average of 1 - 2 times per week I think (not every day at least): Subject: Cron <root@h2> /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --tasks 1> /dev/null Time:3/7/21, 6:40 PM Content: chown: invalid user: ‘froxlorlocal:froxlorlocal’ Edit: I also had it one time already where it failed with "invalid group" instead. It's driving me a bit crazy, since I didn't find the issue yet, but it happens since quite a while, probably since after we updated to Debian 10.x (which is quite a while ago), but this also correlates with the number of "customers". We are using libnss-extrausers on the server so the bug might be related to that. We use PHP-FPM. If anyone has ideas how to go about debugging this problem, help would be appreciated 😃 I already tried / looked for several things. I am suspecting it might be a problem with libnss-extrausers or chown itself or both. On the server that has the problem: root@h2 /etc # grep -r froxlorlocal /etc /etc/subgid-:froxlorlocal:1279648:65536 /etc/subgid:froxlorlocal:1279648:65536 /etc/gshadow-:froxlorlocal:!::www-data /etc/passwd-:froxlorlocal:x:9999:9999:,,,:/home/froxlorlocal:/bin/false /etc/shadow:froxlorlocal:*:17141:0:99999:7::: /etc/subuid-:froxlorlocal:1279648:65536 /etc/gshadow:froxlorlocal:!::www-data /etc/shadow-:froxlorlocal:*:17141:0:99999:7::: /etc/php/7.3/fpm/pool.d/h2.vgstudios.co.il.conf:listen.owner = froxlorlocal /etc/php/7.3/fpm/pool.d/h2.vgstudios.co.il.conf:listen.group = froxlorlocal /etc/php/7.3/fpm/pool.d/h2.vgstudios.co.il.conf:user = froxlorlocal /etc/php/7.3/fpm/pool.d/h2.vgstudios.co.il.conf:group = froxlorlocal /etc/group-:froxlorlocal:x:9999:www-data /etc/subuid:froxlorlocal:1279648:65536 /etc/passwd:froxlorlocal:x:9999:9999:,,,:/home/froxlorlocal:/bin/false /etc/group:froxlorlocal:x:9999:www-data On the second server that has very similar setup, but way less customers and never has that error: root@h3:~# grep -r froxlorlocal /etc /etc/shadow-:froxlorlocal:*:17990:0:99999:7::: /etc/subuid:froxlorlocal:100000:65536 /etc/php/7.3/fpm/pool.d/h3.vagas.co.il.conf:listen.owner = froxlorlocal /etc/php/7.3/fpm/pool.d/h3.vagas.co.il.conf:listen.group = froxlorlocal /etc/php/7.3/fpm/pool.d/h3.vagas.co.il.conf:user = froxlorlocal /etc/php/7.3/fpm/pool.d/h3.vagas.co.il.conf:group = froxlorlocal /etc/group-:froxlorlocal:x:9999:www-data /etc/subgid:froxlorlocal:100000:65536 /etc/gshadow:froxlorlocal:!::www-data /etc/shadow:froxlorlocal:*:17990:0:99999:7::: /etc/gshadow-:froxlorlocal:!::www-data /etc/subuid-:froxlorlocal:100000:65536 /etc/subgid-:froxlorlocal:100000:65536 /etc/passwd-:froxlorlocal:x:9999:9999:,,,:/home/froxlorlocal:/bin/false /etc/passwd:froxlorlocal:x:9999:9999:,,,:/home/froxlorlocal:/bin/false /etc/group:froxlorlocal:x:9999:www-data
  9. For one of my friend's company this _could_ be interesting, if you have proper backups / depending on how those are handled. This is the biggest thing that keeps us from moving to other solutions, currently we use duplicity to backup encrypted on some cloud service(s) and moving elsewhere would mean usually a lot of drawbacks on the backups / backup retention time etc. But just see it as note, maybe many other customers have other problems / priorities and this won't be one with them maybe. Anyways: Good luck and success with your new project!
  10. Thank you very much for your help. Yes they were in there. I think that will solve it! (Used --remove instead of --delete.) Thank you!
  11. Yes sorry, I meant 0.10.17-1 (current latest). [Tue 26 May 2020 12:07:10 AM CEST] 3155.co.il:Verify error:Invalid response from https://3155.co.il/.well-known/acme-challenge/iySt9DPeykV5--MPZDoEbhBcdRhvDERKKhybpcJk7oo [2606:4700:3036::681f:4e4a]: [Tue 26 May 2020 12:07:10 AM CEST] Please add '--debug' or '--log' to check more details. [Tue 26 May 2020 12:07:10 AM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Tue 26 May 2020 12:07:11 AM CEST] Error renew 3155.co.il. [Tue 26 May 2020 12:07:20 AM CEST] hasade.vagas.co.il:Verify error:DNS problem: NXDOMAIN looking up A for hasade.vagas.co.il - check that a DNS record exists for this domain [Tue 26 May 2020 12:07:20 AM CEST] Please add '--debug' or '--log' to check more details. [Tue 26 May 2020 12:07:20 AM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Tue 26 May 2020 12:07:21 AM CEST] Error renew hasade.vagas.co.il. [Tue 26 May 2020 12:07:29 AM CEST] hibur-ins.co.il:Verify error:Invalid response from http://hibur-ins.co.il/.well-known/acme-challenge/WWxo_yP7fATDcZu1kpf7ejm3YIoXhKieZupJ-uFrmuI [88.218.117.67]: [Tue 26 May 2020 12:07:29 AM CEST] Please add '--debug' or '--log' to check more details. [Tue 26 May 2020 12:07:29 AM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Tue 26 May 2020 12:07:30 AM CEST] Error renew hibur-ins.co.il. [Tue 26 May 2020 12:07:45 AM CEST] lerougeparis.com:Verify error:DNS problem: NXDOMAIN looking up A for lerougeparis.com - check that a DNS record exists for this domain [Tue 26 May 2020 12:07:45 AM CEST] Please add '--debug' or '--log' to check more details. [Tue 26 May 2020 12:07:45 AM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Tue 26 May 2020 12:07:50 AM CEST] Error renew lerougeparis.com. [Wed 27 May 2020 12:07:12 AM CEST] 3155.co.il:Verify error:Invalid response from https://3155.co.il/.well-known/acme-challenge/MCobMUL5wTPs-XCoir5oTSihu4ye3Guac5Kviz6FQ-c [2606:4700:3036::681f:4e4a]: [Wed 27 May 2020 12:07:12 AM CEST] Please add '--debug' or '--log' to check more details. [Wed 27 May 2020 12:07:12 AM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Wed 27 May 2020 12:07:14 AM CEST] Error renew 3155.co.il. [Wed 27 May 2020 12:07:23 AM CEST] hasade.vagas.co.il:Verify error:DNS problem: NXDOMAIN looking up A for hasade.vagas.co.il - check that a DNS record exists for this domain [Wed 27 May 2020 12:07:23 AM CEST] Please add '--debug' or '--log' to check more details. [Wed 27 May 2020 12:07:23 AM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Wed 27 May 2020 12:07:23 AM CEST] Error renew hasade.vagas.co.il. [Wed 27 May 2020 12:07:36 AM CEST] hibur-ins.co.il:Verify error:Invalid response from http://hibur-ins.co.il/.well-known/acme-challenge/J14Nx0fTR-91ZK4bR02twD1wk-KwyU0ptaeTVCCv_DQ [88.218.117.67]: [Wed 27 May 2020 12:07:36 AM CEST] Please add '--debug' or '--log' to check more details. [Wed 27 May 2020 12:07:36 AM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Wed 27 May 2020 12:07:37 AM CEST] Error renew hibur-ins.co.il. [Wed 27 May 2020 12:07:49 AM CEST] lerougeparis.com:Verify error:DNS problem: NXDOMAIN looking up A for lerougeparis.com - check that a DNS record exists for this domain [Wed 27 May 2020 12:07:49 AM CEST] Please add '--debug' or '--log' to check more details. [Wed 27 May 2020 12:07:49 AM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Wed 27 May 2020 12:07:52 AM CEST] Error renew lerougeparis.com. [Thu 28 May 2020 12:07:10 AM CEST] 3155.co.il:Verify error:Invalid response from https://3155.co.il/.well-known/acme-challenge/axNKAqQ64Giv_34HhADn71RDTXxqz0Wgu7HRyO8QlhY [2606:4700:3031::681f:4f4a]: [Thu 28 May 2020 12:07:10 AM CEST] Please add '--debug' or '--log' to check more details. [Thu 28 May 2020 12:07:10 AM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Thu 28 May 2020 12:07:13 AM CEST] Error renew 3155.co.il. [Thu 28 May 2020 12:07:22 AM CEST] hasade.vagas.co.il:Verify error:DNS problem: NXDOMAIN looking up A for hasade.vagas.co.il - check that a DNS record exists for this domain [Thu 28 May 2020 12:07:22 AM CEST] Please add '--debug' or '--log' to check more details. [Thu 28 May 2020 12:07:22 AM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Thu 28 May 2020 12:07:23 AM CEST] Error renew hasade.vagas.co.il. [Thu 28 May 2020 12:07:31 AM CEST] hibur-ins.co.il:Verify error:Invalid response from http://hibur-ins.co.il/.well-known/acme-challenge/uPHrDnThy_o4SkeAvV_Az1qVz-4k0vzNf_pgtVCXeK8 [88.218.117.67]: [Thu 28 May 2020 12:07:31 AM CEST] Please add '--debug' or '--log' to check more details. [Thu 28 May 2020 12:07:31 AM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Thu 28 May 2020 12:07:33 AM CEST] Error renew hibur-ins.co.il. [Thu 28 May 2020 12:07:44 AM CEST] lerougeparis.com:Verify error:DNS problem: NXDOMAIN looking up A for lerougeparis.com - check that a DNS record exists for this domain [Thu 28 May 2020 12:07:44 AM CEST] Please add '--debug' or '--log' to check more details. [Thu 28 May 2020 12:07:44 AM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Thu 28 May 2020 12:07:47 AM CEST] Error renew lerougeparis.com. 3155.co.il - We don't host ourselves since many months and removed it from the panel. hasade.vagas.co.il - was removed long time ago for now. hibur-ins.co.il - same as 3155.co.il. Lerougeparis.com - we removed this from SSL port (but maybe I also need to remove it from Let's Encrypt, so might be partially our fault for this one?).
  12. Hi. Since we are on 0.10.7-1 we get acme.sh errors from the cron for domains that we deleted quite some while ago from Froxlor or that we removed from Let's Encrypt SSL earlier. Is this a bug or normal? Anyone else with that problem? With kind regards
  13. I wanted to suggest providing Liberapay.com as option for donations to the Froxlor team. It also allows to have teams.
  14. Hello. This is just a suggestion (so free free to ignore it): Increasingly people seem to want to use Gmail MX or Outlook MX with their domains. For that to work properly, I need to uncheck "Emaildomain" of course (otherwise any sending email accounts on the local server won't find the target domain's accounts on the MX servers, since the domain gets resolved locally and it tells it there is no such mail box). In case Froxlor is ported to OpenDKIM, I'd like to suggest of thinking of this possibility from a DKIM perspective, since currently when you turn off "Emaildomain" then of course DKIM entries are not created in the DNS. Ideally I would want the DKIM keys in the DNS of the server and be able to add Gmail's or Outlook's entries. Of course this also needs to take the _adsp._domainkey into account. The current solution is to live without DKIM for the website or somehow enter the website server's key manually in the DNS. I am able to do that, but I think it might be cumbersome for many people. Anyways, independent from that a big thank you for Froxlor to anyone who works on developing it / helps with it :-)
×
×
  • Create New...