Jump to content
Froxlor Forum

Release 0.10.26 - API based froxlor with 2FA, MySQL8 compatibility, new Let's Encrypt implementation and much more...


Recommended Posts

Posted

Hm it's not like that on my boxes, can you please send me a dump of your panel_domains table so I can check?

Posted (edited)

I just found out: Only domains that have alias domains are duplicated. And the number of duplicates is exactly the number of alias domains.

So I guess it is a problem with alias domains. If you still can't replicate, please let me know.

Edit: After removing the alias domains, the duplicates are gone.

Also the link to the alias domains leads to an empty list of domains.

Edited by crazy4chrissi
Posted

I can reproduce some issues with alias-domains yes, but your problem seems to be another, as for alias domains, there should no %PATH% shown but "Alias for domain [domain.tld]". Also, please tell me whether the "subdomains" have been added as admin (sub but maindomain) or the customer itself.

Posted
37 minutes ago, crazy4chrissi said:

The problem that the link "Has Aliasdomains" links to an empty list of domains (even though there are alias domains) is still there.

There you go: https://git.io/JeiAl

  • 3 weeks later...
Posted

What is the recommended upgrade path when running Debian 8 (Jessie) with Froxlor 0.9.40.1-1+jessie1? Upgrade Debian twice, then add the repo 'deb https://deb.froxlor.org/debian buster main', then upgrade Froxlor?

Also, is that repo still only 'testing', as was mentioned here (earlier in this thread)?

I will make an VPS snapshot so I have some room for experimentation (I can revert in a pinch), but knowing what to expect is better of course :)

Posted

Yes, First through all Debians nothing special. Remember to backup everything! If on latest Debian you don't necessarily need to add the repository if you already have froxlor installed. the repository is official and includes the latest stable release of froxlor. It is safe to use.

Don't forget that due to changes in many services I'd recommend re-configure these. Also don't forget to adjust Froxlors settings according to the new environment (apache 2.2 -> 2.4, if using php-fpm, need to use mod_proxy,etc.) all prior to reconfiguring the services.

 

Posted
On 1/26/2020 at 3:10 PM, d00p said:

Yes, First through all Debians nothing special. Remember to backup everything! If on latest Debian you don't necessarily need to add the repository of you already have froxlor installed. the repository is official and includes the latest stable release of froxlor. It is safe to use.

Don't forget that due to changes in many services I'd recommend re-configure these. Also don't forget to adjust Froxlors settings according to the new environment (apache 2.2 -> 2.4, if using php-fpm, need to use mod_proxy,etc.) all prior to reconfiguring the services.

 

Because I had to revert a failed upgrade some time ago from Debian 8 with Froxlor 0.9 with Courier IMAP/POP3, I learned some things that may be relevant to others upgrading, so I thought I'd post them.

Important pre-steps:

  • Tip: put /etc all in git.
  • Disable all lines in /etc/cron.d/froxlor before doing anything.
  • When upgrading Debian, it always leaves the old PHP versions around. You have to explicitly remove them after 'dist-upgrade'. Having php5 still around, unknowingly, was one of my previous problems. See your installed packages with 'aptitude search php | grep ^i'.

Further, I can't seem to find much info about it, but Froxlor dropped Courier support? At least when suggesting configs in its system setup, it only suggests Dovecot. I decided to retain Courier (for the foreseeable future). There was a big warning by apt saying ''the Courier MTA packaging has been extensively rewritten...", but in the end, I only had to fix minor permission things.

Because Froxlor only gives you Postfix+Dovecot default configs, I retained my Postfix configs, except the virtual mail configuration configs that define mysql queries. They had to be selectively taken from the system setup page in the admin panel. The tables where users reside changed, so that was important. My Postfix config still defined a 'virtual_mailbox_base', so the default 'mysql-virtual_mailbox_maps.cf' didn't work. The original file did work.

Courier didn't need changes related to logins or maildir, but it will give some errors in the error log that are easy to fix. The new courier did, however, change in which files the CA chain needs to be stored. I now have cert, key and chain all in 'TLS_CERTFILE'. My Nagios/Icinga ssl checker script is happy again.

Apt will mark courier as 'no longer needed', so you need to 'apt install' manually to make sure apt doesn't 'autoremove' it later.

/etc/cron.d/froxlor is still never regenerated. I had to edit it to replace 'php5' with php. I've had this before. Still looking into it.

Posted
8 minutes ago, halfgaar said:

Disable all lines in /etc/cron.d/froxlor before doing anything.

Or simply just stop the cron service :)

8 minutes ago, halfgaar said:

When upgrading Debian, it always leaves the old PHP versions around. You have to explicitly remove them after 'dist-upgrade'. Having php5 still around, unknowingly, was one of my previous problems. See your installed packages with 'aptitude search php | grep ^i'.

Beware of removing old but possibly still in use php-versions...I'd recommend removing older php-version after validating froxlor or customers do not use them anylonger

9 minutes ago, halfgaar said:

Further, I can't seem to find much info about it, but Froxlor dropped Courier support?

no maintainer, I don't know anyone still using courier. You are welcome to provide required configuration-templates for it

11 minutes ago, halfgaar said:

etc/cron.d/froxlor is still never regenerated. I had to edit it to replace 'php5' with php. I've had this before.

Sure it's regenerated, but only with data from the settings. If you have php5 in there you need to adjust the corresponding setting first

Posted
24 minutes ago, d00p said:

Or simply just stop the cron service

You never know what apt restarts, and also because of reboots, I prefer to make it permanent.

24 minutes ago, d00p said:

Beware of removing old but possibly still in use php-versions...I'd recommend removing older php-version after validating froxlor or customers do not use them anylonger

Froxlor went haywire last time running on php5, so I wanted to be sure this time. I communicated the PHP5 to 7.3 upgrade to users before the upgrade, so I was covered there.

24 minutes ago, d00p said:

no maintainer, I don't know anyone still using courier. You are welcome to provide required configuration-templates for it

I could, perhaps, but I don't have any special reason to use it (. I just didn't want to tag a Courier-to-dovecot migration to my upgrade as well. People installing fresh would like not care, but people upgrading like me do. But, I've found very little comments that people do. This forum post may help the few who do.

24 minutes ago, d00p said:

Sure it's regenerated, but only with data from the settings. If you have php5 in there you need to adjust the corresponding setting first

The cronjob settings page says:

"Cron execution command (php-binary): Command to execute our cronjobs. Change this only if you know what you are doing (default: "/usr/bin/nice -n 5 /usr/bin/php5 -q")!"

Here in source.

Shouldn't that have been covered in a migration?

I just changed that setting, and the cronjob, that I had added some test comments too, is indeed regenerated.

Posted
6 minutes ago, halfgaar said:

The cronjob settings page says:

"Cron execution command (php-binary): Command to execute our cronjobs. Change this only if you know what you are doing (default: "/usr/bin/nice -n 5 /usr/bin/php5 -q")!"

Here in source.

you're right, missed that in the language files. The fallback in CronConfig.php is very unlikely to happen, but also updated now, thank you.

Posted

Hi,

Quick question...

Quote

restructure acmesh implementation and let acme.sh take care of renewing the certificates itself; fixes #792, fixes #816

Does that mean that we have to create the cronjob of acme.sh using the "--install" or "--install-cronjob" option?

Posted
23 minutes ago, gamefreaktegel said:

Hi,

Quick question...

Does that mean that we have to create the cronjob of acme.sh using the "--install" or "--install-cronjob" option?

No froxlor handles that for you

Posted
4 minutes ago, gamefreaktegel said:

So there should be a cronjob from acme.sh now?

Yes, check "crontab -e" as root

Posted

ok, that's my issue. There is nothing related to acme.sh.

I checked "AcmeSh.php" and can see the checkUpgrade() function. This function will be called in function runAcmeSh(). Looks also good.

 

After running:

acme.sh --install-cronjob

... it looks all good. The cronjob was inserted.

Strange...

Posted

Let's encrypt Cron only does something if there's something to do, so possibly no issue or renew hence no Cron inserted by froxlor

Posted

I found this issue, because I got notifications from the Let's Encrypt Expiry Bot.

So I checked all logs and didn't see any errors. Froxlor was showing me that a lot of certificates needs to be renewed.

Afterwards I ran the master cronjob with --force and --debug. Also no errors and I saw messages like "[information] Updated Let's Encrypt certificate for example.tld".

So this was looking also good, but no certificate was updated.

I checked acme.sh --list and saw that no certificate were updated, too.

 

So I came to the point that acme.sh was not being executed at all.

Posted

Just FYI: Updated a little late, but got a database error, when logging in as an admin and performing the update. Got an "SQLSTATE[23000]: Integrity constraint violation:[...]" caused by entrys with the same domain-id. Deleted one of them and it worked. 

 

Posted
4 hours ago, brecherspitz82 said:

Just FYI: Updated a little late, but got a database error, when logging in as an admin and performing the update. Got an "SQLSTATE[23000]: Integrity constraint violation:[...]" caused by entrys with the same domain-id. Deleted one of them and it worked. 

 

Thanks, known and fixed, see https://github.com/Froxlor/Froxlor/issues/840

  • d00p changed the title to Release 0.10.26 - API based froxlor with 2FA, MySQL8 compatibility, new Let's Encrypt implementation and much more...
  • d00p unpinned this topic
  • d00p unfeatured this topic

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...