Jump to content
Froxlor Forum

Release 0.10.26 - API based froxlor with 2FA, MySQL8 compatibility, new Let's Encrypt implementation and much more...


d00p

Recommended Posts

I just found out: Only domains that have alias domains are duplicated. And the number of duplicates is exactly the number of alias domains.

So I guess it is a problem with alias domains. If you still can't replicate, please let me know.

Edit: After removing the alias domains, the duplicates are gone.

Also the link to the alias domains leads to an empty list of domains.

Edited by crazy4chrissi
Link to comment
Share on other sites

I can reproduce some issues with alias-domains yes, but your problem seems to be another, as for alias domains, there should no %PATH% shown but "Alias for domain [domain.tld]". Also, please tell me whether the "subdomains" have been added as admin (sub but maindomain) or the customer itself.

Link to comment
Share on other sites

  • 3 weeks later...

What is the recommended upgrade path when running Debian 8 (Jessie) with Froxlor 0.9.40.1-1+jessie1? Upgrade Debian twice, then add the repo 'deb https://deb.froxlor.org/debian buster main', then upgrade Froxlor?

Also, is that repo still only 'testing', as was mentioned here (earlier in this thread)?

I will make an VPS snapshot so I have some room for experimentation (I can revert in a pinch), but knowing what to expect is better of course :)

Link to comment
Share on other sites

Yes, First through all Debians nothing special. Remember to backup everything! If on latest Debian you don't necessarily need to add the repository if you already have froxlor installed. the repository is official and includes the latest stable release of froxlor. It is safe to use.

Don't forget that due to changes in many services I'd recommend re-configure these. Also don't forget to adjust Froxlors settings according to the new environment (apache 2.2 -> 2.4, if using php-fpm, need to use mod_proxy,etc.) all prior to reconfiguring the services.

 

Link to comment
Share on other sites

On 1/26/2020 at 3:10 PM, d00p said:

Yes, First through all Debians nothing special. Remember to backup everything! If on latest Debian you don't necessarily need to add the repository of you already have froxlor installed. the repository is official and includes the latest stable release of froxlor. It is safe to use.

Don't forget that due to changes in many services I'd recommend re-configure these. Also don't forget to adjust Froxlors settings according to the new environment (apache 2.2 -> 2.4, if using php-fpm, need to use mod_proxy,etc.) all prior to reconfiguring the services.

 

Because I had to revert a failed upgrade some time ago from Debian 8 with Froxlor 0.9 with Courier IMAP/POP3, I learned some things that may be relevant to others upgrading, so I thought I'd post them.

Important pre-steps:

  • Tip: put /etc all in git.
  • Disable all lines in /etc/cron.d/froxlor before doing anything.
  • When upgrading Debian, it always leaves the old PHP versions around. You have to explicitly remove them after 'dist-upgrade'. Having php5 still around, unknowingly, was one of my previous problems. See your installed packages with 'aptitude search php | grep ^i'.

Further, I can't seem to find much info about it, but Froxlor dropped Courier support? At least when suggesting configs in its system setup, it only suggests Dovecot. I decided to retain Courier (for the foreseeable future). There was a big warning by apt saying ''the Courier MTA packaging has been extensively rewritten...", but in the end, I only had to fix minor permission things.

Because Froxlor only gives you Postfix+Dovecot default configs, I retained my Postfix configs, except the virtual mail configuration configs that define mysql queries. They had to be selectively taken from the system setup page in the admin panel. The tables where users reside changed, so that was important. My Postfix config still defined a 'virtual_mailbox_base', so the default 'mysql-virtual_mailbox_maps.cf' didn't work. The original file did work.

Courier didn't need changes related to logins or maildir, but it will give some errors in the error log that are easy to fix. The new courier did, however, change in which files the CA chain needs to be stored. I now have cert, key and chain all in 'TLS_CERTFILE'. My Nagios/Icinga ssl checker script is happy again.

Apt will mark courier as 'no longer needed', so you need to 'apt install' manually to make sure apt doesn't 'autoremove' it later.

/etc/cron.d/froxlor is still never regenerated. I had to edit it to replace 'php5' with php. I've had this before. Still looking into it.

Link to comment
Share on other sites

8 minutes ago, halfgaar said:

Disable all lines in /etc/cron.d/froxlor before doing anything.

Or simply just stop the cron service :)

8 minutes ago, halfgaar said:

When upgrading Debian, it always leaves the old PHP versions around. You have to explicitly remove them after 'dist-upgrade'. Having php5 still around, unknowingly, was one of my previous problems. See your installed packages with 'aptitude search php | grep ^i'.

Beware of removing old but possibly still in use php-versions...I'd recommend removing older php-version after validating froxlor or customers do not use them anylonger

9 minutes ago, halfgaar said:

Further, I can't seem to find much info about it, but Froxlor dropped Courier support?

no maintainer, I don't know anyone still using courier. You are welcome to provide required configuration-templates for it

11 minutes ago, halfgaar said:

etc/cron.d/froxlor is still never regenerated. I had to edit it to replace 'php5' with php. I've had this before.

Sure it's regenerated, but only with data from the settings. If you have php5 in there you need to adjust the corresponding setting first

Link to comment
Share on other sites

24 minutes ago, d00p said:

Or simply just stop the cron service

You never know what apt restarts, and also because of reboots, I prefer to make it permanent.

24 minutes ago, d00p said:

Beware of removing old but possibly still in use php-versions...I'd recommend removing older php-version after validating froxlor or customers do not use them anylonger

Froxlor went haywire last time running on php5, so I wanted to be sure this time. I communicated the PHP5 to 7.3 upgrade to users before the upgrade, so I was covered there.

24 minutes ago, d00p said:

no maintainer, I don't know anyone still using courier. You are welcome to provide required configuration-templates for it

I could, perhaps, but I don't have any special reason to use it (. I just didn't want to tag a Courier-to-dovecot migration to my upgrade as well. People installing fresh would like not care, but people upgrading like me do. But, I've found very little comments that people do. This forum post may help the few who do.

24 minutes ago, d00p said:

Sure it's regenerated, but only with data from the settings. If you have php5 in there you need to adjust the corresponding setting first

The cronjob settings page says:

"Cron execution command (php-binary): Command to execute our cronjobs. Change this only if you know what you are doing (default: "/usr/bin/nice -n 5 /usr/bin/php5 -q")!"

Here in source.

Shouldn't that have been covered in a migration?

I just changed that setting, and the cronjob, that I had added some test comments too, is indeed regenerated.

Link to comment
Share on other sites

6 minutes ago, halfgaar said:

The cronjob settings page says:

"Cron execution command (php-binary): Command to execute our cronjobs. Change this only if you know what you are doing (default: "/usr/bin/nice -n 5 /usr/bin/php5 -q")!"

Here in source.

you're right, missed that in the language files. The fallback in CronConfig.php is very unlikely to happen, but also updated now, thank you.

Link to comment
Share on other sites

23 minutes ago, gamefreaktegel said:

Hi,

Quick question...

Does that mean that we have to create the cronjob of acme.sh using the "--install" or "--install-cronjob" option?

No froxlor handles that for you

Link to comment
Share on other sites

ok, that's my issue. There is nothing related to acme.sh.

I checked "AcmeSh.php" and can see the checkUpgrade() function. This function will be called in function runAcmeSh(). Looks also good.

 

After running:

acme.sh --install-cronjob

... it looks all good. The cronjob was inserted.

Strange...

Link to comment
Share on other sites

I found this issue, because I got notifications from the Let's Encrypt Expiry Bot.

So I checked all logs and didn't see any errors. Froxlor was showing me that a lot of certificates needs to be renewed.

Afterwards I ran the master cronjob with --force and --debug. Also no errors and I saw messages like "[information] Updated Let's Encrypt certificate for example.tld".

So this was looking also good, but no certificate was updated.

I checked acme.sh --list and saw that no certificate were updated, too.

 

So I came to the point that acme.sh was not being executed at all.

Link to comment
Share on other sites

Just FYI: Updated a little late, but got a database error, when logging in as an admin and performing the update. Got an "SQLSTATE[23000]: Integrity constraint violation:[...]" caused by entrys with the same domain-id. Deleted one of them and it worked. 

 

Link to comment
Share on other sites

4 hours ago, brecherspitz82 said:

Just FYI: Updated a little late, but got a database error, when logging in as an admin and performing the update. Got an "SQLSTATE[23000]: Integrity constraint violation:[...]" caused by entrys with the same domain-id. Deleted one of them and it worked. 

 

Thanks, known and fixed, see https://github.com/Froxlor/Froxlor/issues/840

Link to comment
Share on other sites

  • d00p changed the title to Release 0.10.26 - API based froxlor with 2FA, MySQL8 compatibility, new Let's Encrypt implementation and much more...
  • d00p unpinned this topic
  • d00p unfeatured this topic

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...