Jump to content
Froxlor Forum

All Activity

This stream auto-updates     

  1. Today
  2. nach aktivierung folge auch bitte den konfigurations-schritten für libnss-extrausers sonst funktioniert das nicht ja aber auch da muss das paket installiert sein und entsprechend konfiguriert (nsswitch.conf) Froxlor macht das natürlich, wär ja sonst sinnfrei
  3. als für mein Verständnis nochmal: libnss-extrausers aktivieren (exportiert die extra Nutzer automatisch nach /var/lib/extrausers im Guest OS) enable libnss-extrausers auf Host Sync von Guest OS extrausers in Host extrausers So korrekt? Ergänzende Frage: Bedeutet ich muss manuell die user aus der DB ins filesystem migrieren oder macht Froxlor das automatisch? Danke!
  4. via libnss, entweder direkt aus der datenbank (libnss-mysql, nicht zu empfehlen) oder eben via eigenen dateien in /var/lib/extrausers (libnss-extrausers, muss in froxlor separat aktiviert werden). Ich habe da für multiserver sachen z.B. ein custom-reload-bash-script für das reload-command des webservers wo ich diese ordner auf den jeweiligen host rsynce damit die überall verfügbar sind
  5. Hi zusammen, ich baue gerade via ansible eine vserver Provisonierung. Als PoC möchte ich gerne Froxlor als Pod / Docker Image ausrollen. mysql wird auf anderen Pods laufen und bereitgestellt werden. Dateien werden auf dem Host abgelegt und gemounted. Aktueller Stand: Backup auf altem Server mit restic Setup der Umgebung auf dem neuen Server inkl. Kubernetes Pod für Froxlor auf Basis eines custom Docker Images Restore auf neuem Servier mit restic Herausforderung: Da ich /var/www/ und /var/customers/ gerne vom Host aus in das Image mounten möchte, stellt sich mir die Frage, wie ich das Usermanagement machen kann. Nach dem Restore auf dem neuen Server sieht man nur die userIds der User. Wie macht Froxlor das user management der lokalen user? Was von Froxlor muss im Host verfügbar gemacht werden? Für Denkanstöße bin ich sehr dankbar. Grüße Jan
  6. Last week
  7. After you've adjusted the settings to your needs: yes of course
  8. I'm going to scratch this attempt and start with a snapshot that includes LAMP. Question, if apache2 is already installed on the server, must I still run the configuration routine in Froxlor?
  9. Looks like you did not configure the services correctly. Seems SSL is not active for Apache:
  10. Very interesting. I just tried restarting apache2 from the command line and, sure enough, it failed. I checked the service status: sudo systemctl status apache2.service ● apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Drop-In: /lib/systemd/system/apache2.service.d └─apache2-systemd.conf Active: failed (Result: exit-code) since Sat 2020-02-22 17:47:15 UTC; 49s ago Process: 13800 ExecStop=/usr/sbin/apachectl stop (code=exited, status=1/FAILURE) Process: 11724 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=1/FAILURE) Process: 13854 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE) Main PID: 898 (code=exited, status=0/SUCCESS) Feb 22 17:47:15 admin systemd[1]: Starting The Apache HTTP Server... Feb 22 17:47:15 admin apachectl[13854]: AH00526: Syntax error on line 5 of /etc/apache2/sites-enabled/03_froxlor_ocsp_cache.conf: Feb 22 17:47:15 admin apachectl[13854]: Invalid command 'SSLStaplingCache', perhaps misspelled or defined by a module not included in the server config Feb 22 17:47:15 admin apachectl[13854]: Action 'start' failed. Feb 22 17:47:15 admin apachectl[13854]: The Apache error log may have more information. Feb 22 17:47:15 admin systemd[1]: apache2.service: Control process exited, code=exited status=1 Feb 22 17:47:15 admin systemd[1]: apache2.service: Failed with result 'exit-code'. Feb 22 17:47:15 admin systemd[1]: Failed to start The Apache HTTP Server. And now froxlor is down altogether. Very odd. I'll poke around some more.
  11. Are you sure this is what you want? Usually the listen entries are out of the box enabled by Apache itself (and for 443 if a2enmod ssl). Because in that case there would be double listen-statements and Apache should either not (re)start or reload with errors
  12. Well, I waited overnight for things to propagate, and I'm still getting the danged login screen. To try to further isolate the cause, I actually deleted the domain and the customer and decided to try again. So here is what I have: One domain with a single "A" @ DNS record pointing to the server IP address. I created a new customer in Froxlor. I added the domain to Froxlor (using domain.tld) The IP address is assigned to the domain using both ports 80 and 443. SSL redirect is off on 443 and I'm not using Let's Encrypt. Before clicking save, I checked the /var/customers/webs/ directory for the Customer name. It's there. I click save and a subdomain for the customer is created with /domain.ltd. The default froxlor index.html file appears, and I'm hoping to see that later on when I try to navigate to the domain. I then double check /etc/apache2/sites-enabled subdirectory. Here are the contents: lrwxrwxrwx 1 root root 35 Feb 20 23:49 000-default.conf -> ../sites-available/000-default.conf -rw-r--r-- 1 root root 230 Feb 22 14:25 03_froxlor_ocsp_cache.conf -rw-r--r-- 1 root root 264 Feb 22 14:25 05_froxlor_dirfix_nofcgid.conf -rw-r--r-- 1 root root 790 Feb 22 14:25 10_froxlor_ipandport_142.93.66.212.443.conf -rw-r--r-- 1 root root 621 Feb 22 14:25 10_froxlor_ipandport_142.93.66.212.80.conf -rw-r--r-- 1 root root 774 Feb 22 14:25 35_froxlor_normal_vhost_christopherdrew.com.conf -rw-r--r-- 1 root root 342 Feb 22 14:25 35_froxlor_ssl_vhost_christopherdrew.com.conf -rw-r--r-- 1 root root 409 Feb 22 14:25 40_froxlor_diroption_adc68c552ae13d6eff87cd61bec19296.conf The Listen statement for the ports are in the files prefixed with 10_ I checked the contents of the 35_froxlor_normal vhost file and the document root for the domain is exactly what I expected: /var/customers/webs/CustomerName/domain.tld/ I specified no domain alias. I make sure all the server config jobs run. And then, I attempt to navigate to http://domain.tld. Result: The froxlor login page. I'm probably missing something fundamental, but I just can't figure out what it is.
  13. Possibly yes. But most likely you've hit the ratelimit for lets encrypt requests, so you'd better deactivate that in froxlor for now until the dns is working correctly and then try again
  14. Oh boy... As I said earlier, I'm pretty new to this stuff, but I know enough to know that I need a danged 'A' record on the domain.tld. So if I correct that and let the Let's Encrypt cron job run a few times, should that clear up the matter?
  15. 1) the domain added by you does not resolve to any IP (www.domain.tld does though) 2) because of that, the let's encrypt ssl certificate cannot be issued 3) you have selected "SSL Redirect" for the domain, so there is a vhost for http which just redirects to https but due to no ssl-certificate, the ssl-vhost cannot be created, hence you see the froxlor-login
  16. No problem. I'll create a temp account for you with Sudo. I'll send you the credential via PM in a few.
  17. No this is just fine that way. So sorry, without more information I cannot tell you what's wrong on your side
  18. Yes, they are in /etc/apache2/sites-enabled One more question: When I was setting things up, I changed the apache2 document root from /var/www/html to /var/www. Would that have caused some kind of issue? (And thank you for your quick replies!)
  19. I hope you mean the files are placed in /etc/apache2/sites-enabled/ and not just /sites-enabled. If you want you can PM me access credentials to your server and I can check what's up there because basically this runs out of the box
  20. I'm totally new to this as well, and I'm experiencing a similar problem. Domains are going to the Froxlor login page. I've checked my DNS records and they are pointing to ipv4 addresses. The vhost files seems to be in place as expected (in /sites-enabled). The server itself is on a DigitialOcean and does not have ipv6 enabled. The files for the web domain seem to be in the correct document root directory. And yet, I get the login page. Any other ideas about what could check?
  21. 😜 Jetzt geht es. Habe ca. 100x den cronjob gestartet und apache neu gestartet und php und und und. Aber keine Änderung. Nachdem ich hier gepostet habe geht es plötzlich. Also: Mark as solved Thx
  22. Hi, wo hat es denn gehackt? Ich versuche auch einem ähnlichen Problem auf die Schliche zu kommen. Die 35_...conf werden angelegt aber der Apache ignoriert den Inhalt irgendwie... Zum Vergleich: diese Domain leitet mich direkt zur Froxlor Oberfläche (Php-fpm, froxlor VHost direkt erreichbar, ...) # 35_froxlor_ssl_vhost_www2.domain.at.conf # Created 20.02.2020 15:47 # Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel. # Domain ID: 6 (SSL) - CustomerID: 2 - CustomerLogin: domain <VirtualHost 178.Z.X.Y:443> ServerName www2.domain.at ServerAdmin info@domain.at SSLEngine On SSLProtocol -ALL +TLSv1.2 Protocols h2 http/1.1 SSLCompression Off SSLSessionTickets on SSLHonorCipherOrder off SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA SSLVerifyDepth 10 SSLCertificateFile /etc/ssl/froxlor-custom/www2.domain.at.crt SSLCertificateKeyFile /etc/ssl/froxlor-custom/www2.domain.at.key SSLCACertificateFile /etc/ssl/froxlor-custom/www2.domain.at_CA.pem SSLCertificateChainFile /etc/ssl/froxlor-custom/www2.domain.at_chain.pem <IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=0" </IfModule> DocumentRoot "/var/customers/webs/domain/www2.domain.at/" <FilesMatch \.(php)$> SetHandler proxy:unix:/var/lib/apache2/fastcgi/1-domain-www2.domain.at-php-fpm.socket|fcgi://localhost </FilesMatch> <Directory "/var/customers/webs/domain/www2.domain.at/"> Require all granted AllowOverride All </Directory> Alias /webalizer "/var/customers/webs/domain/webalizer/www2.domain.at" LogLevel debug ErrorLog "/var/customers/logs/domain-www2.domain.at-error.log" CustomLog "/var/customers/logs/domain-www2.domain.at-access.log" combined </VirtualHost> Diese bringt mich zum Ziel: # 35_froxlor_ssl_vhost_1.domain2.com.conf # Created 20.02.2020 15:47 # Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel. # Domain ID: 2 (SSL) - CustomerID: 1 - CustomerLogin: domain2 <VirtualHost 178.Z.X.Y:443> ServerName 1.domain2.com ServerAdmin domain2.name@icloud.com SSLEngine On SSLProtocol -ALL +TLSv1.2 Protocols h2 http/1.1 SSLCompression Off SSLSessionTickets on SSLHonorCipherOrder off SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA SSLVerifyDepth 10 SSLCertificateFile /etc/ssl/froxlor-custom/1.domain2.com.crt SSLCertificateKeyFile /etc/ssl/froxlor-custom/1.domain2.com.key SSLCACertificateFile /etc/ssl/froxlor-custom/1.domain2.com_CA.pem SSLCertificateChainFile /etc/ssl/froxlor-custom/1.domain2.com_chain.pem <IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=0" </IfModule> DocumentRoot "/var/customers/webs/domain2/1.domain2.com/" <FilesMatch \.(php)$> SetHandler proxy:unix:/var/lib/apache2/fastcgi/1-domain2-1.domain2.com-php-fpm.socket|fcgi://localhost </FilesMatch> <Directory "/var/customers/webs/domain2/1.domain2.com/"> Require all granted AllowOverride All </Directory> Alias /webalizer "/var/customers/webs/domain2/webalizer/1.domain2.com" LogLevel debug ErrorLog "/var/customers/logs/domain2-1.domain2.com-error.log" CustomLog "/var/customers/logs/domain2-1.domain2.com-access.log" combined </VirtualHost> Und noch die ipandport config: # 10_froxlor_ipandport_178.Z.X.Y.443.conf # Created 20.02.2020 15:47 # Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel. <VirtualHost 178.Z.X.Y:443> DocumentRoot "/var/www/froxlor/" ServerName panel.domain.eu <FilesMatch \.(php)$> SetHandler proxy:unix:/var/lib/apache2/fastcgi/3-froxlor.panel-panel.domain.eu-php-fpm.socket|fcgi://localhost </FilesMatch> SSLEngine On SSLProtocol -ALL +TLSv1.2 Protocols h2 http/1.1 SSLCompression Off SSLSessionTickets on SSLHonorCipherOrder off SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA SSLVerifyDepth 10 SSLCertificateFile /etc/ssl/froxlor-custom/panel.domain.eu.crt SSLCertificateKeyFile /etc/ssl/froxlor-custom/panel.domain.eu.key SSLCACertificateFile /etc/ssl/froxlor-custom/panel.domain.eu_CA.pem SSLCertificateChainFile /etc/ssl/froxlor-custom/panel.domain.eu_chain.pem </VirtualHost> Welche Logfiles wären interessant? Die Customer Logs zeigen nichts. (Also kein Inhalt) Danke! LG
  23. Sorry, aber es wirkt auf mich als wäre hier sehr wenig Grundlage in Linux und Administration eines Servers vorhanden. Ggfls solltest du jemanden suchen der das mit dir zusammen durchgeht. Die Standard-configs funktionieren wunderbar wenn alles korrekt eingerichtet wurde und es gibt auch keine probleme mit versenden oder empfangen von emails. Alternativ kannst du hier gerne die Dienste von https://froxlor.suppport/ in Anspruch nehmen
  24. habe ich auf no gesetzt. In den Datei 10-auth.conf und 10-auth.conf.frx.bak Kann mich noch nicht in windows Live Mail anmelden. Hier ist noch mal die mail.log Feb 19 22:11:49 bizz-hosting postfix/smtpd[1334]: disconnect from unknown[45.133.99.2] ehlo=1 auth=0/1 commands=1/2 Feb 19 22:11:54 bizz-hosting postfix/smtpd[1334]: connect from unknown[45.133.99.2] Feb 19 22:11:54 bizz-hosting postfix/smtpd[1554]: lost connection after AUTH from unknown[45.133.99.2] Feb 19 22:11:54 bizz-hosting postfix/smtpd[1554]: disconnect from unknown[45.133.99.2] ehlo=1 auth=0/1 commands=1/2 Feb 19 22:12:01 bizz-hosting postfix/smtpd[1334]: lost connection after AUTH from unknown[45.133.99.2] Feb 19 22:12:01 bizz-hosting postfix/smtpd[1334]: disconnect from unknown[45.133.99.2] ehlo=1 auth=0/1 commands=1/2 Feb 19 22:12:01 bizz-hosting postfix/smtpd[1554]: connect from unknown[45.133.99.2] Feb 19 22:12:08 bizz-hosting postfix/smtpd[1554]: warning: unknown[45.133.99.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 19 22:12:08 bizz-hosting postfix/smtpd[1554]: lost connection after AUTH from unknown[45.133.99.2] Feb 19 22:12:08 bizz-hosting postfix/smtpd[1554]: disconnect from unknown[45.133.99.2] ehlo=1 auth=0/1 commands=1/2 Feb 19 22:12:08 bizz-hosting postfix/smtpd[1334]: connect from unknown[45.133.99.2] Feb 19 22:12:15 bizz-hosting postfix/smtpd[1334]: lost connection after AUTH from unknown[45.133.99.2] Feb 19 22:12:15 bizz-hosting postfix/smtpd[1334]: disconnect from unknown[45.133.99.2] ehlo=1 auth=0/1 commands=1/2 Feb 19 22:12:15 bizz-hosting postfix/smtpd[1554]: connect from unknown[45.133.99.2] Feb 19 22:12:22 bizz-hosting postfix/smtpd[1554]: lost connection after AUTH from unknown[45.133.99.2] Feb 19 22:12:22 bizz-hosting postfix/smtpd[1554]: disconnect from unknown[45.133.99.2] ehlo=1 auth=0/1 commands=1/2 Feb 19 22:12:22 bizz-hosting postfix/smtpd[1334]: connect from unknown[45.133.99.2] Feb 19 22:12:30 bizz-hosting postfix/smtpd[1334]: warning: unknown[45.133.99.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 19 22:12:30 bizz-hosting postfix/smtpd[1334]: lost connection after AUTH from unknown[45.133.99.2] Feb 19 22:12:30 bizz-hosting postfix/smtpd[1334]: disconnect from unknown[45.133.99.2] ehlo=1 auth=0/1 commands=1/2 Feb 19 22:12:36 bizz-hosting dovecot: pop3-login: Disconnected (tried to use disallowed plaintext auth): user=<admin@bizz-hosting.de>, rip=217.254.110.28, lip=207.180.236.246, session=<CBltP/Sek8PZ/m4c> Feb 19 22:13:08 bizz-hosting postfix/smtpd[1554]: connect from unknown[45.133.99.2] Feb 19 22:13:14 bizz-hosting postfix/smtpd[1554]: warning: unknown[45.133.99.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 19 22:13:14 bizz-hosting postfix/smtpd[1554]: lost connection after AUTH from unknown[45.133.99.2] Feb 19 22:13:14 bizz-hosting postfix/smtpd[1554]: disconnect from unknown[45.133.99.2] ehlo=1 auth=0/1 commands=1/2 Feb 19 22:13:14 bizz-hosting postfix/smtpd[1334]: connect from unknown[45.133.99.2] Feb 19 22:13:20 bizz-hosting postfix/smtpd[1334]: lost connection after AUTH from unknown[45.133.99.2] Feb 19 22:13:20 bizz-hosting postfix/smtpd[1334]: disconnect from unknown[45.133.99.2] ehlo=1 auth=0/1 commands=1/2 Feb 19 22:13:20 bizz-hosting postfix/smtpd[1554]: connect from unknown[45.133.99.2] Feb 19 22:13:26 bizz-hosting postfix/smtpd[1554]: lost connection after AUTH from unknown[45.133.99.2] Feb 19 22:13:26 bizz-hosting postfix/smtpd[1554]: disconnect from unknown[45.133.99.2] ehlo=1 auth=0/1 commands=1/2 Feb 19 22:13:26 bizz-hosting postfix/smtpd[1334]: connect from unknown[45.133.99.2] Feb 19 22:13:32 bizz-hosting postfix/smtpd[1334]: warning: unknown[45.133.99.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 19 22:13:32 bizz-hosting postfix/smtpd[1334]: lost connection after AUTH from unknown[45.133.99.2] Feb 19 22:13:32 bizz-hosting postfix/smtpd[1334]: disconnect from unknown[45.133.99.2] ehlo=1 auth=0/1 commands=1/2
  25. I guess you need to activate the correct php module for apache a2enmod php7 / a2enmod php - depending on how you've installed php7
  1. Load more activity
×
×
  • Create New...