cover photo

elmussol

elmussol@elsmussols.org

elsmussols.org PSA

elmussol
 Xerta 
Going to do the PHP 5.6>7.0 now, so this hub will be offline for (I hope) a short time. If not, I'll be asking questions from my Parlementum clone.
 tech
Sophie
  
Boo who?
elmussol
  
See separate thread on PhP 5.6>7.0 upgrade. Now #fixed.
Manuel
  
I love you more when you talk about music and olives ;-)
fsck, lvm, powerppc nightmare [part 1]

elmussol
 Xerta last edited: Thu, 29 Mar 2018 10:56:40 +0200  
A story first. About five years ago I resurrected a found Apple iBook G4 which had reached iOS end of life. I installed Debian PowerPC on it. I encrypted the HD using LUKS during that installation (note: misrecollection) and used lvm to provide separate /, /var, /tmp and /home partitions. I installed all the stuff needed, set XFCE as window manager and Daniel was a happy guy. He then moved to Portugal and I didn't see him for over four years.

At the end of last year he appeared out of nowhere at our place, gave me the computer said it didn't work anymore and could I do anything about it. The /home was 100.0% full, I cleared a bit off it and it seemed healthier. Ran apt-get stuff and then thought to myself "This is three editions of Debian behind and isn't getting updates for security etc".

So my plan was to run multiple apt-get dist-upgrade and get as modern as I can (Debian 8 -- PowerPC architecture has been dropped for Debian 9). First cycle goes OK, second does and I approach the last one, 7 > 8. Do the upgrade, reboot and I hit problems. Boot fails and I am dropped into an emergency shell.

At this point the olive harvest kicks in, the computer gets put down and I put it to the back of my mind. Months pass.
 tech
Beni Grind
  
Hope 64bit wont be dropped, I'm still hoping for someone to donate one of these to me ;)

https://www.raptorcs.com/TALOSII/
elmussol
  last edited: Sat, 31 Mar 2018 23:14:30 +0200  
So I last messed about with xorg.conf files about RedHat 6 and have forgotten absolutely everything I ever knew. The #debianppc channel has been deafening me with its silence, so if anyone has any fu in that direction, watch out for posts tomorrow when I will be running ideas on this thread.
Michael MD
  
looking for something to install on it anyway .. linux or freebsd

but don't know where to start with such an install on a mac.

hopefully I won't need a macosx disk because I don't have that
(work was about to throw it out years ago - they said I could take it home.
getting it home was a mission in itself, its pretty damn heavy!)
php 7 vs php 5.6

elmussol
 Xerta 
@Hubzilla Support Forum+ The machine I run this Hubzilla instance has this:

root@pendle:~# php -v                                                                                                                                                       
PHP 5.6.30-0+deb8u1 (cli) (built: Feb  8 2017 09:49:20)                                                                                                                    
Copyright (c) 1997-2016 The PHP Group                                                                                                                                      
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies                                                                                                              
    with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies


At the moment it also runs email, Nextcloud and Red Matrix (which will be taken down as soon as the Hubzilla instance is 100% ready for use).

I want to run php 7, it is an apt-get install away. What are the issues I need to think about in advance of this transition generally, and specifically with respect to Hubzilla and Red Matrix?
Andrew Manning
  
This reminds me, are the Debian dependencies listed in these detailed instructions still accurate?

My Vagrant provisioning script installs the following:

echo "Installing Apache.."
sudo apt-get install -y apache2
echo "Installing MariaDB.."
sudo apt-get install -y mariadb-server
echo "Installing git.."
sudo apt-get install -y git
echo "Installing php7.."
sudo apt-get install -y php7.0-zip php7.0-cli php7.0-curl php7.0-gd php7.0-mysql php7.0-mbstring php7.0-xml libapache2-mod-php7.0 php7.0-mcrypt
echo "Installing sendmail.."
sudo apt-get install -y mailutils sendmail-bin
Waitman Gobble
  
maybe mcrypt is a package in 7.0 but it goes away at some point in 7. it becomes just part of base php AFAIK

is sendmail still a thing? it's been years since i haven't used postfix :)
Mike Macgirvin
  
mcrypt is dead and buried.
Nextcloud: nearly there

elmussol
 Xerta last edited: Wed, 21 Mar 2018 00:08:35 +0100  
After wrestling with LetsEncrypt oddities I'm nearly there on the Nextcloud 13 install. On running the command-line install I get:

root@pendle:/var/www/nextcloud# sudo -u www-data php occ maintenance:install --database "mysql" --database-name "nextclouddb" --database-user "nextcloud" --database-pass "#############" --database-table-prefix "nc_" --admin-user "pault" --admin-pass "#############"                                                                 
Nextcloud is not installed - only a limited number of commands are available                                                                                                
Error while trying to create admin user: Failed to connect to the database: An exception occured in driver: SQLSTATE[HY000] [1045] Access denied for user 'nextcloud'@'localhost' (using password: YES)


Where should I be looking?
elmussol
  
root@pendle:/var/www/nextcloud# sudo -u www-data php occ maintenance:install --database "mysql" --database-name "nextclouddb" --database-user "nextcloud" --database-pass "########" --database-table-prefix "nc_" --admin-user "pault" --admin-pass "########" 
Nextcloud is not installed - only a limited number of commands are available
[b]Nextcloud was successfully installed[/b]


Thank you very much. I believe I owe you a pint @Michael :-)
elmussol
  
elmussol tagged elmussol's post with ⋕nextcloud
elmussol
  
elmussol tagged elmussol's post with ⋕mysql
LibreSignal

elmussol
 Xerta last edited: Wed, 21 Mar 2018 10:53:42 +0100  
Managed to get LibreSignal from F-droid working on my CyanogenMod 7 phone today. Please PM me your mobile phone number if you also do that thing and would like to be in contact that way.

#libresignal #f-droid #stillgooglefree
 tech
Seth Martin
  
You must add the Eutopia.cz F-Droid Repository before you can find it: https://eutopia.cz/fdroid/repo
Mario Vavti
  last edited: Tue, 19 Apr 2016 08:13:27 +0200  
The repo for the websocket build is https://eutopia.cz/experimental/fdroid/repo
It does not support calls though...
giac hellvecio
  
in this moment almost all my family using telegram and even a dozen friends, great progress compared to some time ago. Not everyone loves telegram, but you do not forget that is inside f-droid, so I did not need to say more, other than the fact that it is not Zuckerberg - the monopolist of internet (with google).
tech sprint (part 2)

elmussol
 Xerta last edited: Wed, 21 Mar 2018 11:37:18 +0100  
I wrote this in part 1 of this thread:

Next up: Wheezy becomes Jessie. Presently:

root@pendle:~# cat /etc/debian_version
7.9


And the attempt is happening now. Services will be down for a short time (hopefully). See you on the other side.
 tech
tech sprint (part 1)

elmussol
 Xerta last edited: Wed, 21 Mar 2018 11:30:54 +0100  
Those who know me will know that I have brief frenetic bursts of tech activity and then go and lie down in a darkened room for a while. I have a list of stuff to do.

This evening I have been updating all my dbs on my two servers from MariaDB 5.5>10.0>10.1 in preparation for a dist-upgrade from Debian Wheezy to Debian Jessie.

All went well (you're reading this right?) except that wouldn't you know OwnCloud broke. When I try and login on the web interface I get:

Internal Server Error

The server encountered an internal error and was unable to complete your request. Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report. More details can be found in the server log.

Technical details

    Remote Address: ##
    Request ID: f+E7ychwUJjdlyhZKo4G


The relevant line in the log says:

{"reqId":"f+E7ychwUJjdlyhZKo4G","remoteAddr":"XX","app":"index","message":"Exception: {\"Exception\":\"Doctrine\\\\DBAL\\\\Exception\\\\DriverException\",\"Message\":\"An exception occurred while executing 'UPDATE `oc_appconfig` SET `configvalue` = ? WHERE (`appid` = ?) AND (`configkey` = ?) AND (`configvalue` <> ?)' with params [1457221429, \\\"core\\\", \\\"lastupdatedat\\\", 1457221429]:\\n\\nSQLSTATE[HY000]: General error: 1665 Cannot execute statement: impossible to write to binary log since BINLOG_FORMAT = STATEMENT and at least one table uses a storage engine limited to row-based logging. InnoDB is limited to row-logging when transaction isolation level is READ COMMITTED or READ UNCOMMITTED.\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/DBALException.php(116): Doctrine\\\\DBAL\\\\Driver\\\\AbstractMySQLDriver->convertException('An exception oc...', Object(Doctrine\\\\DBAL\\\\Driver\\\\PDOException))\\n#1 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Connection.php(996): Doctrine\\\\DBAL\\\\DBALException::driverExceptionDuringQuery(Object(Doctrine\\\\DBAL\\\\Driver\\\\PDOMySql\\\\Driver), Object(Doctrine\\\\DBAL\\\\Driver\\\\PDOException), 'UPDATE `oc_appc...', Array)\\n#2 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/db\\\/connection.php(203): Doctrine\\\\DBAL\\\\Connection->executeUpdate('UPDATE `oc_appc...', Array, Array)\\n#3 \\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Query\\\/QueryBuilder.php(208): OC\\\\DB\\\\Connection->executeUpdate('UPDATE `*PREFIX...', Array, Array)\\n#4 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/db\\\/querybuilder\\\/querybuilder.php(121): Doctrine\\\\DBAL\\\\Query\\\\QueryBuilder->execute()\\n#5 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/appconfig.php(191): OC\\\\DB\\\\QueryBuilder\\\\QueryBuilder->execute()\\n#6 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/allconfig.php(159): OC\\\\AppConfig->setValue('core', 'lastupdatedat', 1457221429)\\n#7 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/updater.php(143): OC\\\\AllConfig->setAppValue('core', 'lastupdatedat', 1457221429)\\n#8 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/templatelayout.php(83): OC\\\\Updater->check()\\n#9 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/template.php(214): OC_TemplateLayout->__construct('user', 'files')\\n#10 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/template\\\/base.php(121): OC_Template->fetchPage()\\n#11 \\\/var\\\/www\\\/owncloud\\\/apps\\\/files\\\/index.php(161): OC\\\\Template\\\\Base->printPage()\\n#12 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/route\\\/route.php(154) : runtime-created function(1): require_once('\\\/var\\\/www\\\/ownclo...')\\n#13 [internal function]: __lambda_func(Array)\\n#14 \\\/var\\\/www\\\/owncloud\\\/lib\\\/private\\\/route\\\/router.php(291): call_user_func('\\\\x00lambda_1', Array)\\n#15 \\\/var\\\/www\\\/owncloud\\\/lib\\\/base.php(851): OC\\\\Route\\\\Router->match('\\\/apps\\\/files\\\/')\\n#16 \\\/var\\\/www\\\/owncloud\\\/index.php(39): OC::handleRequest()\\n#17 {main}\",\"File\":\"\\\/var\\\/www\\\/owncloud\\\/3rdparty\\\/doctrine\\\/dbal\\\/lib\\\/Doctrine\\\/DBAL\\\/Driver\\\/AbstractMySQLDriver.php\",\"Line\":115}","level":3,"time":"2016-03-05T23:43:49+00:00"}

I sorta get what's going on here, but could do with a little hand holding.
 tech
a[p]titude

elmussol
 Xerta last edited: Wed, 21 Mar 2018 11:47:51 +0100  
This made me giggle for ages and ages.

Another World is PossibleAnother World is Possible wrote the following post Sat, 28 Jun 2014 14:50:16 +0200
Image/photo
tidying up OwnCloud

elmussol
 Xerta last edited: Wed, 21 Mar 2018 12:32:32 +0100  
So in my eternal quest to get a sorted out OwnCloud install, I have started to work through the errors I'm getting. I get the following message:

OwnCloud admin page wrote:
The "Strict-Transport-Security" HTTP header is not configured to least "15768000" seconds. For enhanced security we recommend enabling HSTS as described in our security tips.


Security tips says:

Enable HTTP Strict Transport Security

While redirecting all traffic to HTTPS is good, it may not completely prevent man-in-the-middle attacks. Thus administrators are encouraged to set the HTTP Strict Transport Security header, which instructs browsers to not allow any connection to the ownCloud instance using HTTP, and it attempts to prevent site visitors from bypassing invalid certificate warnings.

This can be achieved by setting the following settings within the Apache VirtualHost file:

<VirtualHost *:443>
   ServerName cloud.owncloud.com
   Header always add Strict-Transport-Security "max-age=15768000"
</VirtualHost>


This requires the mod_headers extension in Apache.


So I'm looking for how to accomplish this in nginx.
Michael
  
Think this will include self-signed cert warnings?

I had the same thought. Don't know, but sounds like it would.
Mike Macgirvin
  
A self-signed cert is technically invalid as it will not offer any protection against MITM.
elmussol
  last edited: Wed, 21 Mar 2018 12:31:32 +0100  
Any thoughts on apc/apcu from anyone?
PHP help

elmussol
 Xerta last edited: Wed, 21 Mar 2018 13:30:48 +0100  
Putting my very first PHP into a page and I have slightly confused myself. I've taken someone else's snippet and forming to my own purposes. So three variables $name, $email and $skype that are sent by email. I want one line of the email to be a comma-delimited line of the variables for easy copy and paste purposes into a CSV file that's being imported into a spreadsheet. I am using the concatenate operator and came up with this:

"Data: " . $name . "," . $email . "," $skype . "\n\n" . $otherstuff;

but it's choking on the commas I think.

How should thus be done?
 tech  PHP
Waitman Gobble
  
it's missing a contatenation,
"," $skype

should be
"," . $skype

You should probably escape quotes in strings and quote the strings.

function esq($v)
{
return str_replace('"','""',$v);
}

echo 'data: "'.esq($v).'","'.esq($email).'","'.esq($skype).'","'."\n\n".$otherstuff;
Waitman Gobble
  last edited: Tue, 14 Jul 2015 04:53:56 +0200  
oops, thomas' message was obscured in the fold, i missed it :)
elmussol
  
Thanks all.
webpage questions

elmussol
 Xerta last edited: Wed, 21 Mar 2018 13:41:37 +0100  
I've been asked to put a single static webpage together for someone, which shouldn't be too problematic. However there will be four domains all point at this one page and I was wondering the best way to accomplish this. So it will look like domain1, domain2, domain3 and domain4 all end up at domain1/index.html. It will be on a machine that runs nginx and I do have access to DNS.

It strikes me that I could have four sites enabled in /etc/nginx/sites-enabled/ with redirects in domain2.conf, domain3.conf and domain4.conf (I would appreciate a sample conf if this is the way to go) or I could do this at the DNS level.

Thoughts and pointers appreciated.
 tech
I am unimpressed by my cat

elmussol
 Xerta last edited: Wed, 21 Mar 2018 14:07:42 +0100  
Much as I love my cat, Nunka, generally -- I have cursed her mightily today. During the night last night she fell asleep on my laptop keyboard causing a shutdown through overheating. The fsck on reboot this morning did not go well and I spent a good portion of (an already busy) today untangling hard disk mess.
 tech  life
Katze(eu) Von Links
 from Diaspora
my cat shows no interest in computers, he rather brings in life mice instead
satipera
  
@adam robertson.  is your mrs allergic to cat saliva? i am and it is potent. it dries to dust on their coats and is then inhaled. too long in a cat house can make me vomit
elmussol
  last edited: Wed, 21 Mar 2018 13:50:33 +0100  
@Katze(eu) Von Links She does that as well. Also lizards and sometimes small birds.
things I've learned this week

elmussol
 Xerta last edited: Wed, 21 Mar 2018 20:13:36 +0100  
1: Do not take on any web/email/suchlike thing when you don't have control of the DNS.

2: I am now sufficiently technically proficient to run multi-domains on my email server and know when it didn't work that it wasn't my fault and that DNS was the problem.
 tech
I have not got an iPad

elmussol
 Xerta last edited: Wed, 21 Mar 2018 20:14:46 +0100  
However, I have a completely non-techy friend who has bought new one (against my advice I might add) -- completely bewildered by it she came for a visit today and I was called on for advice.

Stupid behaviour 1: in Safari I click on a link to a file foo.mp4 and it starts to buffer in a video player. I would like to download the file. How on earth do you get it to do this simple piece of browser functionality?
 tech
elmussol
  
lock-tables failure on backup

elmussol
 Xerta last edited: Wed, 21 Mar 2018 21:20:39 +0100  
I'm working on backing up the data from my redmatrix install into my backupninja routine. This is what my friendica db backup recipe looks like:

root@pendle:/etc/backup.d# cat 20.friendica.mysql 
### backupninja MySQL config file ###

# hotcopy = < yes | no > (default = no)
# make a backup of the actual database binary files using mysqlhotcopy.
hotcopy = no

# sqldump = < yes | no > (default = no)
# make a backup using mysqldump. this creates text files with sql commands
# sufficient to recontruct the database.
#
sqldump = yes

# sqldumpoptions = <options>
# (default = --lock-tables --complete-insert --add-drop-table --quick --quote-names)
# arguments to pass to mysqldump
# sqldumpoptions = --add-drop-table --quick --quote-names

# compress = < yes | no > (default = yes)
# if yes, compress the sqldump output.
compress = no

# dbhost      = <host> (default = localhost)


# backupdir = <dir> (default: /var/backups/mysql)
# where to dump the backups. hotcopy backups will be in a subdirectory
# 'hotcopy' and sqldump backups will be in a subdirectory 'sqldump'
backupdir = /var/backups/mysql

# databases = <all | db1 db2 db3 > (default = all)
# which databases to backup. should either be the word 'all' or a
# space separated list of database names.
databases =  dbname

dbusername = dbuser
dbpassword = password


So if I change databases, dbusername and dbpassword correctly to make a redmatrix recipe i get the following error message:

== warnings from /etc/backup.d/21.red.mysql ==

Info: Initializing SQL dump method
Warning: mysqldump: Got error: 1044: "Access denied for user 'dbusername'@'localhost' to database 'dbname'" when using LOCK TABLES
Warning: Failed to dump mysql databases dbname


Is there a good reason why the --lock-tables option would workon a friendica db and not a red one?
 tech
elmussol
  last edited: Wed, 21 Mar 2018 21:22:06 +0100  
Backup user made and backup ninja recipe edited. I will report tomorrow after the cronjob triggers while I'm asleep.
domain registrations

elmussol
 Xerta last edited: Wed, 21 Mar 2018 23:37:40 +0100  
My domain registrations ran out today, but this is apparently still working though my email doesn't. I will have some money in the bank tomorrow, so they'll get renewed (down from last year's downtime for those paying attention).

Apologies to red.elsmussols.net users and for queue strain on other hubs.
 tech  life
elmussol
  last edited: Wed, 21 Mar 2018 23:38:15 +0100  
Back.
surprising behaviour

elmussol
 Xerta last edited: Thu, 22 Mar 2018 00:11:06 +0100  
Even after a number of bits that have made me struggle and some help along the way from helpful folks, I have managed to transition from apache to nginx and get three sites set up all with certificates working in less than two days. This for me is verging on techno-wizardry. I better stop for the day before I break something.

Thank you to everyone who has helped.
 tech  life
techsprint continues

elmussol
 Xerta last edited: Thu, 22 Mar 2018 00:16:42 +0100  
So the elsmussols.net techsprint continues. Both red. and friend.elsmussols.net are functioning well under nginx. Next up is owncloud. I have ownclowd7 installed on the server, nginx configured using owncloud nginx config, with corrected typos in line 47.

When i visit my install wizard page, I get in my browser:

502 Bad Gateway
nginx/1.6.2


I have restarted the php5-fpm daemon and am getting lines like this in /var/log/nginx/error.log:

2014/10/07 17:32:08 [error] 4310#0: *5 connect() failed (111: Connection refused) while connecting to upstream, client: 87.111.155.14, server: owncloud.elsmussols.net, request: "GET /owncloud HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "owncloud.elsmussols.net"

Which obviously points to the first four lines of the sample config, but I have no clue what's wrong. Pointers as always appreciated.
 life  tech
elmussol
  last edited: Thu, 22 Mar 2018 00:14:28 +0100  
The owncloud doc site needs a proof reader.
elmussol
  
nginx/ssl setup

elmussol
 Xerta last edited: Thu, 22 Mar 2018 00:13:49 +0100  
Today's the day and I am just fiddling with the nginx config file for red. My SSL cert is a proper one from gandi and here are the contents of /etc/nginx/ssl:

root@pendle:/etc/nginx/ssl# ls -al
total 24
drwxr-xr-x 2 root root 4096 Oct  6 13:27 .
drwxr-xr-x 6 root root 4096 Oct  6 13:26 ..
-rw-r--r-- 1 root root 1667 Oct  6 13:27 GandiStandardSSLCA.pem
-r-------- 1 root root 1769 Oct  6 13:27 red.elsmussols.net.crt
-rw-r--r-- 1 root root 1054 Oct  6 13:27 red.elsmussols.net.csr
-r-------- 1 root root 1704 Oct  6 13:27 red.elsmussols.net.key


So this line is easy:

ssl_certificate_key /etc/nginx/ssl/red.elsmussols.net.key;


But I am unsure how this line should read:

ssl_certificate /etc/nginx/ssl/red.example.net.chain.pem;
 red  tech
move from apache to nginx

elmussol
 Xerta last edited: Thu, 22 Mar 2018 00:20:20 +0100  
I had a visit from Dan at the weekend and he has persuaded me to move from apache to nginx. One look at the config files persuaded me -- I had a clue what was going on. Scenario is this: red (proper cert) and friendica (self-signed) and owncloud (self-signed) all on the same box.

I'm going to attempt:

aptitude remove apache2 && aptitude install nginx

Any big gotchas foreseen for that kind of plan? (I expect the answer yes which is why I'm asking first.)

#nginx #apache
 tech  nginx  apache
elmussol
  last edited: Thu, 22 Mar 2018 00:19:39 +0100  
It worked.