NethServer Version: 8 Beta
Module: Admin Page, Webtop and Nextcloud
Hi Friends,
after the last cor update from yesterday it’s no longer possible to get access to the cluster-admin page and also webtop and nextcloud. 404 page not found That is all what i can see.
Regards
Uwe
Hi@davidep,
here is the output of the above commands:
root@ns8.xxx.xx's password:
Last login: Fri Sep 1 13:23:44 2023 from 192.168.154.77
[root@ns8 ~]# systemctl restart redis
[root@ns8 ~]# systemctl status redis
● redis.service - Core Redis DB
Loaded: loaded (/etc/systemd/system/redis.service; enabled; preset: disabl>
Active: active (running) since Fri 2023-09-01 13:26:43 CEST; 27s ago
Docs: https://github.com/NethServer/ns8-core
Process: 12335 ExecStartPre=/bin/rm -f /run/redis.pid /run/redis.cid (code=>
Process: 12336 ExecStart=/usr/bin/podman run --conmon-pidfile=/run/redis.pi>
Process: 12355 ExecStartPost=/usr/local/bin/redis-wait-ready --retries 30 ->
Process: 12360 ExecStartPost=/usr/local/bin/acl-load (code=exited, status=0>
Process: 12361 ExecStartPost=/usr/local/sbin/apply-vpn-routes (code=exited,>
Main PID: 12347 (conmon)
Tasks: 1 (limit: 48948)
Memory: 700.0K
CPU: 910ms
CGroup: /system.slice/redis.service
└─12347 /usr/bin/conmon --api-version 1 -c e3b146980f48258420b890b>
Sep 01 13:26:42 ns8.xxx.xx redis[12347]: 1:M 01 Sep 2023 11:26:42.918 * Done >
Sep 01 13:26:42 ns8.xxx.xx redis[12347]: 1:M 01 Sep 2023 11:26:42.918 * DB lo>
Sep 01 13:26:42 ns8.xxx.xx redis[12347]: 1:M 01 Sep 2023 11:26:42.918 * Ready>
Sep 01 13:26:43 ns8.xxx.xx redis[12360]: ACLs loading skipped on the leader n>
Sep 01 13:26:43 ns8.xxx.xx redis[12361]: wg set wg0 peer QjssDrMxxNuRAU+SIFva>
Sep 01 13:26:43 ns8.xxx.xx redis[12361]: Address 192.168.154.108 is not route>
Sep 01 13:26:43 ns8.xxx.xx redis[12361]: ip route replace 10.5.4.1 nexthop de>
lines 1-23...skipping...
● redis.service - Core Redis DB
Loaded: loaded (/etc/systemd/system/redis.service; enabled; preset: disabled)
Active: active (running) since Fri 2023-09-01 13:26:43 CEST; 27s ago
Docs: https://github.com/NethServer/ns8-core
Process: 12335 ExecStartPre=/bin/rm -f /run/redis.pid /run/redis.cid (code=exited, status=0/SUCCESS)
Process: 12336 ExecStart=/usr/bin/podman run --conmon-pidfile=/run/redis.pid --cidfile=/run/redis.cid --cgroups=no-conmon --detach --log-opt=tag=redis --replace --name=redis --network=host --volume=redis-data:/data ${REDIS_IMAGE} (c>
Process: 12355 ExecStartPost=/usr/local/bin/redis-wait-ready --retries 30 --period 1 (code=exited, status=0/SUCCESS)
Process: 12360 ExecStartPost=/usr/local/bin/acl-load (code=exited, status=0/SUCCESS)
Process: 12361 ExecStartPost=/usr/local/sbin/apply-vpn-routes (code=exited, status=0/SUCCESS)
Main PID: 12347 (conmon)
Tasks: 1 (limit: 48948)
Memory: 700.0K
CPU: 910ms
CGroup: /system.slice/redis.service
└─12347 /usr/bin/conmon --api-version 1 -c e3b146980f48258420b890b71e5335799f39f928f5158d3ab9b203623a1c25e8 -u e3b146980f48258420b890b71e5335799f39f928f5158d3ab9b203623a1c25e8 -r /usr/bin/crun -b /var/lib/containers/storage>
Sep 01 13:26:42 ns8.xxx.xx redis[12347]: 1:M 01 Sep 2023 11:26:42.918 * Done loading RDB, keys loaded: 148, keys expired: 0.
Sep 01 13:26:42 ns8.xxx.xx redis[12347]: 1:M 01 Sep 2023 11:26:42.918 * DB loaded from disk: 0.001 seconds
Sep 01 13:26:42 ns8.xxx.xx redis[12347]: 1:M 01 Sep 2023 11:26:42.918 * Ready to accept connections
Sep 01 13:26:43 ns8.xxx.xx redis[12360]: ACLs loading skipped on the leader node
Sep 01 13:26:43 ns8.xxx.xx redis[12361]: wg set wg0 peer QjssDrMxxNuRAU+SIFvaY4e6co9KRdRpTO9jJeysMAk= persistent-keepalive 25 allowed-ips 192.168.154.108,10.5.4.1 endpoint 127.0.0.1:55820
Sep 01 13:26:43 ns8.xxx.xx redis[12361]: Address 192.168.154.108 is not routed through VPN
Sep 01 13:26:43 ns8.xxx.xx redis[12361]: ip route replace 10.5.4.1 nexthop dev wg0
Sep 01 13:26:43 ns8.xxx.xx redis[12361]: wg-quick save wg0
Sep 01 13:26:43 ns8.xxx.xx redis[12380]: [#] wg showconf wg0
Sep 01 13:26:43 ns8.xxx.xx systemd[1]: Started Core Redis DB.
Regards…
Uwe
davidep
(Davide Principi)
September 1, 2023, 3:04pm
4
I guess the last core update was for Traefik 1.1.0: could you attach the Traefik configuration?
You can find it with
find /home/traefik*/.config/state/
For instance,
[root@cs1 ~]# find /home/traefik*/.config/state/
/home/traefik1/.config/state/
/home/traefik1/.config/state/CACHEDIR.TAG
/home/traefik1/.config/state/environment
/home/traefik1/.config/state/agent.env
/home/traefik1/.config/state/traefik.yaml
/home/traefik1/.config/state/selfsigned.key
/home/traefik1/.config/state/selfsigned.crt
/home/traefik1/.config/state/configs
/home/traefik1/.config/state/configs/_api_server.yml
/home/traefik1/.config/state/configs/_http2https.yml
/home/traefik1/.config/state/configs/_default_cert.yml
/home/traefik1/.config/state/configs/_api.yml
/home/traefik1/.config/state/custom_certificates
If you prefer, send me a PM to access your server and do the check by myself.
Here we have the output:
[root@ns8 ~]# find /home/traefik*/.config/state/
/home/traefik1/.config/state/
/home/traefik1/.config/state/CACHEDIR.TAG
/home/traefik1/.config/state/environment
/home/traefik1/.config/state/agent.env
/home/traefik1/.config/state/traefik.yaml
/home/traefik1/.config/state/selfsigned.key
/home/traefik1/.config/state/selfsigned.crt
/home/traefik1/.config/state/configs
/home/traefik1/.config/state/configs/mail1-rspamd-route.yml
/home/traefik1/.config/state/configs/_api_server.yml
/home/traefik1/.config/state/configs/_http2https.yml
/home/traefik1/.config/state/configs/_default_cert.yml
/home/traefik1/.config/state/configs/_api.yml
/home/traefik1/.config/state/configs/collabora1.yml
/home/traefik1/.config/state/configs/mattermost1.yml
/home/traefik1/.config/state/configs/nextcloud1.yml
/home/traefik1/.config/state/configs/webtop1.yml
/home/traefik1/.config/state/configs/mail1-rspamd.yml
/home/traefik1/.config/state/custom_certificates
davidep
(Davide Principi)
September 1, 2023, 4:24pm
6
Ok send me the contents of those files
Ok,
the content is hidden. Found it. Will edit it tomorrow.
davidep
(Davide Principi)
September 4, 2023, 10:18am
10
Good news, @transocean I reproduced the issue on a clean installation.
I started with core 1.3.1, traefik 1.0.0, then I installed NextCloud, Collabora, Mail. After core upgrade (Traefik 1.1.0) I got 404 from installed apps.
I didn’t find any relevant error message in the log. BTW, the cluster-admin is still accessible /cc @giacomo
1 Like
giacomo
(Giacomo Sanchietti)
September 4, 2023, 11:56am
11
This should be the manual fix:
diff -u .config/state/configs/mail1-rspamd.yml.ori .config/state/configs/mail1-rspamd.yml
--- .config/state/configs/mail1-rspamd.yml.ori 2023-09-04 11:55:38.549704045 +0000
+++ .config/state/configs/mail1-rspamd.yml 2023-09-04 11:55:51.472723883 +0000
@@ -2,7 +2,6 @@
middlewares:
mail1-rspamd-auth:
forwardAuth:
- tls: 'False'
address: http://127.0.0.1:9311/api/module/mail1/http-basic/authorize-rspamd
mail1-rspamd-stripprefix:
stripPrefix:
I’m working on an automatic fix.
PR: redis2yaml: handle forwardauth middleware by gsanchietti · Pull Request #40 · NethServer/ns8-traefik · GitHub
4 Likes
Ok, friends of the sun…
Since the NS8 runs on a Proxmox here, the inexperienced user has of course a backup and that times quickly played back again. Now everything looks nice again. I wait then for the fix announced by @giacomo .
Regards
Uwe
giacomo
(Giacomo Sanchietti)
September 5, 2023, 7:34am
13
Thank you for your time Uwe.
If you already updated, you should manually fix the mail1-rspamd.yml
file.
Otherwise, if you have a working system, you need to enable the testing packages and update the core.
The traefik package with the fix is the 1.1.1-beta.2
.
1 Like
@giacomo :
Everything looks good after the update. Thank you.
2 Likes