Language:
switch to room list switch to menu My folders
Go to page: 1 2 [3] 4 5 6 7 ... Last
[#] Thu Jan 13 2022 18:05:31 EST from IGnatius T Foobar

Subject: Re: how do i upgrade Citadel?

[Reply] [ReplyQuoted] [Headers] [Print]

sorry for such a noob question, but i have looked at the faq and
documentation...i don't see any mention of upgrades...so how do i do
it?

Depends on how you initially installed it.

If you originally used Easy Install, just run Easy Install again and it will do the right thing.

If you have the Docker image, just erase it and install the new image, and point it at your existing data directory.

Or if you used the Debian packages ... you've got some work to do because they're no longer maintained.

[#] Mon Jan 17 2022 14:37:39 EST from Nurb432

Subject: Proxies

[Reply] [ReplyQuoted] [Headers] [Print]

Ok so starting back up on trying to get a reverse proxy running here so i can everything on port 80 ( and 443 ), and just use DNS names to redirect internally.

For the most part its all setup again and was going down the list of apps to change over to 80. Got to citadel and i did a easy install/upgrade ( needed it anyway ) and switched it native from 8080 to 80.   Works fine locally, or if change my router to not use the proxy and just redirect 8080 to 80. But if i hit it from the via proxy i get the below mess instead.  ( and this worked last time i tried, but script kiddies were pounding my ports and killing the proxy )

Something obvious i'm missing before i waste a lot of time beating my head against the desk?

 

ya, i know, url is in the image, i dont care now, its public. . and no, not tackled ssl yet. I wanted to get everything running "regular" first.  

 

 

 

 



[#] Tue Jan 18 2022 11:12:05 EST from IGnatius T Foobar

Subject: Re: Proxies

[Reply] [ReplyQuoted] [Headers] [Print]

That looks like your browser failed to load the stylesheet. How are you proxying the traffic?

[#] Tue Jan 18 2022 18:09:14 EST from Nurb432

Subject: Re: Proxies

[Reply] [ReplyQuoted] [Headers] [Print]

Tinyproxy, configured to be a reverse proxy only.  Stock config other than disabling forward proxy, adding the redirects, and adding a few extra threads. My other 3 apps, plus a extra 'test' one that was just listing the calling URL, are working at this point.

It worked last time i tried this, other than script kiddies flooding my port 80 and causing the proxy to die after about 10 minutes so i gave up at the time.   But it was a good year or 2 ago, so an older version of citadel. 



[#] Wed Jan 19 2022 09:32:57 EST from IGnatius T Foobar

Subject: Re: Proxies

[Reply] [ReplyQuoted] [Headers] [Print]

I'm more interested in what conditions are configured to cause an HTTP connection to be forwarded to WebCit. Are you doing it by name, by path, by port, something else...?

[#] Wed Jan 19 2022 13:06:50 EST from platonov

Subject: User SYS_Citadel is not getting autopurged

[Reply] [ReplyQuoted] [Headers] [Print]

SYS_Citadel used to get autopurged during the daily run.
 
As Aide room message shows:
 
The following users have been auto-purged:
SYS_Citadel
 
But a few days ago it stopped getting autopurged. Is it a problem that needs to be taken care of or is it just a mild obscurity?

Syslog has this when it works correctly.:

Jan  9 03:00:05 serv citserver[645]: Auto-purger: starting.
Jan  9 03:00:05 serv citserver[645]: citserver[645]: user_ops: <SYS_Citadel> is logged in; not deleting
Jan  9 03:00:05 serv citserver[645]: user_ops: <SYS_Citadel> is logged in; not deleting
Jan  9 03:00:05 serv citserver[645]: citserver[645]: Purged 1 users.
Jan  9 03:00:05 serv citserver[645]: Purged 1 users.
Jan  9 03:00:06 serv citserver[645]: citserver[645]: Expired 645 messages
 
and here is when SYS_Citadel is not getting autopurged.
 
Jan 19 03:00:57 server citserver[15494]: citserver[15494]: Auto-purger: starting.
Jan 19 03:00:57 server citserver[15494]: citserver[15494]: Purged 0 users.
Jan 19 03:00:57 server citserver[15494]: context: scheduled 1 idle sessions for termination
Jan 19 03:00:57 server citserver[15494]: Auto-purger: starting.
Jan 19 03:00:57 server citserver[15494]: Purged 0 users.
Jan 19 03:00:57 server citserver[15494]: citserver[15494]: context: [18720]SRV[SMTP-MTA] Session ended.
Jan 19 03:00:57 server citserver[15494]: context: [18720]SRV[SMTP-MTA] Session ended.
Jan 19 03:00:59 server citserver[15494]: citserver[15494]: Expired 1011 messages.
 
What is the meaning of  SYS_Citadel user and why does it or does it not autopurged.
 


[#] Wed Jan 19 2022 16:49:49 EST from Nurb432

Subject: Re: Proxies

[Reply] [ReplyQuoted] [Headers] [Print]

it forwards external name to internal IP.   Retains the same port.

 

However it may be moot, tinyproxy is crashing again after too many sessions. Bumped up resources and ti runs about 3 hours then poof it dies. I'm thinking i'm going to read up on ngnix, set that up and see if it can handle the flood better.

Wed Jan 19 2022 09:32:57 AM EST from IGnatius T Foobar Subject: Re: Proxies
I'm more interested in what conditions are configured to cause an HTTP connection to be forwarded to WebCit. Are you doing it by name, by path, by port, something else...?

 



[#] Thu Jan 20 2022 18:47:40 EST from UnexampledSalt

Subject: Easy Install of fresh Ubuntu server ONLY listens on IPv6

[Reply] [ReplyQuoted] [Headers] [Print]

Hello all,

I just stumbled upon this tool and love what it appears to do, so I thought I would give it a shot!

I spun up a new Ubuntu VPS, ran all my updates and upgrades, then ran the Easy Install!

I went through all the setup steps and selected '*' to listen on both IPv4 and IPv6 interfaces. When Citadel started I was not able to access it. I checked my netstat and all of the cit services are ONLY listening on IPv6. I know this server has an IPv4 interface, as that is the address I am using to SSH to it. Any ideas why it would only be using IPv6?



[#] Thu Jan 20 2022 19:39:58 EST from IGnatius T Foobar

Subject: Re: User SYS_Citadel is not getting autopurged

[Reply] [ReplyQuoted] [Headers] [Print]

and here is when SYS_Citadel is not getting autopurged.

For now, don't worry about it. We're actually trying to get rid of SYS_Citadel so you don't see it anymore.

[#] Thu Jan 20 2022 19:43:02 EST from IGnatius T Foobar

Subject: Re: Easy Install of fresh Ubuntu server ONLY listens on IPv6

[Reply] [ReplyQuoted] [Headers] [Print]

I went through all the setup steps and selected '*' to listen on both
IPv4 and IPv6 interfaces. When Citadel started I was not able to
access it. I checked my netstat and all of the cit services are ONLY
listening on IPv6. I know this server has an IPv4 interface, as that
is the address I am using to SSH to it. Any ideas why it would only
be using IPv6?

That may be misleading. On a Linux system (unlike, say, OpenBSD) listening on IPv6 with an address like "*" will also make it listen on IPv4. Can you post the output of "ss -lt" so we can see where it thinks it's listening?

I suspect the problem might be somewhere else.

[#] Thu Jan 20 2022 19:47:04 EST from UnexampledSalt

Subject: Re: Easy Install of fresh Ubuntu server ONLY listens on IPv6

[Reply] [ReplyQuoted] [Headers] [Print]

It does appear to be listening on all interfaces...hmm...

Found it. It was UFW. That is usually disabled on Ubuntu installs by default.

I allowed 80 and 443 through the firewall and we are all good! Thanks!



[#] Fri Jan 21 2022 19:51:43 EST from IGnatius T Foobar

Subject: Re: Easy Install of fresh Ubuntu server ONLY listens on IPv6

[Reply] [ReplyQuoted] [Headers] [Print]

Glad to hear you got it working. And I'm somewhat alarmed that UFW didn't protect IPv6!

[#] Sun Jan 23 2022 10:35:30 EST from Nurb432

Subject: Proxies redux

[Reply] [ReplyQuoted] [Headers] [Print]

For what its worth, i switched to using Apache as the reverse proxy, things are ok now. 

Tried to use Pound after Tinyproxy, and while i think it woudl work ( and is small, etc ) but it does a https redirect on every call, and it seems you cant turn it off.   Sure, that might be the 'best' way these days, and one should never do anything that isn't SSL, but until i have certs on everything that breaks me.

 



[#] Wed Jan 26 2022 11:28:56 EST from jcolson

Subject: docker installf

[Reply] [ReplyQuoted] [Headers] [Print]

So I quickly followed the directions in the docs in regards to the docker install (which there are no -p docs for it seems?) and I have the server up and running, but logging into it interactively and trying to run setup results in an error that 'setup could not connect to a running citadel server.: No such file or directory citadel-admin.socket'.  How does one 'setup' the docker container install?

sorry if  I missed the docs on this somewhere!

 

 



[#] Wed Jan 26 2022 12:17:00 EST from Jay

Subject: Re: docker installf

[Reply] [ReplyQuoted] [Headers] [Print]

 

Wed Jan 26 2022 11:28:56 AM EST from jcolson Subject: docker installf

So I quickly followed the directions in the docs in regards to the docker install (which there are no -p docs for it seems?) and I have the server up and running, but logging into it interactively and trying to run setup results in an error that 'setup could not connect to a running citadel server.: No such file or directory citadel-admin.socket'.  How does one 'setup' the docker container install?

sorry if  I missed the docs on this somewhere!

 

 



nevermind!  got the setup to work, see the default password is 'citadel' ...  duh ...

 

cheers ..



[#] Wed Jan 26 2022 14:59:05 EST from IGnatius T Foobar

Subject: Re: docker installf

[Reply] [ReplyQuoted] [Headers] [Print]

Correct, there is no setup step on the Docker version, it is already running and you just log into it.

Help me out here, what is a "-p doc" ?

[#] Thu Jan 27 2022 05:29:46 EST from Jay

Subject: Re: docker installf

[Reply] [ReplyQuoted] [Headers] [Print]

 

Wed Jan 26 2022 02:59:05 PM EST from IGnatius T Foobar Subject: Re: docker installf
Correct, there is no setup step on the Docker version, it is already running and you just log into it.

Help me out here, what is a "-p doc" ?

apologies ...  -p (parameters that you pass docker run ...)

thanks!

also, just a heads up, looks like the link for the 'example customized login screen' on https://www.citadel.org/documentation.html is incorrect ... it links to the same link as 'sample customized room view' ...

Cheers,

Jay



[#] Fri Jan 28 2022 18:37:02 EST from IGnatius T Foobar

Subject: Re: docker installf

[Reply] [ReplyQuoted] [Headers] [Print]

apologies ...  -p (parameters that you pass docker run ...)

Thanks for pointing that out. I have amended https://www.citadel.org/docker.html with a section documenting all of the optional flags.

also, just a heads up, looks like the link for the 'example customized login screen' on https://www.citadel.org/documentation.html is incorrect ... it links to the same link as 'sample customized room view' ...

Thanks for pointing that out too.   There were a bunch of obsolete links in that section and I have removed them.



[#] Sun Jan 30 2022 09:57:15 EST from mailman

Subject: Two questions: Encryption on rest and Relays

[Reply] [ReplyQuoted] [Headers] [Print]

Hi all,

I'm just about to set up a personal email server, and am considering Citadel, but have two questions.

1) Is it possible to set up "encryption on rest" (what I mean by this is that any unencrypted emails that land on the server are encrypted using a GPG key)?

2) I'm planning on having a local server on a Raspberry Pi and a remote server on a VPS (both Citadel). Any emails I send should go to my local server, get forwarded to the remote server and then sent to their intended recipient. Any emails sent to me should be sent to the remote server, and then forwarded to my local server. Basically I want the remote server to act as a private relay (which doesn't permanently store any messages, just sends them where they have to go). I saw https://www.citadel.org/relay.html but that doesn't seem to be about what I'm trying to do. Is a set up like this possible?

:)



[#] Sun Jan 30 2022 11:47:41 EST from IGnatius T Foobar

Subject: Re: Two questions: Encryption on rest and Relays

[Reply] [ReplyQuoted] [Headers] [Print]


1) There's no support for encryption-at-rest in the message store itself.
You might consider just encrypting the volume that it runs on? I don't know your specific situation but maybe that would work.

2) If you need to relay both inbound and outbound mail through an external relay, then your "local" server should be a Citadel, but the "external" server should not. You can use postfix or whatever your favorite traditional MTA is. The configuration would be something like this:

* For outbound mail, follow the smart host instructions at https://www.citadel.org/relay.html

* For inbound mail, configure the external server to relay your domain's mail to the Citadel server. If you are running Citadel from a dynamic or unpublished address then maybe configure a Wireguard tunnel to be initiated by the private server and then point the mail towards your end of the tunnel, so when the tunnel is up, the mail queue will be sent to it.


This type of setup used to be very common back in the days when a lot of sites had demand-dialed Internet connections.

Go to page: 1 2 [3] 4 5 6 7 ... Last