Language:
switch to room list switch to menu My folders
Go to page: [1] 2 3 4 5 ... Last
↑↑↑ Old messages ↑↑↑            ↓↓↓ New messages ↓↓↓
[#] Fri Dec 11 2015 05:43:35 EST from dothebart @ Uncensored

Subject: Re: Good day. I have a question...

[Reply] [ReplyQuoted] [Headers] [Print]

the centos rpms are availabe via suse OBS. You can download them via http and install them manually.

or you demand access to the obs repositories.



[#] Sat Dec 12 2015 11:55:20 EST from nnnn20430 @ Uncensored

Subject: https

[Reply] [ReplyQuoted] [Headers] [Print]

to admins of uncensored.citadel.org

you have some weird expired cert on https://uncensored.citadel.org which expires on 04/11/1906 for some reason

why not get a trusted cert that doesn't give a warning to everyone that visits the page using https://letsencrypt.org/

it's free!, you just install their python program on the server and just run the command including all domains you want and get a cert, and to renew just run it again.

example: $ letsencrypt certonly -d citadel.org,uncensored.citadel.org

and make link in your server to use certs at /etc/letsencrypt/live/citadel.org



[#] Sat Dec 12 2015 14:50:01 EST from "Robert J. Clay" <rjclay@gmail.com> to citadel_support@citadel.org

Subject: Errors: "pthread_create() : Cannot allocate memory" ?

[Reply] [ReplyQuoted] [Headers] [Print]

All,

  Anyone have a idea what might be causing periodic errors like following on a Debian v8 Linux Container system:

-----<cut>---------------------------------
Broadcast message from systemd-journald@mailus (Sat 2015-12-12 09:02:11 EST):

citserver[9951]: pthread_create() : Cannot allocate memory


Message from syslogd@mailus at Dec 12 09:02:11 ...
 citserver[9951]: pthread_create() : Cannot allocate memory
-----<cut>---------------------------------

  This is with Debian package version  08.24-1-b3 on an amd64 system (which was apparently rebuilt with  libical >= 1.0-1.2).




--
Robert J. Clay
rjclay@gmail.com


[#] Sun Dec 13 2015 16:32:41 EST from platonov @ Uncensored

Subject: Webcit SSL access with Apache HTTP server running

[Reply] [ReplyQuoted] [Headers] [Print]

I just read a post about trusted cert that doesn't give a warning to everyone that visits the page using https://letsencrypt.org/ here.

The question I have is after I configured the letsencrypt for Apache server and I can access the site via https address, and, since I also want to use the https to webcit, then what do I do to make sure the https access to that domain is served by the webcit and not by Apache?

One alternative seems to be to change the webcit port for https access to something other than 443.

How do I do that?

Another one is to disable the Apache serving the https requests, so that when domain is accessed as secure site, it is automatically served by the webcit, and not apache. In that case, how do I configure the letsencrypt certificates that work for that domain to work with webcit instead?

Thanx in advance.



[#] Sun Dec 13 2015 16:50:15 EST from "nnnn20430" <nnnn20430@mindcraft.si.eu.org> to citadel_support@citadel.org

Subject: Re: [Citadel Support] Webcit SSL access with Apache HTTP server running

[Reply] [ReplyQuoted] [Headers] [Print]

i my self use nginx and have a special subdomain for webcit to be
citadel.domain and then i simply reverse proxy that subdomain to local
webcit
you can run that webcit on plain http doesn't matter cause it's local, i
have it running with ssl on port 2443... but you can use any other port
and don't need ssl...

i don't use letsencrypts auto configuration option, just use the
certonly option it places all certs in standard location, the main
domain will be the first domain specified in the cli and certs will be
placed in /etc/letsencrypt/live/domain/

then just create link in your servers config to
/etc/letsencrypt/live/domain/ and use that

so just do $ letsencrypt certonly -d mydomain,citadel.mydomain
or something like that and configure your server to reverse proxy it to
webcit when $host is ^citadel.*

On 12/13/2015 10:32 PM, platonov wrote:

I just read a post about trusted cert that doesn't give a warning to
everyone that visits the page using https://letsencrypt.org/ here.

The question I have is after I configured the letsencrypt for Apache
server and I can access the site via https address, and, since I also
want to use the https to webcit, then what do I do to make sure the
https access to that domain is served by the webcit and not by Apache?

One alternative seems to be to change the webcit port for https access
to something other than 443.

How do I do that?

Another one is to disable the Apache serving the https requests, so
that when domain is accessed as secure site, it is automatically
served by the webcit, and not apache. In that case, how do I configure
the letsencrypt certificates that work for that domain to work with
webcit instead?

Thanx in advance.

[#] Sun Dec 13 2015 17:34:53 EST from platonov @ Uncensored

Subject: Re: [Citadel Support] Webcit SSL access with Apache HTTP server running

[Reply] [ReplyQuoted] [Headers] [Print]

Thanx a lot for quick followup.
Just one question:
Since I am not exactly a sysadmin type of a guy, what exactly do I need to do on Ubuntu 14.10 server to reverse proxy citadel subdomain?
It looks like some Apache configuration to me. Is it done in /etc/apache2/sites-enabled/domain_name?
If so, do I need to add a rule for port 443 to it?
And, what would I specify for the ProxyPass and ProxyPassReverse, I guess, to make sure it passes it to webcit instead?

Thanx in advance.

Sun Dec 13 2015 16:50:15 EST from "nnnn20430" <nnnn20430@mindcraft.si.eu.org> Subject: Re: [Citadel Support] Webcit SSL access with Apache HTTP server running
i my self use nginx and have a special subdomain for webcit to be
citadel.domain and then i simply reverse proxy that subdomain to local
webcit
you can run that webcit on plain http doesn't matter cause it's local, i
have it running with ssl on port 2443... but you can use any other port
and don't need ssl...

i don't use letsencrypts auto configuration option, just use the
certonly option it places all certs in standard location, the main
domain will be the first domain specified in the cli and certs will be
placed in /etc/letsencrypt/live/domain/

then just create link in your servers config to
/etc/letsencrypt/live/domain/ and use that

so just do $ letsencrypt certonly -d mydomain,citadel.mydomain
or something like that and configure your server to reverse proxy it to
webcit when $host is ^citadel.*

On 12/13/2015 10:32 PM, platonov wrote:

I just read a post about trusted cert that doesn't give a warning to
everyone that visits the page using https://letsencrypt.org/ here.

The question I have is after I configured the letsencrypt for Apache
server and I can access the site via https address, and, since I also
want to use the https to webcit, then what do I do to make sure the
https access to that domain is served by the webcit and not by Apache?

One alternative seems to be to change the webcit port for https access
to something other than 443.

How do I do that?

Another one is to disable the Apache serving the https requests, so
that when domain is accessed as secure site, it is automatically
served by the webcit, and not apache. In that case, how do I configure
the letsencrypt certificates that work for that domain to work with
webcit instead?

Thanx in advance.

 



[#] Mon Dec 14 2015 01:35:12 EST from dothebart @ Uncensored

Subject: Re: Webcit SSL access with Apache HTTP server running

[Reply] [ReplyQuoted] [Headers] [Print]

configuring proxies is also described here:

http://citadel.org/doku.php/faq:installation:apacheproxy



[#] Tue Dec 15 2015 16:35:01 EST from warbaby @ Uncensored

Subject: How to: Let's Encrypt Free SSL Cert Citadel 9.01 Debian 8.2 Jessie 64

[Reply] [ReplyQuoted] [Headers] [Print]

Let's Encrypt

As you may have heard, Let's Encrypt (letsencrypt.org) a non-profit, free Certificate Authority supported by the EFF and a host of players.  They just entered public beta with their client, which means you can download it and install a real and free certificate on your citadel server (or whatever you like).   This is not an advertisement.  It's a big initiative to get everyone to encrypt their traffic.  I just did two of my citadel installs and though it was pretty easy so thought I'd share. 

How to: Let's Encrypt Free SSL Cert Citadel 9.01 Debian 8.2 Jessie 64

[This tutorial is Debian specific, but should be close for any distro.  Just make sure you have git installed]

Run these commands as any user which is in /etc/sudoers - you'll be prompted for sudo password when necessary. 

sudo apt-get update
 sudo apt-get install git
 git clone https://github.com/letsencrypt/letsencrypt
 cd letsencrypt
 ./letsencrypt-auto certonly -a standalone -d mail.example.org -d other.example.org

Enter your account email, Accept the TOS. You can add multiple domains if you leave off the -d arg (or use multiple -d args) . DNS must be already configured or this will fail with 'client unauthorized'.

cd /usr/local/citadel/keys ln -s /etc/letsencrypt/live/mail.example.org/privkey.pem citadel.key ln -s /etc/letsencrypt/live/mail.adventyouthmedia.org/fullchain.pem citadel.cer

restart citadel & webcit

/etc/init.d/citadel restart
/etc/init.d/webcit restart

[or, however you restart. service citadel restart, etc..]

This should work okay for webcit, I did not test because I run webcit without ssl via nginx proxy. 

REMEMBER, these are 90 days certs, but completely valid and nicely FREE. 

To renew the cert see the docs at https://letsencrypt.readthedocs.org/en/latest/using.html

Based on https://blog.rudeotter.com/lets-encrypt-ssl-certificate-nginx-ubuntu/  which also has a config for nginx. 

Have fun!

 

-Warbaby

 


[#] Tue Dec 15 2015 17:05:53 EST from warbaby @ Uncensored

Subject: Webcit proxy issue for static/ dir, name collision with other web crap

[Reply] [ReplyQuoted] [Headers] [Print]

I've been running webcit through a proxy w/ both nginx and apache for years now per [ http://citadel.org/doku.php/faq:installation:apacheproxy]

All is good, except I had to add an nginx block for the static/ dir for the images and some of the chat js to work.  

That also works, however I now have a web client app which also uses a dir called 'static', so proxying that folder isn't a good option anymore. It breaks the app.  

It seems there are three options. 

1) Move, copy or link some files.

2) Change the name of the webcit 'static' folder

3) Change the name of the mailclient 'static' folder. 

I'm leaning toward 1), but just thought I'd ask you smart guys what you think.  A handful of symbolic links would probably cover it.  It seems like the least janky approach. 

2) /static/ is hardcoded into all the styles.  I don't have the source at the moment.  If it needs to be changed there and recompiled, that's out since I just don't want to take it that far.  Lots of stuff to administer, my life consist of defaults. 

3) Other webclient has metric ton of minimized javascript I don't want to touch either. 

I guess I could just live with it the way it is.. this could just be considered an nginx specific question, but I'm not aware of any way to 'blend' two folders via an alias.  There may even be some name collision with files.  

Thoughts anyone?  Or, just tell me to go do some real work.  :)

 

 

 



[#] Tue Dec 15 2015 17:28:15 EST from warbaby @ Uncensored

Subject: Re: [Citadel Support] Webcit SSL access with Apache HTTP server running

[Reply] [ReplyQuoted] [Headers] [Print]

You don't need to run webcit ssl if you already have a web server with a valid cert running on 443.  That's kind of the whole point behind proxying the requests. Just run it on port 2000 (or whatever, I personally use 127.0.0.1:12 - yes, that's port 12)

So just add  the proxy config as shown on the wiki, and run webcit locally.  The SSL cert for your web server will take care of it.   If you try to use the stock script in /etc/init.d/webcit, you're going to get an error because it is going to try and grab port 443 and you already have apache/nginx on that port.  

My webcit-local.sh script is attached.  It should be get you in the ball park.  Just copy it to /etc/init.d/webcit-local (or wherever your init scripts are) and chmod u+ x as root. 

I use the low port # and only bind to localhost so webcit is not exposed publicly without ssl.   It also saves the overhead not having webcit ssl running. 

 

Sun Dec 13 2015 05:34:53 PM EST from platonov @ Uncensored Subject: Re: [Citadel Support] Webcit SSL access with Apache HTTP server running

Thanx a lot for quick followup.
Just one question:
Since I am not exactly a sysadmin type of a guy, what exactly do I need to do on Ubuntu 14.10 server to reverse proxy citadel subdomain?
It looks like some Apache configuration to me. Is it done in /etc/apache2/sites-enabled/domain_name?
If so, do I need to add a rule for port 443 to it?
And, what would I specify for the ProxyPass and ProxyPassReverse, I guess, to make sure it passes it to webcit instead?

Thanx in advance.

Sun Dec 13 2015 16:50:15 EST from "nnnn20430" <nnnn20430@mindcraft.si.eu.org> Subject: Re: [Citadel Support] Webcit SSL access with Apache HTTP server running
i my self use nginx and have a special subdomain for webcit to be
citadel.domain and then i simply reverse proxy that subdomain to local
webcit
you can run that webcit on plain http doesn't matter cause it's local, i
have it running with ssl on port 2443... but you can use any other port
and don't need ssl...

i don't use letsencrypts auto configuration option, just use the
certonly option it places all certs in standard location, the main
domain will be the first domain specified in the cli and certs will be
placed in /etc/letsencrypt/live/domain/

then just create link in your servers config to
/etc/letsencrypt/live/domain/ and use that

so just do $ letsencrypt certonly -d mydomain,citadel.mydomain
or something like that and configure your server to reverse proxy it to
webcit when $host is ^citadel.*

On 12/13/2015 10:32 PM, platonov wrote:

I just read a post about trusted cert that doesn't give a warning to
everyone that visits the page using https://letsencrypt.org/ here.

The question I have is after I configured the letsencrypt for Apache
server and I can access the site via https address, and, since I also
want to use the https to webcit, then what do I do to make sure the
https access to that domain is served by the webcit and not by Apache?

One alternative seems to be to change the webcit port for https access
to something other than 443.

How do I do that?

Another one is to disable the Apache serving the https requests, so
that when domain is accessed as secure site, it is automatically
served by the webcit, and not apache. In that case, how do I configure
the letsencrypt certificates that work for that domain to work with
webcit instead?

Thanx in advance.

 



 



webcit-local.sh (application/x-shellscript, 1217 bytes) [ View | Download ]
[#] Tue Dec 15 2015 21:43:54 EST from "John Goerzen" <jgoerzen@complete.org> to citadel_support@citadel.org

Subject: Re: [Citadel Support] How to: Let's Encrypt Free SSL Cert Citadel9.01 Debian 8.2 Jessie 64

[Reply] [ReplyQuoted] [Headers] [Print]

I have been curious for awhile what all the excitement about Let's
Encrypt is. startssl.com already hands out free SSL certs recognized by
major browsers, and they're valid for a year.

[#] Wed Dec 16 2015 06:47:17 EST from dothebart @ Uncensored

Subject: Re: Webcit proxy issue for static/ dir, name collision with other web crap

[Reply] [ReplyQuoted] [Headers] [Print]

I think ln -s'ing the files from the other static folder or vice versa is the cheapest option next to having one run on another vhost.



[#] Wed Dec 16 2015 13:46:33 EST from warbaby @ Uncensored

Subject: Re: Webcit proxy issue for static/ dir, name collision with other web crap

[Reply] [ReplyQuoted] [Headers] [Print]

Nevermind, I just made links. :)



[#] Wed Dec 16 2015 13:47:45 EST from warbaby @ Uncensored

Subject: Re: [Citadel Support] How to: Let's Encrypt Free SSL Cert Citadel9.01 Debian 8.2 Jessie 64

[Reply] [ReplyQuoted] [Headers] [Print]

The certs are only valid for 90 days, but still very worth-while. 

Tue Dec 15 2015 09:43:54 PM EST from "John Goerzen" <jgoerzen@complete.org> Subject: Re: [Citadel Support] How to: Let's Encrypt Free SSL Cert Citadel9.01 Debian 8.2 Jessie 64
I have been curious for awhile what all the excitement about Let's
Encrypt is. startssl.com already hands out free SSL certs recognized by
major browsers, and they're valid for a year.

 



[#] Thu Dec 17 2015 12:43:22 EST from IGnatius T Foobar @ Uncensored

Subject: Re: How to: Let's Encrypt Free SSL Cert Citadel 9.01 Debian 8.2 Jessie 64

[Reply] [ReplyQuoted] [Headers] [Print]


I am excited about the Let's Encrypt project, not only because the certificates are free/open, but also because they've automated the enrollment procedure in a way that's programmable. I could easily see Citadel speaking their enrollment protocol in the future, and being able to get a signed certificate without ever having to visit the CA directly.

[#] Sat Dec 19 2015 23:35:27 EST from toysareforboys @ Uncensored

Subject: Maximum attachment size?

[Reply] [ReplyQuoted] [Headers] [Print]

What is the maximum attachment size for Citadel? How do I increase it?

 

-Jamie M.



[#] Mon Dec 21 2015 04:58:23 EST from urasoul @ Uncensored

Subject: webcit cannot start - says port 2000 is already bound.. but it isn't

[Reply] [ReplyQuoted] [Headers] [Print]

i have been using citadel on fedora 20 for over a year - mostly without problem. yesterday i realised i needed to delete a large amount of emails from the aide room that had been outputted from crond.

thunderbird had a lot of trouble doing this and it crashed numerous times.

today i found that citadel had crashed and the hard drive on my server was full. i cleared some space on the server and also found that half the hard drive space is used by the folder /var/lib/citadel/data/

though when i view the properties of that folder i am only seeing about 25% of the storage space being used that the disk analyser app 'baobab' is listing as being used there.

after restarting webcit and citadel i found that webcit would fail and complain that it can't bind to port 2000 - even though there is no other service using that port.

after rebooting the server, the situation remains the same.. every time i restart webcit or stop/start it - it complains about port 2000 again.

the various commands i have run to view the activity of port 2000 always show that nothing is using the port..

anyone got any ideas of what to do here?

thanks



[#] Mon Dec 21 2015 05:09:08 EST from urasoul @ Uncensored

Subject: Re: webcit cannot start - says port 2000 is already bound.. but it isn't

[Reply] [ReplyQuoted] [Headers] [Print]

n.b. i am also seeing this in the terminal when i view the status of the citadel service:

DB: BDB3018 cdb.04: unwritable page 1047 remaining in the cache after error 122



[#] Mon Dec 21 2015 07:15:21 EST from "Panagiotis Palias" <panagos81@gmail.com> to citadel_support@citadel.org

Subject: Re: [Citadel Support] Re: webcit cannot start - says port 2000 isalready bound.. but it isn't

[Reply] [ReplyQuoted] [Headers] [Print]

Are you certain that you have rights to bind port 2000? Maybe you need sudo before the command. Also make sure there is nothing running on 2000, by issuing the command "sudo netstat -anp | grep 2000".

Στις 21 Δεκ 2015 11:09 π.μ., ο χρήστης "urasoul" <urasoul@uncensored.citadel.org> έγραψε:

n.b. i am also seeing this in the terminal when i view the status of the citadel service:

DB: BDB3018 cdb.04: unwritable page 1047 remaining in the cache after error 122



[#] Mon Dec 21 2015 07:37:57 EST from urasoul @ Uncensored

Subject: Re: [Citadel Support] Re: webcit cannot start - says port 2000 isalready bound.. but it isn't

[Reply] [ReplyQuoted] [Headers] [Print]

yes, i have permission. the server has been working correctly for over a year previous to this issue.

after running your netstat command, i see that webcit IS running.. however.. if i kill it and then start it again, i still see the same status that shows webcit failed and i still can't use it.

so basically, i issue: service webcit start

and the result is that webcit runs AND shows 'failed' in it's status output.



Go to page: [1] 2 3 4 5 ... Last