[Solved] Cannot create subdomain anymore

Hi all!

I can’t create any subdomains anymore !
Unfortunately, I can’t figure what the error is either. It seems like the log go from “self-signed certificate” is ok directly to “error removing the subdomain”.

My YunoHost server

Hardware: Kimsufi KS1 (x86)
YunoHost version: 4.0.4
I have access to my server : Through SSH
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : yes
If yes, please explain:
-DNS records managed by Gandi, not my server.
-Initial LE certificates ran through a script prior to Yunohost integrated them. I have switched to the “internal” methods a long time ago but I can’t guarantee I’ve not left anything behind. No issue with certificates or renewals, though.
-Yunohost-API disabled, I use the CLI for everything
-Every time I upgrade the yunohost-admin package, I have to manually remove a dead link ca.crt:
tools upgrade.log: ln: failed to create symbolic link '/usr/share/yunohost/admin/ca.crt': File exists
I suspect that’s related to the “old” way of installing certificates and I have no idea if that’s related to my old way of installing script, and it may or not be related to my recent issues, but note that I’ve been able to add and remove domains in the past (like ~1 year ago, give or take)

Description of my issue

When trying to add subdomain:
sudo yunohost domain add mastodon.domain.tld

(Note: in case I would have forgotten about a past add/remove mastodon that would have left things behind, I also tried with different random names, with the same result.)

I get the following 3 log reports:
https://paste.yunohost.org/raw/jejokimasi
https://paste.yunohost.org/raw/xonamemeba
https://paste.yunohost.org/raw/afuculubey

The commnand generates the self-signed certificates, I can see them in
/etc/yunohost/certs/mastodon.chtisurel.net-history, 1 directory per attempt…
ca.pem, crt.pem, key.pem, openssl.cnf

I don’t really understand where it goes wrong. Based on the log, we generate the certificate, then fail to remove the domain. I don’t understand what’s happening in between or at that step.

Any insight on what’s going on or where I could get more detailed logs (couldn’t find any other than these linked) would be appreciated!

Thanks in advance!

Zblerg, the current code doesn’t log the right error …

Will have to tweak the code manually to get more info about what’s happening exactly (thought that line about Ignoring -days; not generating a certificate is a bit weird but maybe it’s expected)

So let’s run

nano /usr/lib/moulinette/yunohost/domain.py

and around line 145 you should find something like :

    except Exception:
        # Force domain removal silently
        try:
            domain_remove(domain, True)
        except:
            pass
        raise

and let’s edit the beginning such that it looks like :

    except Exception as e:
        logger.error(e)
        # Force domain removal silently
        # [etc... keep the same code below]

THANK YOU !

With that change, I got the extra piece:

Error: [Errno 2] No such file or directory: '/etc/yunohost/certs//mastodon.domain.tld-history/20200827.161353-selfsigned/ca.pem'

That file is a link, to a link, … to a file missing on my system :
/etc/yunohost/certs/yunohost.org/ca.pem
and going through the sources, I figured it’s just a renamed copy of
/usr/share/yunohost/yunohost-config/ssl/yunoCA/ca/cacert.pem

After the copy, I can now create domains without error raised !
And that’s probably related to my yunohost-admin usual update issue as well !
I don’t know how it vanished though. I probably deleted it accidentally when I was trying to figure LE certificates eons ago.
Anyway: SOLVED!

Thanks again!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.