What type of hardware are you using: Old laptop or computer What YunoHost version are you running: 12.0.9.1 How are you able to access your server: The webadmin
SSH
Direct access via physical keyboard/screen Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: no
Describe your issue
Since the Bookworm migration (YNH 11 to YNH 12) i cannot access the SSO login portal.
When first configuring my instance, i added a domain (domain.com) which is not linked to yunohost but to a wordpress site, hosted by wordpress. Then each of my apps is on a separate subdomain (one.domain.com and so on), the main domain aka SSO login page is also one of those subdomains (home.domain.com). It worked well until i migrated to YNH 12, now when trying to access the home.domain.com/yunohost/sso it immediatly redirects to domain.com/yunohost/sso which does not exist. When accessing a subdomain for an app that does not need SSO login, everything goes as planned.
I tried erasing my cache, restarting nginx, switching the main domain back and forth in the YNH domain list, forcing a dyndns update which failed because Error: No domain registered with DynDNS, i am out of ideas… As this is my work server it is quite critical, so any suggestion is appreciated
Another clue that this might be a bug : even though the default domain is configured to be a subdomain (here : home.domain.com), the SSO portal customization options are listed under the root domain.com.
I feel that now the root domain is forced as SSO portal, you cannot use a subdomain for it even though it is declared so.
And the user interface gives me this error message : There is no app to list here, either because no web app yet is installed on the server, or because you don't have access to any. Please check with the admins of the server for more infos! This is easily solved in the default domain options under show other domain's apps (as stated here)
The root domain example.org is only used for admin purposes and as the CNAME destination for subdomain, such as portal.example.org.
There is no app installed on example.org, but some on subdomains of that root domain.
portal.example.com should be the domain that is available to users publicly, so they should open that portal and login there, I don’t mind if the SSO takes them to the root domain, but the login does not work starting on the subdomain, but only when starting on the root domain and this only for users.
Cases:
A user goes to portal.example.com and tries to login nothing will happen.
A user goes to example.org and tries to login it will work and the user is shown as logged in.
A user that is part of the admin group can login on either and it works.
Any tips welcome how to trouble shoot this problem!
Is there any SSO setup I can look at? What setting defines which user is allowed to login on which portal page?
I just saw another problem now. On cloud.example.com we have Nextcloud running, when I open cloud.example.com I will be taken to nextcloud login page, the login works, when I logout it will throw me back to some old domain that is not setup on that Yunohost anymore.
That was a setting in the Nextcloud config.php that I forgot existed and that I am not sure about it if was changed by me or set during the setup.
