🚀 YunoHost 12.0 (Bookworm) release / Sortie de YunoHost 12.0 (Bookworm)

Thanks for the tip, but no dice. I still get:

W: http://deb.debian.org/debian/dists/bookworm/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/php.gpg are ignored as the file has an unsupported filetype.
W: http://deb.debian.org/debian/dists/bookworm-updates/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/php.gpg are ignored as the file has an unsupported filetype.
W: http://security.debian.org/debian-security/dists/bookworm-security/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/php.gpg are ignored as the file has an unsupported filetype.

well, I haven’t this key in my Yunohost 12… I have only this

ls /etc/apt/trusted.gpg.d/
debian-archive-bookworm-automatic.asc
debian-archive-bookworm-security-automatic.asc
debian-archive-bookworm-stable.asc
debian-archive-bullseye-automatic.asc
debian-archive-bullseye-security-automatic.asc
debian-archive-bullseye-stable.asc
debian-archive-buster-automatic.asc
debian-archive-buster-security-automatic.asc
debian-archive-buster-stable.asc
debsuryorg-archive.gpg
extra_php_version.gpg
yarn.gpg

Why this key php.gpg is here ??

Perhaps try this

To check the file format, run file /etc/apt/trusted.gpg.d/php.gpg If it says “GPG key public ring” then I would expect it to work and I can’t explain the problem you’re seeing.

and also what returns

sudo apt-key list

Hello,
Thanks for your feedback. The problem still persists. Do you know how to correctly correct this file?

Hi,

file /etc/apt/trusted.gpg.d/php.gpg spits out:
/etc/apt/trusted.gpg.d/php.gpg: PGP public key block Public-Key (old)

sudo apt-key list shows:
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
/etc/apt/trusted.gpg.d/debian-archive-bookworm-automatic.asc

pub rsa4096 2023-01-21 [SC] [expires: 2031-01-19]
B8B8 0B5B 623E AB6A D877 5C45 B7C5 D7D6 3509 47F8
uid [ unknown] Debian Archive Automatic Signing Key (12/bookworm) ftpmaster@debian.org
sub rsa4096 2023-01-21 [S] [expires: 2031-01-19]

/etc/apt/trusted.gpg.d/debian-archive-bookworm-security-automatic.asc

pub rsa4096 2023-01-21 [SC] [expires: 2031-01-19]
05AB 9034 0C0C 5E79 7F44 A8C8 254C F3B5 AEC0 A8F0
uid [ unknown] Debian Security Archive Automatic Signing Key (12/bookworm) ftpmaster@debian.org
sub rsa4096 2023-01-21 [S] [expires: 2031-01-19]

/etc/apt/trusted.gpg.d/debian-archive-bookworm-stable.asc

pub ed25519 2023-01-23 [SC] [expires: 2031-01-21]
4D64 FEC1 19C2 0290 67D6 E791 F8D2 585B 8783 D481
uid [ unknown] Debian Stable Release Key (12/bookworm) debian-release@lists.debian.org

/etc/apt/trusted.gpg.d/debian-archive-bullseye-automatic.asc

pub rsa4096 2021-01-17 [SC] [expires: 2029-01-15]
1F89 983E 0081 FDE0 18F3 CC96 73A4 F27B 8DD4 7936
uid [ unknown] Debian Archive Automatic Signing Key (11/bullseye) ftpmaster@debian.org
sub rsa4096 2021-01-17 [S] [expires: 2029-01-15]

/etc/apt/trusted.gpg.d/debian-archive-bullseye-security-automatic.asc

pub rsa4096 2021-01-17 [SC] [expires: 2029-01-15]
AC53 0D52 0F2F 3269 F5E9 8313 A484 4904 4AAD 5C5D
uid [ unknown] Debian Security Archive Automatic Signing Key (11/bullseye) ftpmaster@debian.org
sub rsa4096 2021-01-17 [S] [expires: 2029-01-15]

/etc/apt/trusted.gpg.d/debian-archive-bullseye-stable.asc

pub rsa4096 2021-02-13 [SC] [expires: 2029-02-11]
A428 5295 FC7B 1A81 6000 62A9 605C 66F0 0D6C 9793
uid [ unknown] Debian Stable Release Key (11/bullseye) debian-release@lists.debian.org

/etc/apt/trusted.gpg.d/debian-archive-buster-automatic.asc

pub rsa4096 2019-04-14 [SC] [expires: 2027-04-12]
80D1 5823 B7FD 1561 F9F7 BCDD DC30 D7C2 3CBB ABEE
uid [ unknown] Debian Archive Automatic Signing Key (10/buster) ftpmaster@debian.org
sub rsa4096 2019-04-14 [S] [expires: 2027-04-12]

/etc/apt/trusted.gpg.d/debian-archive-buster-security-automatic.asc

pub rsa4096 2019-04-14 [SC] [expires: 2027-04-12]
5E61 B217 265D A980 7A23 C5FF 4DFA B270 CAA9 6DFA
uid [ unknown] Debian Security Archive Automatic Signing Key (10/buster) ftpmaster@debian.org
sub rsa4096 2019-04-14 [S] [expires: 2027-04-12]

/etc/apt/trusted.gpg.d/debian-archive-buster-stable.asc

pub rsa4096 2019-02-05 [SC] [expires: 2027-02-03]
6D33 866E DD8F FA41 C014 3AED DCC9 EFBF 77E1 1517
uid [ unknown] Debian Stable Release Key (10/buster) debian-release@lists.debian.org

/etc/apt/trusted.gpg.d/debsuryorg-archive.gpg

pub rsa3072 2019-03-18 [SC] [expires: 2026-02-04]
1505 8500 A023 5D97 F5D1 0063 B188 E2B6 95BD 4743
uid [ unknown] DEB.SURY.ORG Automatic Signing Key deb@sury.org
sub rsa3072 2019-03-18 [E] [expires: 2026-02-04]

/etc/apt/trusted.gpg.d/extra_php_version.gpg

pub rsa3072 2019-03-18 [SC] [expires: 2026-02-04]
1505 8500 A023 5D97 F5D1 0063 B188 E2B6 95BD 4743
uid [ unknown] DEB.SURY.ORG Automatic Signing Key deb@sury.org
sub rsa3072 2019-03-18 [E] [expires: 2026-02-04]

/etc/apt/trusted.gpg.d/yarn.gpg

pub rsa4096 2016-10-05 [SC]
72EC F46A 56B4 AD39 C907 BBB7 1646 B01B 86E5 0310
uid [ unknown] Yarn Packaging yarn@dan.cx
sub rsa4096 2016-10-05 [E]
sub rsa4096 2019-01-02 [S] [expires: 2026-01-23]
sub rsa4096 2019-01-11 [S] [expires: 2026-01-23]

Update done, on a test VM… Sadly my packages like pyinventory and django-for-runners are broken.

Think GitHub - YunoHost-Apps/django_yunohost_integration: Python package with helpers for integrate a Django project as YunoHost package. needs an update because of changes in SSO…

Create SSO in Python, after update to YunoHost 12 for this.

Hi,
Just FYI
Update done (on a little VPS)
Access OK by CLI
Access broken by Web
The same issue after 3 reboots.

systemctl status nginx
× nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; preset: enabled)
     Active: failed (Result: timeout)

I just checked the conf with nginx -t

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

So…
I tried a little systemctl restart nginx .
It fixed my issue

Since this problem, I tried to do a full reboot because I like the danger and take risks
My server is completely OK. It’s work nicely.
A lot of thanks for your work!!!
I was already advertising YunoHost and Nextcloud (among others). Obviously, I’m going to continue!

Reading post with similar error, perhaps you can try this

wget -O =/etc/apt/trusted.gpg.d/extra_php_version.gpg https://packages.sury.org/php/apt.gpg

and

sudo yunohost tools regen-conf apt

The directory

trusted.gpg.d

does not exist on my system. How do I get that one back?

I exist in fact when you have do the command file /etc/apt/trusted.gpg.d/php.gpg it worked…

perhaps it may be because not root user, try

sudo wget -O =/etc/apt/trusted.gpg.d/extra_php_version.gpg https://packages.sury.org/php/apt.gpg

Migtation sans aucun soucis. Juste la partition /root qui etait un peu trop remplie.

Ensuite maj nextcloud & bitwarden sans aucun problème.

Bravo à tous.

As well here, upgrade to Bookworm done in less than one hour, with everything (nextcloud, sogo, mongo-express, cac-proxy, dont-code services, adguard, monitorix, Matomo, Collabora & OnlyOffice, multiple domains and subdomains) working as a cham.
I only had to force upgrade of Borg backup client otherwise I got the “borg module not found” error message.

Congrats & Thanks to everyone !

Just a small warning from auto-diagnosis since the upgrade:

Warning: The configuration file ‘/etc/apt/sources.list.d/extra_php_version.list’ has been manually modified and will not be updated
apt:
applied:
pending:
/etc/apt/sources.list.d/extra_php_version.list:

diff: @@ -1 +1 @@
-deb https://packages.sury.org/php/ bookworm main
+deb [signed-by=/etc/apt/trusted.gpg.d/extra_php_version.gpg] https://packages.sury.org/php/ bookworm main

status: modified

A signed-by information has been added (not by me) and will be removed if I switch back to the original version.

What should I do ? Is it ok to switch back and remove the warning ?

Definitely not the “correct way” but I just added

location /yunohost/portalapi/ {

    proxy_read_timeout 5s;
    proxy_pass http://127.0.0.1:6788/;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;

    # Custom 502 error page
    error_page 502 /yunohost/portalapi/error/502;
}

to /etc/nginx/conf.d/yunohost_api.conf.inc

and then systemctl reload nginx

Just upgraded an instance and had zero issues, great work and thanks!

Installed apps: collabora, freshrss, huginn, nextcloud, roundcube, syncserver-rs, wallabag2 (on x86-64 VPS)

As it happens, this bit of config is already present in my file without me having done anything. Did you have to add this part to the config for it to work?

location /yunohost/portalapi/ {
    proxy_read_timeout 5s;
    proxy_pass http://127.0.0.1:6788/;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;

    # Custom 502 error page
    error_page 502 /yunohost/portalapi/error/502;
} 

No. For me this section did not exist. Maybe the point update fixed this?

For my part, I don’t know if it was an update that added this part of the configuration. But it still doesn’t work for me

update done this morning in less than one hour on a 10 mbits/sec ADSL connection.
Everything went well. nextcloud update to V30 done just after the migration without problem except with onlyoffice. but a reboot resolved my problem.
thanks a lot for your work. great job!

I assume appending .persistent to the file makes it persistent and it won’t be changed by Yunohost anymore? I guess for that file it is a bit of a problem as this file is changed when users or domains are changed?

I have a similar problem with the SSO login, I can not login as a user on portal.example.org, but only on example.com, see also my other reply here.
I think the problem lies one of the last lines that read:

    "redirected_urls": {
        "moodle.example.org/": "moodle.example.org/moodle",
        "portal.example.org/": "portal.example.org/yunohost/sso"

But I am not sure why the redirect is even needed in that place.

More likely that is is something else. but the similarity to the issue discussed here is that example.org is not used for web (in my case not even setup on the server in contrary to the mail only domain in the thread here). For main domain I use another domain example.com. (com vs. org!!)

I found that when I install some random app in a subfolder of portal.example.org/helper-app (the my_webapp in my case, but others work too) and set this app to be available to all users and with the tile visible, then the portal.example.org allows login for ordinary users.

I guess unused domains need to have some block in /etc/ssowat/conf.json to allow all users to login, but maybe Yunohost does not add that block when the domain is not used.

Maybe someone can verify this?

Just upgraded for MailTape Crew instance and it all went smoothly! Congratulations and much love to all the contributors who are making this possible. It’s a real joy to be able to free ourselves from proprietary systems thanks to you. <3

[EDIT] I then updated Nextcloud to v30 and everything went smooth also on that side. You rock !