Hm, can someone maybe provide a little bit more explanation, about changes in the intented use (if any), and the available settings that remain with the new YNH 12 portal implementation? (Iām sorry, I also could not yet fully āgraspā or āgrokā this part from the announcement.)
Here is another related use-case with (to me) unknown support state that worked really nice with YNH 11:
Main domain set to a possibly hard-to-remember, maybe even impossible to change, reverse-DNS Domain. (Used as smtp mail-out domain by all configured domains)
While allowing users to log in on a subdomain of their āusualā domain. (Itās much simpler to explain own users to just use e.g. to https://apps.example.org if they want or need to sign in to something. While example.org and www.example.org can just redirect/host some (public) app or website.
In YNH 11 the domain allowing the login could be configured by having a file /etc/ssowat/conf.json.persistent with:
{ "portal_domain": "apps.example.org" }
Result: Except for the button āuser interfaceā (only present?) in the adminās web interface, everything seems to point to the correct portal domain, and work perfectly.
Is this expected to break when upgrading to YNH 12?
Do you see an alternative solution that does not require the users to use long yunohost login url/sub-paths?
PS: As reference, that āportal_domainā configuration option had come up e.g. in this thread:
I guess you should change via a temporary fake domain first, cause the url is considered as used (yeah it seems a bug if there is only forumsons on this domainā¦). This temporary fake domain doesnāt need to be completely configure (no dns or letās encrypt needed).
@Qprq@samuel-ynh@AxlRose1976 Indeed, the portal in yunohost 12 makes some assumptions that was not made on yunohost 11. Use cases where you need to add domain.tld for managing emails without managing the web part on the yunohost (website on an other server, etc.) is not properly managed and need you to make some changes in /etc/ssowat/conf.json.persistent
I think it could help if yousomeone can state what is now assumed, is missing, and may optionally be manually configured? (from the userās perspective)
In the apparently new ādomain_portal_urlsā dictionary setting, is the part /yunohost/sso (the path) also configurable to just /? And how does the selection between sub1/sub2 work based on the requested domain.tld?
I did the upgrade this morning and there are a couple of issues:
Home Assistant has not upgraded correctly, and the binary is not found at /var/www/homeassistant/bin/hass. Full log: hastebin
Iām not sure if this is new, but Yunohost is assuming that subdomains have a root domain on the same server and that it is the SSO URL, which isnāt the case on my home server. In my case the root domain was on another Yunohost server. I have changed it to be on the server that I updated, but the SSO redirect is still going to the other server and seems to be caching a DNS lookup for it very aggressively.
Can you try a forced upgrade of the app? sudo yunohost app upgrade homeassistant -F ?
I uninstalled and reinstalled so we can ignore that, sorry.
To make sure I understand, your selfhosting topology is:
foo.tld : YunoHost 1
bar.foo.tld : YunoHost 2, but SSO redirects to foo.tld for logging in.
Thatās correct.
Is foo.tld registered as a domain on YunoHost 2?
It is now, but was registered on YunoHost 1 initially, but not as the primary domain, which is a subdomain of another domain. YunoHost 1 has not been updated to Yunohost 12.0 yet.
As I suspected it might, whatever is causing the cached DNS response on YunoHost 2 has updated and it now redirects to the root domain for SSO, but again, itās not tagged as the primary domain on the server.
Migrations carried out, a few problems with several applications; resolved with a sudo yunohost app upgrade APP -F (Mastodon, Funkwhale, Photoview and Synapse).
Many thanks
@samuel-ynh : check your groups and user acces ? Have you any issue with your diagnostic dialog ?
Though that logfile doesnāt seem to say it, the CLI log when running the command includes this:
Info: [###+++ā¦] > Upgrading source filesā¦
Info: Using already used python3 built versionā¦
Warning: Error: [Errno 13] Permission denied: ā/var/www/homeassistant/include/python3.12ā
Error: Could not upgrade homeassistant: An error occurred inside the app upgrade script
After trying to manually restore from backup, because the HomeAssistant app is no longer listed as being installed, this is the log: https://paste.yunohost.org/raw/opaforidic
with error message:
Exception: Original path for ā/home/yunohost.app/homeassistantā not found
Iāll give up troubleshooting for now. Iām not very good with Python, but I hope I can find more things to try some things later.
Oh no, I was not suggesting you to add foo.tld on YunoHost 2, that would not make sense.
That actually isnāt a problem as the domain was redundant on YunoHost 1, but the main issue is that something is assuming that the root domain of a subdomain will be the SSO domain. It appears that a similar issue is being reported up this thread by @AxlRose1976.
Editing the config.json.persistent worked. But I have the same problem that no apps are shown after login.
Edit:
I created a new sub.domain.tld.json in folder /etc/yunohost/portal
Now I have the same login like at domain.tld. Even public apps are shown.
But I assume if I will make changes in the GUI for domain.tld they will not be applied to sub.domain.tld.
If I understand correctly, I need to add a subdomain in domain1 and domain2 to have a portal for that domain and app1 and app2 will not show in portal of domain3.
I donāt need portals for domain1 and domain2, so I will skip creating a subdomain, this wonāt affect app1 and app2?
If I wanted to add app1 and app2 to the portal on domain3, using redirect apps?
