YunoHost 4.3 testing

Hello everyone!

We just released a new testing version for YunoHost! This version is packed with an remarkable number of new features and changes, and we would be more than happy to receive feedback before releasing it as a stable version! :stuck_out_tongue_winking_eye:

Hereā€™s a summary of the major changes:

  • :busts_in_silhouette: User management using CSV export/import. This should make life easier for people handling a large number of users! This work is supported by the CNAM.
  • :art: A rework of the app config panel framework which was still an experimental/hidden feature. We hope that this rework will make it much easier for packagers to implement interfaces to configure and customize applications, as well as unlocking new possibilities for the future of YunoHost and the webadmin in general. Also, this comes with a significant rework of the VPNclient and Hotspot apps to integrate them in the webadmin! This work is supported by the NLnet foundation.
  • :globe_with_meridians: Autoconfiguration mecanism for DNS records using registrars API and the Lexicon library. For now, only OVH and Gandi were properly tested by the community. This works also brings more feature- and subdomain-awareness to the recommended DNS configuration, which is important for people handling many subdomains. This work is supported by the NLnet foundation and contributions from students from the University of Technology of CompiĆØgne.
  • :safety_vest: A new setting for experimental security features as well as some new diagnosis checks for applications.
  • :label: Better support for .local domain names which should be useful for people willing to host local-only services!
  • :keyboard: Improved mecanic for command-line prompts
  • :sparkles: As always, various fixes / improvements for every day life, as well as internal spring cleanings, paving the way for the future!
  • :speaking_head: Lots of updates for translations in Arabic, Catalan, Chinese (Simplified), Czech, Dutch, Esperanto, French, Galician, German, Hindi, Indonesian, Italian, Kurdish (Central), Macedonian, Persian, Portuguese, Spanish, Ukrainian

Thanks to all contributors :heart: ! (andretheolauret, axolotle, Christian Wehrli, Corentin Mercier, Cyril Romain, Daniel, Ɖric Gaspar, Flavio Cristoforetti, Geoff Montel, Gregor Lenz, JocelynDelalande, JosĆ© M, Kay0u, liimee, ljf, mifegui, Paco, Parviz Homayun, ppr, saptrishi das biswas, tituspijean, Tymofii-Lytvynenko)

How to participate to the beta-testing :construction_worker_woman: :construction_worker_man:

:warning: DO NOT do this on a critical production server! :warning:

From the command line, you can launch the following command to switch to testing:

curl https://install.yunohost.org/switchtoTesting | bash

(If you are familiar with bash scripting, you might want to read what this script does before blindly running the command)

You should then be running YunoHost 4.3.x.

What to test? :space_invader: :telescope:

Here are some specific items which are important to check to validate the current work:

  • Validating that all the basic, existing everyday life features of Yunohost (user portal, sending/receiving emails, peroming app install/upgrades, diagnosis, ā€¦) are still working is an important test in itself :stuck_out_tongue_winking_eye:
  • If youā€™re interested in user management using CSV import/export, this can be tested from the webadmin in the User section (notice the small dropdown menu next to the ā€˜Add userā€™ button). The CSV can be edited in a spreadsheet software such a LibreOffice Calc.
  • Testing the new app configuration panels is so far complicated considering no app actually implements a new configuration panel :sweat_smile:. Nevertheless, the new version of VPN client is to be released soonā„¢, as well as hotspot, and packagers may also work in the coming days on new config panels for other apps, so stay tuned!
  • Testing the new automatic DNS configuration feature is located in the Domain section. Please keep in mind that only OVH and Gandi were properly tested for now.
    1. You should first go in the ā€˜Domain configuration > DNSā€™ section. You should then read carefully the documentation on how to obtain your registrar credentials.
    2. After this, automatic configuration will be available in the ā€˜DNS configurationā€™ section.
  • Testing the experimental security setting : it can be enabled from the command line with: sudo yunohost settings set 'security.experimental.enabled' -v True. This enables the following:
    • prevents system users from snooping on the list of processes (using ps -ef)
    • adds default-src https: data: to the nginxā€™s CSP configuration
    • enforces Secure and HTTPonly on all cookies
    • adds a more extensive Permissions-Policy in nginx configuration
  • You should notice a new ā€˜Appsā€™ section at the bottom of the Diagnosis
  • Testing the .local domain support (only relevant if your server is in your local network): add a whateveryouwant.local domain. You should then be able to contact this server using any device on the local network. (You can possibly troubleshoot by checking the ā€˜yunomdnsā€™ service)
  • Testing the new translations can be done by changing the language in Tools > Webadmin settings
24 Likes

:rocket:

Testing yunomdns, the service does not start:

Sep 20 10:43:14 systemd[1]: Started YunoHost mDNS service.
Sep 20 10:43:15 yunomdns[4421]: Traceback (most recent call last):
Sep 20 10:43:15 yunomdns[4421]:   File "/usr/bin/yunomdns", line 139, in <module>
Sep 20 10:43:15 yunomdns[4421]:     zc = Zeroconf(interfaces=ips)
Sep 20 10:43:15 yunomdns[4421]:   File "/usr/lib/python3/dist-packages/zeroconf/_core.py", line 403, in __init__
Sep 20 10:43:15 yunomdns[4421]:     listen_socket, respond_sockets = create_sockets(interfaces, unicast, ip_version, apple_p2p=apple_p2p)
Sep 20 10:43:15 yunomdns[4421]:   File "/usr/lib/python3/dist-packages/zeroconf/_utils/net.py", line 346, in create_sockets
Sep 20 10:43:15 yunomdns[4421]:     normalized_interfaces = normalize_interface_choice(interfaces, ip_version)
Sep 20 10:43:15 yunomdns[4421]:   File "/usr/lib/python3/dist-packages/zeroconf/_utils/net.py", line 158, in normalize_interface_choice
Sep 20 10:43:15 yunomdns[4421]:     result += ip6_addresses_to_indexes(choice)
Sep 20 10:43:15 yunomdns[4421]:   File "/usr/lib/python3/dist-packages/zeroconf/_utils/net.py", line 124, in ip6_addresses_to_indexes
Sep 20 10:43:15 yunomdns[4421]:     result.append(ip6_to_address_and_index(adapters, iface))
Sep 20 10:43:15 yunomdns[4421]:   File "/usr/lib/python3/dist-packages/zeroconf/_utils/net.py", line 91, in ip6_to_address_and_index
Sep 20 10:43:15 yunomdns[4421]:     return (cast(Tuple[str, int, int], adapter_ip.ip), cast(int, adapter.index))
Sep 20 10:43:15 yunomdns[4421]: AttributeError: 'Adapter' object has no attribute 'index'
Sep 20 10:43:15 systemd[1]: yunomdns.service: Main process exited, code=exited, status=1/FAILURE
Sep 20 10:43:15 systemd[1]: yunomdns.service: Failed with result 'exit-code'.

I will have a look into the code.


@Aleks, solved by upgrading to zeroconf-0.36.6. :innocent:

sudo pip3 install zeroconf --upgrade (hopefully it does not break anything with next release)

1 Like

Uuuuuuh okay but we shouldnā€™t do this because itā€™s not straightfoward wether or not we (the yunohost project) will be able to upgrade the package via the .deb repo ā€¦ This creates ambiguous situations where both lib versions are installed on the system

The right solution is that we should upgrade the version being server via our .deb repo ā€¦

1 Like

Hello,

I try to switchto Testing with the admin user but i canā€™t maybe due to permissions.

Then, i try to sudo curl https://install.yunohost.org/switchtoTesting | bash but same errors.

I havenā€™t try with root for now because i think most current users update/upgrade with the combo sudo | admin

Summary

admin@***:~$ curl https://install.yunohost.org/switchtoTesting | bash
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 462 100 462 0 0 2552 0 --:ā€“:-- --:ā€“:-- --:ā€“:-- 2538


Patching sources.list to enable testing repositoryā€¦


sed: couldnā€™t open temporary file /etc/apt/sedbjPFxk: Permission denied
sed: couldnā€™t open temporary file /etc/apt/sources.list.d/sedqNQaWj: Permission denied
sed: couldnā€™t open temporary file /etc/apt/sources.list.d/sedRBBhSn: Permission denied
sed: couldnā€™t open temporary file /etc/apt/sources.list.d/sedio1xcn: Permission denied


Running ā€˜apt-get updateā€™


Reading package listsā€¦ Done
E: Could not open lock file /var/lib/apt/lists/lock - open (13: Permission denied)
E: Unable to lock directory /var/lib/apt/lists/
W: Problem unlinking the file /var/cache/apt/pkgcache.bin - RemoveCaches (13: Permission denied)
W: Problem unlinking the file /var/cache/apt/srcpkgcache.bin - RemoveCaches (13: Permission denied)


Running ā€˜apt-get dist-upgradeā€™


E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)
E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?


admin@***:~$ sudo curl https://install.yunohost.org/switchtoTesting | bash
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 462 100 462 0 0 3447 0 --:ā€“:-- --:ā€“:-- --:ā€“:-- 3447


Patching sources.list to enable testing repositoryā€¦


sed: couldnā€™t open temporary file /etc/apt/sedOFQyDR: Permission denied
sed: couldnā€™t open temporary file /etc/apt/sources.list.d/sedJRkRYQ: Permission denied
sed: couldnā€™t open temporary file /etc/apt/sources.list.d/sedM7V4tR: Permission denied
sed: couldnā€™t open temporary file /etc/apt/sources.list.d/sednhg1LQ: Permission denied


Running ā€˜apt-get updateā€™


Reading package listsā€¦ Done
E: Could not open lock file /var/lib/apt/lists/lock - open (13: Permission denied)
E: Unable to lock directory /var/lib/apt/lists/
W: Problem unlinking the file /var/cache/apt/pkgcache.bin - RemoveCaches (13: Permission denied)
W: Problem unlinking the file /var/cache/apt/srcpkgcache.bin - RemoveCaches (13: Permission denied)


Running ā€˜apt-get dist-upgradeā€™


E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)
E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?
admin@***:~$

Itā€™s on my Raspberry Pi 3B on which iā€™ve deployed YunoHost on a Debian Buster arm64 where iā€™ve restored a YunoHost backup (from the previous same deployment with a conventional 32 bits armhf one).
Details : 4.2.8.3 stable YunoHost with one main domain and 2 sub-domains, an admin and a user, 4 apps (Dolibarr, Galene, Mumble and phpMyAdmin) and an exotic ssh port.

lsb_release -a

Distributor ID: Debian
Description: Debian GNU/Linux 10 (buster)
Release: 10
Codename: buster

Do not hesitate to give me more information to go further :wink:

ppr

sudo command | other_command enable only sudo for command and not other_command

You need to set sudo on the other_command :

curl https://install.yunohost.org/switchtoTesting | sudo bash

(but you need to trust the provider of the bash script.
A more ā€œsecureā€ way would be

# download the `switchtoTesting` script : 
curl https://install.yunohost.org/switchtoTesting -o switchtoTesting.sh`
# read the script to be sure
# make it executable
chmod +x switchtoTesting.sh
# execute with sudo
sudo ./switchtoTesting.sh
2 Likes

Hi! first, thank you for this wonderful upgrade! :star_struck: :star_struck: :star_struck:

I just tried this feature, with my domain name informatiquelibre.fr registered at Gandi, but it fails to push the ipv6 and mail-related records the for the main domain (the only one I set for email in/out)

2021-09-21 12:09:10,682: INFO - [#################...] > create AAAA  / @
2021-09-21 12:09:13,172: ERROR - Failed to create record AAAA/maindomain.tld : list indices must be integers or slices, not str
2021-09-21 12:09:17,614: INFO - [###################.] > create  MX   / @
2021-09-21 12:09:19,071: ERROR - Failed to create record MX/maindomain.tld : list indices must be integers or slices, not str
2021-09-21 12:09:19,076: INFO - [####################] > create  TXT  / @
2021-09-21 12:09:20,375: ERROR - Failed to create record TXT/maindomain.tld : list indices must be integers or slices, not str
2021-09-21 12:09:20,412: WARNING - DNS records partially updated: some warnings/errors were reported.

The existing manually created DNS records have been deleted from Gandi DNS.

EDIT: every other records were successfully pushed, I checked on Gandiā€™s website.
EDIT2: I tried many times, no more luck. I guess Yunohost tries to put ā€œ@ā€ as a subdomain but Gandi donā€™t allow that? I finally set those records manually.

You can read full logs here : https://paste.yunohost.org/raw/hipudusuqu

(by the way, it is just fantastic Yunohost can manage remotely DNS records!! It would really help me for some project of mineā€¦)

4 Likes

(python3-zeroconf got updated in our repo to version 0.36.6)

2 Likes

Hello,

It works with :

curl https://install.yunohost.org/switchtoTesting | sudo bash
Thanks !

ppr

:smiling_face_with_three_hearts:Soā€¦muchā€¦GOODNESS!!! :heart_eyes:

Wow! I love the idea of Yunohost being able to autoconfigure domains for the user, even if my personal registrar isnā€™t supported yet. This is a HUGE step forward! Being able to let apps have their own configuration screens is also a MASSIVE improvement! Extra security hardening is also the icing on the cake. YUM!

Thankyou Yunodevs, one and all! :heartpulse:

2 Likes

I want to help testing and i want first to learn how to do it safely.

Scenario: backing up then testing and reverting.

How would i restore a borked test, reinstalling yunohost stable and then restoring?

First it should be said to only test on a non production system with data that you would be fine being 100% corrupted, as there is a chance of exactly that happening.

That said, the easiest way would be to test in a virtual machine (eg. KVM or VirtualBox). That lets you save a snapshot at any time, then reverting is as simple as clicking on restore snapshot.

Yunohost does have a backup system however, as I understand it (correct me if Iā€™m wrong here) it really only backs up the app files and the Yunohost specific files. I believe that it doesnā€™t actually back up Debians system files, so you can use it to restore the files of Yunohost or your apps, but not the overall operating system (unlike a VM snapshot). So, for example, a system file that gets upgraded and breaks something, wonā€™t be downgrqaded again by Yunohosts Backup/Restore system.

Just out of curiosityā€¦ which version of Debian is Yunohost 4.3 based on?

Buster

(otherwise changing Debianā€™s version would have been reflected in the major version number)

2 Likes

Debian 10
The next version of yunohost will be on debian 11. Apps package are being modified to support debian 11, see https://dash.yunohost.org/appci/compare/stable...bullseye .

2 Likes

I have python3-zeroconf 0.36.6-1 but Yunomdns still fails.

Sep 23 15:19:32 salamandar.fr yunomdns[18132]: Traceback (most recent call last):
Sep 23 15:19:32 salamandar.fr yunomdns[18132]:   File "/usr/bin/yunomdns", line 139, in <module>
Sep 23 15:19:32 salamandar.fr yunomdns[18132]:     zc = Zeroconf(interfaces=ips)
Sep 23 15:19:32 salamandar.fr yunomdns[18132]:   File "/usr/lib/python3/dist-packages/zeroconf/_core.py", line 410, in __init__
Sep 23 15:19:32 salamandar.fr yunomdns[18132]:     listen_socket, respond_sockets = create_sockets(interfaces, unicast, ip_version, apple_p2p=apple_p2p)
Sep 23 15:19:32 salamandar.fr yunomdns[18132]:   File "/usr/lib/python3/dist-packages/zeroconf/_utils/net.py", line 346, in create_sockets
Sep 23 15:19:32 salamandar.fr yunomdns[18132]:     normalized_interfaces = normalize_interface_choice(interfaces, ip_version)
Sep 23 15:19:32 salamandar.fr yunomdns[18132]:   File "/usr/lib/python3/dist-packages/zeroconf/_utils/net.py", line 158, in normalize_interface_choice
Sep 23 15:19:32 salamandar.fr yunomdns[18132]:     result += ip6_addresses_to_indexes(choice)
Sep 23 15:19:32 salamandar.fr yunomdns[18132]:   File "/usr/lib/python3/dist-packages/zeroconf/_utils/net.py", line 124, in ip6_addresses_to_indexes
Sep 23 15:19:32 salamandar.fr yunomdns[18132]:     result.append(ip6_to_address_and_index(adapters, iface))
Sep 23 15:19:32 salamandar.fr yunomdns[18132]:   File "/usr/lib/python3/dist-packages/zeroconf/_utils/net.py", line 91, in ip6_to_address_and_index
Sep 23 15:19:32 salamandar.fr yunomdns[18132]:     return (cast(Tuple[str, int, int], adapter_ip.ip), cast(int, adapter.index))
Sep 23 15:19:32 salamandar.fr yunomdns[18132]: AttributeError: 'Adapter' object has no attribute 'index'
Sep 23 15:19:32 salamandar.fr systemd[1]: yunomdns.service: Main process exited, code=exited, status=1/FAILURE

Can you share the output of dpkg --list | grep zeroconf

ii  python3-zeroconf 0.36.6-1+ynh10 all \
     Pure Python implementation of multicast DNS service discovery (Python3)

(reformated for readability)

What about:

python3 -c "import zeroconf; print(zeroconf.__version__)"

0.36.6 :smiley:

Also __file__= /usr/lib/python3/dist-packages/zeroconf/__init__.py