↧
Adding an element to the proxy whitelist at cockpit
↧
Adding an element to the proxy whitelist at cockpit
No I don’t get any message of success not at the browser and not at the logs. Only the entries at messages.log I posted are written every time I try it.
↧
↧
Collaborative tools for schools
I came accross this discussion here: https://help.nextcloud.com/t/nextcloud-app-for-bigbluebutton-integration/74910/21
Basically someone managed to get bigbluebutton to workon nextcloud.
Now thats more Like it.
↧
Coturn installation and connection on a separate server than nextcloud and riot
↧
OpenVPN Roadwarrier Mobile setup
Dear Everyone, our gateway nethserver 7 is configured as VPN server-client environment.
Roadwarrier Bridge with Server - Client environment.
I would just like to know how to setup Iphones to connect using Openvpn to our server and use only web interface to view it’s status…Thanks.
↧
↧
Adding an element to the proxy whitelist at cockpit
Try signal-event nethserver-squidguard-save and check logs again.
BTW: what client-OS do you use? I’m talking about a Win10-client.
↧
OpenVPN Roadwarrier Mobile setup
You choose the VPN client for your mobile Roadwarrior deployment
https://apps.apple.com/us/app/openvpn-connect/id590379981 for IOS
To view/disconnect via web; log into your NS, navigate to VPN and then the Roadwarrior tab.
↧
Coturn installation and connection on a separate server than nextcloud and riot
Nethserver development team, is that something we can adopt and have integrated into Nethserver, so that we have a nextcloud installation that can host more people on nethserver?
↧
Firewall can not store 'any' inside rule
I stopped using NethServer for this reason and went to PFsense because of it. This has to be more of a misunderstanding on how the NethServer firewall functions overall.
↧
↧
Deploying jitsi meet on Nethserver (independent video conferencing)
Sorry for my bad english and for occupying this topic.
A bare jitsi-meet installation in a vm or container istn to hard. But if you have jitsi-meet beside nethserver there are some sticking points (or my knowledge is to low maybe).
And using the nethserver-ad or ldap (or ejabberd) wouldtn be a bad idea to simplifying the setup and for athentication.
In my setting the nethserver runs as vm (in proxmox) beside a debian 10 container for jitsi-meet.
My (only one) extermal ip with some subdomains (a/cname in dns) pointing to this external ip.
Some necessary ports are directed to the nethserver vm and his services (e.g. mail, sogo etc.)
Thus nethserver is the main target for tcp 443 and 80 (and becomes letsencrypt certs) so the jitsi-meet installation has no chance to become own letsencrypt certs.
Or is there a Solution?
So i have used the nethserver process for getting an letsencrypt cert with subdomain for the jitsi-meet container and added an reverse proxy entry in nethserver looking for jitsi.domain.tld and pointing to the local ip of the jitsi-meet container. So the subdomain should/is reachable from extern and using the nethserver-letsencrypt-certs.
But, after the jitsi-meet installation, the jitsi-meet site wasnt reacheble over the subdomain. To many redirects and/or some trouble with „get“ requests. It seems that the “turnserver” (installed with jitsi-meet) is the showstopper here.
But jIstsi-meet can run without the turnserver so i installed ist again (from begin) with “apt-get -y --no-install-recommends install jitsi-meet”. Without turnserver the jitsi-meet site appears normal from local and from extern. (with the nethserver main-letsencrypt cert). In this Setting Meetings are possible (Yeah).
All Finished? No. If you prevent jitsi-meet so strangers cannot create (or enter) meeting rooms you need authentication.
There are some way to do this. The jitsi-way is using a own prosody xmpp and userbase. This runs fine.
You can also try to connect to an ldap (wit special modules) but i wasnt successful with that.
So i have stopped an this point and installed the nethserver-ejabberd because of this own ldap integration (jitsi-meet can use ejabberd with limitations) But if you have nethserver-ejabberd installed it was no more possible to enter an meeting room (disconnect).
This appears also when the ejabberd service is stopped. (?)
After uninstalling nethserver-ejabberd (btw not possible in the new server-panel) the problem disappears.
The ejabberd trouble with jitsi-meet is (i think) because of some adress-or service troubles in my setting but i have no idea to correct it. The most installed and configured services in jitsi-meet using his (full) hostname like “jitsi.domain.tld” . (and this is the way jitsi recommends)
But in my setting - i get never the correct ip for this hostname.
An external DNS (like 8.8.8.8) gives back the external IP (as expected). In this setting runs jitsi-meet itselv (without ejabberd or ldap) but you lose internal name resolution so i need a local DNS.
The nethserver DNS (normally used) gives also back a wrong ip, the nethserver-own ip.
I think this is because of the reverse entry or the nethserver-letsencrypt entry fr the subdomain(?) and therefore it isnt possible to set an dns entry for this name additional.
But without local DNS solution it makes no sense to play with jitsi-auth mechanics.
The jitsi-meet own entries for /etc/hosts shows (from begin) two ip entries for his hostname, 127.0.0.1 and the (real) local ip. But “host jitsi.domain.tld” nevertheless gives back nether this ip from this host itselv.
Any Suggestions?
Regards
yummiweb
↧
Adding an element to the proxy whitelist at cockpit
Tried this, no change.
The client OS I tried with is Win 7 and Win 10.
↧
Threat shield, user password page, improved SSH policy and restore without network
Ehi I’m here 
It’s already on our enterprise version joining a partnership with yoroi.
You can become a Nethesis partner or in the future we’re looking for adding it to our subscription. But there are no plans at the moment.
↧
Adding an element to the proxy whitelist at cockpit
Here is the console output of the browser
[App.vue:312](webpack:///src/App.vue)
███╗ ██╗███████╗████████╗██╗ ██╗███████╗███████╗██████╗ ██╗ ██╗███████╗██████╗ ████╗ ██║██╔════╝╚══██╔══╝██║ ██║██╔════╝██╔════╝██╔══██╗██║ ██║██╔════╝██╔══██╗ ██╔██╗ ██║█████╗ ██║ ███████║███████╗█████╗ ██████╔╝██║ ██║█████╗ ██████╔╝ ██║╚██╗██║██╔══╝ ██║ ██╔══██║╚════██║██╔══╝ ██╔══██╗╚██╗ ██╔╝██╔══╝ ██╔══██╗ ██║ ╚████║███████╗ ██║ ██║ ██║███████║███████╗██║ ██║ ╚████╔╝ ███████╗██║ ██║ ╚═╝ ╚═══╝╚══════╝ ╚═╝ ╚═╝ ╚═╝╚══════╝╚══════╝╚═╝ ╚═╝ ╚═══╝ ╚══════╝╚═╝ ╚═╝ [App.vue:313](webpack:///src/App.vue)
API exec: system-authorization/read $ /usr/libexec/nethserver/api/system-authorization/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/$bf3e1af436a7a17fd9acce73134d569fe2db2d6fd384d066b3ed141b5869c372/nethserver/libs/nethserver.js)
API exec: system-task/read $ /usr/bin/setsid /usr/bin/sudo /usr/libexec/nethserver/api/system-task/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/$bf3e1af436a7a17fd9acce73134d569fe2db2d6fd384d066b3ed141b5869c372/nethserver/libs/nethserver.js)
API exec: system-settings/read $ echo '{"action":"hints"}' | /usr/bin/sudo /usr/libexec/nethserver/api/system-settings/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/$bf3e1af436a7a17fd9acce73134d569fe2db2d6fd384d066b3ed141b5869c372/nethserver/libs/nethserver.js)
tasks undefined [App.vue:464](webpack:///src/App.vue)
tasks no running tasks [App.vue:464](webpack:///src/App.vue)
Diese Seite verwendet die nicht standardisierte Eigenschaft "zoom". Stattdessen sollte calc() in den entsprechenden Eigenschaftswerten oder "transform" zusammen mit "transform-origin: 0 0" verwendet werden. [index.html](https://192.168.46.5:9090/cockpit/@localhost/nethserver-squid/index.html)
API exec: system-apps/read $ echo '{"action":"info","name":"nethserver-squid"}' | /usr/libexec/nethserver/api/system-apps/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/$bf3e1af436a7a17fd9acce73134d569fe2db2d6fd384d066b3ed141b5869c372/nethserver/libs/nethserver.js)
API exec: nethserver-squid/dashboard/read $ echo '{"action":"status","hostname":"192.168.46.5"}' | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-squid/dashboard/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/@localhost/nethserver/libs/nethserver.js)
API exec: nethserver-squid/dashboard/read $ echo '{"action":"proxy-stats"}' | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-squid/dashboard/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/@localhost/nethserver/libs/nethserver.js)
API exec: nethserver-squid/dashboard/read $ echo '{"action":"proxy-charts","time":900}' | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-squid/dashboard/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/@localhost/nethserver/libs/nethserver.js)
API exec: nethserver-squid/dashboard/read $ echo '{"action":"filter-stats"}' | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-squid/dashboard/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/@localhost/nethserver/libs/nethserver.js)
API exec: system-docs/read $ echo '{"chapter":"content_filter","section":"","language":"en"}' | /usr/bin/sudo /usr/libexec/nethserver/api/system-docs/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/@localhost/nethserver/libs/nethserver.js)
API exec: nethserver-squid/feature/read $ echo '{"name":"filter"}' | /usr/libexec/nethserver/api/nethserver-squid/feature/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/@localhost/nethserver/libs/nethserver.js)
API exec: nethserver-squid/categories/read $ echo '{"action":"categories"}' | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-squid/categories/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/@localhost/nethserver/libs/nethserver.js)
API exec: nethserver-squid/filter/read $ echo '{"action":"configuration"}' | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-squid/filter/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/@localhost/nethserver/libs/nethserver.js)
API exec: nethserver-squid/proxy/read $ echo '{"action":"configuration"}' | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-squid/proxy/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/@localhost/nethserver/libs/nethserver.js)
API exec: nethserver-squid/filter/read $ echo '{"action":"profiles"}' | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-squid/filter/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/@localhost/nethserver/libs/nethserver.js)
API exec: nethserver-squid/filter/read $ echo '{"action":"objects"}' | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-squid/filter/read | jq [nethserver.js:41:17](https://192.168.46.5:9090/cockpit/@localhost/nethserver/libs/nethserver.js)
Error: Constructing dygraph with a non-existent div! [dygraph.js:142](webpack:///node_modules/dygraphs/src/dygraph.js)
Source-Map-Fehler: Error: request failed with status 404 Ressourcen-Adresse: https://192.168.46.5:9090/cockpit/$bf3e1af436a7a17fd9acce73134d569fe2db2d6fd384d066b3ed141b5869c372/shell/index.css Source-Map-Adresse: index.css.map
Source-Map-Fehler: Error: request failed with status 404 Ressourcen-Adresse: https://192.168.46.5:9090/cockpit/$bf3e1af436a7a17fd9acce73134d569fe2db2d6fd384d066b3ed141b5869c372/base1/patternfly.css Source-Map-Adresse: patternfly.min.css.map
API exec: nethserver-squid/filter/validate $ echo '{"AntiVirus":"enabled","DomainWhitelist":["youtube-nocookie.com","c.amazon-adsystem.com","adx.adform.net","hb.adscale.de","as-sec.casalemedia.com","prg.smartadserver.com","yieldlove-d.openx.net","ib.adnxs.com","adserver.adtech.de","hbopenbid.pubmatic.com","fastlane.rubiconproject.com","securepubads.g.doubleclick.net","stats.g.doubleclick.net","de.pons.com","dropbox.com","ytimg.com","youtube.nl","youtube.it","youtube.com.br","youtubec.net","youtubebestvideos.com","youtube.be","youtube.de","pubads.g.doubleclick.net","googlevideo.com","youtube.com","jonas-farbenwerke.de"],"DomainBlacklist":["kundt-it.de"],"UrlBlacklist":[],"BlockedFileTypes":[],"Filter":"enabled","Expressions":"disabled","UrlWhitelist":[],"DefaultFilter":{"BlockIpAccess":"disabled","Categories":["adv","alcohol","chat","dating","drugs","hacking","lingerie","movies","music","porn","radiotv","sex","socialnet","spyware","warez","webmail","webphone","webradio","webtv"],"BlockFileTypes":"disabled","name":"default","BlackList":"enabled","BlockAll":"disabled","type":"filter","WhiteList":"enabled","Description":"Default filter","Removable":"no"},"action":"configuration"}' | /usr/bin/sudo /usr/libexec/nethserver/api/nethserver-squid/filter/validate | jq↧
↧
Firewall can not store 'any' inside rule
good point! Yes it works in rules, but not inside local rules. The rules were done a while ago in old UI and when I tried to use cockpit I discoverd the issue. So the cockpit is not fully compatible with old settings here.
So what is the difference between rules and local rules then? I found the answer inside the doc already, thanks @mrmarkuz for the link
↧
Firewall can not store 'any' inside rule
I did not try but I have other custom services objects created and in use. So I’m sure that this work around would be a replacment for ‘any’.
The policy change is nice, too (but can not be done in UI). Meanwhile I learned that moving my rules to local rules would do the trick, so that might be the most readable way to understand the settings later.
So the conlusion on this: One problem, several solutions possible.
But be aware that taking over FW rules created in old UI leads to a smal incompatibility in cockpit, as you can not edit rules (local) if ‘any’ was used inside the rule.
↧
Collaborative tools for schools
There is also a BBB plugin for moodle
And @mrmarkuz has created a moodle module
But it needs some attention and updating. (but I understood that’s in the works as we speak…
↧
Posix Users and SSH
Since Installation (a year before) i have two posix accounts (beside roots) on my Nethserver. From time to time i used this accounts for logging in with ssh, copying per scp or sftp or login via admin-panel (old and new) Since two or for days this is not possible anymore.
Login via Console is fine, via ssh or admin-panel)s) no more. (for all posix admins)
It seems there are some changes in /etc/ssh/sshd_config compared to other nethserver installations.
is changed here something from an update - in principle?
In the last days there are some changes/events:
- some changes via cockpit-admin panel, dns, reverse server entries and letsencrypt i think
- uninstalling/removing an old fpbx/asterisks (testing only)
- uninstalling/removing ngingx and configs (never mind on that installation)
after that the httpd wouldnt restart, so run /etc/e-smith/events/actions/system-adjust and/or restarted the server (nevermind in which sort). after that the httpd was up again.
until here, the posix ssh should work i think.
the last entry in “shell history” before the last “exit” command was “sudo yum update”.
(i know, you preferred update via admin-panel)
Normally i would something change/correct in config files but nethserver does somthing different here so it is better to ask someone for that.
If i go via the new admin-panel (System > SSH) and give SSH rights for “normal Users” the ssh for posix users (groups: wheel,administrators) runs again but this is no real solution.
Any suggestions?
Regards
yummiweb
↧
↧
Noticed that my emails have started to have odd characters
I am still having issues…
The client used to write the email was Outlook. The client used to read and send reply was Thunderbird.
Thanks,
-SF-
↧
Noticed that my emails have started to have odd characters
Email replied and sent back to the user has the special characters in the email and the client is Outlook 365.
↧
Nextcloud talk not working outside our lan
Thank you @stephdl for your suggestion. I would have preferred to use apps within Nextcloud but I’ve now tested Jitsi Meet and I’m very impressed with how easy it was to setup! I’m curious why Nethserver hasn’t added Jitsi Meet as a local app for people to use? This appears to be an awesome application and would provide a nice video conferencing option for Nethserver users.
↧