Updating from Nextcloud 15.x to 16.x issues due to PHP 7.0 — it requires PHP 7.1 or newer.

Uncategorized
There's a message when you execute the updater on nextcloud to bring you to version 16 of nextcloud.  It dumps out some dorky message about php7.0 but doesn't actually tell you unless  you click the link it dumps.  If you do it takes you to some page where they claim php7.0 is insecure and they give you a timeframe where you need to complete an upgrade from something like 7.0 to 7.2 or 7.3 and if you don't then it's your fault for running an insecure version of PHP 7.0 The problem is that updating from 7.0 to some other version is more than just updating to 7.2 or 7.3.  You have all sorts of dependencies that also need to be updated. Even though 7.2 or 7.3 gets installed properly…
Read More

Nextcloud 14.0.3 update

Uncategorized
Nextcloud though a good concept has issues that always seem to crop up during the update process.  Now there are quite a few things that are problems here. Stuck on an old version and it won't let you update via the interface running the occ command to update says you are up to date if you run the ../updater/pharupdater it fails saying that it can't delete old resources -- like that matters one freaking bit as far as completing the update goes.  Tell me where they are and I'll delete them afterwards. insufficient feedback during the update and error messages are unclear and seemingly meant only for the developers. expecting that their lack of documentation on updater errors is ok and that you should pay them.  That's just bad business.…
Read More

Postfix Won’t Send Emails with Attachment error: SMTP Error: [550] 5.7.1 (base_64)

Uncategorized
More tightening of the reigns on email has resulted in the inability to send emails with attachments.  This wasn't intentional.  I was following various guides and someone had some additional header_checks entries that I felt would help reduce spam.  In the middle of all the entries is the following: /^Content\-Transfer\-Encoding:(.*)base64$/ REJECT (base_64) This little line keeps all emails with attachments from going out.  In the /etc/postfix/header_checks file is where you put restrictions on incoming and outgoing email.  It is meant to keep mail users from getting spam and from forwarding spam emails with malicious content to others in the business or to others on the internet.  That line though can be dangerous if you aren't familiar with email and could cause you unintended grief if you just copy other's work,…
Read More

Nextcloud and error 503 Service Unavailable (seemingly suddenly seemingly randomly)

Uncategorized
Some of these things just annoy you to death.  Suddenly I find that I am getting this error whenever I access my nextcloud instance, which I happen to be using more and more and more every day. I had been tightening down my security on my containers on the proxmox server and had discovered that I needed to put some exclusion IPs in fail2ban.  I did that for several containers and must have been interrupted by a customer or two and I know I never got back to it. I also put in fail2ban on several containers that were missing it and I ensured that certificates were valid and being updated properly by letsencrypt.  So, I was tightening the screws and sealing the doors so to speak, but interruptions are…
Read More

When you SSH in with an RSA key but you keep getting prompted for your password

Uncategorized
One cause is your home folder permissions are wrong. Just sudo chmod 775 /home/jimbo Replace your user home folder name for jimbo. This annoyed me to no end till I found this.   Edit (11-12-2020): There is another obscure cause of this. No matter what I tried I constantly was being prompted for a password even though the permissions were correct as described above. My final solution was to backup the data in the account and to delete it, reboot the proxmox lxc container and then add the account back.  This fixed it.
Read More

Queue File Write Error

Uncategorized
I was having issues sending emails from my android device using k9 mail.  I have some pretty strong rules in /etc/postfix/header_checks file.  To test if this was the cause I renamed the file.  I then restarted and sent a test email. I found that once I did that I received a different message when a test email failed to be sent.  The error was "Error: queue file write error". Aug 8 10:24:19 mail postfix/cleanup[2324]: warning: regexp:/etc/postfix/header_checks is unavailable. open /etc/postfix/header_checks: No such file or directory So, you have one possible solution to that error.  It is that header_checks is missing.  When you perform tests like I did you should always ensure that you have a dummy file with that name.  Restart the server and try another test email. Or find…
Read More

SSH Jump Server (Part 2)

Uncategorized
Now that I've explained some about SSH and the concept of a jump server (a secondary machine that takes requests and proxy forwards them to other machines on the LAN that are not exposed to the Internet) I'll continue by explaining how to conceptually configure a jump server.  I'll start by reiterating a little about how one works and why we'd use it. A jump server provides extra layers of protection from the bad guys and script kiddies on the Internet.  What you may not know, understand, believe is that someone is attacking your computers (including your phones -- whatever has an OS they are probing and trying to exploit) at your location all the time from all over the world.  There's a whole computer discipline (field of study) about…
Read More

SSH Jump Server (Part 1)

Uncategorized
SSH means Secure SHell.  It is a method of connecting to remote systems.  You use a terminal program to connect and login to that remote system.  If you are familiar with Linux you know you have a terminal prompt that you can access through a program like Konsole or gnome-terminal.  In the terminal you issue commands.  You issue commands by typing them at the prompt, just like in the old days of DOS. What makes SSH special is that you can use it to connect to a remote computer and issue commands as if you were physically sitting in front of that computer itself. Connections consist of using the SSH command with the terminal program open.  With it you connect to the remote system by issuing the SSH command.  You…
Read More

Spam blocking with sender_access in postfix itself.

Uncategorized
This is kinda a pet peeve with me.  I hate spam.  I have my own email servers hosted locally at my shop because I dislike other entities contacting me without my explicit permission.  If I suddenly get spam from some entity I want to ensure I have full control to block everything from their domain.  That is what I thought I had done and it seemed to work for some time, however, I started getting spam from several entities that I thought I had blocked, and after checking found that I had blocked them. I went looking for answers and found the answers were in the details.  I read posts pretty fast and sometimes just exclude them from the solution due to how little detail or how much detail they…
Read More

SSH Disconnects (continued, yet again), and other disconnecting services.

Uncategorized
This has been an ongoing for some time and various things have been done in an attempt to resolve it.  Much of that consisted of swapping out cables and switches, testing hardware, doing a test install, and disconnecting VLAN segments,  I also bought an inexpensive replacement cable modem just in case thinking that it may be the issue.   I didn't test that as I hadn't eliminated the pfsense setup as the cause, nor for that matter any of it except some specific hardware such as switches and cables.  All told, I had swapped out multiple cables and switches, some a couple of times.  After eliminating those I put everything back to the way it was and went onto the next step. At times I thought I had narrowed it…
Read More