Archive for the ‘Computers’ Category

Update from Ubuntu 18.04 to 20.04

Sunday, May 3rd, 2020

I decided to let the update process overwrite any config files that I had edited, knowing that I had a few that might need updating.

There was one issue with Apache2 where the newest version of PHP wasn’t linked in the config files for Apache. The problem was that there were two the load files—one for 7.2 and one for 7.4. I deleted the one for 7.2 and renamed the one for 7.4 then reloaded the modules and restarted Apache. That seems to have worked.


sudo rm /etc/apache2/mods-available/php7.2.load

mv /etc/apache2/mods-available/php7.2.conf /etc/apache2/mods-available/php7.4.conf
sudo a2enmod php7.4

Mail stopped working, but that’s because Dovecot didn’t know where to find the SSL certificates from Let’s Encrypt and where to put the mail. I followed the directions in a previous post and it works now.

Search Tips

Saturday, February 2nd, 2019

Search engine behaviour has changed over the years in ways that make it more difficult for me to get results that I am looking for. For my vocabulary sites I often want to get a word and a specific context. For example, if I want to find the word gregarious used in the same context as buffoon, I used to be able to put both words in the search box and it would find pages with both words. Not any more. When using Google, you can force it to find both words in the text of the page by using:
allintext:gregarious buffoon

Another one that I can make use of is:
gregarious AROUND (4) buffoon

Unfortunately, these don’t work in DuckDuckGo.

There are a bunch more at the ahrefs blog

Server Unavailable error

Wednesday, August 8th, 2018

A PHP-based web site on a server that I manage was failing to load. It worked a few months ago when I set it up and the owner didn’t notice that it was failing. When I looked at the error log I got these messages.


[Wed Aug 08 07:45:21.627045 2018] [proxy:error] [pid 32113:tid 139735343294208] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /run/php/php7.2-fpm.sock (*) failed
[Wed Aug 08 07:45:21.627334 2018] [proxy_fcgi:error] [pid 32113:tid 139735343294208] [client 64.91.53.183:36745] AH01079: failed to make connection to backend: httpd-UDS

Since it said that fpm.sock failed, I thought that maybe the mod was no longer enabled so I tried a2enmod proxy_fcgi but it said that it was already enabled.

There was some info on dependencies on various help sites, so I figured that at some point an aptitude safe-upgrade command might have messed things up. So I figured that running these commands might help, and it did.


sudo apt-get update
sudo apt-get upgrade

Reading through the install messages I noticed this:


Setting up php7.2-fpm (7.2.7-0ubuntu0.18.04.2) ...
Package apache2 is not configured yet. Will defer actions by package php7.2-fpm.
Replacing config file /etc/php/7.2/fpm/php.ini with new version
NOTICE: Not enabling PHP 7.2 FPM by default.
NOTICE: To enable PHP 7.2 FPM in Apache2 do:
NOTICE: a2enmod proxy_fcgi setenvif
NOTICE: a2enconf php7.2-fpm

So it looks like proxy_fcgi somehow got enabled and was causing problems. It is a small site with little traffic, so I decided to leave well enough alone and not enable the mod.

Getting Exim4 running on a new server

Friday, July 6th, 2018

We’ve always kept our virtual domains in /etc/mail/virtuals and I was under the impression it was the default location. It isn’t.

I don’t remember adding this code when I set up Exim4 on my Linode server, but it is missing on my Digital Ocean server. I needed to add the folowing lines to exim4.conf.template, just above the line system_aliases: in the router section.


virtual_domains:
  driver = redirect
  domains = dsearch;/etc/mail/virtuals
  data = ${lookup{$local_part}wildlsearch{/etc/mail/virtuals/$domain}}
  allow_fail
  allow_defer
  file_transport = address_file

I also missed the step of creating the self-signed key and cert, so make sure you do that as well.

The documents have lots of special cases for handling email that I never used, but one could come in handy. An attempt to deliver to a particular local part can be deferred or forced to fail by aliasing the local part to
:defer:
or
:fail:

So you could do something like this, since spammers use this address all the time.
support: :fail:

One thing we never did in the virtuals file is to send a comment for addresses that bounce, but it could come in handy. e.g

X.Employee: :fail: Gone away, no forwarding address
support: :fail: Please use the contact form on our website if you have support questions.

Getting Dovecot running on a new server.

Sunday, June 24th, 2018

I followed these Dovecot installation instructions and everything appeared to work, but I couldn’t get mail. I went into my mail client and retyped the password. I got an error message when it tried to verify the server saying that I had an invalid certificate.

I tried getting a standalone certificate using certbot, but my attempt failed. It turns out that you need to stop apache before running certbot with the standalone command. Then run:


sudo certbot certonly --standalone --preferred-challenges http -d mail.mymaildomain.com <code>

This puts a new certificate just for mail in the /etc/letsencrypt/live/mail.mymaildomain.com directory. You need to tell Dovecot where to find the certificate by editing the SSL file.

Look for these lines near the top of the file.


#ssl_cert = </etc/dovecot/dovecot.pem
#ssl_key = </etc/dovecot/private/dovecot.pem

Configure Dovecot

Dovecot’s SSL configuration is done in an auxiliary file located at /etc/dovecot/conf.d/10-ssl.conf. In here you’ll find two parameters that need to be changed: ssl_cert and ssl_key. Like postfix, dovecot will need the full certificate chain to present to clients for validation.

Edit the configuration file to point to the new certificates. Be sure to include the leading < before the file path, this is what tells dovecot to read from a file rather than use the value literally.


ssl_cert = </etc/letsencrypt/live/mail.example.com/fullchain.pem
ssl_key = </etc/letsencrypt/live/mail.example.com/privkey.pem

The only other issue I had was with the mail_location. I must have picked mbox format when the messages are in Maildir format. I changed this line in 10-mail.conf.


mail_location = maildir:~/Maildir

Well Golly


Atheism Plus

Buy from Amazon