I'm trying to set up a Rocket Chat server on a micro GCE instance (micro, Always-Free).
I've installed Rocket.Chat via snapd with no problems (SSH access). The service is up and running, and the external IP is ping-able.
The port that RocketChat uses is 3000, and I've created the needed firewall rules:
inbound - all instances - IP Range 0.0.0.0/0 - tcp:3000 - allow - priority 1
inbound - all instances - IP Range 0.0.0.0/0 - udp:3000 - allow - priority 2
However, when I try to connect via browser I get a "refused". What am I missing?
You need to add firewall rule on GCP to allow ingress port 3000 (tcp and udp) to your VPC Network where is your GCE instance, you can add firewall rule by using the gcloud command as well see below:
gcloud compute firewall-rules create [name] --action allow --rules tcp:3000,udp:3000 --direction INGRESS --network [VPC_NAME]
I succeeded to create a RocketChat with snapd using micro instance with Allow HTTP traffic enabled (it was a Debian)
Did follow the step here
sudo apt-get install snapd
sudo snap install rocketchat-server
Then checked the status of the server
sudo service snap.rocketchat-server.rocketchat-server status
Output:
$ sudo service snap.rocketchat-server.rocketchat-server status
● snap.rocketchat-server.rocketchat-server.service - Service for snap application rocketchat-server.rocketchat-server
Loaded: loaded (/etc/systemd/system/snap.rocketchat-server.rocketchat-server.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2019-01-09 21:14:25 UTC; 14min ago
Main PID: 6148 (startRocketChat)
Tasks: 12 (limit: 4915)
CGroup: /system.slice/snap.rocketchat-server.rocketchat-server.service
├─6148 /bin/bash /snap/rocketchat-server/1356/bin/startRocketChat
└─6165 node /snap/rocketchat-server/1356/main.js
Jan 09 21:14:44 rocketchat rocketchat-server.rocketchat-server[6148]: ➔ | Rocket.Chat Version: 0.72.3 |
Jan 09 21:14:44 rocketchat rocketchat-server.rocketchat-server[6148]: ➔ | NodeJS Version: 8.11.3 - x64 |
Jan 09 21:14:44 rocketchat rocketchat-server.rocketchat-server[6148]: ➔ | Platform: linux |
Jan 09 21:14:44 rocketchat rocketchat-server.rocketchat-server[6148]: ➔ | Process Port: 3000 |
Jan 09 21:14:44 rocketchat rocketchat-server.rocketchat-server[6148]: ➔ | Site URL: http://localhost |
Jan 09 21:14:44 rocketchat rocketchat-server.rocketchat-server[6148]: ➔ | ReplicaSet OpLog: Enabled |
Jan 09 21:14:44 rocketchat rocketchat-server.rocketchat-server[6148]: ➔ | Commit Hash: 65747ce814 |
Jan 09 21:14:44 rocketchat rocketchat-server.rocketchat-server[6148]: ➔ | Commit Branch: HEAD |
Jan 09 21:14:44 rocketchat rocketchat-server.rocketchat-server[6148]: ➔ | |
Jan 09 21:14:44 rocketchat rocketchat-server.rocketchat-server[6148]: ➔ +-----------------------------------------+
The curl localhost:3000 was successful but not the external IP curl [EXTERNAL_IP]:3000.
Then Added the Firewall rule above (using the gcloud command or the console it's up to you), and I were able then to curl my external IP and was able to browser using my EXTERNAL_IP:3000 for the setup wizard.
You can also deploy Rocket.Chat with docker see this documentation
Related
I've installed qemu virt-manager libvirt on Linux Mint 20, I have a AMD FX(tm)-4300 Quad-Core Processor with AMD-V enabled in the bios, restarted a lot but virt-manager(Virtual Machine Manager) is saying:
Unable to connect to libvirt lxc:///.
Failed to connect socket to '/var/run/libvirt/virtlxcd-sock': No such file or directory
Libvirt URI is: lxc:///
I am running this locally. The file/socket does not exist, but there is a "libvirt-sock" (and other files) in that folder.
The service is running, but reporting the same error:
libvirtd.service - Virtualization daemon
Loaded: loaded (/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2020-09-01 10:11:27 BST; 12min ago
TriggeredBy: ● libvirtd.socket
● libvirtd-ro.socket
● libvirtd-admin.socket
Docs: man:libvirtd(8)
https://libvirt.org
Main PID: 731 (libvirtd)
Tasks: 19 (limit: 32768)
Memory: 34.2M
CGroup: /system.slice/libvirtd.service
├─ 731 /usr/sbin/libvirtd
├─1041 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvirt>
└─1042 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvirt>
Sep 01 10:11:29 mainlinux dnsmasq[1041]: read /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
Sep 01 10:11:29 mainlinux dnsmasq-dhcp[1041]: read /var/lib/libvirt/dnsmasq/default.hostsfile
Sep 01 10:12:35 mainlinux libvirtd[731]: libvirt version: 6.0.0, package: 0ubuntu8.3 (Marc Deslauriers <marc.deslauriers#ubuntu.com> Thu, 30 >
Sep 01 10:12:35 mainlinux libvirtd[731]: hostname: mainlinux
Sep 01 10:12:35 mainlinux libvirtd[731]: Failed to connect socket to '/var/run/libvirt/virtlxcd-sock': No such file or directory
Sep 01 10:12:35 mainlinux libvirtd[731]: End of file while reading data: Input/output error
I'm updated my kernel to 5.8.5-generic, but other than that, running Mint 20 (based on Ubuntu focal). Anyone know how to fix this, or display a log as to why virtlxcd-sock is not being created?
Also tried sudo chmod 777 on the libvirt subfolder and restarted libvirtd, same error.
Been googling for hours, finally found the one that worked for me, seems like installing libvirt and lxc does not install this package:
sudo apt install libvirt-daemon-driver-lxc
sudo systemctl restart libvirtd
I trying to setup a multiple domain server in gcloud instance, following this tutorial https://vorkbaard.nl/installing-a-mailserver-on-debian-8-part-3-mta-postfix/ , I modify /etc/postfix/master.cf :
smtp inet n - y - - smtpd
to
597 inet n - y - - smtpd
when I telnet domain 597 I get succefully a connection, but trying to send an email from mailx or from the telnet client I get an error as if postfix still use 25 port:
Aug 24 19:26:08 localhost postfix/smtp[1404]: connect to alt2.gmail-smtp-in.l.google.com[2607:f8b0:400c:c0f::1b]:25: Network is unreachable
So where I need to change the port to use to postfix work in google computer instance ? Telnet outside google network works ok!
thanks!
[edit]
After more debugs and test sending email to the same email send and recibe, from round cube, and from thunderbird, so I think the problem its the outside traffic from the port 25 and I dont know why postfix use 25 port if the master.cf stmp port is set to 597
mail.log debug sending from roundcube
Aug 25 00:58:59 localhost dovecot: imap(sender#domain.com): Debug: maildir++: root=/var/mail/vmail/inova.cloud/info, index=, indexpvt=, control=, inbox=/var/mail/vmail/inova.cloud/info, alt=
Aug 25 00:58:59 localhost dovecot: imap(sender#domain.com): Logged out in=50 out=511
Aug 25 00:59:22 localhost postfix/qmgr[952]: 494C582008: from=<sender#domain.com>, size=524, nrcpt=1 (queue active)
Aug 25 00:59:22 localhost postfix/qmgr[952]: 4F95180D0A: from=<nano#server.c.majestic-lodge-173213.internal>, size=461, nrcpt=1 (queue active)
Aug 25 00:59:22 localhost postfix/error[1435]: 494C582008: to=<destination#domain>, relay=none, delay=4617, delays=4617/0.06/0/0.01, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect t$
Aug 25 00:59:22 localhost postfix/error[1436]: 4F95180D0A: to=<destination#domain>, relay=none, delay=80226, delays=80226/0.03/0/0.01, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect$
Aug 25 00:59:59 localhost dovecot: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges
Aug 25 00:59:59 localhost dovecot: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges
Aug 25 00:59:59 localhost dovecot: auth: Debug: auth client connected (pid=1442)
Aug 25 00:59:59 localhost dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=0wbZdolXxJkAAAAAAAAAAAAAAAAAAAAB#011lip=::1#011rip=::1#011lport=143#011rport=39364#011resp=AGl$
Aug 25 00:59:59 localhost dovecot: auth-worker(1430): Debug: sql(sender#domain.com,::1,<0wbZdolXxJkAAAAAAAAAAAAAAAAAAAAB>): query: SELECT email as username, pwd AS password FROM addresses WHERE email = 'info#$
Aug 25 00:59:59 localhost dovecot: auth: Debug: client passdb out: OK#0111#011user=sender#domain.com
Aug 25 00:59:59 localhost dovecot: auth: Debug: master in: REQUEST#0112225078273#0111442#0111#0117898818d71c58f150c8d4f75bb936fb5#011session_pid=1443#011request_auth_token
Aug 25 00:59:59 localhost dovecot: auth-worker(1430): Debug: sql(sender#domain.com,::1,<0wbZdolXxJkAAAAAAAAAAAAAAAAAAAAB>): SELECT 5000 AS uid, 5000 as gid, email, '/var/mail/vmail/domain/info' AS home FROM$
Aug 25 00:59:59 localhost dovecot: auth: Debug: master userdb out: USER#0112225078273#011sender#domain.com#011uid=5000#011gid=5000#011email=sender#domain.com#011home=/var/mail/vmail/domain/info#011auth_token$
Aug 25 00:59:59 localhost dovecot: imap-login: Login: user=<sender#domain.com>, method=PLAIN, rip=::1, lip=::1, mpid=1443, secured, session=<0wbZdolXxJkAAAAAAAAAAAAAAAAAAAAB>
Aug 25 00:59:59 localhost dovecot: imap(sender#domain.com): Debug: Added userdb setting: plugin/email=sender#domain.com
Aug 25 00:59:59 localhost dovecot: imap(sender#domain.com): Debug: Effective uid=5000, gid=5000, home=/var/mail/vmail/inova.cloud/info
Aug 25 00:59:59 localhost dovecot: imap(sender#domain.com): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/var/mail/vmail/domain/info
Aug 25 00:59:59 localhost dovecot: imap(sender#domain.com): Debug: maildir++: root=/var/mail/vmail/domain/info, index=, indexpvt=, control=, inbox=/var/mail/vmail/domain/info, alt=
Aug 25 00:59:59 localhost dovecot: imap(sender#domain.com): Logged out in=50 out=511
From outside email it doesnt recive
Two important facts:
GCE blocks outbound email on port 25, 465 and 587 (except for port 465 or 587 to Google Apps relay only).
If you are not using a relay, you cannot choose the oubound port. This is because you must connect to whichever port your destination is listening to, which will be a standard (blocked) port.
As a result you must use a email relay, which you are not by the sound of it. At the bottom of the page I linked above are some options for email relays you can use. They all include postfix options.
I installed sendmail on both server1 and server2. They use the same configuration file: sendmail.mc. I can send/receive mails to/from the users on the same server using an email client from my PC. But I can not send email to the users on the other server. For example, I can not send an email to bbb#server2domain.com from aaa#server1domain.com using the email client. I've added the ip address of my PC to /etc/mail/access on server1(Connect:zz.zz.zz.zz RELAY) and rebuilt access.db. Looking into /var/log/maillog, sendmail on server1 successfully accepted the mail from the PC but waited for a long time when connecting to server2
Apr 3 07:21:06 server1 sendmail[19771]: v33BKxfr019769: SMTP outgoing connect on server1.xxxxx.com
then timeout:
Apr 3 07:26:06 server1 sendmail[19771]: v33BKxfr019769: timeout waiting for input from server2domain.com. during client greeting
Apr 3 07:26:06 server1 sendmail[19771]: v33BKxfr019769: to=, ctladdr= (501/501), delay=00:05:04, xdelay=00:05:00, mailer=esmtp, pri=121178, relay=server2domain.com. [yy.yy.yy.yy], dsn=4.0.0, stat=Deferred: Connection timed out with server2domain.com.
On server2, the log is:
Apr 3 07:18:02 server2 sendmail[20121]: v33BI2Os020121: assigned id
Apr 3 07:18:02 server2 sendmail[20121]: NOQUEUE: connect from [xx.xx.xx.xx]
Apr 3 07:18:02 server2 sendmail[20121]: AUTH: available mech=ANONYMOUS,
allowed mech=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5
Apr 3 07:18:02 server2 sendmail[20121]: v33BI2Os020121: Milter: no active filter
Apr 3 07:23:02 server2 sendmail[20121]: STARTTLS=server, info: fds=6/4, err=5
Apr 3 07:23:02 server2 sendmail[20121]: STARTTLS=server, error: accept failed=0, SSL_error=5, errno=0, retry=-1, relay=[xx.xx.xx.xx]
Apr 3 07:23:02 server2 sendmail[20121]: v33BI2Os020121: disconnect level 1
Apr 3 07:23:02 server2 sendmail[20121]: v33BI2Os020121: in background, pid=20121
Apr 3 07:23:02 server2 sendmail[20121]: v33BI2Os020121: [xx.xx.xx.xx] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-SSL
I can successfully send email to server2 on server1 using the openssl command and do not need to input user name/password.
The sendmail.mc is:
divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for linux')dnl
OSTYPE(`linux')dnl
define(`confDEF_USER_ID', ``8:12'')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST', `True')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/var/log/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl
define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl
define(`confCRL', `/etc/pki/tls/certs/revoke.crl')
define(`confCLIENT_CERT', `/etc/pki/tls/certs/sendmail.pem')
define(`confCLIENT_KEY', `/etc/pki/tls/certs/sendmail.pem')
define(`confTO_IDENT', `0')dnl
FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
DAEMON_OPTIONS(`Family=inet, Port=465, Name=MTA-SSL, M=s')dnl
CLIENT_OPTIONS(`Family=inet')dnl
FEATURE(`accept_unresolvable_domains')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 465')
define(`ESMTP_MAILER_ARGS', `TCP $h 465')
MAILER(smtp)dnl
MAILER(procmail)dnl
Both sendmail listen on port 465. I doubt the problem is related to auth but do not know the reason.
Please help, thank you!
After adopting Andrzej A. Filip's suggestion and removing the two lines in sendmail.mc, the following error occurs in the log on server1:
Apr 3 13:02:25 server sendmail[19927]: v33BKxfr019769: makeconnection (server2domain.com. [yy.yy.yy.yy]) failed: Connection refused by server2domain.com.
Apr 3 13:02:25 server sendmail[19927]: v33BKxfr019769: makeconnection (server2domain.com. [yy.yy.yy.yy]) failed: Connection refused by server2domain.com.
Apr 3 13:02:25 server sendmail[19927]: v33BKxfr019769: to=, ctladdr= (501/501), delay=05:41:23, xdelay=00:00:01, mailer=esmtp, pri=301178, relay=server2domain.com. [yy.yy.yy.yy], dsn=4.0.0, stat=Deferred: Connection refused by server2domain.com.
There is no message logged on server2.
I think without the two lines, sendmail on server1 will try to connect the server2 via port 25, not the port 465 that sendmail is listening.
sendmail and OUTGOING smtps (465) connections
smtps (465) starts SSL session before any SMTP level communications. AFAIR sendmail does not support it natively for outgoing connections.
Remove the following two lines, recompile your sendmail.mc into sendmail.cf, restart or (send signal) HUP your sendmail daemon.
define(`RELAY_MAILER_ARGS', `TCP $h 465')
define(`ESMTP_MAILER_ARGS', `TCP $h 465')
I'm trying to run docker in Ubuntu, and I have a problem with MySQL. I always get this:
"/usr/bin/mysqld_safe" 5 seconds ago Exited (0).
I have installed this docker image without problems on two machines, but this one doesn't work.
Docker Info:
Client:
Version: 1.8.1
API version: 1.20
Go version: go1.4.2
Git commit: d12ea79
Built: Thu Aug 13 02:35:49 UTC 2015
OS/Arch: linux/amd64
Server:
Version: 1.8.1
API version: 1.20
Go version: go1.4.2
Git commit: d12ea79
Built: Thu Aug 13 02:35:49 UTC 2015
OS/Arch: linux/amd64
UNAME -A:
Linux xps 3.13.0-61-generic #100-Ubuntu SMP Wed Jul 29 11:21:34 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Any idea? Thanks!!
I'm trying to debug a Server Error 500 with my application. I've read that you should use rhc tail to show a live log stream and with the current error, the log stream that appears when trying to display the page is:
==> app-root/logs/python.log <==
79.24.253.62 - - [01/Jan/2015:08:32:17 -0500] "GET /url/ HTTP/1.1" 500 27 "http://a-b.rhcloud.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36"
The error shown is:
Other pages work, this error only appears on certain "more advanced" pages (eg. static pages show correctly). The rest of the log, is:
==> app-root/logs/python.log <==
[Thu Jan 01 08:30:43 2015] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:openshift_t:s0:c6,c654
[Thu Jan 01 08:30:43 2015] [notice] Digest: generating secret for digest authentication ...
[Thu Jan 01 08:30:43 2015] [notice] Digest: done
[Thu Jan 01 08:30:43 2015] [notice] Apache/2.2.15 (Unix) mod_wsgi/3.4 Python/3.3.2 configured -- resuming normal operations
and:
==> app-root/logs/postgresql.log <==
2015-01-01 13:30:25 GMT LOG: shutting down
2015-01-01 13:30:25 GMT LOG: database system is shut down
2015-01-01 13:30:31 GMT LOG: could not bind socket for statistics collector: Permission denied
2015-01-01 13:30:31 GMT LOG: trying another address for the statistics collector
2015-01-01 13:30:31 GMT LOG: could not bind socket for statistics collector: Cannot assign requested address
2015-01-01 13:30:31 GMT LOG: disabling statistics collector for lack of working socket
2015-01-01 13:30:31 GMT WARNING: autovacuum not started because of misconfiguration
2015-01-01 13:30:31 GMT HINT: Enable the "track_counts" option.
2015-01-01 13:30:31 GMT LOG: database system was shut down at 2015-01-01 13:30:25 GMT
2015-01-01 13:30:31 GMT LOG: database system is ready to accept connections
What is the next step to debug this problem?
I added the following Django logging configuration which gave me the details of the 500 errors in a file django.log. I set LOG_DIR = os.environ.get('OPENSHIFT_LOG_DIR')
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'handlers': {
'file': {
'level': 'WARNING',
'class': 'logging.FileHandler',
'filename': os.path.join(LOG_DIR, 'django.log'),
},
},
'loggers': {
'django.request': {
'handlers': ['file'],
'level': 'WARNING',
'propagate': True,
},
},
}