lapineige
commented
1 year ago Please try this branch : https://github.com/YunoHost-Apps/pixelfed_ynh/pull/210
Closed ashemsay closed 1 year ago
lapineige
commented
1 year ago Please try this branch : https://github.com/YunoHost-Apps/pixelfed_ynh/pull/210
ashemsay
commented
1 year ago Hello, thank for the quick answer.
I tried it (checked out the repository on the given commit to /tmp/pixelfed_ynh then did yunohost app upgrade pixelfed -f /tmp/pixelfed_ynh -F), nothing changed, same error in the logs, same result on the app
lapineige
commented
1 year ago I didn't know about this method π€
Why not simply yunohost app upgrade pixelfed -u https://github.com/YunoHost-Apps/pixelfed_ynh/tree/testing ?
Can you confirm you're using app version 0.11.5~ynh3 now ?
ashemsay
commented
1 year ago Yeah I wasn't sure about how to do it, tried your way, can confirm yunohost app info pixelfed shows version: 0.11.5~ynh3 but sadly, that did not fix the issue.
mitexleo
commented
1 year ago Yeah I wasn't sure about how to do it, tried your way, can confirm
yunohost app info pixelfedshowsversion: 0.11.5~ynh3but sadly, that did not fix the issue.
Could you please give me your instance url and diagnostics ?
ashemsay
commented
1 year ago I replicated the issue on my test instance, same error logs, https://pixelfed.services.coupou.fr How can I get diagnostics?
lapineige
commented
1 year ago Here : https://pixelfed.services.coupou.fr/i/admin/diagnostics/home You can copy it.
Be aware that it might contains information that you don't wanna share about your instance (config). Mainly domain name, which is already shared.
I guess @neonota want to know if PF_OPTIMIZE_IMAGES is set to true or false ?
ashemsay
commented
1 year ago Here : https://pixelfed.services.coupou.fr/i/admin/diagnostics/home You can copy it.
Be aware that it might contains information that you don't wanna share about your instance (config). Mainly domain name, which is already shared.
I guess @neonota want to know if
PF_OPTIMIZE_IMAGESis set to true or false ?
I get redirected to https://pixelfed.services.coupou.fr/i/web
lapineige
commented
1 year ago It's in your admin interface, in Diagnosis tab.
ashemsay
commented
1 year ago Can't find it yet, I'll try again tonight, going for a long drive for now.
mitexleo
commented
1 year ago Can't find it yet, I'll try again tonight, going for a long drive for now.
You problem is same as @lapineige. Take a look at : https://github.com/pixelfed/pixelfed/issues/4275#issuecomment-1519087837
I've provided the correct config. It should resolve this issue permanently. Also don't forget to set umask value to 0002
mitexleo
commented
1 year ago Can't find it yet, I'll try again tonight, going for a long drive for now.
Here's the link to Diagnostics page : https://yourserver.com/i/admin/diagnostics/home
lapineige
commented
1 year ago Also don't forget to set umask value to 0021
What's that ?
mitexleo
commented
1 year ago Also don't forget to set umask value to 0021
What's that ?
If you set umask value to 0002 , all new dirs will be created with 775 and files would be created with 664 permissions.
ashemsay
commented
1 year ago Here it is:
=======================
Pixelfed Instance Diagnostic v0.2
=======================
Troubleshooting
Bootstrap: Writable β
Storage: Writable β
DATABASE Ping: Pong! Connected to DB "pixelfed" β
REDIS Ping: Pong! Connected to Redis β
ACTIVITYPUB instance actor created: β
true
ACTIVITYPUB instance actor cached: β false
OAUTH enabled: β
true
OAUTH token_expiration 365 days
OAUTH public key exists: β
true
OAUTH private key exists: β
true
Important Information
Version: 0.11.5-unknown git commit
Database: pgsql (13.9)
APP_URL: https://pixelfed.services.coupou.fr
APP_DOMAIN: pixelfed.services.coupou.fr
ADMIN_DOMAIN: pixelfed.services.coupou.fr
SESSION_DOMAIN: pixelfed.services.coupou.fr
PHP Variables
PHP: 8.1.18
PHP INI memory_limit: 128M
PHP INI post_max_size: 50M
PHP INI upload_max_filesize: 50M
PHP INI max_file_uploads: 20
PHP INI max_execution_time: 30
PHP INI max_input_time: 60
PHP INI file_uploads (On): 1
PHP INI - SECURITY allow_url_fopen (true): 1
PHP INI - SECURITY allow_url_include (false):
PHP INI - SECURITY expose_php (false):
PHP INI - SECURITY display_errors (false): Off
PHP INI - SECURITY display_startup_errors (false):
PHP INI - SECURITY log_errors (true): 1
PHP INI - SECURITY ignore_repeated_errors (false):
PHP INI - SECURITY disable_functions:
Pixelfed Variables (No Secrets)
CONFIG VARIABLE NAME DETAILS
APP APP_NAME "pixelfed"
APP APP_ENV "production"
APP APP_DEBUG β false
APP APP_URL "https://pixelfed.services.coupou.fr"
APP APP_LOCALE "en"
APP APP_FALLBACK_LOCALE "en"
BROADCASTING BROADCAST_DRIVER "log"
CACHE CACHE_DRIVER "redis"
CAPTCHA CAPTCHA_ENABLED β false
DATABASE DB_CONNECTION "pgsql"
DATABASE REDIS_CLIENT "phpredis"
EXP EXP_LC β false
EXP EXP_TOP β false
EXP EXP_POLLS β false
EXP EXP_CPT β false
EXP EXP_GPS β false
EXP EXP_EMC β
true
FEDERATION ACTIVITY_PUB β
true
FEDERATION AP_OUTBOX β
true
FEDERATION AP_INBOX β
true
FEDERATION AP_SHAREDINBOX β
true
FEDERATION AP_REMOTE_FOLLOW β
true
FEDERATION ACTIVITYPUB_DELIVERY_TIMEOUT "30"
FEDERATION ACTIVITYPUB_DELIVERY_CONCURRENCY "10"
FEDERATION AP_LOGGER_ENABLED β false
FEDERATION ATOM_FEEDS β
true
FEDERATION REMOTE_AVATARS β
true
FEDERATION NODEINFO β
true
FEDERATION WEBFINGER β
true
FEDERATION PF_NETWORK_TIMELINE β
true
FEDERATION PF_NETWORK_TIMELINE_DAYS_FALLOFF 2
FEDERATION CUSTOM_EMOJI β false
FEDERATION CUSTOM_EMOJI_MAX_SIZE "2000000"
FILESYSTEMS FILESYSTEM_DRIVER "local"
FILESYSTEMS FILESYSTEM_CLOUD "s3"
HASHING BCRYPT_COST "10"
HORIZON HORIZON_PREFIX "horizon-"
HORIZON HORIZON_MEMORY_LIMIT "64"
HORIZON HORIZON_BALANCE_STRATEGY "auto"
HORIZON HORIZON_MIN_PROCESSES "1"
HORIZON HORIZON_MAX_PROCESSES "20"
HORIZON HORIZON_SUPERVISOR_MEMORY "64"
HORIZON HORIZON_SUPERVISOR_TRIES "3"
HORIZON HORIZON_SUPERVISOR_NICE "0"
HORIZON HORIZON_SUPERVISOR_TIMEOUT "300"
HORIZON HORIZON_DARKMODE β false
IMAGE IMAGE_DRIVER "imagick"
INSTANCE INSTANCE_DESCRIPTION "Pixelfed - Photo sharing for everyone"
INSTANCE INSTANCE_CONTACT_FORM β false
INSTANCE INSTANCE_CONTACT_MAX_PER_DAY "1"
INSTANCE INSTANCE_DISCOVER_PUBLIC β false
INSTANCE EXP_LOOPS β false
INSTANCE INSTANCE_PUBLIC_HASHTAGS β false
INSTANCE INSTANCE_CONTACT_EMAIL ""
INSTANCE INSTANCE_PUBLIC_LOCAL_TIMELINE β false
INSTANCE INSTANCE_NETWORK_TIMELINE_CACHED
INSTANCE INSTANCE_NETWORK_TIMELINE_CACHE_DROPOFF 100
INSTANCE INSTANCE_NETWORK_TIMELINE_CACHE_MAX_HOUR_INGEST 6
INSTANCE PAGE_404_HEADER "Sorry, this page isn't available."
INSTANCE PAGE_404_BODY "The link you followed may be broken, or the page may have been removed. <a href="/">Go back to Pixelfed.</a>"
INSTANCE PAGE_503_HEADER "Service Unavailable"
INSTANCE PAGE_503_BODY "Our service is in maintenance mode, please try again later."
INSTANCE BANNED_USERNAMES ""
INSTANCE USERNAME_REMOTE_FORMAT "@"
INSTANCE USERNAME_REMOTE_CUSTOM_TEXT ""
INSTANCE STORIES_ENABLED β false
INSTANCE RESTRICTED_INSTANCE β false
INSTANCE OAUTH_TOKEN_DAYS "365"
INSTANCE OAUTH_REFRESH_DAYS "400"
INSTANCE OAUTH_PAT_ENABLED β false
INSTANCE OAUTH_PAT_ID ""
INSTANCE ENABLE_COVID_LABEL β
true
INSTANCE COVID_LABEL_URL "https://www.who.int/emergencies/diseases/novel-coronavirus-2019/advice-for-public"
INSTANCE COVID_LABEL_ORG "visit the WHO website"
INSTANCE ENABLE_CONFIG_CACHE β false
LDAP LDAP_CONNECTION "default"
LDAP LDAP_LOGGING β
true
LDAP LDAP_CACHE β false
LOGGING LOG_CHANNEL "stack"
LOGGING LOG_LEVEL (stack) "debug"
MAIL MAIL_DRIVER "smtp"
MAIL MAIL_HOST "localhost"
MAIL MAIL_PORT "25"
MAIL MAIL_FROM_ADDRESS "pixelfed@pixelfed.services.coupou.fr"
MAIL MAIL_FROM_NAME "Pixelfed"
MAIL MAIL_ENCRYPTION ""
MEDIA MEDIA_EXIF_DATABASE β false
PIXELFED ADMIN_DOMAIN "pixelfed.services.coupou.fr"
PIXELFED APP_DOMAIN "pixelfed.services.coupou.fr"
PIXELFED MEMORY_LIMIT "1024M"
PIXELFED OPEN_REGISTRATION β false
PIXELFED MAX_ACCOUNT_SIZE (KB) "1000000"
PIXELFED MAX_PHOTO_SIZE (KB) "15000"
PIXELFED MAX_AVATAR_SIZE (KB) "2000"
PIXELFED MAX_CAPTION_LENGTH "500"
PIXELFED MAX_BIO_LENGTH "125"
PIXELFED MAX_NAME_LENGTH "30"
PIXELFED MIN_PASSWORD_LENGTH "8"
PIXELFED MAX_ALBUM_LENGTH "4"
PIXELFED ENFORCE_EMAIL_VERIFICATION β
true
PIXELFED IMAGE_QUALITY (1-100) "80"
PIXELFED ACCOUNT_DELETION β
true
PIXELFED ACCOUNT_DELETE_AFTER β false
PIXELFED PF_ENABLE_CLOUD β false
PIXELFED PF_MAX_USERS 1000
PIXELFED PF_OPTIMIZE_IMAGES β
true
PIXELFED PF_OPTIMIZE_VIDEOS β
true
PIXELFED PF_USER_INVITES β false
PIXELFED PF_USER_INVITES_TOTAL_LIMIT "0"
PIXELFED PF_USER_INVITES_DAILY_LIMIT "0"
PIXELFED PF_USER_INVITES_MONTHLY_LIMIT "0"
PIXELFED PF_MAX_COLLECTION_LENGTH "100"
PIXELFED MEDIA_TYPES "image/jpeg,image/png,image/gif"
PIXELFED LIMIT_ACCOUNT_SIZE β
true
PIXELFED IMPORT_INSTAGRAM β false
PIXELFED IMPORT_INSTAGRAM_POST_LIMIT "100"
PIXELFED IMPORT_INSTAGRAM_SIZE_LIMIT "5000"
PIXELFED OAUTH_ENABLED β
true
PIXELFED PF_BOUNCER_ENABLED β false
PIXELFED PF_MEDIA_FAST_PROCESS β
true
PIXELFED PF_MEDIA_MAX_ALTTEXT_LENGTH "1000"
PURIFY RESTRICT_HTML_TYPES BROKEN
QUEUE QUEUE_DRIVER "redis"
SESSION SESSION_DRIVER "redis"
SESSION SESSION_LIFETIME "86400"
SESSION SESSION_DOMAIN "pixelfed.services.coupou.fr"
TRUSTEDPROXY TRUST_PROXIES "*"
========= END =========Some recommendations:
300ENABLE_CONFIG_CACHE to true in .env . Otherwise you won't be able to change anything from admin dashboard.mitexleo
commented
1 year ago Can't find it yet, I'll try again tonight, going for a long drive for now.
You problem is same as @lapineige. Take a look at : pixelfed/pixelfed#4275 (comment)
I've provided the correct config. It should resolve this issue permanently. Also don't forget to set
umaskvalue to 0002
Did it fixed the issue ?
ashemsay
commented
1 year ago Some recommendations:
1. Increase php max_execution_time to `300` 2. Set `ENABLE_CONFIG_CACHE` to `true` in .env . Otherwise you won't be able to change anything from admin dashboard.
I did that, thanks for the input
Can't find it yet, I'll try again tonight, going for a long drive for now.
You problem is same as @lapineige. Take a look at : pixelfed/pixelfed#4275 (comment) I've provided the correct config. It should resolve this issue permanently. Also don't forget to set
umaskvalue to 0002Did it fixed the issue ?
I modified /var/www/pixelfed/config/filesystems.php like this:
<?php
return [
/*
|--------------------------------------------------------------------------
| Default Filesystem Disk
|--------------------------------------------------------------------------
|
| Here you may specify the default filesystem disk that should be used
| by the framework. The "local" disk, as well as a variety of cloud
| based disks are available to your application. Just store away!
|
*/
'default' => env('FILESYSTEM_DRIVER', 'local'),
/*
|--------------------------------------------------------------------------
| Default Cloud Filesystem Disk
|--------------------------------------------------------------------------
|
| Many applications store files both locally and in the cloud. For this
| reason, you may specify a default "cloud" driver here. This driver
| will be bound as the Cloud disk implementation in the container.
|
*/
'cloud' => env('FILESYSTEM_CLOUD', 's3'),
/*
|--------------------------------------------------------------------------
| Filesystem Disks
|--------------------------------------------------------------------------
|
| Here you may configure as many filesystem "disks" as you wish, and you
| may even configure multiple disks of the same driver. Defaults have
| been setup for each driver as an example of the required options.
|
| Supported Drivers: "local", "ftp", "sftp", "s3", "rackspace"
|
*/
'disks' => [
'local' => [
'driver' => 'local',
'root' => storage_path('app'),
'permissions' => [
'file' => [
'public' => 0664,
'private' => 0660,
],
'dir' => [
'public' => 0775,
'private' => 0770,
],
],
],
'public' => [
'driver' => 'local',
'root' => storage_path('app/public'),
'url' => env('APP_URL').'/storage',
'visibility' => 'public',
'throw' => true,
],
's3' => [
'driver' => 's3',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION'),
'bucket' => env('AWS_BUCKET'),
'visibility' => 'public',
'url' => env('AWS_URL'),
'endpoint' => env('AWS_ENDPOINT'),
'use_path_style_endpoint' => env('AWS_USE_PATH_STYLE_ENDPOINT', false),
'throw' => true,
],
'spaces' => [
'driver' => 's3',
'key' => env('DO_SPACES_KEY'),
'secret' => env('DO_SPACES_SECRET'),
'endpoint' => env('DO_SPACES_ENDPOINT'),
'region' => env('DO_SPACES_REGION'),
'bucket' => env('DO_SPACES_BUCKET'),
'visibility' => 'public',
'options' => [
'CacheControl' => 'max-age=31536000'
],
'root' => env('DO_SPACES_ROOT',''),
'throw' => true,
'url' => env('AWS_URL'),
],
'backup' => [
'driver' => env('PF_BACKUP_DRIVER', 's3'),
'visibility' => 'private',
'root' => env('PF_BACKUP_DRIVER', 'local') == 'local' ?
storage_path('app/backups/') :
env('PF_BACKUP_ROOT','/'),
'key' => env('PF_BACKUP_KEY'),
'secret' => env('PF_BACKUP_SECRET'),
'endpoint' => env('PF_BACKUP_ENDPOINT'),
'region' => env('PF_BACKUP_REGION'),
'bucket' => env('PF_BACKUP_BUCKET'),
],
],
];did the artisan config:cache and cache:clear thing, restart both nginx and php8.1-fpm, did not fix the issue.
ashemsay
commented
1 year ago Also don't forget to set umask value to 0021
What's that ?
If you set
umaskvalue to 0002 , all new dirs will be created with 775 and files would be created with 664 permissions.
Issue with changing umask is that it's a per-process setting, we can't set it for a specific directory, at least if we do it on the system side. Couldn't we set it somewhere in the application code?
lapineige
commented
1 year ago
- Increase php max_execution_time to
300
Why is that recommended ? Should I make it the default for this package ?
2. Set `ENABLE_CONFIG_CACHE` to `true` in .env . Otherwise you won't be able to change anything from admin dashboard.
It should be enabled by default on Yunohost Pixelfed packaging π€ I will double check.
Also don't forget to set umask value to 0021
What's that ?
If you set
umaskvalue to 0002 , all new dirs will be created with 775 and files would be created with 664 permissions.
I don't know what it is :smile:. I will search for it.
lapineige
commented
1 year ago I suggest that we bring back the conversation from #210 to this issue :slightly_smiling_face:
wesleycook74
commented
1 year ago I tried updating to 0.11.16 today, but unfortunately I am still having this issue :(
It's definitely related to the directory permissions since I can get the uploaded files to be displayed by modifying the permissions on only the directories to 755.
lapineige
commented
1 year ago What directory do you change ? The last level (where the picture is), or an higher one ?
lapineige
commented
1 year ago We are making progress: https://forum.yunohost.org/t/pixelfed-pictures-not-loading/24244/34
I noticed the new files are u:g as pixelfed:pixelfed, but the older ones are pixelfed:www-data
When you CHOWN the folders to pixelfed:www-data, it works even at 0750. Unfortunately, the new folders are still being created as pixelfed:pixelfed
I don't know how to change that behaviourβ¦
ashemsay
commented
1 year ago I don't know how to change that behaviourβ¦
I'm guessing some process writing the files is running as pixelfed whereas it usually runs as www-data (in non ynh installations)
mitexleo
commented
1 year ago It's actually very easy to fix. You guys are thinking in harder ways.
mitexleo
commented
1 year ago edit: removed to save space. It was a full quote of https://github.com/YunoHost-Apps/pixelfed_ynh/issues/211#issuecomment-1519869439
Take a look at the last comment : https://github.com/pixelfed/pixelfed/issues/4275
lapineige
commented
1 year ago I'm guessing some process writing the files is running as pixelfed whereas it usually runs as www-data (in non ynh installations)
This hypothesis doesn't explain why changing rights to give read permission (because that should be the issue ?) to that hypothetical other process doesn't fix the mess π€
edit: more details here https://github.com/pixelfed/pixelfed/issues/4275#issuecomment-1534410734
lapineige
commented
1 year ago So...
In testing branch https://github.com/YunoHost-Apps/pixelfed_ynh/pull/215, I did some basic changes that should allow you to patch this as done here without relying on the command line. You only need to upgrade to that testing branch.
It should fix the issue with existing broken files.
It won't fix the issue with newly uploaded files - however you can force (--force) run the upgrade again and it will fix them (it's a bit killing a fly with a cannon but it's working) ~edit: not sure it will work as the filesystems.php fix will fail~ it will work.
What it does:
ashemsay
commented
1 year ago Thanks but since it does not fix the issue for new files I came up with a workaround.
Until we come up with a fix, I'm using this script (I thought of using crontab to schedule it every x minutes, but it seemed overkill since I don't post that often, so I'm using rundeck to run it when needed):
#!/bin/bash
chmod -R ug=rwX,o=rX /var/www/pixelfed/storage/app/public/It gives read/write to owner and group, read to others and execution to all only directories and already executable files.
This hypothesis doesn't explain why changing rights to give read permission (because that should be the issue ?) to that hypothetical other process doesn't fix the mess π€
You're right
edit: more details here pixelfed/pixelfed#4275 (comment)
What I don't understand is why the filesystems.php setting does not work.
As for why the installation script chown command does not work, I'm clueless
lapineige
commented
1 year ago It gives read/write to owner and group, read to others and execution to all only directories and already executable files.
If you are using #215 this is no longer needed.
I'm using this script (I thought of using crontab to schedule it every x minutes
The same was proposed here : https://forum.yunohost.org/t/pixelfed-pictures-not-loading/24244/47
That might be a good workaround.
What I don't understand is why the filesystems.php setting does not work.
Yeahβ¦
As for why the installation script chown command does not work, I'm clueless
It does. The thing is newly created file are not controlled by this script.
ashemsay
commented
1 year ago I don't know why I can't edit my previous message, so I'm adding my comment in this new one
This hypothesis doesn't explain why changing rights to give read permission (because that should be the issue ?) to that hypothetical other process doesn't fix the mess π€
You're right, but from what I understand php-fpm runs with the pixelfed user and thus it creates files owned by that user whereas nginx runs with the www-data user and nginx is indeed responsible for serving up the pages, that's why setting pixelfed as owner does not work. I think if we run php-fpm with the www-data user this issue will go away.
lapineige
commented
1 year ago With the help of other contributors, in the related PR I made a change to pixelfed php settings, so it will be using www-data group instead.
I hope this will fix it⦠currently testing it.
lapineige
commented
1 year ago You may already try #215 : it should fix the issue on Pixelfed side ! :tada:
Not yet on Mastodon, we still need to figure out why.
Thanks a lot to all people who contributed to solve this mystery ! :smiley:
ashemsay
commented
1 year ago I can confirm that fixed it, I'll just wait for it to be released to close the issue
lapineige
commented
1 year ago Can someone, having upgraded to #210 (0.11.6~ynh2), reproduce this https://github.com/pixelfed/pixelfed/issues/4275#issuecomment-1536063409 and tell us what is the group owner of a newly uploaded picture ?
sekretaerbaer
commented
1 year ago i am currently on 0.11.8~ynh1 the upload of new images works without problems
namei -om /var/www/pixelfed/storage/app/public/m/_v2/436733357485973505/186f813ba-297a89/ltsCnM7nh3FC/vGIStOtCZmieo0ccHJqG05OkPhL0uD63zVEGphOT.jpg
f: /var/www/pixelfed/storage/app/public/m/_v2/436733357485973505/186f813ba-297a89/ltsCnM7nh3FC/vGIStOtCZmieo0ccHJqG05OkPhL0uD63zVEGphOT.jpg
drwxr-xr-x root root /
drwxr-xr-x root root var
drwxr-xr-x root root www
drwxr-x--- pixelfed www-data pixelfed
drwxrwx--- pixelfed www-data storage
drwxrwx--- pixelfed www-data app
drwxrwx--- pixelfed www-data public
drwxrwx--- pixelfed www-data m
drwxrwx--- pixelfed www-data _v2
drwxrwx--- pixelfed www-data 436733357485973505
drwxr-x--- pixelfed www-data 186f813ba-297a89
drwxr-x--- pixelfed www-data ltsCnM7nh3FC
-rw-r--r-- pixelfed pixelfed vGIStOtCZmieo0ccHJqG05OkPhL0uD63zVEGphOT.jpgDoes it work from another software such as Mastodon ?
lapineige
commented
1 year ago I forgot to close this, it should be resolved with recent updates (https://github.com/YunoHost-Apps/pixelfed_ynh/pull/215, #217). See upstream conversation : https://github.com/pixelfed/pixelfed/issues/4275
Describe the bug
When posting, the picture isn't displayed, , after selecting the picture, on the page where I should enter the caption, in place of the picture I have borken image link icon and if I proceed with the post, I have a "No preview available" as picture
Context
Steps to reproduce
I use the french version so my translations might not be perfect
Expected behavior
I can publish new post with working picture.
Logs
In nginx logs I can see after having selected the picture:
Permissions on the file are set as such:
PS: I tried changing permissions on the file but it does not change anything, tried forcing owner to pixelfed:www-data as well but it dit not work and any new upload is still owned by pixelfed:pixelfed