Comments (39)
Yeah I wasn't sure about how to do it, tried your way, can confirm yunohost app info pixelfed
shows version: 0.11.5~ynh3
but sadly, that did not fix the issue.
from pixelfed_ynh.
Some recommendations:
1. Increase php max_execution_time to `300` 2. Set `ENABLE_CONFIG_CACHE` to `true` in .env . Otherwise you won't be able to change anything from admin dashboard.
I did that, thanks for the input
Can't find it yet, I'll try again tonight, going for a long drive for now.
You problem is same as @lapineige. Take a look at : pixelfed/pixelfed#4275 (comment)
I've provided the correct config. It should resolve this issue permanently. Also don't forget to setumask
value to 0002Did it fixed the issue ?
I modified /var/www/pixelfed/config/filesystems.php like this:
<?php
return [
/*
|--------------------------------------------------------------------------
| Default Filesystem Disk
|--------------------------------------------------------------------------
|
| Here you may specify the default filesystem disk that should be used
| by the framework. The "local" disk, as well as a variety of cloud
| based disks are available to your application. Just store away!
|
*/
'default' => env('FILESYSTEM_DRIVER', 'local'),
/*
|--------------------------------------------------------------------------
| Default Cloud Filesystem Disk
|--------------------------------------------------------------------------
|
| Many applications store files both locally and in the cloud. For this
| reason, you may specify a default "cloud" driver here. This driver
| will be bound as the Cloud disk implementation in the container.
|
*/
'cloud' => env('FILESYSTEM_CLOUD', 's3'),
/*
|--------------------------------------------------------------------------
| Filesystem Disks
|--------------------------------------------------------------------------
|
| Here you may configure as many filesystem "disks" as you wish, and you
| may even configure multiple disks of the same driver. Defaults have
| been setup for each driver as an example of the required options.
|
| Supported Drivers: "local", "ftp", "sftp", "s3", "rackspace"
|
*/
'disks' => [
'local' => [
'driver' => 'local',
'root' => storage_path('app'),
'permissions' => [
'file' => [
'public' => 0664,
'private' => 0660,
],
'dir' => [
'public' => 0775,
'private' => 0770,
],
],
],
'public' => [
'driver' => 'local',
'root' => storage_path('app/public'),
'url' => env('APP_URL').'/storage',
'visibility' => 'public',
'throw' => true,
],
's3' => [
'driver' => 's3',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION'),
'bucket' => env('AWS_BUCKET'),
'visibility' => 'public',
'url' => env('AWS_URL'),
'endpoint' => env('AWS_ENDPOINT'),
'use_path_style_endpoint' => env('AWS_USE_PATH_STYLE_ENDPOINT', false),
'throw' => true,
],
'spaces' => [
'driver' => 's3',
'key' => env('DO_SPACES_KEY'),
'secret' => env('DO_SPACES_SECRET'),
'endpoint' => env('DO_SPACES_ENDPOINT'),
'region' => env('DO_SPACES_REGION'),
'bucket' => env('DO_SPACES_BUCKET'),
'visibility' => 'public',
'options' => [
'CacheControl' => 'max-age=31536000'
],
'root' => env('DO_SPACES_ROOT',''),
'throw' => true,
'url' => env('AWS_URL'),
],
'backup' => [
'driver' => env('PF_BACKUP_DRIVER', 's3'),
'visibility' => 'private',
'root' => env('PF_BACKUP_DRIVER', 'local') == 'local' ?
storage_path('app/backups/') :
env('PF_BACKUP_ROOT','/'),
'key' => env('PF_BACKUP_KEY'),
'secret' => env('PF_BACKUP_SECRET'),
'endpoint' => env('PF_BACKUP_ENDPOINT'),
'region' => env('PF_BACKUP_REGION'),
'bucket' => env('PF_BACKUP_BUCKET'),
],
],
];
did the artisan config:cache and cache:clear thing, restart both nginx and php8.1-fpm, did not fix the issue.
from pixelfed_ynh.
Also don't forget to set umask value to 0021
What's that ?
If you set
umask
value to 0002 , all new dirs will be created with 775 and files would be created with 664 permissions.
Issue with changing umask is that it's a per-process setting, we can't set it for a specific directory, at least if we do it on the system side. Couldn't we set it somewhere in the application code?
from pixelfed_ynh.
You may already try #215 : it should fix the issue on Pixelfed side !
Not yet on Mastodon, we still need to figure out why.
Thanks a lot to all people who contributed to solve this mystery !
from pixelfed_ynh.
I can confirm that fixed it, I'll just wait for it to be released to close the issue
from pixelfed_ynh.
Here : https://pixelfed.services.coupou.fr/i/admin/diagnostics/home
You can copy it.
Be aware that it might contains information that you don't wanna share about your instance (config). Mainly domain name, which is already shared.
I guess @neonota want to know if PF_OPTIMIZE_IMAGES
is set to true or false ?
from pixelfed_ynh.
Can't find it yet, I'll try again tonight, going for a long drive for now.
from pixelfed_ynh.
I tried updating to 0.11.16 today, but unfortunately I am still having this issue :(
It's definitely related to the directory permissions since I can get the uploaded files to be displayed by modifying the permissions on only the directories to 755.
from pixelfed_ynh.
I don't know how to change that behaviourβ¦
I'm guessing some process writing the files is running as pixelfed whereas it usually runs as www-data (in non ynh installations)
from pixelfed_ynh.
So...
In testing branch #215, I did some basic changes that should allow you to patch this as done here without relying on the command line. You only need to upgrade to that testing branch.
It should fix the issue with existing broken files.
It won't fix the issue with newly uploaded files - however you can force (--force
) run the upgrade again and it will fix them (it's a bit killing a fly with a cannon but it's working) edit: not sure it will work as the filesystems.php fix will fail it will work.
What it does:
- chown all files as in 4th step pixelfed/pixelfed#4275 (comment) (any upgrade does it)
- fix filesystems.php content (step 1 from previous link).
The thing is that this should only be done once. I will need to improve this, but I did not have the time.
from pixelfed_ynh.
I don't know why I can't edit my previous message, so I'm adding my comment in this new one
This hypothesis doesn't explain why changing rights to give read permission (because that should be the issue ?) to that hypothetical other process doesn't fix the mess
π€
You're right, but from what I understand php-fpm runs with the pixelfed user and thus it creates files owned by that user whereas nginx runs with the www-data user and nginx is indeed responsible for serving up the pages, that's why setting pixelfed as owner does not work.
I think if we run php-fpm with the www-data user this issue will go away.
from pixelfed_ynh.
Please try this branch : #210
from pixelfed_ynh.
Hello, thank for the quick answer.
I tried it (checked out the repository on the given commit to /tmp/pixelfed_ynh then did yunohost app upgrade pixelfed -f /tmp/pixelfed_ynh -F
), nothing changed, same error in the logs, same result on the app
from pixelfed_ynh.
I didn't know about this method
Why not simply yunohost app upgrade pixelfed -u https://github.com/YunoHost-Apps/pixelfed_ynh/tree/testing
?
Can you confirm you're using app version 0.11.5~ynh3
now ?
from pixelfed_ynh.
Yeah I wasn't sure about how to do it, tried your way, can confirm
yunohost app info pixelfed
showsversion: 0.11.5~ynh3
but sadly, that did not fix the issue.
Could you please give me your instance url and diagnostics ?
from pixelfed_ynh.
I replicated the issue on my test instance, same error logs, https://pixelfed.services.coupou.fr
How can I get diagnostics?
from pixelfed_ynh.
Here : https://pixelfed.services.coupou.fr/i/admin/diagnostics/home You can copy it.
Be aware that it might contains information that you don't wanna share about your instance (config). Mainly domain name, which is already shared.
I guess @neonota want to know if
PF_OPTIMIZE_IMAGES
is set to true or false ?
I get redirected to https://pixelfed.services.coupou.fr/i/web
from pixelfed_ynh.
It's in your admin interface, in Diagnosis tab.
from pixelfed_ynh.
Can't find it yet, I'll try again tonight, going for a long drive for now.
You problem is same as @lapineige. Take a look at : pixelfed/pixelfed#4275 (comment)
I've provided the correct config. It should resolve this issue permanently. Also don't forget to set umask
value to 0002
from pixelfed_ynh.
Can't find it yet, I'll try again tonight, going for a long drive for now.
Here's the link to Diagnostics page : https://yourserver.com/i/admin/diagnostics/home
from pixelfed_ynh.
Also don't forget to set umask value to 0021
What's that ?
from pixelfed_ynh.
Also don't forget to set umask value to 0021
What's that ?
If you set umask
value to 0002 , all new dirs will be created with 775 and files would be created with 664 permissions.
from pixelfed_ynh.
Here it is:
=======================
Pixelfed Instance Diagnostic v0.2
=======================
Troubleshooting
Bootstrap: Writable β
Storage: Writable β
DATABASE Ping: Pong! Connected to DB "pixelfed" β
REDIS Ping: Pong! Connected to Redis β
ACTIVITYPUB instance actor created: β
true
ACTIVITYPUB instance actor cached: β false
OAUTH enabled: β
true
OAUTH token_expiration 365 days
OAUTH public key exists: β
true
OAUTH private key exists: β
true
Important Information
Version: 0.11.5-unknown git commit
Database: pgsql (13.9)
APP_URL: https://pixelfed.services.coupou.fr
APP_DOMAIN: pixelfed.services.coupou.fr
ADMIN_DOMAIN: pixelfed.services.coupou.fr
SESSION_DOMAIN: pixelfed.services.coupou.fr
PHP Variables
PHP: 8.1.18
PHP INI memory_limit: 128M
PHP INI post_max_size: 50M
PHP INI upload_max_filesize: 50M
PHP INI max_file_uploads: 20
PHP INI max_execution_time: 30
PHP INI max_input_time: 60
PHP INI file_uploads (On): 1
PHP INI - SECURITY allow_url_fopen (true): 1
PHP INI - SECURITY allow_url_include (false):
PHP INI - SECURITY expose_php (false):
PHP INI - SECURITY display_errors (false): Off
PHP INI - SECURITY display_startup_errors (false):
PHP INI - SECURITY log_errors (true): 1
PHP INI - SECURITY ignore_repeated_errors (false):
PHP INI - SECURITY disable_functions:
Pixelfed Variables (No Secrets)
CONFIG VARIABLE NAME DETAILS
APP APP_NAME "pixelfed"
APP APP_ENV "production"
APP APP_DEBUG β false
APP APP_URL "https://pixelfed.services.coupou.fr"
APP APP_LOCALE "en"
APP APP_FALLBACK_LOCALE "en"
BROADCASTING BROADCAST_DRIVER "log"
CACHE CACHE_DRIVER "redis"
CAPTCHA CAPTCHA_ENABLED β false
DATABASE DB_CONNECTION "pgsql"
DATABASE REDIS_CLIENT "phpredis"
EXP EXP_LC β false
EXP EXP_TOP β false
EXP EXP_POLLS β false
EXP EXP_CPT β false
EXP EXP_GPS β false
EXP EXP_EMC β
true
FEDERATION ACTIVITY_PUB β
true
FEDERATION AP_OUTBOX β
true
FEDERATION AP_INBOX β
true
FEDERATION AP_SHAREDINBOX β
true
FEDERATION AP_REMOTE_FOLLOW β
true
FEDERATION ACTIVITYPUB_DELIVERY_TIMEOUT "30"
FEDERATION ACTIVITYPUB_DELIVERY_CONCURRENCY "10"
FEDERATION AP_LOGGER_ENABLED β false
FEDERATION ATOM_FEEDS β
true
FEDERATION REMOTE_AVATARS β
true
FEDERATION NODEINFO β
true
FEDERATION WEBFINGER β
true
FEDERATION PF_NETWORK_TIMELINE β
true
FEDERATION PF_NETWORK_TIMELINE_DAYS_FALLOFF 2
FEDERATION CUSTOM_EMOJI β false
FEDERATION CUSTOM_EMOJI_MAX_SIZE "2000000"
FILESYSTEMS FILESYSTEM_DRIVER "local"
FILESYSTEMS FILESYSTEM_CLOUD "s3"
HASHING BCRYPT_COST "10"
HORIZON HORIZON_PREFIX "horizon-"
HORIZON HORIZON_MEMORY_LIMIT "64"
HORIZON HORIZON_BALANCE_STRATEGY "auto"
HORIZON HORIZON_MIN_PROCESSES "1"
HORIZON HORIZON_MAX_PROCESSES "20"
HORIZON HORIZON_SUPERVISOR_MEMORY "64"
HORIZON HORIZON_SUPERVISOR_TRIES "3"
HORIZON HORIZON_SUPERVISOR_NICE "0"
HORIZON HORIZON_SUPERVISOR_TIMEOUT "300"
HORIZON HORIZON_DARKMODE β false
IMAGE IMAGE_DRIVER "imagick"
INSTANCE INSTANCE_DESCRIPTION "Pixelfed - Photo sharing for everyone"
INSTANCE INSTANCE_CONTACT_FORM β false
INSTANCE INSTANCE_CONTACT_MAX_PER_DAY "1"
INSTANCE INSTANCE_DISCOVER_PUBLIC β false
INSTANCE EXP_LOOPS β false
INSTANCE INSTANCE_PUBLIC_HASHTAGS β false
INSTANCE INSTANCE_CONTACT_EMAIL ""
INSTANCE INSTANCE_PUBLIC_LOCAL_TIMELINE β false
INSTANCE INSTANCE_NETWORK_TIMELINE_CACHED
INSTANCE INSTANCE_NETWORK_TIMELINE_CACHE_DROPOFF 100
INSTANCE INSTANCE_NETWORK_TIMELINE_CACHE_MAX_HOUR_INGEST 6
INSTANCE PAGE_404_HEADER "Sorry, this page isn't available."
INSTANCE PAGE_404_BODY "The link you followed may be broken, or the page may have been removed. <a href="/">Go back to Pixelfed.</a>"
INSTANCE PAGE_503_HEADER "Service Unavailable"
INSTANCE PAGE_503_BODY "Our service is in maintenance mode, please try again later."
INSTANCE BANNED_USERNAMES ""
INSTANCE USERNAME_REMOTE_FORMAT "@"
INSTANCE USERNAME_REMOTE_CUSTOM_TEXT ""
INSTANCE STORIES_ENABLED β false
INSTANCE RESTRICTED_INSTANCE β false
INSTANCE OAUTH_TOKEN_DAYS "365"
INSTANCE OAUTH_REFRESH_DAYS "400"
INSTANCE OAUTH_PAT_ENABLED β false
INSTANCE OAUTH_PAT_ID ""
INSTANCE ENABLE_COVID_LABEL β
true
INSTANCE COVID_LABEL_URL "https://www.who.int/emergencies/diseases/novel-coronavirus-2019/advice-for-public"
INSTANCE COVID_LABEL_ORG "visit the WHO website"
INSTANCE ENABLE_CONFIG_CACHE β false
LDAP LDAP_CONNECTION "default"
LDAP LDAP_LOGGING β
true
LDAP LDAP_CACHE β false
LOGGING LOG_CHANNEL "stack"
LOGGING LOG_LEVEL (stack) "debug"
MAIL MAIL_DRIVER "smtp"
MAIL MAIL_HOST "localhost"
MAIL MAIL_PORT "25"
MAIL MAIL_FROM_ADDRESS "[email protected]"
MAIL MAIL_FROM_NAME "Pixelfed"
MAIL MAIL_ENCRYPTION ""
MEDIA MEDIA_EXIF_DATABASE β false
PIXELFED ADMIN_DOMAIN "pixelfed.services.coupou.fr"
PIXELFED APP_DOMAIN "pixelfed.services.coupou.fr"
PIXELFED MEMORY_LIMIT "1024M"
PIXELFED OPEN_REGISTRATION β false
PIXELFED MAX_ACCOUNT_SIZE (KB) "1000000"
PIXELFED MAX_PHOTO_SIZE (KB) "15000"
PIXELFED MAX_AVATAR_SIZE (KB) "2000"
PIXELFED MAX_CAPTION_LENGTH "500"
PIXELFED MAX_BIO_LENGTH "125"
PIXELFED MAX_NAME_LENGTH "30"
PIXELFED MIN_PASSWORD_LENGTH "8"
PIXELFED MAX_ALBUM_LENGTH "4"
PIXELFED ENFORCE_EMAIL_VERIFICATION β
true
PIXELFED IMAGE_QUALITY (1-100) "80"
PIXELFED ACCOUNT_DELETION β
true
PIXELFED ACCOUNT_DELETE_AFTER β false
PIXELFED PF_ENABLE_CLOUD β false
PIXELFED PF_MAX_USERS 1000
PIXELFED PF_OPTIMIZE_IMAGES β
true
PIXELFED PF_OPTIMIZE_VIDEOS β
true
PIXELFED PF_USER_INVITES β false
PIXELFED PF_USER_INVITES_TOTAL_LIMIT "0"
PIXELFED PF_USER_INVITES_DAILY_LIMIT "0"
PIXELFED PF_USER_INVITES_MONTHLY_LIMIT "0"
PIXELFED PF_MAX_COLLECTION_LENGTH "100"
PIXELFED MEDIA_TYPES "image/jpeg,image/png,image/gif"
PIXELFED LIMIT_ACCOUNT_SIZE β
true
PIXELFED IMPORT_INSTAGRAM β false
PIXELFED IMPORT_INSTAGRAM_POST_LIMIT "100"
PIXELFED IMPORT_INSTAGRAM_SIZE_LIMIT "5000"
PIXELFED OAUTH_ENABLED β
true
PIXELFED PF_BOUNCER_ENABLED β false
PIXELFED PF_MEDIA_FAST_PROCESS β
true
PIXELFED PF_MEDIA_MAX_ALTTEXT_LENGTH "1000"
PURIFY RESTRICT_HTML_TYPES BROKEN
QUEUE QUEUE_DRIVER "redis"
SESSION SESSION_DRIVER "redis"
SESSION SESSION_LIFETIME "86400"
SESSION SESSION_DOMAIN "pixelfed.services.coupou.fr"
TRUSTEDPROXY TRUST_PROXIES "*"
========= END =========
from pixelfed_ynh.
Some recommendations:
- Increase php max_execution_time to
300
- Set
ENABLE_CONFIG_CACHE
totrue
in .env . Otherwise you won't be able to change anything from admin dashboard.
from pixelfed_ynh.
Can't find it yet, I'll try again tonight, going for a long drive for now.
You problem is same as @lapineige. Take a look at : pixelfed/pixelfed#4275 (comment)
I've provided the correct config. It should resolve this issue permanently. Also don't forget to set
umask
value to 0002
Did it fixed the issue ?
from pixelfed_ynh.
- Increase php max_execution_time to
300
Why is that recommended ?
Should I make it the default for this package ?
2. Set `ENABLE_CONFIG_CACHE` to `true` in .env . Otherwise you won't be able to change anything from admin dashboard.
It should be enabled by default on Yunohost Pixelfed packaging
I will double check.
Also don't forget to set umask value to 0021
What's that ?
If you set
umask
value to 0002 , all new dirs will be created with 775 and files would be created with 664 permissions.
I don't know what it is
from pixelfed_ynh.
I suggest that we bring back the conversation from #210 to this issue
from pixelfed_ynh.
What directory do you change ? The last level (where the picture is), or an higher one ?
from pixelfed_ynh.
We are making progress: https://forum.yunohost.org/t/pixelfed-pictures-not-loading/24244/34
I noticed the new files are u:g as pixelfed:pixelfed, but the older ones are pixelfed:www-data
When you CHOWN the folders to pixelfed:www-data, it works even at 0750. Unfortunately, the new folders are still being created as pixelfed:pixelfed
I don't know how to change that behaviourβ¦
from pixelfed_ynh.
It's actually very easy to fix. You guys are thinking in harder ways.
from pixelfed_ynh.
edit: removed to save space. It was a full quote of #211 (comment)
Take a look at the last comment : pixelfed/pixelfed#4275
from pixelfed_ynh.
I'm guessing some process writing the files is running as pixelfed whereas it usually runs as www-data (in non ynh installations)
This hypothesis doesn't explain why changing rights to give read permission (because that should be the issue ?) to that hypothetical other process doesn't fix the mess
edit: more details here pixelfed/pixelfed#4275 (comment)
from pixelfed_ynh.
Thanks but since it does not fix the issue for new files I came up with a workaround.
Until we come up with a fix, I'm using this script (I thought of using crontab to schedule it every x minutes, but it seemed overkill since I don't post that often, so I'm using rundeck to run it when needed):
#!/bin/bash
chmod -R ug=rwX,o=rX /var/www/pixelfed/storage/app/public/
It gives read/write to owner and group, read to others and execution to all only directories and already executable files.
This hypothesis doesn't explain why changing rights to give read permission (because that should be the issue ?) to that hypothetical other process doesn't fix the mess
π€
You're right
edit: more details here pixelfed/pixelfed#4275 (comment)
What I don't understand is why the filesystems.php setting does not work.
As for why the installation script chown command does not work, I'm clueless
from pixelfed_ynh.
It gives read/write to owner and group, read to others and execution to all only directories and already executable files.
If you are using #215 this is no longer needed.
I'm using this script (I thought of using crontab to schedule it every x minutes
The same was proposed here : https://forum.yunohost.org/t/pixelfed-pictures-not-loading/24244/47
That might be a good workaround.
What I don't understand is why the filesystems.php setting does not work.
Yeahβ¦
As for why the installation script chown command does not work, I'm clueless
It does. The thing is newly created file are not controlled by this script.
from pixelfed_ynh.
With the help of other contributors, in the related PR I made a change to pixelfed php settings, so it will be using www-data
group instead.
I hope this will fix it⦠currently testing it.
from pixelfed_ynh.
Can someone, having upgraded to #210 (0.11.6~ynh2), reproduce this pixelfed/pixelfed#4275 (comment) and tell us what is the group owner of a newly uploaded picture ?
from pixelfed_ynh.
Related Issues (20)
- cronjob syntax error and permission error
- Cannot access admin interface HOT 3
- Unable to run php artisan cache:clear - PHP version not specified HOT 2
- Pixelfed upgrade from 0.11.1~ynh2 to 0.11.2~ynh1 fails : php (dependencies ?) issue with composer ? HOT 52
- Installation fails on Yunohost 11.0 HOT 20
- Can't connect pixeldroid after 0.11.2 update HOT 5
- Integrate LDAP support (now supported by Pixelfed) HOT 2
- Admin settings do not save correctly HOT 6
- Can't send confirmation email HOT 4
- Update from 0.11.2 to 0.11.3 fails HOT 2
- config question regarding Horizon HOT 3
- warning installation / pixelfed-horizon missing HOT 11
- adding a second picture to a collection is failing HOT 5
- Pixelfed Yunohost Stories HOT 5
- Implement logrotate on laravel log HOT 1
- Error with Update 0.11.4~ynh4 to 0.11.4~ynh5 : Duplicate table "websockets_statistics_entries" HOT 2
- Oops. Something went wrong after update HOT 7
- No horizon service on older installations ? HOT 1
- Sync with upstream repo HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pixelfed_ynh.