Picture not available when posting about pixelfed_ynh HOT 39 OPEN

Yeah I wasn't sure about how to do it, tried your way, can confirm yunohost app info pixelfed shows version: 0.11.5~ynh3 but sadly, that did not fix the issue.

from pixelfed_ynh.

Some recommendations:

1. Increase php max_execution_time to `300`

2. Set `ENABLE_CONFIG_CACHE` to `true` in .env . Otherwise you won't be able to change anything from admin dashboard.

I did that, thanks for the input

Can't find it yet, I'll try again tonight, going for a long drive for now.

You problem is same as @lapineige. Take a look at : pixelfed/pixelfed#4275 (comment)
I've provided the correct config. It should resolve this issue permanently. Also don't forget to set umask value to 0002

Did it fixed the issue ?

I modified /var/www/pixelfed/config/filesystems.php like this:

<?php

return [
    /*
    |--------------------------------------------------------------------------
    | Default Filesystem Disk
    |--------------------------------------------------------------------------
    |
    | Here you may specify the default filesystem disk that should be used
    | by the framework. The "local" disk, as well as a variety of cloud
    | based disks are available to your application. Just store away!
    |
    */

    'default' => env('FILESYSTEM_DRIVER', 'local'),

    /*
    |--------------------------------------------------------------------------
    | Default Cloud Filesystem Disk
    |--------------------------------------------------------------------------
    |
    | Many applications store files both locally and in the cloud. For this
    | reason, you may specify a default "cloud" driver here. This driver
    | will be bound as the Cloud disk implementation in the container.
    |
    */

    'cloud' => env('FILESYSTEM_CLOUD', 's3'),

    /*
    |--------------------------------------------------------------------------
    | Filesystem Disks
    |--------------------------------------------------------------------------
    |
    | Here you may configure as many filesystem "disks" as you wish, and you
    | may even configure multiple disks of the same driver. Defaults have
    | been setup for each driver as an example of the required options.
    |
    | Supported Drivers: "local", "ftp", "sftp", "s3", "rackspace"
    |
    */

    'disks' => [

        'local' => [
            'driver' => 'local',
            'root'   => storage_path('app'),
            'permissions' => [
                'file' => [
                    'public' => 0664,
                    'private' => 0660,
                ],
                'dir' => [
                    'public' => 0775,
                    'private' => 0770,
                ],
            ],
        ],

        'public' => [
            'driver'     => 'local',
            'root'       => storage_path('app/public'),
            'url'        => env('APP_URL').'/storage',
            'visibility' => 'public',
            'throw' => true,
        ],

        's3' => [
            'driver'   => 's3',
            'key'      => env('AWS_ACCESS_KEY_ID'),
            'secret'   => env('AWS_SECRET_ACCESS_KEY'),
            'region'   => env('AWS_DEFAULT_REGION'),
            'bucket'   => env('AWS_BUCKET'),
            'visibility' => 'public',
            'url'      => env('AWS_URL'),
            'endpoint' => env('AWS_ENDPOINT'),
            'use_path_style_endpoint' => env('AWS_USE_PATH_STYLE_ENDPOINT', false),
            'throw' => true,
        ],

        'spaces' => [
            'driver' => 's3',
            'key' => env('DO_SPACES_KEY'),
            'secret' => env('DO_SPACES_SECRET'),
            'endpoint' => env('DO_SPACES_ENDPOINT'),
            'region' => env('DO_SPACES_REGION'),
            'bucket' => env('DO_SPACES_BUCKET'),
            'visibility' => 'public',
            'options' => [
                'CacheControl' => 'max-age=31536000'
            ],
            'root' => env('DO_SPACES_ROOT',''),
            'throw' => true,
            'url' => env('AWS_URL'),
        ],

        'backup' => [
            'driver' => env('PF_BACKUP_DRIVER', 's3'),
            'visibility' => 'private',
            'root' => env('PF_BACKUP_DRIVER', 'local') == 'local' ?
                storage_path('app/backups/') :
                env('PF_BACKUP_ROOT','/'),
            'key' => env('PF_BACKUP_KEY'),
            'secret' => env('PF_BACKUP_SECRET'),
            'endpoint' => env('PF_BACKUP_ENDPOINT'),
            'region' => env('PF_BACKUP_REGION'),
            'bucket' => env('PF_BACKUP_BUCKET'),
        ],

    ],

];

did the artisan config:cache and cache:clear thing, restart both nginx and php8.1-fpm, did not fix the issue.

from pixelfed_ynh.

Also don't forget to set umask value to 0021

What's that ?

If you set umask value to 0002 , all new dirs will be created with 775 and files would be created with 664 permissions.

Issue with changing umask is that it's a per-process setting, we can't set it for a specific directory, at least if we do it on the system side. Couldn't we set it somewhere in the application code?

from pixelfed_ynh.

You may already try #215 : it should fix the issue on Pixelfed side ! 🎉

Not yet on Mastodon, we still need to figure out why.

Thanks a lot to all people who contributed to solve this mystery ! 😃

from pixelfed_ynh.

I can confirm that fixed it, I'll just wait for it to be released to close the issue

from pixelfed_ynh.

Here : https://pixelfed.services.coupou.fr/i/admin/diagnostics/home
You can copy it.

Be aware that it might contains information that you don't wanna share about your instance (config). Mainly domain name, which is already shared.

I guess @neonota want to know if PF_OPTIMIZE_IMAGES is set to true or false ?

from pixelfed_ynh.

Can't find it yet, I'll try again tonight, going for a long drive for now.

from pixelfed_ynh.

I tried updating to 0.11.16 today, but unfortunately I am still having this issue :(

It's definitely related to the directory permissions since I can get the uploaded files to be displayed by modifying the permissions on only the directories to 755.

from pixelfed_ynh.

I don't know how to change that behaviour…

I'm guessing some process writing the files is running as pixelfed whereas it usually runs as www-data (in non ynh installations)

from pixelfed_ynh.

So...

In testing branch #215, I did some basic changes that should allow you to patch this as done here without relying on the command line. You only need to upgrade to that testing branch.

It should fix the issue with existing broken files.
It won't fix the issue with newly uploaded files - however you can force (--force) run the upgrade again and it will fix them (it's a bit killing a fly with a cannon but it's working) edit: not sure it will work as the filesystems.php fix will fail it will work.

What it does:

• chown all files as in 4th step pixelfed/pixelfed#4275 (comment) (any upgrade does it)
• fix filesystems.php content (step 1 from previous link).
  The thing is that this should only be done once. I will need to improve this, but I did not have the time.

from pixelfed_ynh.

I don't know why I can't edit my previous message, so I'm adding my comment in this new one

This hypothesis doesn't explain why changing rights to give read permission (because that should be the issue ?) to that hypothetical other process doesn't fix the mess 🤔

You're right, but from what I understand php-fpm runs with the pixelfed user and thus it creates files owned by that user whereas nginx runs with the www-data user and nginx is indeed responsible for serving up the pages, that's why setting pixelfed as owner does not work.
I think if we run php-fpm with the www-data user this issue will go away.

from pixelfed_ynh.

Please try this branch : #210

from pixelfed_ynh.

Hello, thank for the quick answer.
I tried it (checked out the repository on the given commit to /tmp/pixelfed_ynh then did yunohost app upgrade pixelfed -f /tmp/pixelfed_ynh -F), nothing changed, same error in the logs, same result on the app

from pixelfed_ynh.

I didn't know about this method 🤔
Why not simply yunohost app upgrade pixelfed -u https://github.com/YunoHost-Apps/pixelfed_ynh/tree/testing ?

Can you confirm you're using app version 0.11.5~ynh3 now ?

from pixelfed_ynh.

Yeah I wasn't sure about how to do it, tried your way, can confirm yunohost app info pixelfed shows version: 0.11.5~ynh3 but sadly, that did not fix the issue.

Could you please give me your instance url and diagnostics ?

from pixelfed_ynh.

I replicated the issue on my test instance, same error logs, https://pixelfed.services.coupou.fr
How can I get diagnostics?

from pixelfed_ynh.

Here : https://pixelfed.services.coupou.fr/i/admin/diagnostics/home You can copy it.

Be aware that it might contains information that you don't wanna share about your instance (config). Mainly domain name, which is already shared.

I guess @neonota want to know if PF_OPTIMIZE_IMAGES is set to true or false ?

I get redirected to https://pixelfed.services.coupou.fr/i/web

from pixelfed_ynh.

It's in your admin interface, in Diagnosis tab.

from pixelfed_ynh.

Can't find it yet, I'll try again tonight, going for a long drive for now.

You problem is same as @lapineige. Take a look at : pixelfed/pixelfed#4275 (comment)

I've provided the correct config. It should resolve this issue permanently. Also don't forget to set umask value to 0002

from pixelfed_ynh.

Can't find it yet, I'll try again tonight, going for a long drive for now.

Here's the link to Diagnostics page : https://yourserver.com/i/admin/diagnostics/home

from pixelfed_ynh.

Also don't forget to set umask value to 0021

What's that ?

from pixelfed_ynh.

Also don't forget to set umask value to 0021

What's that ?

If you set umask value to 0002 , all new dirs will be created with 775 and files would be created with 664 permissions.

from pixelfed_ynh.

Here it is:

=======================
 Pixelfed Instance Diagnostic v0.2 
=======================
Troubleshooting

Bootstrap: Writable ✅
Storage: Writable ✅
DATABASE Ping: Pong! Connected to DB "pixelfed" ✅
REDIS Ping: Pong! Connected to Redis ✅
ACTIVITYPUB instance actor created: ✅ true
ACTIVITYPUB instance actor cached: ❌ false
OAUTH enabled: ✅ true
OAUTH token_expiration 365 days
OAUTH public key exists: ✅ true
OAUTH private key exists: ✅ true

Important Information

Version: 0.11.5-unknown git commit
Database: pgsql (13.9)
APP_URL: https://pixelfed.services.coupou.fr
APP_DOMAIN: pixelfed.services.coupou.fr
ADMIN_DOMAIN: pixelfed.services.coupou.fr
SESSION_DOMAIN: pixelfed.services.coupou.fr

PHP Variables

PHP: 8.1.18
PHP INI memory_limit: 128M
PHP INI post_max_size: 50M
PHP INI upload_max_filesize: 50M
PHP INI max_file_uploads: 20
PHP INI max_execution_time: 30
PHP INI max_input_time: 60
PHP INI file_uploads (On): 1
PHP INI - SECURITY allow_url_fopen (true): 1
PHP INI - SECURITY allow_url_include (false):
PHP INI - SECURITY expose_php (false):
PHP INI - SECURITY display_errors (false): Off
PHP INI - SECURITY display_startup_errors (false):
PHP INI - SECURITY log_errors (true): 1
PHP INI - SECURITY ignore_repeated_errors (false):
PHP INI - SECURITY disable_functions:

Pixelfed Variables (No Secrets)

CONFIG	VARIABLE NAME	DETAILS
APP	APP_NAME	"pixelfed"
APP	APP_ENV	"production"
APP	APP_DEBUG	❌ false
APP	APP_URL	"https://pixelfed.services.coupou.fr"
APP	APP_LOCALE	"en"
APP	APP_FALLBACK_LOCALE	"en"
BROADCASTING	BROADCAST_DRIVER	"log"
CACHE	CACHE_DRIVER	"redis"
CAPTCHA	CAPTCHA_ENABLED	❌ false
DATABASE	DB_CONNECTION	"pgsql"
DATABASE	REDIS_CLIENT	"phpredis"
EXP	EXP_LC	❌ false
EXP	EXP_TOP	❌ false
EXP	EXP_POLLS	❌ false
EXP	EXP_CPT	❌ false
EXP	EXP_GPS	❌ false
EXP	EXP_EMC	✅ true
FEDERATION	ACTIVITY_PUB	✅ true
FEDERATION	AP_OUTBOX	✅ true
FEDERATION	AP_INBOX	✅ true
FEDERATION	AP_SHAREDINBOX	✅ true
FEDERATION	AP_REMOTE_FOLLOW	✅ true
FEDERATION	ACTIVITYPUB_DELIVERY_TIMEOUT	"30"
FEDERATION	ACTIVITYPUB_DELIVERY_CONCURRENCY	"10"
FEDERATION	AP_LOGGER_ENABLED	❌ false
FEDERATION	ATOM_FEEDS	✅ true
FEDERATION	REMOTE_AVATARS	✅ true
FEDERATION	NODEINFO	✅ true
FEDERATION	WEBFINGER	✅ true
FEDERATION	PF_NETWORK_TIMELINE	✅ true
FEDERATION	PF_NETWORK_TIMELINE_DAYS_FALLOFF	2
FEDERATION	CUSTOM_EMOJI	❌ false
FEDERATION	CUSTOM_EMOJI_MAX_SIZE	"2000000"
FILESYSTEMS	FILESYSTEM_DRIVER	"local"
FILESYSTEMS	FILESYSTEM_CLOUD	"s3"
HASHING	BCRYPT_COST	"10"
HORIZON	HORIZON_PREFIX	"horizon-"
HORIZON	HORIZON_MEMORY_LIMIT	"64"
HORIZON	HORIZON_BALANCE_STRATEGY	"auto"
HORIZON	HORIZON_MIN_PROCESSES	"1"
HORIZON	HORIZON_MAX_PROCESSES	"20"
HORIZON	HORIZON_SUPERVISOR_MEMORY	"64"
HORIZON	HORIZON_SUPERVISOR_TRIES	"3"
HORIZON	HORIZON_SUPERVISOR_NICE	"0"
HORIZON	HORIZON_SUPERVISOR_TIMEOUT	"300"
HORIZON	HORIZON_DARKMODE	❌ false
IMAGE	IMAGE_DRIVER	"imagick"
INSTANCE	INSTANCE_DESCRIPTION	"Pixelfed - Photo sharing for everyone"
INSTANCE	INSTANCE_CONTACT_FORM	❌ false
INSTANCE	INSTANCE_CONTACT_MAX_PER_DAY	"1"
INSTANCE	INSTANCE_DISCOVER_PUBLIC	❌ false
INSTANCE	EXP_LOOPS	❌ false
INSTANCE	INSTANCE_PUBLIC_HASHTAGS	❌ false
INSTANCE	INSTANCE_CONTACT_EMAIL	""
INSTANCE	INSTANCE_PUBLIC_LOCAL_TIMELINE	❌ false
INSTANCE	INSTANCE_NETWORK_TIMELINE_CACHED	
INSTANCE	INSTANCE_NETWORK_TIMELINE_CACHE_DROPOFF	100
INSTANCE	INSTANCE_NETWORK_TIMELINE_CACHE_MAX_HOUR_INGEST	6
INSTANCE	PAGE_404_HEADER	"Sorry, this page isn't available."
INSTANCE	PAGE_404_BODY	"The link you followed may be broken, or the page may have been removed. <a href="/">Go back to Pixelfed.</a>"
INSTANCE	PAGE_503_HEADER	"Service Unavailable"
INSTANCE	PAGE_503_BODY	"Our service is in maintenance mode, please try again later."
INSTANCE	BANNED_USERNAMES	""
INSTANCE	USERNAME_REMOTE_FORMAT	"@"
INSTANCE	USERNAME_REMOTE_CUSTOM_TEXT	""
INSTANCE	STORIES_ENABLED	❌ false
INSTANCE	RESTRICTED_INSTANCE	❌ false
INSTANCE	OAUTH_TOKEN_DAYS	"365"
INSTANCE	OAUTH_REFRESH_DAYS	"400"
INSTANCE	OAUTH_PAT_ENABLED	❌ false
INSTANCE	OAUTH_PAT_ID	""
INSTANCE	ENABLE_COVID_LABEL	✅ true
INSTANCE	COVID_LABEL_URL	"https://www.who.int/emergencies/diseases/novel-coronavirus-2019/advice-for-public"
INSTANCE	COVID_LABEL_ORG	"visit the WHO website"
INSTANCE	ENABLE_CONFIG_CACHE	❌ false
LDAP	LDAP_CONNECTION	"default"
LDAP	LDAP_LOGGING	✅ true
LDAP	LDAP_CACHE	❌ false
LOGGING	LOG_CHANNEL	"stack"
LOGGING	LOG_LEVEL (stack)	"debug"
MAIL	MAIL_DRIVER	"smtp"
MAIL	MAIL_HOST	"localhost"
MAIL	MAIL_PORT	"25"
MAIL	MAIL_FROM_ADDRESS	"[email protected]"
MAIL	MAIL_FROM_NAME	"Pixelfed"
MAIL	MAIL_ENCRYPTION	""
MEDIA	MEDIA_EXIF_DATABASE	❌ false
PIXELFED	ADMIN_DOMAIN	"pixelfed.services.coupou.fr"
PIXELFED	APP_DOMAIN	"pixelfed.services.coupou.fr"
PIXELFED	MEMORY_LIMIT	"1024M"
PIXELFED	OPEN_REGISTRATION	❌ false
PIXELFED	MAX_ACCOUNT_SIZE (KB)	"1000000"
PIXELFED	MAX_PHOTO_SIZE (KB)	"15000"
PIXELFED	MAX_AVATAR_SIZE (KB)	"2000"
PIXELFED	MAX_CAPTION_LENGTH	"500"
PIXELFED	MAX_BIO_LENGTH	"125"
PIXELFED	MAX_NAME_LENGTH	"30"
PIXELFED	MIN_PASSWORD_LENGTH	"8"
PIXELFED	MAX_ALBUM_LENGTH	"4"
PIXELFED	ENFORCE_EMAIL_VERIFICATION	✅ true
PIXELFED	IMAGE_QUALITY (1-100)	"80"
PIXELFED	ACCOUNT_DELETION	✅ true
PIXELFED	ACCOUNT_DELETE_AFTER	❌ false
PIXELFED	PF_ENABLE_CLOUD	❌ false
PIXELFED	PF_MAX_USERS	1000
PIXELFED	PF_OPTIMIZE_IMAGES	✅ true
PIXELFED	PF_OPTIMIZE_VIDEOS	✅ true
PIXELFED	PF_USER_INVITES	❌ false
PIXELFED	PF_USER_INVITES_TOTAL_LIMIT	"0"
PIXELFED	PF_USER_INVITES_DAILY_LIMIT	"0"
PIXELFED	PF_USER_INVITES_MONTHLY_LIMIT	"0"
PIXELFED	PF_MAX_COLLECTION_LENGTH	"100"
PIXELFED	MEDIA_TYPES	"image/jpeg,image/png,image/gif"
PIXELFED	LIMIT_ACCOUNT_SIZE	✅ true
PIXELFED	IMPORT_INSTAGRAM	❌ false
PIXELFED	IMPORT_INSTAGRAM_POST_LIMIT	"100"
PIXELFED	IMPORT_INSTAGRAM_SIZE_LIMIT	"5000"
PIXELFED	OAUTH_ENABLED	✅ true
PIXELFED	PF_BOUNCER_ENABLED	❌ false
PIXELFED	PF_MEDIA_FAST_PROCESS	✅ true
PIXELFED	PF_MEDIA_MAX_ALTTEXT_LENGTH	"1000"
PURIFY	RESTRICT_HTML_TYPES	BROKEN
QUEUE	QUEUE_DRIVER	"redis"
SESSION	SESSION_DRIVER	"redis"
SESSION	SESSION_LIFETIME	"86400"
SESSION	SESSION_DOMAIN	"pixelfed.services.coupou.fr"
TRUSTEDPROXY	TRUST_PROXIES	"*"
========= END =========

from pixelfed_ynh.

Some recommendations:

1. Increase php max_execution_time to 300
2. Set ENABLE_CONFIG_CACHE to true in .env . Otherwise you won't be able to change anything from admin dashboard.

from pixelfed_ynh.

Can't find it yet, I'll try again tonight, going for a long drive for now.

You problem is same as @lapineige. Take a look at : pixelfed/pixelfed#4275 (comment)

I've provided the correct config. It should resolve this issue permanently. Also don't forget to set umask value to 0002

Did it fixed the issue ?

from pixelfed_ynh.

1. Increase php max_execution_time to 300

Why is that recommended ?
Should I make it the default for this package ?

2. Set `ENABLE_CONFIG_CACHE` to `true` in .env . Otherwise you won't be able to change anything from admin dashboard.

It should be enabled by default on Yunohost Pixelfed packaging 🤔
I will double check.

Also don't forget to set umask value to 0021

What's that ?

If you set umask value to 0002 , all new dirs will be created with 775 and files would be created with 664 permissions.

I don't know what it is 😄. I will search for it.

from pixelfed_ynh.

I suggest that we bring back the conversation from #210 to this issue 🙂

from pixelfed_ynh.

What directory do you change ? The last level (where the picture is), or an higher one ?

from pixelfed_ynh.

We are making progress: https://forum.yunohost.org/t/pixelfed-pictures-not-loading/24244/34

I noticed the new files are u:g as pixelfed:pixelfed, but the older ones are pixelfed:www-data

When you CHOWN the folders to pixelfed:www-data, it works even at 0750. Unfortunately, the new folders are still being created as pixelfed:pixelfed

I don't know how to change that behaviour…

from pixelfed_ynh.

It's actually very easy to fix. You guys are thinking in harder ways.

from pixelfed_ynh.

edit: removed to save space. It was a full quote of #211 (comment)

Take a look at the last comment : pixelfed/pixelfed#4275

from pixelfed_ynh.

 I'm guessing some process writing the files is running as pixelfed whereas it usually runs as www-data (in non ynh installations)

This hypothesis doesn't explain why changing rights to give read permission (because that should be the issue ?) to that hypothetical other process doesn't fix the mess 🤔

edit: more details here pixelfed/pixelfed#4275 (comment)

from pixelfed_ynh.

Thanks but since it does not fix the issue for new files I came up with a workaround.

Until we come up with a fix, I'm using this script (I thought of using crontab to schedule it every x minutes, but it seemed overkill since I don't post that often, so I'm using rundeck to run it when needed):

#!/bin/bash
chmod -R ug=rwX,o=rX /var/www/pixelfed/storage/app/public/

It gives read/write to owner and group, read to others and execution to all only directories and already executable files.

This hypothesis doesn't explain why changing rights to give read permission (because that should be the issue ?) to that hypothetical other process doesn't fix the mess 🤔

You're right

edit: more details here pixelfed/pixelfed#4275 (comment)

What I don't understand is why the filesystems.php setting does not work.

As for why the installation script chown command does not work, I'm clueless

from pixelfed_ynh.

It gives read/write to owner and group, read to others and execution to all only directories and already executable files.

If you are using #215 this is no longer needed.

I'm using this script (I thought of using crontab to schedule it every x minutes

The same was proposed here : https://forum.yunohost.org/t/pixelfed-pictures-not-loading/24244/47

That might be a good workaround.

 What I don't understand is why the filesystems.php setting does not work.

Yeah…

As for why the installation script chown command does not work, I'm clueless

It does. The thing is newly created file are not controlled by this script.

from pixelfed_ynh.

With the help of other contributors, in the related PR I made a change to pixelfed php settings, so it will be using www-data group instead.

I hope this will fix it… currently testing it.

from pixelfed_ynh.

Can someone, having upgraded to #210 (0.11.6~ynh2), reproduce this pixelfed/pixelfed#4275 (comment) and tell us what is the group owner of a newly uploaded picture ?

from pixelfed_ynh.