Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

No preferences available.

See original GitHub issue

Impacted versions

OS Type: Ubuntu
OS Version: 22.04.1 LTS
Database Type: PostgreSQL
Database version: 14
Modoboa: 2.0.3
installer used: A clone of the repo today. run.py does not convey a version.
Webserver: lighttpd 1.4.63

Steps to reproduce

Surf to:

https://my-modoboa-site/user/#preferences/

Current behavior

I see this:

Expected behavior

Not that.

Basically landed here after an install because experienced this: https://github.com/modoboa/modoboa/issues/1411 and there it suggested looking at Preferences. But they don’t load either.

For what it’s worth I used this installer.cfg (redacted):

[general]
hostname = hermes.%(domain)s
tls_key_file = /etc/ssl/mykey
tls_cert_file = /etc/ssl/mycert

[certificate]
generate = false
#type = self-signed

# [letsencrypt]
# email = admin@example.com

[database]
engine = postgres
host = 127.0.0.1
install = false

[postgres]
user = postgres
password = XXX

# [mysql]
# user = root
# password = s0FZUMDDfp5e3ASy
# charset = utf8
# collation = utf8_general_ci

[modoboa]
user = modoboa
home_dir = /data/www/hermes
venv_path = /data/venv/modoboa
instance_path = %(home_dir)s
timezone = Australia/Hobart
dbname = modoboa
dbuser = modoboa
dbpassword = XXX
extensions = modoboa-amavis modoboa-pdfcredentials modoboa-postfix-autoreply modoboa-sievefilters modoboa-webmail modoboa-contacts modoboa-radicale
devmode = false

[automx]
# makes configuring email accounts easy.
# Doesn't seem well maintained and hard to find info on it
# https://github.com/sys4/automx
# https://github.com/rseichter/automx2
enabled = true
user = automx
config_dir = /etc
home_dir = /srv/automx
venv_path = /data/venv/modoboa-automx
instance_path = %(home_dir)s/instance

[amavis]
# a high-performance and reliable interface between mailer (MTA) and one or more content checkers: virus scanners,
# and/or Mail::SpamAssassin Perl module. It is written in Perl
enabled = true
user = amavis
max_servers = 2
dbname = modoboa-amavis
dbuser = amavis
dbpassword = XXX

[clamav]
# open-source standard for mail gateway-scanning software
enabled = true
user = clamav

[dovecot]
# The IMAP server
# vmail is a user used by dovecot for storing mails.
# Well described by dovecot here: https://wiki.dovecot.org/VirtualUsers
# and by Arch here: https://wiki.archlinux.org/title/Virtual_user_mail_system_with_Postfix,_Dovecot_and_Roundcube#User
# And IMHO the best HowTo: is here: https://sharkysoft.com/wiki/how_to_configure_a_virtual_user_email_server_using_Postfix,_Dovecot,_and_SpamAssassin#Step_3:_Create_a_system_user_to_own_all_virtual_email_accounts.
enabled = true
config_dir = /etc/dovecot
user = dovecot
home_dir = /srv/vmail
mailboxes_owner = vmail
extra_protocols =
postmaster_address = postmaster@%(domain)s
radicale_auth_socket_path = /var/run/dovecot/auth-radicale

[nginx]
# Not needed, using lighttpd
enabled = false
config_dir = /etc/nginx

[razor]
# spam-catcher using a collaborative filtering network
enabled = true
config_dir = /etc/razor

[postfix]
# The SMTP server itself (MTA or Mail Transfer Agent), an alternative to the classic sendmail.
enabled = true
config_dir = /etc/postfix
message_size_limit = 11534336

[postwhite]
# A script for generating a Postscreen whitelist (and optionally a blacklist) based on large and presumably trustworthy senders' SPF records.
# The Postfix postscreen daemon provides additional protection against mail server overload.
enabled = true
config_dir = /etc

[spamassassin]
# Apache SpamAssassin is the #1 Open Source anti-spam platform
enabled = true
config_dir = /etc/mail/spamassassin
dbname = modoboa-spamassassin
dbuser = spamassassin
dbpassword = XXX

[uwsgi]
# Already installed (running other Django sites)
enabled = false
# config_dir = /etc/uwsgi
# nb_processes = 2

[radicale]
# Free and Open-Source CalDAV and CardDAV Server
enabled = true
user = radicale
config_dir = /etc/radicale
home_dir = /srv/radicale
venv_path = /data/venv/modoboa-radicale

[opendkim]
# OpenDKIM is an open source implementation of the DKIM (Domain Keys Identified Mail) sender authentication system
enabled = true
user = opendkim
config_dir = /etc
port = 12345
keys_storage_dir = /var/lib/dkim
dbuser = opendkim
dbpassword = XXX

[backup]
default_path = ./modoboa_backup/

And for what it’s worth:

$ ll  /var/lib/dkim
total 8
drwxr-xr-x  2 opendkim opendkim 4096 Dec 12 13:50 ./
drwxr-xr-x 52 root     root     4096 Dec 12 13:50 ../

and

$ cat /etc/opendkim.conf
# This file was automatically installed on 2022-12-12T15:19:42.629214
# This is a basic configuration that can easily be adapted to suit a standard
# installation. For more advanced options, see opendkim.conf(5) and/or
# /usr/share/doc/opendkim/examples/opendkim.conf.sample.

# Log to syslog
Syslog			yes
SyslogSuccess   	Yes
LogWhy			Yes
LogResults  Yes

# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
UMask			007

# Sign for example.com with key in /etc/dkimkeys/dkim.key using
# selector '2007' (e.g. 2007._domainkey.example.com)
#Domain			example.com
#KeyFile		/etc/dkimkeys/dkim.key
#Selector		2007

KeyTable		dsn:pgsql://opendkim:password@5432+127.0.0.1/modoboa/table=dkim?keycol=id?datacol=domain_name,selector,private_key_path
SigningTable		dsn:pgsql://opendkim:password@5432+127.0.0.1/modoboa/table=dkim?keycol=domain_name?datacol=id

# Commonly-used options; the commented-out versions show the defaults.
#Canonicalization	simple
#Mode			sv
SubDomains		yes	
Canonicalization        relaxed/relaxed

# Socket smtp://localhost
#
# ##  Socket socketspec
# ##
# ##  Names the socket where this filter should listen for milter connections
# ##  from the MTA.  Required.  Should be in one of these forms:
# ##
# ##  inet:port@address           to listen on a specific interface
# ##  inet:port                   to listen on all interfaces
# ##  local:/path/to/socket       to listen on a UNIX domain socket
#
Socket                  inet:12345@localhost
#Socket			local:/var/run/opendkim/opendkim.sock

##  PidFile filename
###      default (none)
###
###  Name of the file where the filter should write its pid before beginning
###  normal operations.
#
PidFile               /var/run/opendkim/opendkim.pid


# Always oversign From (sign using actual From and a null From to prevent
# malicious signatures header fields (From and/or others) between the signer
# and the verifier.  From is oversigned by default in the Debian pacakge
# because it is often the identity key used by reputation systems and thus
# somewhat security sensitive.
OversignHeaders		From

##  ResolverConfiguration filename
##      default (none)
##
##  Specifies a configuration file to be passed to the Unbound library that
##  performs DNS queries applying the DNSSEC protocol.  See the Unbound
##  documentation at http://unbound.net for the expected content of this file.
##  The results of using this and the TrustAnchorFile setting at the same
##  time are undefined.
##  In Debian, /etc/unbound/unbound.conf is shipped as part of the Suggested
##  unbound package

# ResolverConfiguration     /etc/unbound/unbound.conf

##  TrustAnchorFile filename
##      default (none)
##
## Specifies a file from which trust anchor data should be read when doing
## DNS queries and applying the DNSSEC protocol.  See the Unbound documentation
## at http://unbound.net for the expected format of this file.

# TrustAnchorFile       /usr/share/dns/root.key

##  Userid userid
###      default (none)
###
###  Change to user "userid" before starting normal operation?  May include
###  a group ID as well, separated from the userid by a colon.
#
UserID                opendkim

ExternalIgnoreList      /etc/opendkim.hosts
InternalHosts           /etc/opendkim.hosts

and

$ ll /etc/opendkim*
-rw-r--r-- 1 root root 3310 Dec 12 15:19 /etc/opendkim.conf
-rw-r--r-- 1 root root 3310 Dec 12 15:19 /etc/opendkim.conf.old.2022-12-12T15:19:42.630614
-rw-r--r-- 1 root root   94 Dec 12 15:19 /etc/opendkim.hosts
-rw-r--r-- 1 root root   94 Dec 12 15:19 /etc/opendkim.hosts.old.2022-12-12T15:19:42.632340

All looks good on the OpenDKIM front (bar the fact that it’s not working and I can’t see Preferences at all which may be related).

$ sudo ls -l /var/run/opendkim/
total 4
-rw-r--r-- 1 root root 5 Dec 12 15:55 opendkim.pid

Issue Analytics

State:
Created 9 months ago
Comments:7 (2 by maintainers)

Top GitHub Comments

1reaction

Spitfireapcommented, Dec 19, 2022

Hi, Can you try going there https://mail.domain.tld/new-admin/parameters/core and check if there are available parameters ? Can you also type this as modoboa user (modoboa venv) $ python /data/www/hermes/instance/manage.py migrate. If it doesn’t work, could you try switching DEBUG to True in /data/www/hermes/instance/instance/settings.py and restart uwsgi service. Then reload parameter page and check API response of the server.

0reactions

bernd-wechnercommented, Dec 21, 2022

I presume the extensions installed are as documented in the installer.cfg I shared above, namely:

extensions = modoboa-amavis modoboa-pdfcredentials modoboa-postfix-autoreply modoboa-sievefilters modoboa-webmail modoboa-contacts modoboa-radicale

If you’re after the contents to settings.py that should of course never be served via a URL, but a redacted version for critique is:

from logging.handlers import SysLogHandler
import os

# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.realpath(os.path.dirname(os.path.dirname(__file__)))

# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'a key'

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True

ALLOWED_HOSTS = [
    'mail.domain.tld,
]

SITE_ID = 1

# A list of all the people who get code error notifications. When DEBUG=False
# and a view raises an exception, Django will email these people with the full
# exception information.
# See https://docs.djangoproject.com/en/dev/ref/settings/#admins
#ADMINS = [('Administrator', 'admin@example.net')]

# The email address that error messages come from, such as those sent to ADMINS
#SERVER_EMAIL = 'webmaster@example.net'

# Security settings

X_FRAME_OPTIONS = "SAMEORIGIN"
CSRF_COOKIE_SECURE = True
SESSION_COOKIE_SECURE = True

# Application definition

INSTALLED_APPS = (
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.sites',
    'django.contrib.staticfiles',
    'reversion',
    'ckeditor',
    'ckeditor_uploader',
    'rest_framework',
    'rest_framework.authtoken',
    'drf_spectacular',
    'phonenumber_field',
    'django_otp',
    'django_otp.plugins.otp_totp',
    'django_otp.plugins.otp_static',
)

# A dedicated place to register Modoboa applications
# Do not delete it.
# Do not change the order.
MODOBOA_APPS = (
    'modoboa',
    'modoboa.core',
    'modoboa.lib',
    'modoboa.admin',
    'modoboa.transport',
    'modoboa.relaydomains',
    'modoboa.limits',
    'modoboa.parameters',
    'modoboa.dnstools',
    'modoboa.policyd',
    'modoboa.maillog',
    # Modoboa extensions here.
)

INSTALLED_APPS += MODOBOA_APPS

AUTH_USER_MODEL = 'core.User'

MIDDLEWARE = (
    'django_lighttpd_middleware.LighttpdMiddleware',
    'x_forwarded_for.middleware.XForwardedForMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django_otp.middleware.OTPMiddleware',
    'modoboa.core.middleware.TwoFAMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.locale.LocaleMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'modoboa.core.middleware.LocalConfigMiddleware',
    'modoboa.lib.middleware.AjaxLoginRedirect',
    'modoboa.lib.middleware.CommonExceptionCatcher',
    'modoboa.lib.middleware.RequestCatcherMiddleware',
)

AUTHENTICATION_BACKENDS = (
    #'modoboa.lib.authbackends.LDAPBackend',
    #'modoboa.lib.authbackends.SMTPBackend',
    'django.contrib.auth.backends.ModelBackend',
)

# SMTP authentication
#AUTH_SMTP_SERVER_ADDRESS = 'localhost'
#AUTH_SMTP_SERVER_PORT = 25
#AUTH_SMTP_SECURED_MODE = None  # 'ssl' or 'starttls' are accepted

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.template.context_processors.i18n',
                'django.template.context_processors.media',
                'django.template.context_processors.static',
                'django.template.context_processors.tz',
                'django.contrib.messages.context_processors.messages',
                'modoboa.core.context_processors.top_notifications',
            ],
            'debug': False,
        },
    },
]

ROOT_URLCONF = 'project.urls'

WSGI_APPLICATION = 'my.wsgi.application'

# Database
# https://docs.djangoproject.com/en/2.2/ref/settings/#databases

DATABASES = {

    'default': {
        'ENGINE': 'django.db.backends.postgresql',
        'NAME': 'modoboa',
        'USER': 'modoboa',
        'PASSWORD': 'password',
        'HOST': 'localhost',
        'PORT': '',
        'ATOMIC_REQUESTS': True,
    },
}

# Internationalization
# https://docs.djangoproject.com/en/2.2/topics/i18n/

LANGUAGE_CODE = 'en'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True

# Default primary key field type
# https://docs.djangoproject.com/en/3.2/ref/settings/#default-auto-field

DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'

# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/2.2/howto/static-files/

STATIC_URL = '/sitestatic/'
STATIC_ROOT = os.path.join(BASE_DIR, 'sitestatic')
STATICFILES_DIRS = (
    '/data/venv/modoboa/lib/python3.10/site-packages/modoboa/bower_components',
)

MEDIA_URL = '/media/'
MEDIA_ROOT = os.path.join(BASE_DIR, 'media')

# Rest framework settings

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'modoboa.core.drf_authentication.JWTAuthenticationWith2FA',
        'rest_framework.authentication.TokenAuthentication',
        'rest_framework.authentication.SessionAuthentication',
    ),
    'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema',
    'DEFAULT_VERSIONING_CLASS': 'rest_framework.versioning.NamespaceVersioning',
}

SPECTACULAR_SETTINGS = {
    'SCHEMA_PATH_PREFIX': r'/api/v[0-9]',
    'TITLE': 'Modoboa API',
    'VERSION': None,
    'SERVE_PERMISSIONS': ['rest_framework.permissions.IsAuthenticated'],
}

# Modoboa settings

#MODOBOA_CUSTOM_LOGO = os.path.join(MEDIA_URL, "custom_logo.png")

# Path to Dovecot binaries in case of a non-standard installation
#DOVECOT_LOOKUP_PATH = ('/path/to/dovecot', )
#DOVEADM_LOOKUP_PATH = ('/path/to/doveadm', )

# List of supported schemes if doveadm is not available, given by: doveadm pw -l
#DOVECOT_SUPPORTED_SCHEMES = 'SHA512-CRYPT SHA256-CRYPT'

# DOVECOT_USER = 'vmail'

MODOBOA_API_URL = 'https://api.modoboa.org/1/'
DISABLE_DASHBOARD_EXTERNAL_QUERIES = False

# REDIS

REDIS_HOST = 'localhost'
REDIS_PORT = 6379
REDIS_QUOTA_DB = 0
REDIS_URL = 'redis://{}:{}/{}'.format(REDIS_HOST, REDIS_PORT, REDIS_QUOTA_DB)

# Password validation
# https://docs.djangoproject.com/en/2.2/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
    },
    {
        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
    },
    {
        'NAME': 'modoboa.core.password_validation.ComplexityValidator',
        'OPTIONS': {
            'upper': 1,
            'lower': 1,
            'digits': 1,
            'specials': 0
        }
    },
]

# 2FA

OTP_TOTP_ISSUER = "mail.domain.tld"

# CKeditor

CKEDITOR_UPLOAD_PATH = "uploads/"
CKEDITOR_IMAGE_BACKEND = "pillow"
CKEDITOR_RESTRICT_BY_USER = True
CKEDITOR_BROWSE_SHOW_DIRS = True
CKEDITOR_ALLOW_NONIMAGE_FILES = False
CKEDITOR_CONFIGS = {
    'default': {
        'allowedContent': True,
        'toolbar': 'Modoboa',
        'width': None,
        'toolbar_Modoboa': [
            ['Bold', 'Italic', 'Underline'],
            ['JustifyLeft', 'JustifyCenter', 'JustifyRight', 'JustifyBlock'],
            ['BidiLtr', 'BidiRtl', 'Language'],
            ['NumberedList', 'BulletedList', '-', 'Outdent', 'Indent'],
            ['Undo', 'Redo'],
            ['Link', 'Unlink', 'Anchor', '-', 'Smiley'],
            ['TextColor', 'BGColor', '-', 'Source'],
            ['Font', 'FontSize'],
            ['Image', ],
            ['SpellChecker']
        ],
    },
}

# Logging configuration

LOGGING = {
    'version': 1,
    'formatters': {
        'syslog': {
            'format': '%(name)s: %(levelname)s %(message)s'
        },
    },
    'handlers': {
        'mail-admins': {
            'level': 'ERROR',
            'class': 'django.utils.log.AdminEmailHandler',
            'include_html': True
        },
        'syslog-auth': {
            'class': 'logging.handlers.SysLogHandler',
            'facility': SysLogHandler.LOG_AUTH,
            'formatter': 'syslog'
        },
        'syslog-mail': {
            'class': 'logging.handlers.SysLogHandler',
            'facility': SysLogHandler.LOG_MAIL,
            'formatter': 'syslog'
        },
        'modoboa': {
            'class': 'modoboa.core.loggers.SQLHandler',
        }
    },
    'loggers': {
        'django': {
            'handlers': ['mail-admins'],
            'level': 'ERROR',
            'propagate': False
        },
        'modoboa.auth': {
            'handlers': ['syslog-auth', 'modoboa'],
            'level': 'INFO',
            'propagate': False
        },
        'modoboa.admin': {
            'handlers': ['modoboa'],
            'level': 'INFO',
            'propagate': False
        },
        'modoboa.policyd': {
            'handlers': ['syslog-mail'],
            'level': 'INFO',
            'propagate': False
        }
    }
}

SILENCED_SYSTEM_CHECKS = [
    "security.W019",  # modoboa uses iframes to display e-mails
]

PHONENUMBER_DB_FORMAT = 'INTERNATIONAL'

# Load settings from extensions