--- Log opened mar jul 05 00:00:16 2022 02:57 < fikabot_> πŸ’¬ > <@bkil:grin.hu> Hello! Could you please share your question in written form? 02:57 < fikabot_> πŸ’¬ 02:57 < fikabot_> πŸ’¬ DankeschΓΆn --- Log closed mar jul 05 05:35:32 2022 --- Log opened mar jul 05 05:35:44 2022 05:35 -!- Irssi: #friendica: Total of 8 nicks [0 ops, 0 halfops, 0 voices, 8 normal] 05:35 -!- Irssi: Join to #friendica was synced in 13 secs 17:11 < fikabot_> πŸ’¬ Where is the `` coming from in the files? 17:11 < fikabot_> πŸ’¬ I'm trying to setup a new dev instance and document the process. Setting it in config/local.config.php isn't changing the value 17:11 < fikabot_> πŸ’¬ my problem is it keeps putting the http rather than https version in there 17:13 < fikabot_> πŸ’¬ tried changing it directly with the system->url (which doesn't seem to be picking up as a value) and by setting ssl_policy although none of the settings I tried (0 through 3) seemed to change anyhting 17:16 < fikabot_> πŸ’¬ tried changing it directly with the system->url (which doesn't seem to be picking up as a value) and by setting ssl\_policy although none of the settings I tried (0 through 2) seemed to change anyhting 17:18 < fikabot_> πŸ’¬ Good question, did you try a recursive grep? 17:23 < fikabot_> πŸ’¬ Hank: Please add 'hostname' => ' section. 17:23 < fikabot_> πŸ’¬ 17:23 < fikabot_> πŸ’¬ https://github.com/friendica/friendica/issues/9978 17:26 < fikabot_> πŸ’¬ that is set 17:26 < fikabot_> πŸ’¬ I can't recall how I did it before I switched, had it running on apache 17:26 < fikabot_> πŸ’¬ is the protocol in the config too? 17:26 < fikabot_> πŸ’¬ it's the hostname which shouldn't have the protocol type 17:27 < fikabot_> πŸ’¬ https://forum.friendi.ca/help/SSL 17:27 < fikabot_> πŸ’¬ Actually...i wonder if I ran into this hiccup setting my real server... 17:27 < fikabot_> πŸ’¬ You can setup a rewrite 17:27 < fikabot_> πŸ’¬ the problem isn't the redirect 17:28 < fikabot_> πŸ’¬ the problem is that the HTML being generated has that base URL set to the http version of the site so Firefox is barfing on requests that are being redirected to the HTTPS link 17:28 < fikabot_> πŸ’¬ Ah, the base url stays the same? 17:28 < fikabot_> πŸ’¬ Let me see if I have anything in my notes from the "real server" config I did late last year 17:29 < fikabot_> πŸ’¬ In the Admin Settings, there are three SSL-related settings: 17:29 < fikabot_> πŸ’¬ 17:29 < fikabot_> πŸ’¬ SSL link policy: this affects how Friendica generates internal links. If your SSL installation was successful, we recommend "Force all links to SSL" just in case your web server configuration can't be altered like described above. 17:29 < fikabot_> πŸ’¬ I think you need the first one :-) 17:34 < fikabot_> πŸ’¬ Yeah I should probably just blow the DB away and try that wizard again 17:36 < fikabot_> πŸ’¬ No, see the admin settings I pasted 17:36 < fikabot_> πŸ’¬ Yeah I can't get to it after setting up the redirect because the site doesn't render correctly without the static files that it tries to load from http links 17:36 < fikabot_> πŸ’¬ And maybe delete the compiled smarty templates 17:37 < fikabot_> πŸ’¬ hmmm, ok 17:38 < fikabot_> πŸ’¬ I wonder if it is the smarty templates that have the old values? that doesn't sound right since it seems to be generating the baseUrl values on the fly in places. 17:40 < fikabot_> πŸ’¬ You can always try. Or search the database tables for the ssl values 17:41 < fikabot_> πŸ’¬ yeah I was trying to find it in the db but failed 17:41 < fikabot_> πŸ’¬ nothing in the config table stood out as being parallel to it 17:44 < fikabot_> πŸ’¬ What I mostly do is taking an sqldump and search for the settings within vi. I sadly do not have a Friendica one left 17:46 < fikabot_> πŸ’¬ Hank: `config/local.config.php` is only consulted for default values. If the config table in the database already has values set, it will not overwrite them - you have to overwrite them in the database in such cases. Hence why I recommend setting up TLS on your web server before installing Friendica so you wouldn't have to change it like this. 17:47 < fikabot_> πŸ’¬ Ah, weird, and what if you open up port 80 (filtered) so you can use that? 17:52 < fikabot_> πŸ’¬ According to `view/templates/head.tpl`, it is consulting with `{{$baseurl}}`, that gets it from `DI:baseUrl()` usually. It seems to come from the config value 'system'/'url' 17:54 < fikabot_> πŸ’¬ More precisely, it is only code path that sets it that. 'system'/'url' actually seems to be $baseurl/friendica 17:55 < fikabot_> πŸ’¬ More precisely, it is only one of the code paths that sets it that. 'system'/'url' actually seems to be $baseurl/friendica. Let me check. 17:58 < fikabot_> πŸ’¬ Hah, I found a devilish workaround for you... change it to some other aliased domain name, visit the page, change it back to the https variant, visit page again 😊 https://github.com/friendica/friendica/blob/develop/src/App.php#L546 17:59 < fikabot_> πŸ’¬ There is always a dirty hack, good find 18:02 < fikabot_> πŸ’¬ yeah it's not reading system/url by the looks of it 18:04 < fikabot_> πŸ’¬ I didn't set that parameter in my real server config either by the looks of it 18:05 < fikabot_> πŸ’¬ It should detect and store it automatically. Could you not find it in the database config table? 18:08 < fikabot_> πŸ’¬ nope 18:09 < fikabot_> πŸ’¬ I don't think it is written directly into the db like that 18:09 < fikabot_> πŸ’¬ the ssl type setting is 18:09 < fikabot_> πŸ’¬ Or not by default 18:09 < fikabot_> πŸ’¬ and stored correctly 18:09 < fikabot_> πŸ’¬ I did the sqldump and only see the hardcoded http:// version in things like admin portal link, contact info etc. 18:10 < fikabot_> πŸ’¬ Well, setup an alias like bkill used :-) 18:10 < fikabot_> πŸ’¬ no that's a copout 18:10 < fikabot_> πŸ’¬ it shouldn't be this rube goldberg like 18:11 < fikabot_> πŸ’¬ I want to figure out why it got hosed up in the first place, document it and then change the documentation to make that path less problematic 18:13 < fikabot_> πŸ’¬ Just a wild guess, setup an alias, configure it like bkil did, dump the database again and run a diff? I expect you to find the old diff does not hold the value on the config and the new one does. 18:13 < fikabot_> πŸ’¬ actually the standard install doesn't talk about setting up any of the https stuff 18:15 < fikabot_> πŸ’¬ The code snippet I linked to will _not_ update an http:// url to an https:// url in the database! 18:16 < fikabot_> πŸ’¬ if you know what the problem is you are able to solve it, probably a default to either http or to https 18:16 < fikabot_> πŸ’¬ I imagine not 18:16 < fikabot_> πŸ’¬ So really what I should do is crush the machine and start again 18:18 < fikabot_> πŸ’¬ the thing is I've crushed the DB and restarted the install (not from scratch) after having the https stuff setup 18:18 < fikabot_> πŸ’¬ (self signed certs though) 18:18 < fikabot_> πŸ’¬ why wouldn't changing the ssl_policy value change the behavior when it is brought back up? 18:19 < fikabot_> πŸ’¬ or maybe I'm not restarting the site in a way that is picking up the change? 18:21 < fikabot_> πŸ’¬ nope, rebooting the whole machine the html still reads `` 18:21 < fikabot_> πŸ’¬ with ssl_policy set to 1 18:21 < fikabot_> πŸ’¬ Did you restart all the related software? Database, empty cache, redis? 18:21 < fikabot_> πŸ’¬ I think ssl_policy only affects links within the page itself. The base href comes from the header. 18:21 < fikabot_> πŸ’¬ Did you empty the browser cache too? 18:21 < fikabot_> πŸ’¬ If you view the source of the rendered HTML, you might actually find a few https:// links there. 18:22 < fikabot_> πŸ’¬ I'm using curl 18:23 < fikabot_> πŸ’¬ right but what is generating that? 18:23 < fikabot_> πŸ’¬ > <@bkil:grin.hu> I think ssl_policy only affects links within the page itself. The base href comes from the header. 18:23 < fikabot_> πŸ’¬ 18:23 < fikabot_> πŸ’¬ OK but what is generating it if it isn't being read out of the config file? 18:24 < fikabot_> πŸ’¬ for that setting there doesn't seem to be a comparable one in the DB 18:27 < fikabot_> πŸ’¬ Actually, ssl_policy seems to make complicated interactions with the other variables. https://github.com/friendica/friendica/blob/develop/src/App/BaseURL.php#L291 18:27 < fikabot_> πŸ’¬ It is not read out from the config file because it is automatically detected upon first installation, then stored in the DB, and then updated on demand. 18:28 < fikabot_> πŸ’¬ Could you perhaps share the config values for hostname urlpath ssl_policy url froce_ssl within the system section? 18:28 < fikabot_> πŸ’¬ As read out from the database. 18:28 < fikabot_> πŸ’¬ public function getBasePath() 18:28 < fikabot_> πŸ’¬ { 18:28 < fikabot_> πŸ’¬ // Don't use the basepath of the config table for basepath (it should always be the config-file one) 18:28 < fikabot_> πŸ’¬ return $this->config->getCache()->get('system', 'basepath'); 18:28 < fikabot_> πŸ’¬ } 18:29 < fikabot_> πŸ’¬ There also is a HTTPSignature namespace 18:39 < fikabot_> πŸ’¬ > <@bkil:grin.hu> Could you perhaps share the config values for hostname urlpath ssl_policy url froce_ssl within the system section? 18:39 < fikabot_> πŸ’¬ 18:39 < fikabot_> πŸ’¬ I do see the url field now in the database 18:39 < fikabot_> πŸ’¬ I don't know why it wasn't in the dump before (i crushed the db and redid the whole setup process again since though) 18:41 < fikabot_> πŸ’¬ let me try editing the field 19:00 < fikabot_> πŸ’¬ yeah editing that field worked 19:00 < fikabot_> πŸ’¬ no wondering why it got set the way it did even with the config having url explicitly set and during the wizard steps I told it to do the self signed cert option 19:00 < fikabot_> πŸ’¬ now wondering why it got set the way it did even with the config having url explicitly set and during the wizard steps I told it to do the self signed cert option 19:01 < fikabot_> πŸ’¬ OK crush the whole thing start over and see if I can reproduce the config with the documentation I have... 19:01 < fikabot_> πŸ’¬ jump to that if need be 19:45 < fikabot_> πŸ’¬ Yeah that went much smoother 19:45 < fikabot_> πŸ’¬ I did the whole https setup with the directory that would be friendica but with phpinfo.php file first, then did the whole install 19:45 < fikabot_> πŸ’¬ and it all seemed to figure itself out correctly 19:45 < fikabot_> πŸ’¬ (y) 23:03 < fikabot_> πŸ’¬ I got past this for my testing purposes but for isolated instances (it's a dev instance with a self-cert and /etc/hosts for mapping to domain name) is it a known issue where contacts' posts don't show up on the network tab unless you are referenced in the post? --- Log closed miΓ© jul 06 00:00:18 2022