change redis timeout with puppet - redis

I have a virtual machine which gets redis installed using vagrant/puppet. How can I override/configure redis timeout setting?
Trying
class { 'redis':
version => '2.6.5',
redis_timeout => 0
}
gives me
Invalid parameter redis_timeout at /tmp/vagrant-puppet/manifests/default.pp:308 on node precise64
I mention that I do not want two intances (one of them having the right timeout)...
redis::instance { 'redis-6900':
redis_port => '6900',
redis_timeout => 0,
}
... or changing the original configuration params file from the module
# == Class: redis::params
#
# Redis params.
#
# === Parameters
#
# === Authors
#
# Thomas Van Doren
#
# === Copyright
#
# Copyright 2012 Thomas Van Doren, unless otherwise noted.
#
class redis::params {
$redis_port = '6379'
$redis_bind_address = false
$version = '2.4.13'
$redis_src_dir = '/opt/redis-src'
$redis_bin_dir = '/opt/redis'
$redis_max_memory = '4gb'
$redis_max_clients = false
$redis_timeout = 0 # 0 = disabled
$redis_loglevel = 'notice'
$redis_databases = 16
$redis_slowlog_log_slower_than = 10000 # microseconds
$redis_slowlog_max_len = 1024
$redis_password = false
}

Related

Got NPE after integrating play framework with play-redis

After integrating play-redis(https://github.com/KarelCemus/play-redis) with play framework, i've got an error when a request incomes:
[20211204 23:20:48.350][HttpErrorHandler.scala:272:onServerError][E] Error while handling error
java.lang.NullPointerException: null
at play.api.http.HttpErrorHandlerExceptions$.convertToPlayException(HttpErrorHandler.scala:377)
at play.api.http.HttpErrorHandlerExceptions$.throwableToUsefulException(HttpErrorHandler.scala:367)
at play.api.http.DefaultHttpErrorHandler.onServerError(HttpErrorHandler.scala:264)
at play.core.server.Server$$anonfun$handleErrors$1$1.applyOrElse(Server.scala:109)
at play.core.server.Server$$anonfun$handleErrors$1$1.applyOrElse(Server.scala:105)
at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:35)
at play.core.server.Server$.getHandlerFor(Server.scala:129)
at play.core.server.AkkaHttpServer.handleRequest(AkkaHttpServer.scala:317)
at play.core.server.AkkaHttpServer.$anonfun$createServerBinding$1(AkkaHttpServer.scala:224)
at akka.stream.impl.fusing.MapAsync$$anon$30.onPush(Ops.scala:1297)
at akka.stream.impl.fusing.GraphInterpreter.processPush(GraphInterpreter.scala:541)
at akka.stream.impl.fusing.GraphInterpreter.processEvent(GraphInterpreter.scala:495)
at akka.stream.impl.fusing.GraphInterpreter.execute(GraphInterpreter.scala:390)
at akka.stream.impl.fusing.GraphInterpreterShell.runBatch(ActorGraphInterpreter.scala:625)
at akka.stream.impl.fusing.GraphInterpreterShell$AsyncInput.execute(ActorGraphInterpreter.scala:502)
at akka.stream.impl.fusing.GraphInterpreterShell.processEvent(ActorGraphInterpreter.scala:600)
at akka.stream.impl.fusing.ActorGraphInterpreter.akka$stream$impl$fusing$ActorGraphInterpreter$$processEvent(ActorGraphInterpreter.scala:775)
at akka.stream.impl.fusing.ActorGraphInterpreter$$anonfun$receive$1.applyOrElse(ActorGraphInterpreter.scala:790)
at akka.actor.Actor.aroundReceive(Actor.scala:537)
at akka.actor.Actor.aroundReceive$(Actor.scala:535)
at akka.stream.impl.fusing.ActorGraphInterpreter.aroundReceive(ActorGraphInterpreter.scala:691)
at akka.actor.ActorCell.receiveMessage(ActorCell.scala:579)
at akka.actor.ActorCell.invoke(ActorCell.scala:547)
at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:270)
at akka.dispatch.Mailbox.run(Mailbox.scala:231)
at akka.dispatch.Mailbox.exec(Mailbox.scala:243)
at java.base/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:290)
at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1020)
at java.base/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1656)
at java.base/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1594)
at java.base/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:183)
I am sure the cause must be play-redis cause the app runs smoothly without it. Particularly, i use a custom implementation of the configuration provider, since need to get the ip and port by calling rest API of a name service.
#Singleton
class CustomRedisInstance #Inject() (
config: Configuration,
polarisExtensionService: PolarisExtensionService,
#NamedCache("redisConnection") redisConnectionCache: AsyncCacheApi)(implicit
asyncExecutionContext: AsyncExecutionContext)
extends RedisStandalone
with RedisDelegatingSettings {
val pathPrefix = "play.cache.redis"
def name = "play"
private def defaultSettings =
RedisSettings.load(
// this should always be "play.cache.redis"
// as it is the root of the configuration with all defaults
config.underlying,
"play.cache.redis")
def settings: RedisSettings = {
RedisSettings
.withFallback(defaultSettings)
.load(
// this is the path to the actual configuration of the instance
//
// in case of named caches, this could be, e.g., "play.cache.redis.instances.my-cache"
//
// in that case, the name of the cache is "my-cache" and has to be considered in
// the bindings in the CustomCacheModule (instead of "play", which is used now)
config.underlying,
"play.cache.redis")
}
def host: String = {
val connectionInfoFuture = getConnectionInfoFromPolaris
Try(Await.result(connectionInfoFuture, 10.seconds)) match {
case Success(extractedVal) => extractedVal.host
case Failure(_) => config.get[String](s"$pathPrefix.host")
case _ => config.get[String](s"$pathPrefix.host")
}
}
def port: Int = {
val connectionInfoFuture = getConnectionInfoFromPolaris
Try(Await.result(connectionInfoFuture, 10.seconds)) match {
case Success(extractedVal) => extractedVal.port
case Failure(_) => config.get[Int](s"$pathPrefix.port")
case _ => config.get[Int](s"$pathPrefix.port")
}
}
def database: Option[Int] = Some(config.get[Int](s"$pathPrefix.database"))
def password: Option[String] = Some(config.get[String](s"$pathPrefix.password"))
}
But the play-redis itself have no error logs. After all these hard work of reading manual and examples, turns out that i should turn to Jedis or Lettuce? Hopeless now.
The reason is that i want to use Redis with Caffeine which cause collision, as the document says, need to rename the default-cache to redis in application.conf:
play.modules.enabled += play.api.cache.redis.RedisCacheModule
# provide additional configuration in the custom module
play.modules.enabled += services.CustomCacheModule
play.cache.redis {
# do not bind default unqualified APIs
bind-default: false
# name of the instance in simple configuration,
# i.e., not located under `instances` key
# but directly under 'play.cache.redis'
default-cache: "redis"
source = custom
host = 127.0.0.1
# redis server: port
port = 6380
# redis server: database number (optional)
database = 0
# authentication password (optional)
password = "#########"
refresh-minute = 10
}
So in the CustomCacheModule, the input param of NamedCacheImpl need to change to redis from play.
class CustomCacheModule extends AbstractModule {
override def configure(): Unit = {
// NamedCacheImpl's input used to be "play"
bind(classOf[RedisInstance]).annotatedWith(new NamedCacheImpl("redis")).to(classOf[CustomRedisInstance])
()
}
}

What changed in exim 4.94, after update the line throws an error

I use Vesta control panel, Exim is screwed to it, after update, errors.
2020-12-03 23:45:35 H=mail-wr1-f44.google.com [209.85.221.44] X=TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no F=<mymail#gmail.com> temporarily rejected RCPT <info#my.com>: failed to expand "${extract{1}{:}{${lookup{$local_part#$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}": NULL
along the way there are symbolic links. How to zoom out?
/etc/exim/domains/$domain/aliases
Working Exim configuration for Centos 7/8
Search google: Devoleksiy vesta rhel8 exim.conf
Such an odd response because the moderator deleted my response with a link to the working configuration, which will obsolete the error.
If I insert what to replace it will get even more confusing.
######################################################################
# #
# Exim configuration file for Vesta Control Panel #
# #
######################################################################
#SPAMASSASSIN = yes
#SPAM_SCORE = 50
#CLAMD = yes
add_environment = <; PATH=/bin:/usr/bin
keep_environment =
disable_ipv6=true
domainlist local_domains = dsearch;/etc/exim/domains/
domainlist relay_to_domains = dsearch;/etc/exim/domains/
hostlist relay_from_hosts = 127.0.0.1
hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf
hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf
no_local_from_check
untrusted_set_sender = *
acl_smtp_connect = acl_check_spammers
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
.ifdef SPAMASSASSIN
spamd_address = 127.0.0.1 783
.endif
.ifdef CLAMD
av_scanner = clamd: /var/run/clamav/clamd.sock
.endif
tls_advertise_hosts = *
tls_certificate = ${if and \
{ \
{gt{$tls_in_sni}{}} \
{!match{$tls_in_sni}{/}} \
} \
{${if exists {/usr/local/vesta/ssl/exim.cert.$tls_in_sni} \
{/usr/local/vesta/ssl/exim.cert.$tls_in_sni} \
{/usr/local/vesta/ssl/certificate.crt} \
}} \
{/usr/local/vesta/ssl/certificate.crt} \
}
tls_privatekey = ${if and \
{ \
{gt{$tls_in_sni}{}} \
{!match{$tls_in_sni}{/}} \
} \
{${if exists {/usr/local/vesta/ssl/exim.key.$tls_in_sni} \
{/usr/local/vesta/ssl/exim.key.$tls_in_sni} \
{/usr/local/vesta/ssl/certificate.key} \
}} \
{/usr/local/vesta/ssl/certificate.key} \
}
openssl_options = +no_sslv2 +no_sslv3
tls_require_ciphers = ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS
daemon_smtp_ports = 25 : 465 : 587 : 2525
tls_on_connect_ports = 465
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 1s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
acl_check_spammers:
accept hosts = +whitelist
drop message = Your host in blacklist on this server.
log_message = Host in blacklist
hosts = +spammers
accept
acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s
drop condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address
accept
acl_check_rcpt:
accept hosts = :
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[#%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[#%!] : ^.*/\\.\\./
require verify = sender
accept hosts = +relay_from_hosts
control = submission
accept authenticated = *
control = submission/domain=
deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
hosts = !+whitelist
dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}}
require message = relay not permitted
domains = +local_domains : +relay_to_domains
deny message = smtp auth requried
sender_domains = +local_domains
!authenticated = *
require verify = recipient
.ifdef CLAMD
warn set acl_m0 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}}
set acl_m0 = yes
.endif
.ifdef SPAMASSASSIN
warn set acl_m1 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}}
set acl_m1 = yes
.endif
accept
acl_check_data:
.ifdef CLAMD
deny message = Message contains a virus ($malware_name) and has been rejected
malware = *
condition = ${if eq{$acl_m0}{yes}{yes}{no}}
.endif
.ifdef SPAMASSASSIN
warn !authenticated = *
hosts = !+relay_from_hosts
condition = ${if < {$message_size}{100K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}}
spam = spamd:true/defer_ok
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int
warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes
message = SpamAssassin detected spam (from $sender_address to $recipients).
.endif
accept
acl_check_mime:
deny message = Blacklisted file extension detected
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
accept
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
begin authenticators
dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
dovecot_login:
driver = dovecot
public_name = LOGIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
begin routers
#smarthost:
# driver = manualroute
# domains = ! +local_domains
# transport = remote_smtp
# route_list = * smartrelay.vestacp.com
# no_more
# no_verify
dnslookup:
driver = dnslookup
domains = !+local_domains
transport = remote_smtp
no_more
userforward:
driver = redirect
check_local_user
file = $home/.forward
allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
procmail:
driver = accept
check_local_user
require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
transport = procmail
no_verify
autoreplay:
driver = accept
require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg
condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
retry_use_local_part
transport = userautoreply
unseen
aliases:
driver = redirect
headers_add = X-redirected: yes
data = ${extract{1}{:}{${lookup{$local_part#$domain}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/aliases}}}}
require_files = /etc/exim/domains/$domain/aliases
redirect_router = dnslookup
pipe_transport = address_pipe
unseen
localuser_fwd_only:
driver = accept
transport = devnull
condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/fwd_only}{true}{false}}}}
localuser_spam:
driver = accept
transport = local_spam_delivery
condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}{yes}{no_such_user}}}}
localuser:
driver = accept
transport = local_delivery
condition = ${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}{true}{false}}
catchall:
driver = redirect
headers_add = X-redirected: yes
require_files = /etc/exim/domains/$domain/aliases
data = ${extract{1}{:}{${lookup{*#$domain}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/aliases}}}}
file_transport = local_delivery
redirect_router = dnslookup
terminate_alias:
driver = accept
transport = devnull
condition = ${lookup{$local_part#$domain}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/aliases}{true}{false}}
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
begin transports
remote_smtp:
driver = smtp
#helo_data = $sender_address_domain
dkim_domain = DKIM_DOMAIN
dkim_selector = mail
dkim_private_key = DKIM_PRIVATE_KEY
dkim_canon = relaxed
dkim_strict = 0
procmail:
driver = pipe
command = "/usr/bin/procmail -d $local_part"
return_path_add
delivery_date_add
envelope_to_add
user = $local_part
initgroups
return_output
local_delivery:
driver = appendfile
maildir_format
maildir_use_size_file
user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}
group = mail
create_directory
directory_mode = 770
mode = 660
use_lockfile = no
delivery_date_add
envelope_to_add
return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim/domains/}}}}"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}M
quota_warn_threshold = 75%
local_spam_delivery:
driver = appendfile
maildir_format
maildir_use_size_file
user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}
group = mail
create_directory
directory_mode = 770
mode = 660
use_lockfile = no
delivery_date_add
envelope_to_add
return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim/domains/}}}}/.Spam"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}M
quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/${lookup{$domain}dsearch{/etc/exim/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim/domains/}}}}"
quota_warn_threshold = 75%
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
userautoreply:
driver = autoreply
file = /etc/exim/domains/$domain/autoreply.${local_part}.msg
from = "${local_part}#${domain}"
headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
to = "${sender_address}"
devnull:
driver = appendfile
file = /dev/null
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
######################################################################
begin rewrite
######################################################################

kdb5_util dump gives Server error

I have been trying to dump my Kerberos database (ldap backend) using kdb5_util dump (filename), but I get:
kdb5_util load_dump version 6
kdb5_util: error performing Kerberos version 5 release 1.8 dump (Server error)
policy default 0 0 1 1 1 0 0 0 0
Kerberos KDC and Kadmin log has nothing, ldap.log gives
May 31 12:40:17 kdc slapd[28020]: connection_input: conn=1091 deferring operation: binding
Everything else works fine, creating, deleting, authentication of principals, no problem. Just dumping the DB fails. As far as I understand, the backend should not have any influence on the dump.
Any ideas how I can debug or fix this? What am I missing?
/etc/krb5.conf
[libdefaults]
default_realm = REALM.EXAMPLE.COM
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
[realms]
REALM.EXAMPLE.COM = {
kdc = kdc.realm.example.com
admin_server = kdc.realm.example.com
kpasswd_server = kdc.realm.example.com
}
[domain_realm]
.realm.example.com = REALM.EXAMPLE.COM
/etc/krb5kdc/kdc.conf
[realms]
REALM.EXAMPLE.COM = {
default_domain = realm.example.com
database_module = ldapconf
acl_file = /etc/krb5kdc/kadm5.acl
key_stash_file = /etc/krb5kdc/.master
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
master_key_type = aes256-cts
supported_enctypes = aes256-cts-hmac-sha1-96:normal
#aes128-cts-hmac-sha1-96:normal arcfour-hmac:normal
default_principal_flags = +preauth
pkinit_identity = FILE:/etc/krb5kdc/kdc-cert.pem,/etc/krb5kdc/.kdc-key.pem
pkinit_anchors = FILE:/etc/krb5kdc/ca-cert.pem
dict_file = /root/bad_passwords.dict
}
[dbmodules]
ldapconf = {
db_library = kldap
ldap_kerberos_container_dn = "cn=kerberos,dc=realm,dc=example,dc=com"
ldap_kdc_dn = "cn=kerberos-kdc,dc=realm,dc=example,dc=com"
ldap_kadmind_dn = "cn=kerberos-admin,dc=realm,dc=example,dc=com"
ldap_servers = ldapi:///
ldap_service_password_file = /etc/krb5kdc/.service
}
[logging]
kdc = FILE:/var/log/kerberos/kdc.log
admin_server = FILE:/var/log/kerberos/kadmin.log
default = FILE:/var/log/kerberos/kerberos.log
Found the Problem after debugging at last:
The LDAP backend has a hard Size limit of 500 for search requests. With 501 Users that bit me in the backside!
Fix:
#
# remove sizelimit for ldap search
#
# apply with ldapmodify -Y EXTERNAL -H ldapi:/// -f sizelimit.ldif
#
dn: olcDatabase={1}hdb,cn=config
changetype: modify
add: olcLimits
olcLimits: dn.exact="cn=kerberos-admin,dc=realm,dc=example,dc=com" size=unlimited
Apply, restart slapd, and dump happily away

Fixing :80 urls for Mediawiki with Nginx and apache

I'm trying to use Mediawiki, without getting the url to be like this.
https://roblox-network.com:80/tra/Special:RequestAccount
If i just remove :80 it works as it should.
Config file is below.
It should be a clean install, with restricted accounts.
But sadly i keep getting the :80 url many times, when i update every page.
So i have to remove :80 to update the pages.
<?php
error_reporting( E_ALL );
ini_set( 'display_errors', 1 );
# This file was automatically generated by the MediaWiki 1.17.0
# installer. If you make manual changes, please keep track in case you
# need to recreate them later.
#
# See includes/DefaultSettings.php for all configurable settings
# and their default values, but don't forget to make changes in _this_
# file, not there.
#
# Further documentation for configuration settings may be found at:
# http://www.mediawiki.org/wiki/Manual:Configuration_settings
# Protect against web entry
if ( !defined( 'MEDIAWIKI' ) ) {
exit;
}
## Uncomment this to disable output compression
# $wgDisableOutputCompression = true;
$wgSitename = 'TRA Wiki';
$wgMetaNamespace = "My_wiki";
$wgRightsPage = "YourWiki:Copyright";
$wgRightsText = "copyright Roblox Network";
## The URL base path to the directory containing the wiki;
## defaults for all runtime URL paths are based off of this.
## For more information on customizing the URLs please see:
## http://www.mediawiki.org/wiki/Manual:Short_URL
$wgScriptPath = '/tra';
$wgRunJobsAsync = false;
$wgArticlePath = $wgScriptPath.'/$1';
$wgScriptExtension = ".php";
## The relative URL path to the skins directory
$wgStylePath = "$wgScriptPath/skins";
## The relative URL path to the logo. Make sure you change this from the default,
## or else you'll overwrite your logo when you upgrade!
#$wgLogo = "$wgStylePath/common/images/wiki.png";
$wgLogo = "$wgStylePath/common/images/wiki.png";
## UPO means: this is also a user preference option
$wgEnableEmail = true;
$wgEnableUserEmail = true; # UPO
$wgEmergencyContact = 'info#roblox-network.com';
$wgPasswordSender = 'no-reply#roblox-network.com';
$wgEnotifUserTalk = false; # UPO
$wgEnotifWatchlist = false; # UPO
$wgEmailAuthentication = true;
## Database settings
$wgDBtype = "mysql";
$wgDBserver = 'mysql';
$wgDBname = 'REMOVED';
$wgDBuser = 'REMOVED';
$wgDBpassword = 'REMOVED';
# MySQL specific settings
$wgDBprefix = 'REMOVED';
# MySQL table options to use during installation or update
$wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=binary";
# Experimental charset support for MySQL 4.1/5.0.
$wgDBmysql5 = false;
## Shared memory settings
$wgMainCacheType = CACHE_NONE;
$wgMemCachedServers = array();
## To enable image uploads, make sure the 'images' directory
## is writable, then set this to true:
$wgEnableUploads = true;
$wgUseImageMagick = true;
$wgImageMagickConvertCommand = "/usr/bin/convert";
# InstantCommons allows wiki to use images from http://commons.wikimedia.org
$wgUseInstantCommons = false;
## If you use ImageMagick (or any other shell command) on a
## Linux server, this will need to be set to the name of an
## available UTF-8 locale
$wgShellLocale = "en_US.utf8";
## If you want to use image uploads under safe mode,
## create the directories images/archive, images/thumb and
## images/temp, and make them all writable. Then uncomment
## this, if it's not already uncommented:
#$wgHashedUploadDirectory = false;
## If you have the appropriate support software installed
## you can enable inline LaTeX equations:
$wgUseTeX = false;
## Set $wgCacheDirectory to a writable directory on the web server
## to make your wiki go slightly faster. The directory should not
## be publically accessible from the web.
#$wgCacheDirectory = "$IP/cache";
# Site language code, should be one of ./languages/Language(.*).php
$wgLanguageCode = 'en';
$wgSecretKey = "REMOVED";
# Site upgrade key. Must be set to a string (default provided) to turn on the
# web installer while LocalSettings.php is in place
$wgUpgradeKey = "REMOVED";
## Default skin: you can change the default skin. Use the internal symbolic
## names, ie 'standard', 'nostalgia', 'cologneblue', 'monobook', 'vector':
$wgDefaultSkin = "vector";
## For attaching licensing metadata to pages, and displaying an
## appropriate copyright notice / icon. GNU Free Documentation
## License and Creative Commons licenses are supported so far.
#$wgEnableCreativeCommonsRdf = true;
$wgRightsPage = "Roblox Network"; # Set to the title of a wiki page that describes your license/copyright
$wgRightsUrl = "https://roblox-network.com/terms/";
$wgRightsText = "";
$wgRightsIcon = "";
# $wgRightsCode = ""; # Not yet used
# Path to the GNU diff3 utility. Used for conflict resolution.
$wgDiff3 = "/usr/bin/diff3";
# Query string length limit for ResourceLoader. You should only set this if
# your web server has a query string length limit (then set it to that limit),
# or if you have suhosin.get.max_value_length set in php.ini (then set it to
# that value)
$wgResourceLoaderMaxQueryLength = -1;
# End of automatically generated settings.
# Add more configuration options below.
require_once "$IP/skins/Vector/Vector.php";
# ------------------ Below is the custom settings. ----------------------------
require_once "$IP/extensions/ConfirmAccount/ConfirmAccount.php";
require_once "$IP/extensions/SecurePoll/SecurePoll.php";
$wgShowSQLErrors = true;
$wgDebugDumpSql = true;
$wgShowDBErrorBacktrace = true;
$wgConfirmAccountContact = 'tra#roblox-network.com';
# ------------------ Below is the custom permissions. ----------------------------
$wgGroupPermissions['sysop']['securepoll-create-poll'] = true;
# ------------------ Below is loginform permissions. ----------------------------
$wgAccountRequestMinWords = 10;
$wgConfirmAccountRequestFormItems['Biography']['enabled'] = false;
$wgMakeUserPageFromBio = false;
$wgAutoWelcomeNewUsers = false;
$wgConfirmAccountRequestFormItems = array(
'UserName' => array( 'enabled' => true ),
'RealName' => array( 'enabled' => false ),
'Biography' => array( 'enabled' => false, 'minWords' => 50 ),
'AreasOfInterest' => array( 'enabled' => false ),
'CV' => array( 'enabled' => false ),
'Notes' => array( 'enabled' => true ),
'Links' => array( 'enabled' => false ),
'TermsOfService' => array( 'enabled' => true ),
);
# ------------------ Below is loginform restricted. ----------------------------
function efLoginFormMessage( &$template ) {
$template->set( 'header', "(For an account to edit articles with, contact Mr.Master3395, info#roblox-network.com )");
return true;
}
$wgHooks['UserLoginForm'][]='efLoginFormMessage';
# End of automatically generated settings.
# Add more configuration options below.
require_once "$IP/skins/Vector/Vector.php";
# Disable reading by anonymous users
$wgGroupPermissions['*']['read'] = true;
# But allow them to access the login page or else there will be no way to log in!
# (You also might want to add access to "Main Page", "Help:Contents", etc.)
$wgWhitelistRead = array ("Special:Userlogin");
# Disable anonymous editing
$wgGroupPermissions['*']['edit'] = false;
# Prevent new user registrations except by sysops
$wgGroupPermissions['*']['createaccount'] = false;
# ------------------ Below is Group Permissions. ----------------------------
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['user']['edit'] = false;
$wgGroupPermissions['sysop']['edit'] = true;
# ------------------ Below is Uploads. ----------------------------
$wgUploadPath = "$wgScriptPath/uploads"; ## Wiki 1.5 defaults to /images, but allows more than just images
$wgUploadDirectory = "$IP/uploads"; ## Wiki 1.5 defaults to /images, but allows more than just images
## To enable image uploads, make sure the above '$wgUploadPath' directory is writable by Apache User or group.
## ''(i.e. chmod og+w uploads images)'' then the following should be true:
$wgEnableUploads = true;
$wgUseImageMagick = true;
$wgImageMagickConvertCommand = "/usr/bin/convert";
## If you want to use image uploads under safe mode, create the directories images/archive, images/thumb and
## images/temp, and make them all writable. Then uncomment this, if it's not already uncommented:
$wgHashedUploadDirectory = false;
# ------------------ Below is Uploads. ----------------------------
// Add just one filetype to the default array
$wgFileExtensions[] = 'pdf';
// Add several file types to the default array
$wgFileExtensions = array_merge(
$wgFileExtensions, array(
'pdf', 'ppt', 'jp2', 'webp', 'doc','docx', 'xls', 'xlsx'
)
);
// Override the default with a bundle of filetypes:
$wgFileExtensions = array(
'png', 'gif', 'jpg', 'jpeg', 'jp2', 'webp', 'ppt', 'pdf', 'psd',
'mp3', 'xls', 'xlsx', 'swf', 'doc','docx', 'odt', 'odc', 'odp',
'odg', 'mpp'
);
$wgMimeDetectorCommand = "file -bi";
# ------------------ Below is Google Analytics. ----------------------------
require_once "$IP/extensions/googleAnalytics/googleAnalytics.php";
// Replace xxxxxxx-x with YOUR GoogleAnalytics UA number
$wgGoogleAnalyticsAccount = 'UA-37062089-17';
// Add HTML code for any additional web analytics (can be used alone or with $wgGoogleAnalyticsAccount)
$wgGoogleAnalyticsOtherCode = '<script type="text/javascript" src="https://analytics.example.com/tracking.js"></script>';
// Optional configuration (for defaults see googleAnalytics.php)
// Store full IP address in Google Universal Analytics (see https://support.google.com/analytics/answer/2763052?hl=en for details)
$wgGoogleAnalyticsAnonymizeIP = false;
// Array with NUMERIC namespace IDs where web analytics code should NOT be included.
$wgGoogleAnalyticsIgnoreNsIDs = array(500);
// Array with page names (see magic word Extension:Google Analytics Integration) where web analytics code should NOT be included.
$wgGoogleAnalyticsIgnorePages = array('ArticleX', 'Foo:Bar');
// Array with special pages where web analytics code should NOT be included.
$wgGoogleAnalyticsIgnoreSpecials = array( 'Userlogin', 'Userlogout', 'Preferences', 'ChangePassword', 'OATH');
// Use 'noanalytics' permission to exclude specific user groups from web analytics, e.g.
$wgGroupPermissions['sysop']['noanalytics'] = true;
$wgGroupPermissions['bot']['noanalytics'] = true;
// To exclude all logged in users give 'noanalytics' permission to 'user' group, i.e.
$wgGroupPermissions['user']['noanalytics'] = true;
# ------------------ Below is Logo. ----------------------------
$wgLogoHD = array(
"1.5x" => "images/main/wiki.png",
# "2x" => "images/main/wiki.png"
);
# The URL path of the shortcut icon.
# #since 1.6
#/
#$wgFavicon = 'images/main/favicon.ico';
# The URL path of the icon for iPhone and iPod Touch web app bookmarks.
# Defaults to no icon.
# #since 1.12
#/
$wgAppleTouchIcon = false;
# ------------------ Below is Login Link. ----------------------------
$wgHooks['PersonalUrls'][] = 'onPersonalUrls';
function onPersonalUrls( array &$personal_urls, Title $title, SkinTemplate $skin ) {
// Add a link to Special:RequestAccount if a link exists for login
if ( isset( $personal_urls['login'] ) || isset( $personal_urls['anonlogin'] ) ) {
$personal_urls['createaccount'] = array(
'text' => wfMessage( 'requestaccount' )->text(),
'href' => SpecialPage::getTitleFor( 'RequestAccount' )->getFullURL()
);
}
return true;
}
Looks like your issue is connected to Confirm Account extension only, because all other links seems to be fine. I've noticed that $wgServer is missing from your config, so try to specify $wgServer variable in LocalSettings.php like this:
$wgServer = "https://roblox-network.com";
https is default port 443 and port 80 is reserved for http.
The problem indicates that port 80 is not handling SSL.

trac SmtpLdapEmailSender to field is empty

I am getting the following problem with this plugin. using trac 0.12.5 on centos 5. the following log is from a comment. user responding is sharif.uddin, user created is jason. and user i am trying to cc to is ramy.
Trac[paradox:env] INFO: Reloading environment due to configuration change
Trac[paradox:env] INFO: -------------------------------- environment startup [Trac 0.12.5] --------------------------------
Trac[paradox:api] INFO: Synchronized '(default)' repository in 0.01 seconds
Trac[paradox:api] INFO: Synchronized '(default)' repository in 0.00 seconds
Trac[paradox:env] INFO: Reloading environment due to configuration change
Trac[paradox:env] INFO: -------------------------------- environment startup [Trac 0.12.5] --------------------------------
Trac[paradox:api] INFO: Synchronized '(default)' repository in 0.06 seconds
Trac[paradox:SmtpLdapEmailSender] INFO: Binding to LDAP as cn=Administrator,cn=Users,dc=domain,dc=com
Trac[paradox:SmtpLdapEmailSender] INFO: Updating list of recipients
Trac[paradox:SmtpLdapEmailSender] WARNING: Searching LDAP server ldap://echo.uk.domain.com for user jasona#DOMAIN.COM
Trac[paradox:SmtpLdapEmailSender] WARNING: Found e-mail address: Jason.Aftalion#domain.com
Trac[paradox:SmtpLdapEmailSender] WARNING: Searching LDAP server ldap://echo.uk.domain.com for user sharifu#DOMAIN.COM
Trac[paradox:SmtpLdapEmailSender] WARNING: Found e-mail address: Sharif.Uddin#domain.com
Trac[paradox:SmtpLdapEmailSender] WARNING: Searching LDAP server ldap://echo.uk.domain.com for user Ramy.Mahmoud#domain.com
Trac[paradox:notification] INFO: Sending notification through SMTP at hero.uk.domain.com:25 to ['Jason.Aftalion#domain.com', 'Sharif.Uddin#domain.com', u'Ramy.Mahmoud#domain.com', 'support#domain.com']
Trac[paradox:api] INFO: Synchronized '(default)' repository in 0.01 seconds
Trac[paradox:api] INFO: Synchronized '(default)' repository in 0.00 seconds
I have the following code for the plugin in site-packages
class SmtpLdapEmailSender(SmtpEmailSender):
implements(IEmailSender)
email_ldap_serveruri = Option('notification', 'email_ldap_serveruri', '',
"""AD LDAP Server to use for looking up e-mail addresses""")
email_ldap_port = IntOption('notification', 'email_ldap_port', 389, """AD LDAP Server port""")
email_ldap_binddn = Option('notification', 'email_ldap_binddn', '',
"""Bind DN for LDAP lookup. If not given, Kerberos auth will be used for current user""")
email_ldap_bindpw = Option('notification', 'email_ldap_bindpw', '', """Password for non-kerberos auth""")
email_ldap_basedn = Option('notification', 'email_ldap_basedn', '', """Base DN to use for LDAP searches""")
email_attr = 'mail'
def __init__(self):
self.log.warn("Initialising LDAP object with URI: ", self.email_ldap_serveruri)
self.ldap_conn=ldap.initialize(self.email_ldap_serveruri)
def send(self, from_addr, recipients, message):
#self.log.warn(recipients)
if self.email_ldap_binddn != None:
self.log.info("Binding to LDAP as " + self.email_ldap_binddn)
self.ldap_conn.bind_s(self.email_ldap_binddn, self.email_ldap_bindpw, ldap.AUTH_SIMPLE)
else:
self.log.info("Binding to LDAP with Kerberos")
self.ldap_conn.bind_s()
#Iterate through recipients, checking for correct e-mail addresses in LDAP
#Output in ldapRecipients
self.log.info("Updating list of recipients")
new_recipients = []
def isset(variable):
return variable in locals() or variable in globals()
for i, addr in enumerate(recipients):
self.log.warn("Searching LDAP server %s for user %s", self.email_ldap_serveruri, addr)
search_string = 'userPrincipalName=' + addr
result = self.ldap_conn.search_s(self.email_ldap_basedn, ldap.SCOPE_SUBTREE, search_string, [self.email_attr])
#result is formatted as a string (result) in a list of [attr values], in a dictionary of {attr_name=>attr_values}
#in a tuple of (DN, Entry), within a list of results. So result for principle name jasona#domain.com would be
#[('CN=Jason Aftalion,OU=TechSupport,OU=Woking,OU=Sites,DC=domain,DC=com', {'mail': ['Jason.Aftalion#domain.com']})]
#self.log.error(addr)
if len(result) > 0:
if result[0][1][self.email_attr][0]:
self.log.warn("Found e-mail address: " + result[0][1][self.email_attr][0])
new_recipients.append(result[0][1][self.email_attr][0])
else:
self.log.warn("Could not find e-mail address")
new_recipients.append(addr)
else:
new_recipients.append(addr)
new_recipients.append("support#domain.com")
#self.log.error(new_recipients)
return super(SmtpLdapEmailSender,self).send(from_addr, new_recipients, message)
Also when the email gets sent out there is no one on the to address. I think i need to add the u before the quites open on the email if you see the log line Trac[paradox:notification] INFO: Sending notification through SMTP at hero.uk.domain.com:25 to ['Jason.Aftalion#domian.com', 'Sharif.Uddin#domian.com', u'Ramy.Mahmoud#domain.com'] . ramy is the only one that appears in the email as it is placed on the cc section of the ini file.
UPDATE
[root#hero plugins]# easy_install http://trac-hacks.org/svn/announcerplugin/trunk
Downloading http://trac-hacks.org/svn/announcerplugin/trunk
Doing subversion checkout from http://trac-hacks.org/svn/announcerplugin/trunk to /tmp/easy_install-hkATrd/trunk
Processing trunk
Running setup.py -q bdist_egg --dist-dir /tmp/easy_install-hkATrd/trunk/egg-dist-tmp-dGEGqu
File "build/bdist.linux-i686/egg/announcer/opt/bitten/announce.py", line 71
yield
^
SyntaxError: invalid syntax
zip_safe flag not set; analyzing archive contents...
TracAnnouncer 1.0dev-r12503 is already the active version in easy-install.pth
Installed /usr/lib/python2.4/site-packages/TracAnnouncer-1.0dev_r12503-py2.4.egg
Processing dependencies for TracAnnouncer==1.0dev-r12503
Finished processing dependencies for TracAnnouncer==1.0dev-r12503
UPDATE 2
It installed successfully
easy_install http://trac-hacks.org/svn/announcerplugin/trunk
Downloading http://trac-hacks.org/svn/announcerplugin/trunk
Doing subversion checkout from http://trac-hacks.org/svn/announcerplugin/trunk to /tmp/easy_install-AGCmXH/trunk
Processing trunk
Running setup.py -q bdist_egg --dist-dir /tmp/easy_install-AGCmXH/trunk/egg-dist-tmp-6tmNSt
zip_safe flag not set; analyzing archive contents...
Removing TracAnnouncer 1.0dev-r12503 from easy-install.pth file
Adding TracAnnouncer 1.0dev-r13963 to easy-install.pth file
Installed /usr/lib/python2.4/site-packages/TracAnnouncer-1.0dev_r13963-py2.4.egg
Processing dependencies for TracAnnouncer==1.0dev-r13963
Finished processing dependencies for TracAnnouncer==1.0dev-r13963
I get following in log file now. I cannot install python 2.7
Trac[paradox:env] INFO: -------------------------------- environment startup [Trac 0.12.5] --------------------------------
Trac[paradox:loader] ERROR: Skipping "announcer.email_decorators = announcer.email_decorators":
Traceback (most recent call last):
File "/usr/lib/python2.4/site-packages/Trac-0.12.5-py2.4.egg/trac/loader.py", line 68, in _load_eggs
entry.load(require=True)
File "/usr/lib/python2.4/site-packages/setuptools-0.6c11-py2.4.egg/pkg_resources.py", line 1954, in load
entry = __import__(self.module_name, globals(),globals(), ['__name__'])
File "build/bdist.linux-i686/egg/announcer/email_decorators.py", line 7, in ?
ImportError: No module named utils
Trac[paradox:api] INFO: Synchronized '(default)' repository in 0.66 seconds
local ini file
cat /data/intranet/html/trac/paradox/conf/trac.ini
# -*- coding: utf-8 -*-
[changeset]
max_diff_files = 0
[components]
acct_mgr.admin.accountmanageradminpanel = disabled
acct_mgr.api.accountmanager = disabled
acct_mgr.db.sessionstore = disabled
acct_mgr.guard.accountguard = disabled
acct_mgr.macros.accountmanagerwikimacros = disabled
acct_mgr.notification.accountchangelistener = disabled
acct_mgr.notification.accountchangenotificationadminpanel = disabled
acct_mgr.register.emailcheck = disabled
acct_mgr.register.emailverificationmodule = disabled
advancedworkflow.controller.ticketworkflowopownercomponent = disabled
advancedworkflow.controller.ticketworkflowopownerfield = disabled
advancedworkflow.controller.ticketworkflowopownerprevious = disabled
advancedworkflow.controller.ticketworkflowopresetmilestone = disabled
advancedworkflow.controller.ticketworkflowoprunexternal = disabled
advancedworkflow.controller.ticketworkflowopstatusprevious = disabled
advancedworkflow.controller.ticketworkflowoptriage = disabled
advancedworkflow.controller.ticketworkflowopxref = disabled
announcer.api.announcementsystem = enabled
announcer.api.subscriptionresolver = enabled
announcer.distributors.mail.emaildistributor = enabled
announcer.distributors.mail.sendmailemailsender = enabled
announcer.distributors.mail.smtpemailsender = enabled
announcer.email_decorators.announceremaildecorator = enabled
announcer.email_decorators.staticemaildecorator = enabled
announcer.email_decorators.threadingemaildecorator = enabled
announcer.email_decorators.ticketaddlheaderemaildecorator = enabled
announcer.email_decorators.ticketsubjectemaildecorator = enabled
announcer.email_decorators.wikisubjectemaildecorator = enabled
announcer.filters.defaultpermissionfilter = enabled
announcer.formatters.ticketformatter = enabled
announcer.formatters.wikiformatter = enabled
announcer.opt.subscribers.allticketsubscriber = enabled
announcer.opt.subscribers.generalwikisubscriber = enabled
announcer.opt.subscribers.joinablegroupsubscriber = enabled
announcer.opt.subscribers.ticketcomponentownersubscriber = enabled
announcer.opt.subscribers.ticketcomponentsubscriber = enabled
announcer.opt.subscribers.ticketcustomfieldsubscriber = enabled
announcer.opt.subscribers.userchangesubscriber = enabled
announcer.opt.subscribers.watchsubscriber = enabled
announcer.pref.announcerpreferences = enabled
announcer.pref.subscriptionmanagementpanel = enabled
announcer.producers.attachmentchangeproducer = enabled
announcer.producers.ticketchangeproducer = enabled
announcer.producers.wikichangeproducer = enabled
announcer.resolvers.defaultdomainemailresolver = enabled
announcer.resolvers.sessionemailresolver = enabled
announcer.resolvers.specifiedemailresolver = enabled
announcer.resolvers.specifiedxmppresolver = enabled
announcer.subscribers.carboncopysubscriber = enabled
announcer.subscribers.ticketownersubscriber = enabled
announcer.subscribers.ticketreportersubscriber = enabled
announcer.subscribers.ticketupdatersubscriber = enabled
spectrum.smtpldapemailsender.smtpldapemailsender = enabled
tracopt.mimeview.php.phprenderer = enabled
[header_logo]
alt =
link = http://intranet/trac/paradox/
src = common/trac_banner.png
[inherit]
file = /usr/share/trac/conf/trac.ini
[logging]
log_level = INFO
log_type = file
[project]
descr = Paradox replacement
name = Paradox
url = http://intranet/sidb
[ticket]
default_component = other
default_milestone = create/update project
default_version = v12
[ticket-workflow]
accept = new -> assigned
accept.operations = set_owner_to_self
accept.permissions = TICKET_MODIFY
leave = * -> *
leave.default = 1
leave.operations = leave_status
reassign = new,assigned,reopened -> new
reassign.operations = set_owner
reassign.permissions = TICKET_MODIFY
reopen = closed -> reopened
reopen.operations = del_resolution
reopen.permissions = TICKET_CREATE
resolve = new,assigned,reopened -> closed
resolve.operations = set_resolution
resolve.permissions = TICKET_MODIFY
[trac]
base_url = http://intranet/trac/paradox/
check_auth_ip = true
metanav = login,logout,settings,help,about
repository_dir = /data/subversion/paradox
[notification]
smtp_always_cc = Ramy.Mahmoud#domain.com
[announcer]
use_public_cc = true
global ini file
cat ../conf/trac.ini
[announcer]
use_public_cc = true
#admit_domains =
#always_notify_component_owner = true
#always_notify_owner = true
#always_notify_reporter = true
#always_notify_updater = true
#default_email_format = text/html
#email_address_resolvers = SpecifiedEmailResolver, SessionEmailResolver
#ignore_domains =
#mime_encoding = base64
#smtp_always_bcc =
#smtp_always_cc =
#smtp_default_domain =
#smtp_enabled = true
#smtp_from = trac-no-reply#domain.com
#smtp_from_name = Trac
#smtp_password =
#smtp_port = 25
#smtp_replyto = no-reply#domain.com
#smtp_server = hero
#smtp_subject_prefix = __default__
#smtp_timeout = 30
#smtp_user =
#t#icket_email_header_fields = owner, reporter, milestone, component, priority, severity.
#ticket_email_subject = Ticket #${ticket.id}: ${ticket['summary']}.
#ticket_subject_template = $prefix $ticket.id: $summary
#use_public_cc = false
#use_short_addr = false
#use_tls = false
#email_enabled = true
[notification]
always_notify_owner = false
always_notify_reporter = true
always_notify_updater = true
#mime_encoding = base64
#smtp_always_cc = sharifu#domain.com
#smtp_default_domain = domain.com
smtp_enabled = true
smtp_from = trac#domain.com
smtp_password =
smtp_port = 25
smtp_replyto = no-reply#domain.com
smtp_server = hero.uk.domain.com
smtp_subject_prefix = __default__
smtp_user =
use_public_cc = false
use_short_addr = false
use_tls = false
#ignore_domains = domain.com
email_sender=SmtpLdapEmailSender
email_ldap_serveruri = ldap://echo.uk.domain.com
email_ldap_port = 389
email_ldap_basedn = ou=Sites,dc=domain,dc=com
email_ldap_binddn = cn=Administrator,cn=Users,dc=domain,dc=com
email_ldap_bindpw = ****
[ldap]
enable = true
global_perms = true
host = echo
basedn = dc=domain,dc=com
user_rdn = ou=sites
group_rdn = cn=users
store_bind = true
bind_user = cn=Administrator,cn=users,dc=domain,dc=com
bind_passwd = ****
[trac]
base_url = http://intranet/trac/
#permission_store = LdapPermissionStore
[logging]
log_format = Trac[$(basename)s:$(module)s] $(levelname)s: $(message)s
log_type = syslog
log_level = WARN
[components]
webadmin.* = enabled
#ldapauth.* = enabled
#ldapplugin.* = enabled
#ldapplugin.api.ldappermissiongroupprovider = enabled
#ldapplugin.api.ldappermissionstore = disabled
ticketdelete.* = enabled
tracopt.ticket.deleter = enabled
tracwysiwyg.* = enabled
advancedworkflow.* = enabled
#tickettemplate.* = enabled
tracopt.ticket.commit_updater.committicketreferencemacro = enabled
tracopt.ticket.commit_updater.committicketupdater = enabled
ticketchangesets.* = enabled
ticketlog.* = enabled
#announcer.* = enabled
#announcer.api.announcementsystem = enabled
#announcer.distributors.mail.emaildistributor = enabled
#announcer.formatters.ticket.ticketformatter = enabled
#announcer.formatters.wiki.wikiformatter = enabled
#announcer.pref.announcerpreferences = enabled
#announcer.producers.attachment.attachmentchangeproducer = enabled
#announcer.producers.ticket.ticketchangeproducer = enabled
#announcer.producers.wiki.wikichangeproducer = enabled
#announcer.resolvers.sessionemail.sessionemailresolver = enabled
#announcer.subscribers.ticket_compat.carboncopysubscriber = enabled
#announcer.subscribers.ticket_compat.legacyticketsubscriber = enabled
#announcer.subscribers.ticket_components.ticketcomponentsubscriber = enabled
#announcer.subscribers.ticket_custom.ticketcustomfieldsubscriber = enabled
#announcer.subscribers.watch_users.userchangesubscriber = enabled
#announcer.subscribers.watchers.watchsubscriber = enabled
#[tickettemplate]
#field_list = summary, description, reporter, owner, priority, cc, milestone, component, version, type
#enable_custom = true
[ticket-changesets]
check_perms = true
collapsed = false
commands.close = close closed closes fix fixed fixes
commands.refs = addresses re references refs see
compact = true
envelope =
hide_when_none = false
notify = true
resolution = fixed
ticket_comments = true
[ticket]
commit_ticket_update_envelope = []
commit_ticket_update_commands.close =
commit_ticket_update_commands.refs = <ALL>
commit_ticket_update_check_perms = true
commit_ticket_update_notify = true
[ticketlog]
; optional: custom your log message pattern
log_pattern = \s*#%s\s+.*
; optional: set log message's max length, default is no limit
log_message_maxlength = 100
When i leave a comment i see the following extra bit in log file
Trac[paradox:api] ERROR: AnnouncementSystem failed.
Traceback (most recent call last):
File "build/bdist.linux-i686/egg/announcer/api.py", line 560, in _real_send
File "build/bdist.linux-i686/egg/announcer/api.py", line 311, in subscriptions
TypeError: itemgetter expected 1 arguments, got 4
QUESTION 2
Do emails notification not get sent out when adding attachments? i found the following in the log...
Trac[paradox:api] INFO: Synchronized '(default)' repository in 0.01 seconds
Trac[paradox:attachment] INFO: New attachment: ticket:48: RE Conversation with Ringo Au.msg by sharifu#DOMAIN.COM
Trac[paradox:api] ERROR: AnnouncementSystem failed.
Traceback (most recent call last):
File "build/bdist.linux-i686/egg/announcer/api.py", line 560, in _real_send
File "build/bdist.linux-i686/egg/announcer/api.py", line 311, in subscriptions
TypeError: itemgetter expected 1 arguments, got 4