lab
lab copied to clipboard
Uberspace
Prosody install guide needs improvement for 0.12.0
After trying to upgrade to the latest version of prosody (0.12.0) the server is starting but it is not possible to connect to it.
prosodyctl about:
**************************
Prosody was unable to find lua-unbound
This package can be obtained in the following ways:
Debian/Ubuntu | sudo apt install lua-unbound
luarocks | luarocks install luaunbound
Source | https://www.zash.se/luaunbound.html
Old DNS resolver library will be used
More help can be found on our website, at https://prosody.im/doc/depends
**************************
general warn Lua 5.1 has several issues and support is being phased out, consider upgrading
certmanager error SSL/TLS: Error initialising for client_https port 0: unknown elliptic curve in "X25519:prime256v1:secp384r1"
Prosody 0.12.0
# Prosody directories
Data directory: /home/hasmaneuroda/var/lib/prosody
Config directory: /home/hasmaneuroda/etc/prosody
Source directory: /home/hasmaneuroda/lib/prosody
Plugin directories:
/home/hasmaneuroda/var/lib/prosody/custom_plugins - not a directory!
/home/hasmaneuroda/var/lib/prosody/prosody-modules - prosody-modules rev: a8e9949a6ad2
/home/hasmaneuroda/lib/prosody/modules/
# Operating system
Linux 3.10.0-1160.53.1.el7.x86_64
# Lua environment
Lua version: Lua 5.1
Lua module search paths:
/home/hasmaneuroda/lib/prosody/?.lua
/home/hasmaneuroda/.luarocks/share/lua/5.1/?.lua
/home/hasmaneuroda/.luarocks/share/lua/5.1/?/init.lua
/usr/share/lua/5.1/?.lua
/usr/share/lua/5.1/?/init.lua
/usr/lib64/lua/5.1/?.lua
/usr/lib64/lua/5.1/?/init.lua
/home/hasmaneuroda/var/lib/prosody/custom_plugins/share/lua/5.1/?.lua
/home/hasmaneuroda/var/lib/prosody/custom_plugins/share/lua/5.1/?/init.lua
Lua C module search paths:
/home/hasmaneuroda/lib/prosody/?.so
/home/hasmaneuroda/.luarocks/lib64/lua/5.1/?.so
/usr/lib64/lua/5.1/?.so
/usr/lib64/lua/5.1/loadall.so
LuaRocks: Installed (2.3.0)
# Network
Backend: epoll
# Lua module versions
LuaDBI: 0.7
LuaExpat: 1.3.0
LuaFileSystem: 1.8.0
LuaSec: 0.9
LuaSocket: 3.0-rc1
# library versions
I guess™ that there have to be made just some minor changes to the installation guide but am absolutly clueless which. Any suggestions?
Eh, yes. I see they change something with the SSL/TLS encryption. The upgrade created some new certifications, too. I think this broke the configuration and clients do not trust the server anymore or something like that.
I'll investigate in this issue.
I just ran into the same issue with prosody 0.12.1 and noticed that the curve "X25519" from the list "X25519:prime256v1:secp384r1" was not included in the OpenSSL installation on the uberspace server: (openssl ecparam -list_curves).
I tried setting curves_list = "prime256v1:secp384r1" in the ssl block in my config but to no effect. In the end I simply greped for "X25519" in my prosody installation and removed every occurrence in core/certmanager.lua.
I have no idea if that was really stupid but I can use my chat server again and maybe it helps someone with more insight to come up with a proper fix.
That actually helped me a lot. Thank you very much. It wasn't necessary to remove "X25519" from the curveslist ={...} but I had to remove any further occurrence of it in core/certmanager.lua - just like you suggested.
Thanks for this thread. It helped me as well. Just commenting them out, didn't work for me immediately. Maybe I made an error while rebuilding. After I removed the entries completely from the config and rebuilding prosody, it now works for me too.
