IPV6 NETPLAN - Ubuntu 22.04

bitpt · January 21, 2024, 10:58pm

Hello

This is my first server production with Cyberpanel, some difficulties with IPv6, emails and SSL.

ipv6 when installing, netplan missing ipv6 range. But, netplan can read multiple yaml files, so without changing the litespeed listener, I just added the AAAA of the hostname and gateway6. When creating the domain, the AAAA IP can be added to the netplan, working without problems.
01-netcfg.yaml

# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
  version: 2
  renderer: networkd
  ethernets:
    enp27s0:
      addresses: [ 87.XXX.XXX.XXX/32,89.XXX.XXX.XXX/32,2001:xxxx:xxxx:xxx::1/64,2001:xxxx:xxxx:xxxx::2/64,2001:xxxx:xxxx:xxxx::bbbb/64 ]
      nameservers:
          search: [ some-hosting ]
          addresses:
              - "xxx.xxx.xxx.x"
              - "8.8.8.8"
              - "2001:4860:4860::8888"
      routes:
      - to: default
        via: xxx.xxx.xxx.1
        on-link: true
      - to: "::/0"
        via: "fe80::1"

Now for new domain just add 02-xxxdomain.yaml … 03-yyydomain.yaml

network:
  version: 2
  renderer: networkd
  ethernets:
    enp27s0:
      addresses: [ 2001:xxxx:xxxx:xxxx::cafe/64 ]

I’m having difficulty creating valid emails to send, the problem is that dovecot fails when it tries to read letsencrypt/live/mail.domain.xxx because, with the exception of the hostname and the first domain, it always tries to read the last cert in the dovecot.conf.

This causes email from domain.xyz to be sent from mail.domain.aaa but not from mail.domain.xyz

Someone can help me with this issue

Thanks
Rui P.

usmannasir · January 22, 2024, 4:06am

Hi,

can you show me content of /etc/dovecot/dovecot.conf?

bitpt · January 22, 2024, 9:21am

protocols = imap pop3
log_timestamp = "%Y-%m-%d %H:%M:%S "
#mail_location = maildir:/home/vmail/%d/%n/Maildir
#mail_location = mdbox:/home/vmail/%d/%n/Mdbox

ssl_cert = <cert.pem
ssl_key = <key.pem

mail_plugins = zlib

mdbox_rotate_size = 2M

namespace {
    type = private
    separator = .
    prefix = INBOX.
    inbox = yes
}

service auth {
    unix_listener auth-master {
        mode = 0600
        user = vmail
    }

    unix_listener /var/spool/postfix/private/auth {
        mode = 0666
        user = postfix
        group = postfix
    }

user = root
}

service auth-worker {
    user = root
}

protocol lda {
    log_path = /home/vmail/dovecot-deliver.log
    auth_socket_path = /var/run/dovecot/auth-master
    postmaster_address = [email protected]

    mail_plugins = zlib
}

protocol pop3 {
    pop3_uidl_format = %08Xu%08Xv
    mail_plugins = $mail_plugins zlib
}

protocol imap {
    mail_plugins = $mail_plugins zlib imap_zlib
}

passdb {
    driver = sql
    args = /etc/dovecot/dovecot-sql.conf.ext
}

userdb {
    driver = sql
    args = /etc/dovecot/dovecot-sql.conf.ext
}

plugin {

  zlib_save = gz
  zlib_save_level = 6

}

service stats {
    unix_listener stats-reader {
        user = vmail
        group = vmail
        mode = 0660
    }
    unix_listener stats-writer {
        user = vmail
        group = vmail
        mode = 0660
    }
}
local_name mail.xxxx.com {
        ssl_cert = </etc/letsencrypt/live/mail.xxxx.com/fullchain.pem
        ssl_key = </etc/letsencrypt/live/mail.xxxx.com/privkey.pem
}
local_name mail.yyyy.com {
        ssl_cert = </etc/letsencrypt/live/mail.yyyy.com/fullchain.pem
        ssl_key = </etc/letsencrypt/live/mail.yyyy.com/privkey.pem
}

Cyberpanel seems not ready for a production server.
Too many flaws for a normal user admin your websites, can’t use cyberpanel for production right now.

ssl fails to generate correct cert
Emails flaws
etc etc

I’ll come back when a stable version is available.
Thank you for your work

usmannasir · January 22, 2024, 10:23am

I’m having difficulty creating valid emails to send, the problem is that dovecot fails when it tries to read letsencrypt/live/mail.domain.xxx because, with the exception of the hostname and the first domain, it always tries to read the last cert in the dovecot.conf.

I am confused as to how your are getting this assumption? as the emails are delivered by postfix.

Can you provide steps to reproduce the problem you are having?

bitpt · January 22, 2024, 12:23pm

Yes emails delivery, however, if in server you have more then 1 email domain, rdns fail, helo fail …

Try delete a mail domain, delete in dovecot fail…
Zones fail almost of time when try generate ssl, it’s speed issue, call mysql table takes more time then http letencrypt access

Acme.sh try generate zerossl, change for letsencrypt, fail… forgot where
For a normal user, it’s not a working solution.

IPV6 needs manual add ip in netplan…

But seems a great job solving some friendly issues for user.