Hi Peter,
When flex-443.conf picks up the certificates, is there any reason for using the fullchain.pem file as the chain file and not chain.pem? The fullchain.pem is a combined cert.pem and chain.pem and you are already picking up cert.pem as the SSLCertificateFile.

Hi Leon, Once a UUID is assigned to each array during raid creation it doesn't matter what the /dev/sdx order is if you specify by UUID in mdadm.conf... madadm scans all drives looking for the UUIDs and uses that to ascertain which drive is which
Did you create the script to change the disk time-out and place it, for example, /etc/rc.d/rc.local so it runs when booting? Those drives of yours are not suitable for use in Raid 5/6 without doing that.

No idea how you are setting the drives up - never watch a "How-To" on YouTube or anything else similar - can read far faster than any narrator can speak and thus lean a lot more in the same period of time... and you can always refer to any written part instantly. Lot better than having to replay something to make sure you heard and understood a certain passage correctly... Initially several years ago downloaded and used the Redhat Administration Manuals and went from there... Studied the complete set, beginning to end, while going to//from work on the train.

If you continue to have problems - then it might be time to look at the hardware... would be inclined to ditch the two budget PCI/PCIe controllers and get a decent 8-port one with correct Linux support, eg a modern LSI, assuming one of your 8x or 16x PCIe slots is vacant... are you using good quality SATA cables with clips? The old original ones with no clips are notorious for creating intermittent connections as are cheap controllers that don't have the little notch for the clip to latch onto. Wouldn't be surprised if your two add-on controllers fall into that category. No clips means you are relying on friction - you might get away with it - but the number of drives you have provides more opportunity for vibrations and connector movement...

Hi Tony

Thank you for all the help, but i am at the point where, so my data is gone... deal with it...
I am prepared to start from scratch, about 4TB will be lost, i think i can get most of it back over time from other sources, it might just take some time.

I still have the issue where on every reboot, the raid - /var/sd[abcefgijkl] is not the same as the next.
This is what seems to be the issue - we got side tracked trying to recover the data after the reboot and i loaded data on the drive.

Any idea how i resolve my original issue?

Thank you so much Fredrik; you saved my day!

Your config file works flawlessly with cups in clearOS 7.3. You presented this fix a year and half ago and I'm wondering why it hasn't taken its place in the new versions of clearOS?!

Nit "systemctl status firewall.service" not "systemctl firewall.service status"
service and systemctl have their parameters in opposite orders - catches me out too

Create is dangerous in that you need to specify the disks, in the create command, in the same order that they had become in the raid when it broke. Since you did a grow they may not be in strict alphabetical order any more - do not write anything to the drive - mount it read-only until you have verified the data in large files is OK. Since you have 10 drives the number of possible combinations is enormous, See the Section "File system check" https://raid.wiki.kernel.org/index.php/Recovering_a_damaged_RAID - you really should have done this with overlays - I pointed to this procedure before. For all you know the correct order may be /dev/sdc /dev/sdf /dev/sdd.... etc. On the other hand you may have been very lucky...

Comment out the entry in fstab - (assume you put it back) and do not add it back until you are sure the array will always assemble on a boot. in the mean time do a manual mount if and when the array is assembled, then reboot. Can you stop /dev/md127 and /dev/md0 and will it now assemble with a --detail --scan ?

Hi Tony

I created a mdadm.conf file, this is the content

ARRAY /dev/md/0 metadata=1.2 name=Zodiac.lan:0 UUID=785c89de:1d355c46:9b116951:21d6c4b3

And it booted into emergency mode again?

Any idea?

Peter Kuykendall wrote:

Nick Howitt wrote:

I think the NETWORKING bit is a red herring. Mine is not set either. The check in the init files is a negative check, so if it is set to "no" it bails out. If it is not set to "no" (or not set/does not exist), it won't bail out.

How can I open a bug report on it? It's throwing errors in the logs which lead to wasted time. Is there a URL for bug submissions? I've never submitted one to ClearOS before.

I think you have to request tracker access from support@clearcenter.com.

Thanks for the help!

That is good. no dodgy rules.

If the firewall fails, do a "systemctl firewall.service status". It will give you another command to run as well to dig a bit further. The try starting the firewall with a "firewall-start -d".

I think the NETWORKING bit is a red herring. Mine is not set either. The check in the init files is a negative check, so if it is set to "no" it bails out. If it is not set to "no" (or not set/does not exist), it won't bail out.

In the firewall start up file, /usr/lib/systemd/system/firewall.service you could try adding squid.service to the Before line (space separated, I think).

The firewall seems to complete startup but restarts a little later. What is the contents of /etc/clearos/firewall.d/local and /etc/clearos/firewall.d/custom?

Peter Baldwin wrote:

Hi Fargo2,

Thanks for the update... much appreciated! Just to let everyone know, the Let's Encrypt app is coming with the ClearOS 7.4 release (we're staging this release right now). You can install the app right now if you are feeling a bit adventurous:



The only missing piece is the renewal cronjob/logging. Everything else in the app is ready to go.

You should know that the ClearOS app works alongside the certbot command line tool. In other words, if you have already created certificates with certbot, the app will happily show the certificates in the ClearOS web interface (and also make the certificates available in the Certificate Manager).

Peter,

I've installed the app and looks like it installed correctly.
My previous created certificate is visable in the app, but i see at "Deployed" the message :