With so few technical details from you, there is no way anyone can help you with that.
Are you the system manager?
With so few technical details from you, there is no way anyone can help you with that.
Are you the system manager?
gulp could you link your security issue please?
I have to say I agree. So far there doesn’t seem to be a way to check if your development will be accepted before you write it. So you could propose something, ask for a review, which doesn’t happen, develop & submit it and it gets rejected because they thought of a different way of doing it or don’t like it.
Can you please explain this one. I’m not able to understand what is encryption key here?
I enable the developer mode on, now I’m not able to open my local host.
Some services in ERPNext need to store sensitive items such as access tokens for Google, Facebook. etc.
All such things are stored encrypted.
The internal encryption system is unlocked by a single key.
That key is kept in this file:
.
├── apps
├── config
├── env
├── logs
├── patches.txt
├── Procfile
└─── sites
├── apps.txt
├── assets
├── common_site_config.json
├── currentsite.txt
└── dev.erpnext.host
├── error-snapshots
├── indexes
├── locks
├── logs
├── private
├── public
└── site_config.json <=== critical site start up data
The contents of site_config.json
look like this:
{
"db_name": "_bdf39badcdead42ec90",
"db_password": "ILCnhgnrheCRzjvC",
"db_type": "mariadb",
"domains": [ the key
"dev.erpnext.host" **** | ****
], v
"encryption_key": "ikK6v8vzXT-5BwqmBfakedHl6oH5ARzSEDUxfh6ufbns=",
"developer_mode": 1
}
You will not see “encryption_key” appear in that file until you have created some encrypted material, such as setting up connection to a 3rd party email service.
You’ll have to provide further details here before anyone can help you.
However, if you altered site_config.json
incorrectly, that would stop your site from starting. You can confirm that it’s structure is valid here: Validate and format JSON
Something like this needs to be surfaced somewhere better - an alert to the admin somewhere in the console besides the error console. This caused some serious issues for our company not realizing emails were not being sent out.
Suggestion would be to add the alert or follow up items/tasks for an admin user to see upon log in - such as on the version splash screen that shows there is an updated version available
I just got hit by this too, after moving ERPNext to another server.
Unfortunately for me, since the new server seems to be “just fine”, the previous server was wiped entirely.
Even Downloading Backups did not mention a single “encryption” word.
Oh well, at least I’ve learned (even if too late).
Easiest fix is that, passwords of all email accounts must be changed with newly generated.
To know exactly on which email account is having the problem, just make save the email domain. This will re-validate all checks and highlight which email account is having the problem.
According regenerate a new password and update in the email account.
In our case, only one user was affected by this. Every attemt at creating a new user with the same email failed. The solution was to delete the entries in table tabDefaultValue where the value in the column defkey matches username_otplogin and username_otpsecret
after that, the one time password can be reset and the user will work again. This may affect multiple users, in our case only one user was affected.
It happened after moving from one server to another. The site_config was not set up correctly and the affected user tried to login and tried to reset the OTP. This is where the false entry in the tabDefaultValue table was created. This entry was now locked to the wrong site_config. After restoring the site_config from the old server, this user was now unusable.
Maybe this will help someone!
replace username with the correct username obviously
I restored the files like this
bench --site site.local restore ./site.local/private/backups/20240709_123205-site_local-database.sql.gz --with-public-files ./site.local/private/backups/20240709_123205-site_local-files.tar --with-private-files ./site.local/private/backups/20240709_123205-site_local-private-files.tar
and also did
cp /home/frappe/frappe-bench/sites/site.local/private/backups/20240709_123205-site_local-site_config_backup.json /home/frappe/frappe-bench/sites/site.local/site_config.json
chmod 644 /home/frappe/frappe-bench/sites/site.local/site_config.json
and I did this in my pwd-queue-long-1 container, As some of the replies here say to maintain the same username and password, I did maintain that too
but still getting Internal Server Error
and if i try
bench --site site.local migrate
in pwd-queue-long-1 container or backend container i get
pymysql.err.OperationalError: (1045, “Access denied for user ‘_07cb56056b43730a’@‘172.20.0.11’ (using password: YES)”)
Where am I going wrong, Is that im doing the process in the wrong containers or the process itself missing somethings??
and also I have multiple backup files
20240709_122516-site_local-files.tar
20240709_122819-site_local-files.tar
20240709_123053-site_local-files.tar
20240709_123205-site_local-files.tar
20240709_122516-site_local-private-files.tar
20240709_122819-site_local-private-files.tar
20240709_123053-site_local-private-files.tar
20240709_123205-site_local-private-files.tar
20240709_122516-site_local-site_config_backup.json
20240709_122819-site_local-site_config_backup.json
20240709_123053-site_local-site_config_backup.json
20240709_123205-site_local-site_config_backup.json
20240709_122819-site_local-database.sql.gz
20240709_123053-site_local-database.sql.gz
20240709_123205-site_local-database.sql.gz
like this is the error Im facing related to the file im trying to backup?
Any help will be highly appreciated, Im stuck with this issue from the past 2 days!!