Join the conversation

Sign in to join this conversation, and others like it, in the communities you care about.

Wekan

Wekan is an open-source kanban board (Trello like) which allows a card-based task and to-do management.

Wekan / Bugs

Update recently? deleting

Update recently? deleting

Wekan / Bugs · February 28, 2020 at 4:04pm (Edited 5 years ago)

was there an update last evening or the day before?

deleting archived cards do not stay deleted. Refreshing screen and they return in the list of archived things to delete

HOW do you clear out all cards from the system not using the GUI? Its suddenly happening on all three systems with no code changes.

Can we roll back to the last version. THis is broken

other issues: when updating with new cards from the api looking at the contents of the new cards put the GUI into some sort of wait mode. Until you refresh the screen several times you get this behavior that indicates its not connecting to Mongo or something

In fact the deleting the archived boards works and on screen refresh they are still there seems like its never deleting from Mongo at all

Another hint: in addition to the GUI thinking the archived card is deleted and when you refresh its not, the webhooks are not being sent out when the delete happens. So it seems that the GUI is disconnected from the mongo and webhook piece entirely.

Question: in addition to rolling back the code, using snap installed wekan, what is the correct way to get into mongo shell under snap wekan? I can at least see what is in the database then and perhaps clear it out

LMK

more hints, I can't delete archived cards but I can restore them. When I do I cannot disable or remove webhooks associated

HOw do I get into wekan under snap mongo to clear these out?

Load previous messages

February 29, 2020 at 12:49am

only those that have SSH access to server can access mongodb

    • reply
    • like

    like sysadmins etc

      • reply
      • like

      usually ssh is protected with public key

        • reply
        • like

        that is safer than using password login

          • reply
          • like

          and at server you can allow only http and https with ufw

            • reply
            • like

            if you login for example at AWS LightSail web interface

              • reply
              • like

              and don't expose ssh

                • reply
                • like

                or alternatively, only add access from your current IP address for the time you access server

                  • reply
                  • like

                  For ssh it's also possible to use fwknop https://www.cipherdyne.org/fwknop/

                    • reply
                    • like

                    At Snap it's also possible to set Wekan to use external mongo with sudo snap set wekan mongo-url='......'

                      • reply
                      • like

                      and with docker and source/bundle too

                        • reply
                        • like

                        Percona MongoDB also has encryption but I have not tried it https://www.percona.com/software/mongodb/feature-comparison

                          • reply
                          • like

                          Wekan also works with Percona MongoDB

                            • reply
                            • like

                            I mean Percona MongoDB server

                              • reply
                              • like
                              • reply
                              • like

                              While original MongoDB is here https://github.com/mongodb/mongo

                                • reply
                                • like

                                Percona website also has .deb packages etc

                                  • reply
                                  • like

                                  for installing

                                    • reply
                                    • like

                                    It is also possible to export all MongoDB data to JSON files https://github.com/wekan/wekan/wiki/Export-from-Wekan-Sandstorm-grain-.zip-file

                                      • reply
                                      • like

                                      For corruption in general, solution is to do daily backups. Many databases like MySQL, PostgreSQL and others can have database corruption also.

                                        • reply
                                        • like

                                        at least daily. More often, if possible.

                                          • reply
                                          • like

                                          Well, some years ago when I worked as SysAdmin/Cloud Architect, I helped coworker, that had Mac laptop. Upgrading to newer version of macOS had corrupted all local MySQL databases. I could not recover anything from those, only solution was to download newer database dumps and reinstall all local databases that where used from Drupal development.

                                            • reply
                                            • like

                                            February 29, 2020 at 3:10am

                                            I understand. And thank you again for your thoughts and all the detail. Really!! For the record this is AWS EBS so its not data corruption or anything related. I set aside additional ebs drive just to host the mongo data component not use the root drive. Now You mention several things in the thread before your last post. First you mentioned that the software was trying to remove a collection and you were surprised. You also mentioned or asked actually if this system was exposed to the internet. Since the issue was database related and since Mongodb has a history of strong arm warning folks not to every run mongo without auth (yes they get ugly) then this was a dialogue I wanted to explore. Yes indeed local host access is very secure. When I started this thread I asked about a code change that got released recently as I had three system with related symptoms (logical conclusion) right? ok well if that was not it and you saw the error about issues that did not make sense about removing a collection (your reaction) then if it not a mongo internet data breach then that kind of leaves two path outside of that. One, that the wekan software corrupts after a certain point (which as we have high traffic (dev) and low traffic (demo) and this happened all at the same time that does not makes sense either. Logs show nothing related to a denial of service issue. In point of fact one of these systems is on secure gov cloud even. Which going further down the rabbit hole could indicate that someone hacked all three systems (hacked in this case means a virus or other on wekan. Occam's razor tells me this is not likely, so I was just looking for the simple reason. I get backups. Of course. If my data is transitory (puting aside login accounts and access tokens obviously) then I can and will replace all the data anyway automatically in a second. Why do you think then why am I backing up? What in your opinion broke and why?

                                              • reply
                                              • like

                                              February 29, 2020 at 11:52am

                                              Do you have some script, that by running it you can duplicate Wekan breaking?

                                                • reply
                                                • like

                                                I could not figure out exact reason from above info. It's just guessing.

                                                  • reply
                                                  • like