We have a Plone server that has been handballed over to me.
Have done some searching and reading, and all the docs I find mention using http://localhost:8080 to admin the instances/sites. Running curl http://localhost:8080 on that server just gives me this message:
curl: (7) Failed to connect to localhost port 8080: Connection refused
I guess maybe the has been disabled and maybe needs enabling again to work?
Also I would like to give some Devs access to to this, without access to the system itself. So what’s the alternative for accessing it remotely. Is that something that might need enabling as well?
Sorry I couldn’t give the the version of Plone, as I don’t know for sure. Think it is v6. Would there be a way I can tell via command line?
Alternatively you can grep for python, backend, instance and for a Plone 6 with Volto, for volto
The -i option makes the grep filter case insensitive.
Can you access the server from any public URL in your network?
Using http://localhost:8080 to admin the instances/sites looks like there is one single Zope Server running, hosting multiple Plones (if the plural should make sense).
To work with such instances as admin that may expose completely different FQDN to the public via a reverse Proxy (Apache, nginx, treafik) I usually use a tunnel forwarding that port 8080 to the local machine. But offering that to others is not meeting your requirement of restricted access.
The process list did not reveal anything that helped to decipher the version in use. Maybe I am just missing something that would be obvious to others. Trying to grep for backend and volto showed nothing at all. But I did eventually find this:
$ /files/plone/production-[name]/[one-of-the-sites].site/bin/zeoserver --version
4.2.0
This is a test server from a snapshot of a server in production, with access only allowed for specific internal users who will help with reimplementing it. Restriction on the server itself are not longer necessary. In fact we would like to retrieve data that we may find, specifically documents uploaded to it. We will then consider reimplementing it in a more team oriented way. The individual whose solo effort this was, cannot help us with this.
I like that it is nice a secure. Thumbs up. But would that mean we are unlikely to be able to retrieve that precious data?
The zeoserver is a central database manager for loadbalancing the access of worker clients doing the actual serverside rendering of the answers to browser requests (very simplified description).
Forget your vision to access the data directly in a database. The blobs are in a blobstorage and either a filestorage or a relational database bith containing just serialized python objects and without having the business logic of Zope running and using an API based export you are damned to eternity to take the stuff out.
If you have the skills you can install collective.exportimport and get everything out as JSON and plain files (from Plone 4 on) and in into newer Plone.
I guess you are planning a migration and your organisation has an issue with a former employee (dead or away). Migrations of data without taking care of the business logic is not a good idea in general.
You also missed to answer my questions:
Is the system is up and running (either the original in production or the clone you are running.
Is the clone just unarchived but not started?
If only the zeoserver is running but no client processes, you cannot access Plone on 8080. Zeoserver uses different ports and has no useful managing interface.
If either running, do you have credentials as admin?
Your information is too vague for giving more specific tipps and it is far from the usual scope of community support. If people fail to document or backup their setups, there must be no precious data – data without interface is just noise.
I guess you need to hire someone and invest some of the money, the precious data is worth.
Yes, from what I read, I understand that the equivalent to a dump in MySQL is not possible. Hence the attempt to snapshot, bring it up, and see if we can browse data in situ.
OK. Will look into collective.exportimport as a possibility.
We don't have a plan yet. Still working on that. Right now we just hoping to get to the uploaded documents.
Yes the system is up and running, and we are able to see a few sites.
This clone/test server is up and running and the one that has my attention. I only mentioned that it is a test from snapshot, to answer questions about public access. It is safe for me to open to access on this server. No it is not just zeoserver running. That's just the one I managed to get a version number from. There's a whole bunch of stuff running shown by your suggested ps command. Can post that here if it helps, but I wasn't sure if that would be useful.
No we do not have admin creds.
If there is anymore info that I can give, please let me know what it might be. Otherwise I am just guessing what might be useful. If there is a more appropriate place for this post, please let me know that too.
Maybe the people that can make decisions on hiring will decide to hire someone. But for now it is my problem to solve. If possible.
$ ls /[SNIP]/bin/instance*
instance1
instance2
.. .. etc.
$ /[SNIP]/bin/instance1 fg
The program seems already to be running. If you believe not, check for dangling .pid and .lock files in var/.
Yes I see nginx redirects for 80 and 443 to several others, but not 8080.
When I try curl localhost:[port] most say: Connection refused.
But I do see a few. That is how I worked out we could browser these (with hosts file entries) with browsers on remote workstations.
$ cat /[SNIP]/etc/haproxy.cfg
global
daemon
log 127.0.0.1 local7 debug
maxconn 1000
user plone
group haproxy
If you have filesystem access, there is a procedure to regain admin access.
A way to regain access: The Emergency User
If you are locked out (not logged!), there is a way to regain access if you have access to the server. The procedure to create a so called Emergency User uses the adduser command and wrapped into a script addzopeuser.
