RE: XO5 breaks after defaulting to XO6 (from source)

@MathieuRA said in XO5 breaks after defaulting to XO6 (from source):

@probain branch mra-fix-secure-port

Success!! Amazing. Thank you so much

@MathieuRA said in XO5 breaks after defaulting to XO6 (from source):

@probain I will prepare a branch for a potential fix, so you can still use the 8443 port

Absolutely fantastic. I will test it as soon as possible to help out however I can.

Cheers!

@MathieuRA said in XO5 breaks after defaulting to XO6 (from source):

@probain If you can, it will help a lot. Thanks

I remember why I chose to use 8443. It is because the xo-user running the service isn't running with root privileges. So doing it with an ordinary user was way more difficult to setup than just use 8443.

But...
Switching over so that service-user runs as root. 443 becomes possible. And things work again as expected. However, I really did like not running xo-server as root.

@MathieuRA said in XO5 breaks after defaulting to XO6 (from source):

@probain

Web server listening on https://[::]:8443

Well, I may have an idea about your issue.
The code is looking for the port 443 to know if he should use secure protocol ('wss:' / 'https:')
Is your second lab also in https on the 8443 port?

Hmm, no the second lab is more "standard" and uses 443.
I can try and set 443 on the primary lab as well to test.

@MathieuRA said in XO5 breaks after defaulting to XO6 (from source):

@probain That's what I was looking for.

It's strange you are saying you receive an error: ("Cannot get /") because logs show / is mounted and exposes XO6.

Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.452Z xo:main INFO Setting up / → /opt/xen-orchestra/@xen-orchestra/web/dist

Even when I did the same "fixes" that helped my second lab.

The only difference with your second lab is that you use HAProxy?
Both are listening on IPv6?

I reverted those changes from above with the [http.mounts] and [http.proxies] parts. Since that broke things even more. Sorry, I should've clarified that. I've pretty much reverted all of my troubleshooting experiments. In hopes to make it more clear if certain troubleshooting steps are needed.

My primary lab uses Haproxy. The second one doesn't (second lab doesn't run unprivilged either).

The logs I shared, were from the latest commit 32b3c0b5fcba17585566f0981ef62bef74c56451 (I believe).

@MathieuRA said in XO5 breaks after defaulting to XO6 (from source):

@probain Can you provide me with the logs from xo-server at its launch?

I would love to. However, I'm unsure which logs you're refering to.
Since I can't work with XO5. The logs from therein aren't available.

However. Doing a journalctl -ef when doing a systemctl start xo-server results in

Dec 16 16:54:00 xo sudo[50689]: pam_unix(sudo:session): session opened for user root(uid=0) by REDACTED(uid=1002)
Dec 16 16:54:00 xo systemd[1]: Started xo-server.service - XO Server.
Dec 16 16:54:00 xo sudo[50689]: pam_unix(sudo:session): session closed for user root
Dec 16 16:54:02 xo xo-server[50694]: 2025-12-16T15:54:02.774Z xo:main WARN could not detect current commit {
Dec 16 16:54:02 xo xo-server[50694]:   error: Error: Command failed: git rev-parse --short HEAD
Dec 16 16:54:02 xo xo-server[50694]:   fatal: detected dubious ownership in repository at '/opt/xen-orchestra'
Dec 16 16:54:02 xo xo-server[50694]:   To add an exception for this directory, call:
Dec 16 16:54:02 xo xo-server[50694]:
Dec 16 16:54:02 xo xo-server[50694]:           git config --global --add safe.directory /opt/xen-orchestra
Dec 16 16:54:02 xo xo-server[50694]:
Dec 16 16:54:02 xo xo-server[50694]:       at genericNodeError (node:internal/errors:983:15)
Dec 16 16:54:02 xo xo-server[50694]:       at wrappedFn (node:internal/errors:537:14)
Dec 16 16:54:02 xo xo-server[50694]:       at ChildProcess.exithandler (node:child_process:417:12)
Dec 16 16:54:02 xo xo-server[50694]:       at ChildProcess.emit (node:events:519:28)
Dec 16 16:54:02 xo xo-server[50694]:       at ChildProcess.patchedEmit [as emit] (/opt/xen-orchestra/@xen-orchestra/log/configure.js:52:17)
Dec 16 16:54:02 xo xo-server[50694]:       at maybeClose (node:internal/child_process:1101:16)
Dec 16 16:54:02 xo xo-server[50694]:       at Socket.<anonymous> (node:internal/child_process:456:11)
Dec 16 16:54:02 xo xo-server[50694]:       at Socket.emit (node:events:519:28)
Dec 16 16:54:02 xo xo-server[50694]:       at Socket.patchedEmit [as emit] (/opt/xen-orchestra/@xen-orchestra/log/configure.js:52:17)
Dec 16 16:54:02 xo xo-server[50694]:       at Pipe.<anonymous> (node:net:346:12)
Dec 16 16:54:02 xo xo-server[50694]:       at Pipe.callbackTrampoline (node:internal/async_hooks:130:17) {
Dec 16 16:54:02 xo xo-server[50694]:     code: 128,
Dec 16 16:54:02 xo xo-server[50694]:     killed: false,
Dec 16 16:54:02 xo xo-server[50694]:     signal: null,
Dec 16 16:54:02 xo xo-server[50694]:     cmd: 'git rev-parse --short HEAD'
Dec 16 16:54:02 xo xo-server[50694]:   }
Dec 16 16:54:02 xo xo-server[50694]: }
Dec 16 16:54:02 xo xo-server[50694]: 2025-12-16T15:54:02.777Z xo:main INFO Starting xo-server v5.194.2 (https://github.com/vatesfr/xen-orchestra/commit/7c1764a39)
Dec 16 16:54:02 xo xo-server[50694]: 2025-12-16T15:54:02.794Z xo:main INFO Configuration loaded.
Dec 16 16:54:02 xo xo-server[50694]: 2025-12-16T15:54:02.818Z xo:main INFO Web server listening on https://[::]:8443
Dec 16 16:54:02 xo xo-server[50694]: 2025-12-16T15:54:02.819Z xo:main INFO Group changed to xo-user
Dec 16 16:54:02 xo xo-server[50694]: 2025-12-16T15:54:02.820Z xo:main INFO User changed to xo-user
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.296Z xo:mixins:hooks WARN start failure {
Dec 16 16:54:03 xo xo-server[50694]:   error: Error: spawn xenstore-read ENOENT
Dec 16 16:54:03 xo xo-server[50694]:       at Process.ChildProcess._handle.onexit (node:internal/child_process:285:19)
Dec 16 16:54:03 xo xo-server[50694]:       at onErrorNT (node:internal/child_process:483:16)
Dec 16 16:54:03 xo xo-server[50694]:       at processTicksAndRejections (node:internal/process/task_queues:90:21) {
Dec 16 16:54:03 xo xo-server[50694]:     errno: -2,
Dec 16 16:54:03 xo xo-server[50694]:     code: 'ENOENT',
Dec 16 16:54:03 xo xo-server[50694]:     syscall: 'spawn xenstore-read',
Dec 16 16:54:03 xo xo-server[50694]:     path: 'xenstore-read',
Dec 16 16:54:03 xo xo-server[50694]:     spawnargs: [ 'vm' ],
Dec 16 16:54:03 xo xo-server[50694]:     cmd: 'xenstore-read vm'
Dec 16 16:54:03 xo xo-server[50694]:   }
Dec 16 16:54:03 xo xo-server[50694]: }
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.302Z xo:mixins:hooks WARN start failure {
Dec 16 16:54:03 xo xo-server[50694]:   error: Error: Command failed with exit code 1: losetup -D
Dec 16 16:54:03 xo xo-server[50694]:   losetup: /dev/loop1: detach failed: Permission denied
Dec 16 16:54:03 xo xo-server[50694]:   losetup: /dev/loop4: detach failed: Permission denied
Dec 16 16:54:03 xo xo-server[50694]:   losetup: /dev/loop2: detach failed: Permission denied
Dec 16 16:54:03 xo xo-server[50694]:   losetup: /dev/loop0: detach failed: Permission denied
Dec 16 16:54:03 xo xo-server[50694]:   losetup: /dev/loop5: detach failed: Permission denied
Dec 16 16:54:03 xo xo-server[50694]:   losetup: /dev/loop3: detach failed: Permission denied
Dec 16 16:54:03 xo xo-server[50694]:       at makeError (file:///opt/xen-orchestra/packages/xo-server/node_modules/execa/lib/error.js:60:11)
Dec 16 16:54:03 xo xo-server[50694]:       at handlePromise (file:///opt/xen-orchestra/packages/xo-server/node_modules/execa/index.js:124:26) {
Dec 16 16:54:03 xo xo-server[50694]:     shortMessage: 'Command failed with exit code 1: losetup -D',
Dec 16 16:54:03 xo xo-server[50694]:     command: 'losetup -D',
Dec 16 16:54:03 xo xo-server[50694]:     escapedCommand: 'losetup -D',
Dec 16 16:54:03 xo xo-server[50694]:     exitCode: 1,
Dec 16 16:54:03 xo xo-server[50694]:     signal: undefined,
Dec 16 16:54:03 xo xo-server[50694]:     signalDescription: undefined,
Dec 16 16:54:03 xo xo-server[50694]:     stdout: '',
Dec 16 16:54:03 xo xo-server[50694]:     stderr: 'losetup: /dev/loop1: detach failed: Permission denied\n' +
Dec 16 16:54:03 xo xo-server[50694]:       'losetup: /dev/loop4: detach failed: Permission denied\n' +
Dec 16 16:54:03 xo xo-server[50694]:       'losetup: /dev/loop2: detach failed: Permission denied\n' +
Dec 16 16:54:03 xo xo-server[50694]:       'losetup: /dev/loop0: detach failed: Permission denied\n' +
Dec 16 16:54:03 xo xo-server[50694]:       'losetup: /dev/loop5: detach failed: Permission denied\n' +
Dec 16 16:54:03 xo xo-server[50694]:       'losetup: /dev/loop3: detach failed: Permission denied',
Dec 16 16:54:03 xo xo-server[50694]:     cwd: '/',
Dec 16 16:54:03 xo xo-server[50694]:     failed: true,
Dec 16 16:54:03 xo xo-server[50694]:     timedOut: false,
Dec 16 16:54:03 xo xo-server[50694]:     isCanceled: false,
Dec 16 16:54:03 xo xo-server[50694]:     killed: false
Dec 16 16:54:03 xo xo-server[50694]:   }
Dec 16 16:54:03 xo xo-server[50694]: }
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.578Z xo:main INFO Setting up /robots.txt → /opt/xen-orchestra/packages/xo-server/robots.txt
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.769Z xo:plugin INFO register audit
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.770Z xo:plugin INFO register auth-github
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.770Z xo:plugin INFO register auth-google
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.770Z xo:plugin INFO register auth-ldap
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.771Z xo:plugin INFO register auth-oidc
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.771Z xo:plugin INFO register auth-saml
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.771Z xo:plugin INFO register backup-reports
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.772Z xo:plugin INFO register load-balancer
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.772Z xo:plugin INFO register netbox
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.772Z xo:plugin INFO register perf-alert
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.773Z xo:plugin INFO register sdn-controller
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.773Z xo:plugin INFO register test-plugin
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.773Z xo:plugin INFO register transport-email
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.774Z xo:plugin INFO register transport-icinga2
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.774Z xo:plugin INFO register transport-nagios
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.774Z xo:plugin INFO register transport-slack
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.775Z xo:plugin INFO register transport-xmpp
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.775Z xo:plugin INFO register usage-report
Dec 16 16:54:03 xo xo-server[50694]: 2025-12-16T15:54:03.775Z xo:plugin INFO register web-hooks
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.422Z xo:plugin INFO successfully register auth-github
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.423Z xo:plugin INFO successfully register auth-google
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.423Z xo:plugin INFO successfully register auth-ldap
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.423Z xo:plugin INFO successfully register test-plugin
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.423Z xo:plugin INFO successfully register transport-icinga2
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.423Z xo:plugin INFO successfully register auth-oidc
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.423Z xo:plugin INFO successfully register netbox
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.423Z xo:plugin INFO successfully register transport-nagios
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.423Z xo:plugin INFO successfully register transport-slack
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.423Z xo:plugin INFO successfully register transport-xmpp
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.423Z xo:plugin INFO successfully register web-hooks
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.423Z xo:plugin INFO successfully register load-balancer
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.424Z xo:plugin INFO successfully register usage-report
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.424Z xo:plugin INFO successfully register backup-reports
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.424Z xo:plugin INFO successfully register auth-saml
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.424Z xo:plugin INFO successfully register transport-email
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.424Z xo:plugin INFO successfully register perf-alert
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.429Z xo:plugin INFO successfully register audit
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.451Z xo:plugin INFO successfully register sdn-controller
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.452Z xo:main INFO Setting up /v5 → /opt/xen-orchestra/packages/xo-web/dist
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.452Z xo:main INFO Setting up /v6 → /opt/xen-orchestra/@xen-orchestra/web/dist
Dec 16 16:54:04 xo xo-server[50694]: 2025-12-16T15:54:04.452Z xo:main INFO Setting up / → /opt/xen-orchestra/@xen-orchestra/web/dist

Update:
I have no idea why your PR is shown.

0 MathieuRA committed to vatesfr/xen-orchestra

fix(xo-server): fix proxied urls when using ssl (#9314)

introduced by 03cea8b24d48e685a2a5a04a39db70d67d87eca0

Fixed [forum#11681](https://xcp-ng.org/forum/topic/11681/xo5-breaks-after-defaulting-to-xo6-from-source/16?_=1765875445829)

@MathieuRA said in XO5 breaks after defaulting to XO6 (from source):

@probain Do you have any xo-server logs?

can you fetch /rest/v0/gui-routes endpoint?

This is what results on the page

{
  "xo5": "/v5",
  "xo6": "/v6"
}

@MathieuRA said in XO5 breaks after defaulting to XO6 (from source):

@probain Do you have a configuration file that overrides xo-server configuration for [http.mounts] and [http.proxies]?
`

Adding the following, breaks XO6 ("Cannot get /"). And XO5 still is stuck on "Still Loading.

[http.upgrade]
'/v5/api' = true
'/v5/api/updater' = true

[http.routes]
'/v5/api' = { upgrade = true }
'/v5/api/updater' = { upgrade = true }

# List of files/directories which will be served.
[http.mounts]
#'/any/url' = '/path/to/directory'
'/v6' = '../../@xen-orchestra/web/dist/'
'/' = '../xo-web/dist/'

If you're curious as to how I set everything up. I use my ansible-role (shared previously).
Link for reference: https://github.com/cloudrootab/ansible_role_xoce/

@MathieuRA

Unfortunately this didn't solve it for me.
But I am behind a haproxy for this., yes. However I haven't been able to get this to work. Even when I did the same "fixes" that helped my second lab.

Is there anything I could provide to maybe help out? Which logs would be helpfull?

Thank you

XO from source
Problem: XO5 is disconnected and stuck on "Still Loading" (see picture below)
When trying later commits after XO6 became default. XO5 has broken entirely. And I have not been able to solve this yet.

Troubleshooting steps are the following:

git reset --hard <commit hash>
rm node_modules/ -rf
yarn
yarn build

Whilst XO6 is working as expected. There are lots of functions that need XO5. Which is why I haven't noticed this until just now (today).

Last known good Commit: 4b4c9b91f3722401a7d3eb2eaf549980fd2f3e5b
This is also where I had XO6 in preview mode and XO5 working perfectly fine next to each other.

Screenshots:

• Still Loading
  

@olivierlambert said in ️ XO 6: dedicated thread for all your feedback!:

So I quickly experimented different "identities"/themes.

Here is "Nord" in dark mode:

Please add this. This was gorgeous!

@dinhngtu said in XCP-ng Windows PV tools announcements:

@probain The canonical way is to check the product_id instead https://docs.ansible.com/projects/ansible/latest/collections/ansible/windows/win_package_module.html#parameter-product_id The ProductCode changes every time a new version of XCP-ng Windows PV tools is released, and you can get it from each release's MSI:

No problem... If you ever decide to have the .exe-file as a separate item. Not bundled within the zip-file. Then I would be even happier. But until then, thanks for everything!

Would it be possible to either have direct links to the exe's without them being zipped? Or list the version number of the xen-guest-agent.exe?

I'm installing these through Ansible (see code below). And it would be way cleaner if either of those two wishes could be true.

    - name: Install Xen Guest tools on Windows hosts
      when: ansible_system == "Win32NT"
      tags: xcp_ng
      block:
        - name: Install Xen Guest Tools
          when: ansible_virtualization_type == "xen"
          block:
            - name: Copy over Latest Xen PV drivers
              ansible.windows.win_copy:
                src: "XenTools-x64_{{ xen_guest_agent_version }}.msi"
                dest: "C:\\Users\\{{ ansible_user }}\\Downloads\\XenDrivers-x64.msi"
                force: true

            - name: Install XenDrivers if the version isnt already created
              ansible.windows.win_package:
                path: "C:\\Users\\{{ ansible_user }}\\Downloads\\XenDrivers-x64.msi"
                creates_path: C:\Program Files\XCP-ng\Windows PV Drivers\XenGuestAgent\xen-guest-agent.exe
                creates_version: "{{ xen_guest_agent_version }}"
                arguments:
                  - /quiet

Noticing that the NIC for Realtek RTL8139 shows up as "-" in VM System

The Intel e1000 works as intended though.

@pdonias said in ️ XO 6: dedicated thread for all your feedback!:

@jr-m4 Thanks for the feedback! I tried to reproduce that but I don't seem to get the same behaviour. Let me make sure I understood:

• You select a template
• VDI names get prefilled automatically
• You select another template
• VDI names don't change automatically (but on my side it looks like they do change)

Could you confirm that?
This is my other account.
Acctually. The VDI name does change. But it changes to the name of the previous selected template.

This is the steps I do, and it is reproducible

• I choose to create new vm
• I choose the first template. (Almalinux
• VDI is named: disk_0_rggi
• Without leaving the page. Choosing another template instead. (CentOS 7)
• The VDI is now named: AlmaLinux 8_0_3cgh
• This behaviour repeats each time a new template is chosen.

Creating a new VM. The "Created by" field is trashed. (bad joke). But the UI-bugg is there.

@wezke said in Ansible Role - Install XO from source - Now available:

@probain

Thank you for sharing your ansible role, ill have a look at it

It's far, far from perfect. So there might be a few rough edges that I solved manually. But I welcome feedback.

For completeness sake. Confirming that the fix also works in my second lab as well.

@florent said in Snapshots are no longer being pruned? Commit 58f02:

@probain thanks for signaling this, we just merged a fix, that fix it on our labs
can you test it on your side ?
https://github.com/vatesfr/xen-orchestra/pull/9202

I can confirm that it solves the issue in my primary lab. Tomorrow I will be able to re-validate at my second lab as well.
Thank you for such a quick fix!

I can now reliably recreate the behavior between the commits mentioned above.
As I expected, the problems with finding a "known good" was due to user error