Search code examples
porttaskwarrior

TaskWarrior Port not Opening Externally

I run a Debian 9 server (recently upgraded from Debian 8 where similar problems occurred). I have a task warrior instance up and running and it works internally, I am unable to sync to it externally however. I run a UFW firewall instance.

/var/taskd/config:

    confirmation=1
    extensions=/usr/local/libexec/taskd
    ip.log=on
    log=/var/taskd/taskd.log
    pid.file=/var/taskd/taskd.pid
    queue.size=10
    request.limit=1048576
    root=/var/taskd
    server=hub.home:53589
    trust=strict
    verbose=1
    client.cert=/var/taskd/client.cert.pem
    client.key=/var/taskd/client.key.pem
    server.cert=/var/taskd/server.cert.pem
    server.key=/var/taskd/server.key.pem
    server.crl=/var/taskd/server.crl.pem
    ca.cert=/var/taskd/ca.cert.pem

/etc/systemd/system/taskd.service

    [Unit]
    Description=Secure server providing multi-user, multi-client access to Taskwarrior data
    Requires=network.target
    After=network.target
    Documentation=http://taskwarrior.org/docs/#taskd

    [Service]
    ExecStart=/usr/local/bin/taskd server --data /var/taskd
    Type=simple
    User=<myusername>
    Group=<mygroupname>
    WorkingDirectory=/var/taskd
    PrivateTmp=true
    InaccessibleDirectories=/home /root /boot /opt /mnt /media
    ReadOnlyDirectories=/etc /usr

    [Install]
    WantedBy=multi-user.target

systemctl status taskd.service:

    ● taskd.service - Secure server providing multi-user, multi-client access to Taskwarrior data
       Loaded: loaded (/etc/systemd/system/taskd.service; enabled; vendor preset: enabled)
       Active: active (running) since Tue 2017-07-04 10:21:42 BST; 28min ago
         Docs: http://taskwarrior.org/docs/#taskd
     Main PID: 3964 (taskd)
        Tasks: 1 (limit: 4915)
       CGroup: /system.slice/taskd.service
               └─3964 /usr/local/bin/taskd server --data /var/taskd

sufo ufw status:

    Status: active

    To                         Action      From
    --                         ------      ----
    ...
    53589                      ALLOW       Anywhere
    53589 (v6)                 ALLOW       Anywhere (v6)
    ...

nmap localhost -p 53589 -Pn (from host)

    ...
    PORT      STATE  SERVICE
    53589/tcp closed unknown
    ...

nmap hub.home -p 53589 -Pn (from host)

    ...
    PORT      STATE  SERVICE
    53589/tcp open  unknown
    ...

nmap hub.home -p 53589 -Pn (from client)

    ...
    PORT      STATE  SERVICE
    53589/tcp closed  unknown
    ...

taskd server --debug --debug.tls=2

    s: INFO Client certificate will be verified.
    s: INFO IPv4: 127.0.1.1
    s: INFO Server listening.

The sync works internally but not externally. Many thanks

Solution

  • I ran into the same issue. For me, ensuring /etc/hosts was set with the externally facing IP addresses and setting the server taskd config variable to the fqdn with port, then setting the family=IPv4 worked (it wouldn't work with IPv6 for me). The only thing I don't see is the family in your config...

    Though in your config it looks like the INFO IPv4: 127.0.1.1 doesn't match the comment you made about taskd.server=192.*. That looks like a localhost loopback.

    Maybe if you edit /etc/hosts with the fully qualified domain name & hostname and specify the IP address and IP family in the config it will give taskwarrior the info it needs to bind to the right external IP and port and permit the use of the self signed cert?

    When I run with the debug server, I get:

    taskd@(host):~$ taskd server --debug --debug.tls=2 s: INFO Client certificate will be verified. s: INFO IPv4: (my external IPv4 address) s: INFO Server listening.