@darrenhollick @reraikes @miken32
I thought it might be good to bring the issue https://issues.freepbx.org/browse/FREEPBX-20559 to the forum for discussion. Maybe community troubleshooting will help.
I experienced the issue a while back on my self-installed Debian 10 FreePBX 15 server but after updating the framework module at the time the issue was discussed, the problem went away. What platforms and software versions (including gpg tools) are you running?
I do not think this has been resolved. You may have resolved it on a custom install but I think itās fair to say that most people are running FreePBX on a FreePBX distro from Sangoma. On a fully updated Sangoma distro the issue is still very much there.
PBX Version:
15.0.16.78
PBX Distro:
12.7.8-2008-1.sng7
Asterisk Version:
16.13.0
As always I could be wrong but Iāve now tested this on at least 4 systems and can also confirm that it doesnāt happen on FreePBX 13 systems. (which makes sense considering they are running an older centOS)
I have installed numerous 15 Distro systems and havenāt seen it. I thought the issue was related to custom builds. What amount of delay are you seeing?
The Distro, on a $5 Vultr, instance takes forever to reload via the GUI compared to command line.
I forgot about that ticket. Iāve done no troubleshooting. But on a new turn up, I do the reloads all form CLI as I make changes.
Also observed .
Disable signature checking itās quick, enable it , itās slow.
My guess also its using poisoned keyservers first which result in delays as a legitimate one is found, probably only Sangoma can fix that if you want signature checking enabled. Pragmatically, donāt press the orange bar, use the console until then 
Very interesting; I donāt understand why I am not seeing this on my servers.
Also interesting, I basically use your buster install scripts, also using your concise nginx āhackā because I like haproxy infront of the web services and so far apache2 doesnāt pass muster, time to look into nginx/haproxy gpg setup
"In Theory" it only reaches out to the GPG server if the key is not already added.
Keys can be added manually from the CLI
gpg --import /var/www/html/admin/libraries/BMO/*.key
Thanks, I will add that to my diagnostics . . .
you may have to run that as the asterisk user thinking about itā¦
no shit
yet
su asterisk -c 'gpg --import /var/www/html/admin/libraries/BMO/*.key'
gpg: WARNING: unsafe permissions on homedir '/home/asterisk/.gnupg'
gpg: key 1588A7366BD35B34: "FreePBX Module Signing (This is the master key to sign FreePBX Modules) v2 <[email protected]>" not changed
gpg: key 3DDB2122FE6D84F7: "FreePBX Mirror 1 (Module Signing - 2016/2017) <[email protected]>" not changed
gpg: key 86CE877469D2EAD9: "FreePBX Mirror 1 (Module Signing - 2014/2015) <[email protected]>" not changed
gpg: key 9F9169F4B33B4659: 1 signature not checked due to a missing key
gpg: key 9F9169F4B33B4659: "FreePBX Module Signing (This is the master key to sign FreePBX Modules) <[email protected]>" not changed
gpg: key B53D215A755231A3: "FreePBX Mirror Servers <[email protected]>" not changed
gpg: Total number processed: 5
gpg: unchanged: 5
. . .This provides no resolution of the problem:
asterisk@FreePBX:/root $ gpg --import /var/www/html/admin/libraries/BMO/*.key
gpg: key 1588A7366BD35B34: āFreePBX Module Signing (This is the master key to sign FreePBX Modules) v2 [email protected]ā not changed
gpg: key 3DDB2122FE6D84F7: āFreePBX Mirror 1 (Module Signing - 2016/2017) [email protected]ā not changed
gpg: key 86CE877469D2EAD9: āFreePBX Mirror 1 (Module Signing - 2014/2015) [email protected]ā not changed
gpg: key 9F9169F4B33B4659: 1 signature not checked due to a missing key
gpg: key 9F9169F4B33B4659: āFreePBX Module Signing (This is the master key to sign FreePBX Modules) [email protected]ā not changed
gpg: key B53D215A755231A3: āFreePBX Mirror Servers [email protected]ā not changed
gpg: Total number processed: 5
gpg: unchanged: 5
You are doing that as root
chmod 700 /home/asterisk/.gnupg
chmod 600 /home/asterisk/.gnupg/*
su asterisk -c 'gpg --import /var/www/html/admin/libraries/BMO/*.key'
would be more appropriate, but still not good.
No difference:
root@FreePBX:~# chmod 700 /home/asterisk/.gnupg
root@FreePBX:~# chmod 600 /home/asterisk/.gnupg/*
root@FreePBX:~# su asterisk -c āgpg --import /var/www/html/admin/libraries/BMO/*.keyā
gpg: key 1588A7366BD35B34: āFreePBX Module Signing (This is the master key to sign FreePBX Modules) v2 [email protected]ā not changed
gpg: key 3DDB2122FE6D84F7: āFreePBX Mirror 1 (Module Signing - 2016/2017) [email protected]ā not changed
gpg: key 86CE877469D2EAD9: āFreePBX Mirror 1 (Module Signing - 2014/2015) [email protected]ā not changed
gpg: key 9F9169F4B33B4659: 1 signature not checked due to a missing key
gpg: key 9F9169F4B33B4659: āFreePBX Module Signing (This is the master key to sign FreePBX Modules) [email protected]ā not changed
gpg: key B53D215A755231A3: āFreePBX Mirror Servers [email protected]ā not changed
gpg: Total number processed: 5
gpg: unchanged: 5
The only solution Iāve found is to disable signature checking and update modules using the following script instead of using the GUI Module admin:
#!/bin/bash
fwconsole ma download framework
fwconsole ma installlocal
fwconsole ma upgradeall
fwconsole setting SIGNATURECHECK 0
fwconsole reload
indeed , my work around also, but not satisfactory for me , the keyservers need fixing at source and the signatures fixed to suit. . .
Without module signature checkingā¦ 2 seconds. With signature checking 1 minute.
Consider yourself lucky.
More times than not, Iām stuck with a āReloadingā dialog box forever with signature checking enabled.
With signature checking disabled, the āReloadingā dialog box goes away in a couple of seconds.
# gpg -h
gpg (GnuPG) 2.2.12
libgcrypt 1.8.4
and
Package: php-gnupg
Version: 1.4.0-3
This is what I have on buster and get a 3-4 second reload from the GUI with sig checking on.
edit: also,
# fwconsole ma list | grep framework
| framework | 15.0.16.78 | Enabled | GPLv2+ |
Let me know what you have.
root@FreePBX:~# gpg -h
gpg (GnuPG) 2.2.12
libgcrypt 1.8.4
root@FreePBX:~# fwconsole ma list | grep framework
| framework | 15.0.16.78 | Enabled | GPLv2+ |
Package php-gnupg is not installed and never has been. A simulated install reveals that PHP 7.3 packages would also be installed (Iām using PHP 5.6 as prescribed by Sangoma).
I went ahead and installed php-gnupg and it broke FreePBX: Can Not Connect to Asterisk