How do I get more detailed Lua errors?

fhf · December 4, 2023, 6:41am

I’m trying to get the tenant ID based on the “from” domain from vault. Here’s my code inside init.lua:

function get_tenant_id(domain)
  if domain == "example.com" then
    return "test"
  end
  return kumo.secrets.load {
    vault_mount = "secret",
    vault_path = "tenants/" .. domain,
  }
end

local cached_tenant_id = kumo.memoize(get_tenant_id, {
  name = 'tenants',
  ttl = '5 minutes',
  capacity = 1000,
})

kumo.on('smtp_server_message_received', function(msg)
  -- Assign tenant based on "from" domain.
  local tenant = cached_tenant_id(msg:from_header().domain)
  if tenant then
    msg:set_meta('tenant', tenant)
    msg:set_header('X-CUSTOMER-ID', tenant)
  else
    kumo.reject(
      500,
      string.format("from domain '%s' is not allowed.", msg.from_header().domain)
    )
  end
  queue_helper:apply(msg)
  dkim_signer(msg)
end)

kumo.on('http_message_generated', function(msg)
  local tenant = cached_tenant_id(msg:from_header().domain)
  if tenant then
    msg:set_meta('tenant', tenant)
    msg:set_header('X-CUSTOMER-ID', tenant)
  else
    kumo.reject(
            500,
            string.format("from domain '%s' is not allowed.", msg.from_header().domain)
    )
  end
  queue_helper:apply(msg)
  dkim_signer(msg)
end)

The error I get while injecting the message via SMTP:

421 4.3.0 ubuntu technical difficulties

The error I get while injecting the message via HTTP API:

{"success_count":0,"fail_count":1,"failed_recipients":["recipient@example.com"],"errors":["recipient@example.com: runtime error: [string \"/opt/kumomta/etc/policy/init.lua\"]:181: attempt to index a nil value\nstack traceback:\n\t[string \"/opt/kumomta/etc/policy/init.lua\"]:181: in function <[string \"/opt/kumomta/etc/policy/init.lua\"]:180>"]}

Line 181 in init.lua is local tenant = cached_tenant_id(msg:from_header().domain).

fhf · December 4, 2023, 6:42am

There are no logs either:

root@ubuntu:/opt/kumomta/config# ls /var/log/kumomta/ -la
total 8
drwxrws---  2 kumod kumod  4096 Dec  2 08:56 .
drwxrwxr-x 10 root  syslog 4096 Dec  3 00:00 ..
root@ubuntu:/opt/kumomta/config# /opt/kumomta/sbin/tailer /var/log/kumomta/
waiting for more files

Is there a way to increase the stack trace size and/or force kumod to write these errors into the log files?

fhf · December 4, 2023, 6:45am

Also, just to make sure that the vault token is causing the issue, I changed the VAULT_TOKEN env variable in the systemctl file to the root token which doesn’t expire and should have full permission.

fhf · December 4, 2023, 7:01am

output from journalctl:

Dec 04 06:58:55 ubuntu systemd[1]: Started KumoMTA SMTP service.
Dec 04 06:58:55 ubuntu kumod[7763]: 2023-12-04T06:58:55.068435Z  INFO localset-0 kumod: NodeId is 6c48c1dc-5f6a-487c-ab67-c3e6f426d6a6
Dec 04 06:58:55 ubuntu kumod[7763]: 2023-12-04T06:58:55.115695Z  INFO localset-0 kumo_server_common::http_server: http listener on 0.0.0.0:8000
Dec 04 06:58:55 ubuntu kumod[7763]: 2023-12-04T06:58:55.116031Z  INFO localset-0 kumod::smtp_server: smtp listener on 0.0.0.0:2525
Dec 04 06:58:55 ubuntu kumod[7763]: 2023-12-04T06:58:55.116157Z  INFO localset-0 kumod::smtp_server: smtp listener on 0.0.0.0:25
Dec 04 06:58:55 ubuntu kumod[7763]: 2023-12-04T06:58:55.330341Z  INFO localset-0 kumod::spool: start_spool: enumeration done, spooled in 0 msgs over 1.536179ms
Dec 04 06:58:55 ubuntu kumod[7763]: 2023-12-04T06:58:55.330362Z  INFO localset-0 kumo_server_common::start: initialization complete

fhf · December 4, 2023, 7:06am

Increased the log level to DEBUG (output too long to paste here): https://paste.mozilla.org/NisWxLcH

fhf · December 4, 2023, 7:07am

I’ve also added a few print() statements in the lua config to try and see where the issue is originating from, but they are not showing up anywhere in the logs.

kumo.on('http_message_generated', function(msg)
  print("from " .. msg:from_header().domain)
  local tenant = cached_tenant_id(msg:from_header().domain)
  ...

Mike · December 4, 2023, 2:21pm

When you said you changed the token, did it work at that point?

Mike · December 4, 2023, 2:21pm

This one is more a @free-spirited-yorksh question, he’s a couple of hours behind me but should be online soon-ish.

fhf · December 4, 2023, 2:23pm

I tested with both a regular token and the root token and neither worked.

Mike · December 4, 2023, 2:27pm

Aah. Two things:

Did you try without memoize wrapper?
Your mount is the same you used in the vault command to populate the data?

fhf · December 4, 2023, 2:32pm

Just tried without memoize - no change:

root@ubuntu:~# curl -H 'Content-Type: application/json' 'http://127.0.0.1:8000/api/inject/v1' -d '{
    "envelope_sender": "noreply@example.com",
    "content": "Subject: hello\n\nHello there",
    "recipients": [
        {
            "email": "recipient@example.com"
        }
    ]
}'
{"success_count":0,"fail_count":1,"failed_recipients":["recipient@example.com"],"errors":["recipient@example.com: runtime error: [string \"/opt/kumomta/etc/policy/init.lua\"]:187: attempt to index a nil value\nstack traceback:\n\t[string \"/opt/kumomta/etc/policy/init.lua\"]:187: in function <[string \"/opt/kumomta/etc/policy/init.lua\"]:186>"]}

and yes, both are using the “secret” mount - I can actually see the data in the Vault UI in the secret mount.

Mike · December 4, 2023, 2:35pm

Ok.

fhf · December 4, 2023, 2:35pm

To make sure, I just used the command provided in the Kumo docs to put the data in the vault:

vault kv put -mount=secret tenants/example.com key=UUID

Still getting the same error.

Mike · December 4, 2023, 2:36pm

Ok, at this point we’ll have to wait for Wez to come online, but that gives full context I think.

wez · December 4, 2023, 2:50pm

I’d suggest adding in a print(msg:get_data() at the top of your http_message_generated event handler to see what your message looks like; the error message sounds to me as though msg:from_header() is returning nil, which suggests that it didn’t parse out the From header, and that it may not be present.

fhf · December 4, 2023, 2:52pm

here’s the output:

2023-12-04T14:52:03.872028Z  INFO localset-0 kumod::spool: start_spool: enumeration done, spooled in 0 msgs over 1.550816ms
from Content-Type: text/plain;
        charset="us-ascii"
Subject: hello
Mime-Version: 1.0

Hello there

wez · December 4, 2023, 2:53pm

Seems like there is no From: header?

fhf · December 4, 2023, 2:53pm

I’m using this command to send it:

curl -H 'Content-Type: application/json' 'http://127.0.0.1:8000/api/inject/v1' -d '{
    "envelope_sender": "noreply@example.com",
    "content": "Subject: hello\n\nHello there",
    "recipients": [
        {
            "email": "recipient@example.com"
        }
    ]
}'

wez · December 4, 2023, 2:53pm

Can you share what you’re injecting?

wez · December 4, 2023, 2:54pm

OK, so yes: you aren’t including a From header in your content