NS8: Configure NGINX fails

EddieA · May 14, 2023, 9:43pm

Running first time configure of nginx threw this:

{
  "context": {
    "action": "configure-module",
    "data": {
      "http2https": true,
      "path": "/sftpgo",
      "sftp_tcp_port": 3092,
      "sftpgo_service": true
    },
    "extra": {
      "description": "Configuring...",
      "title": "webserver1 configuration"
    },
    "id": "6a03c944-e345-42f5-812f-22974a03970b",
    "parent": "",
    "queue": "module/webserver1/tasks",
    "timestamp": "2023-05-14T21:29:28.449928762Z",
    "user": "admin"
  },
  "status": "aborted",
  "progress": 80,
  "subTasks": [
    {
      "context": {
        "action": "add-public-service",
        "data": {
          "ports": [
            "3092/tcp"
          ],
          "service": "webserver1"
        },
        "extra": {},
        "id": "4f35f3ee-a276-4a6b-9291-db9ab7792d87",
        "parent": "6a03c944-e345-42f5-812f-22974a03970b",
        "queue": "node/1/tasks",
        "timestamp": "2023-05-14T21:29:29.410030607Z",
        "user": "module/webserver1"
      },
      "status": "completed",
      "progress": 100,
      "subTasks": [],
      "result": {
        "error": "<7>firewall-cmd --permanent --new-service=webserver1\nsuccess\n<7>firewall-cmd --permanent --add-service=webserver1\nsuccess\n<7>firewall-cmd --permanent --service=webserver1 --add-port=3092/tcp\nsuccess\n<7>firewall-cmd --reload\nsuccess\n",
        "exit_code": 0,
        "file": "task/node/1/4f35f3ee-a276-4a6b-9291-db9ab7792d87",
        "output": ""
      }
    },
    {
      "context": {
        "action": "set-route",
        "data": {
          "http2https": true,
          "instance": "webserver1",
          "path": "/sftpgo",
          "url": "http://127.0.0.1:20011"
        },
        "extra": {},
        "id": "8ec8867b-dd48-42c1-ae03-0081a67b8784",
        "parent": "6a03c944-e345-42f5-812f-22974a03970b",
        "queue": "module/traefik1/tasks",
        "timestamp": "2023-05-14T21:29:31.925970825Z",
        "user": "module/webserver1"
      },
      "status": "completed",
      "progress": 100,
      "subTasks": [],
      "result": {
        "error": "",
        "exit_code": 0,
        "file": "task/module/traefik1/8ec8867b-dd48-42c1-ae03-0081a67b8784",
        "output": ""
      }
    }
  ],
  "validated": true,
  "result": {
    "error": "<7>dump_env() is deprecated and implemented as a no-op\n<7>systemctl --user restart webserver.service\n<7>systemctl --user enable sftpgo.service\nCreated symlink /home/webserver1/.config/systemd/user/default.target.wants/sftpgo.service → /home/webserver1/.config/systemd/user/sftpgo.service.\n<7>systemctl --user restart sftpgo.service\nTraceback (most recent call last):\n  File \"/home/webserver1/.config/actions/configure-module/60sftpgo_create_secret\", line 44, in <module>\n    res = conn.getresponse()\n  File \"/usr/lib64/python3.9/http/client.py\", line 1377, in getresponse\n    response.begin()\n  File \"/usr/lib64/python3.9/http/client.py\", line 320, in begin\n    version, status, reason = self._read_status()\n  File \"/usr/lib64/python3.9/http/client.py\", line 281, in _read_status\n    line = str(self.fp.readline(_MAXLINE + 1), \"iso-8859-1\")\n  File \"/usr/lib64/python3.9/socket.py\", line 704, in readinto\n    return self._sock.recv_into(b)\nConnectionResetError: [Errno 104] Connection reset by peer\n",
    "exit_code": 1,
    "file": "task/module/webserver1/6a03c944-e345-42f5-812f-22974a03970b",
    "output": ""
  }
}

Cheers.

EddieA · May 15, 2023, 2:43am

Just ran through this again and this time everything worked as it should. No idea what might have thrown it off last time.

Cheers.

giacomo · May 15, 2023, 10:14am

Let’s try to reproduce it.
Can you look at it @stephdl?

stephdl · May 15, 2023, 10:16am

On todo. Please what is the operating system you used ?

stephdl · May 15, 2023, 1:33pm

well I think that when we started the script 60sftpgo_create_secret, the container was not up enough quickly.

60sftpgo_create_secret\", line 44, in <module>\n res = conn.getresponse()\

We need to give him a bit more time in ns8-webserver/sftpgo.service at main · NethServer/ns8-webserver · GitHub and test if the container is up

ExecStartPost=/usr/bin/bash -c "while ! exec 3<>/dev/tcp/127.0.0.1/${SFTP_TCP_PORT} &>/dev/null; do sleep 3 ; done ; printf 'GET /ping\r\n\r\n' >&3"

otherwise we could test inside a loop in ns8-webserver/50start_services at main · NethServer/ns8-webserver · GitHub and once the loop is over we fail to start, the two approach are good for me

which one @giacomo ?

giacomo · May 15, 2023, 1:38pm

I’d go with this one.
The wait loop is not really beautiful, but this is the usual way to fix such things in the container world.