500 Internal Server Error
3ter opened this issue · comments
3ter commented
Problem
All containers are up and running but when I try to access the app via the specified url I can see the conneciton attempt in the logs but I'm only getting the error code 500 back.
Is there a way of getting a more precise error description to fix it?
Connection attempt
loomio-nginx | nginx.1 | loomio.mydomain.org 10.43.4.237 - - [19/Jun/2019:11:23:43 +0000] "GET / HTTP/2.0" 500 595 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
loomio-nginx | nginx.1 | loomio.mydomain.org 10.43.4.237 - - [19/Jun/2019:11:23:43 +0000] "GET /favicon.ico HTTP/2.0" 500 595 "https://loomio.mydomain.org/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
Errors in the logs
# docker-compose logs | grep -i error
loomio-letsencrypt | 2019-06-19 11:15:11,328:ERROR:simp_le:1446: CA marked some of the authorizations as invalid, which likely means it could not access http://example.com/.well-known/acme-challenge/X. Did you set correct path in -d example.com:path or --default_root? Are all your domains accessible from the internet? Please check your domains' DNS entries, your host's network/firewall setup and your webserver config. If a domain's DNS entry has both A and AAAA fields set up, some CAs such as Let's Encrypt will perform the challenge validation over IPv6. If your DNS provider does not answer correctly to CAA records request, Let's Encrypt won't issue a certificate for your domain (see https://letsencrypt.org/docs/caa/). Failing authorizations: https://acme-v01.api.letsencrypt.org/acme/authz/ykN1qbJu8jJ4FBAiPEGQp3b9_kxVtVdn4It1uw_eQUI
loomio-letsencrypt | Challenge validation has failed, see error log.
loomio-letsencrypt | ACME server returned an error: urn:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
loomio-nginx | nginx.1 | 2019/06/19 11:16:31 [error] 91#91: *6 connect() failed (111: Connection refused) while connecting to upstream, client: 10.43.4.237, server: loomio.mydomain.org, request: "GET /admin HTTP/1.1", upstream: "http://172.17.0.5:3000/admin", host: "loomio.mydomain.org"
3ter commented
I should have read the other posts more carefully. I just couldn't accept that the 500 error had something to do with the ssl certificates ✔️.
I did the following to make it work:
- Remove the letsencrypt container in
docker-compose.yml
(remove existing containers) - Create key and certificate (self-signed) in the folder
/loomio-deploy/certificates
openssl req -newkey rsa:2048 -nodes -keyout host.key -x509 -days 365 -out host.crt -subj '/CN=host'
- Change the file
custom.conf
in/loomio-deploy/nginx/conf.d
to
server {
listen 443;
ssl on;
ssl_certificate /etc/nginx/certs/host.crt;
ssl_certificate_key /etc/nginx/certs/host.key;
location / {
proxy_pass http://172.17.0.1:4000;
}
}
- Rebuild the containers if necessary