Rebuild goes into a loop

lilacbull · December 2, 2024, 4:47am

Hello, my apologies in advance as I’m relatively new to Discourse.

When I go to the /var/discourse/ directory to run ./launcher rebuild app I have the following loop posted below.

So far the GUI is fine and I can run updates there.

I tried a few Google searches and found this thread outlining a solution. My question is can I also use the git stash and git pull commands to solve my issue with the command line?

Ensuring launcher is up to date

Updating Launcher…

Updating a1d8d0b…69d7558

error: Your local changes to the following files would be overwritten by merge:

templates/web.ssl.template.yml

Please commit your changes or stash them before you merge.

Aborting

failed to update

Launcher updated, restarting…

x86_64 arch detected.

Ensuring launcher is up to date

Updating Launcher…

Updating a1d8d0b…69d7558

error: Your local changes to the following files would be overwritten by merge:

templates/web.ssl.template.yml

Please commit your changes or stash them before you merge.

Aborting

failed to update

Launcher updated, restarting…

thoka · December 2, 2024, 7:51am

Rename template/web.ssl.template.yml to some other name (templates/my-web.ssl.template.yml) and use this in the templates: section of containers/app.yml.

Restore its original content with

git restore templates/web.ssl.template.yml

pfaffman · December 2, 2024, 6:10pm

And (probably) a better long-term solution would be to either add those changes to your app.yml or to put your template somewhere outside of the /var/discourse tree

lilacbull · December 2, 2024, 6:19pm

Thank you, I did end up altering this file to add an additional client certificate for some additional encryption between the server and Cloudflare.

If follow the procedure to restore the template.yml file, I’ll run a rebuild to see if that solves my loop issue. Can I then make the same changes once more without too much issue? Or will this happen some time down the road and I’d have to do the same procedure?

I did save my original template as a .bak so I had the opportunity to look at the change.

lilacbull · December 2, 2024, 6:20pm

Ah thank you, I think you answered my follow up question already!

pfaffman · December 2, 2024, 6:22pm

Pretty much.

Here’s another hint:

Configure an S3 compatible object storage provider for uploads

In order to store Discourse static assets in your Object Storage add this configuration on your app.yml under the hooks section:
  after_assets_precompile:
    - exec:
        cd: $home
        cmd:
          - sudo -E -u discourse bundle exec rake s3:upload_assets
          - sudo -E -u discourse bundle exec rake s3:expire_missing_assets

Well, that’s not as good a hint as I’d hoped. . … Have a look at the changes that get made in Setup Multisite Configuration with Let's Encrypt and no Reverse Proxy

lilacbull · December 2, 2024, 7:22pm

As I am now, I don’t think I’m able to solve this one on my own. I followed the instructions for a DigitalOcean standard install.

My original thought process was to study the app.yml file which led me to the web.ssl.template.yml file to begin with.

I wanted to include a cloudflare crt file for additional security.

I looked over the web.ssl.template.yml file and made a change to this section:

ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
   ssl_certificate /shared/ssl/ssl.crt;
   ssl_certificate_key /shared/ssl/ssl.key;
    ssl_client_certificate /shared/ssl/cloudflare.crt;
    ssl_verify_client on;

   ssl_session_tickets off;
   ssl_session_timeout 1d;
   ssl_session_cache shared:SSL:1m;

I dropped the cloudflare.crt file into the /var/discourse/shared/standalone/ssl directory and as far as I could tell everything worked as I intended.

Is there a resource I can refer to do the same with changes to the app.yml file?

pfaffman · December 2, 2024, 7:35pm

Mostly people don’t use custom certificates anymore. I’m not sure that there is a good reason to do what you’re asking, but you can see Allow SSL / HTTPS for your Discourse Docker setup

I think you just want to turn off the orange cloud, get a lets encrypt certificate and turn on the orange cloud. You also want to use the cloudflare template.

See Using Discourse with Cloudflare: Best Practices

thoka · December 2, 2024, 9:43pm

Hm. I see no concerns against using own files in the templates directory, as long their names do not clash with templates, provided by discourse. I find it a convenient way to share config pieces between staging and production server, for example.

lilacbull · December 3, 2024, 1:09am

Thank you to @thoka and @pfaffman for your time and replies.

I’ve since performed the git restore.

As Jay’s pointed out that people generally don’t use custom certificates anymore, I suppose at this time I don’t see a burning need for it either.

I did another ./launcher rebuild app and the launcher ran without issue.

As an aside I simply input the cloudflare template at the bottom of app.yml as directed, but launcher came up with a syntax error. I removed it and all is fine. I never experienced an issue using Cloudflare without the cloudflare template so I’ll just carry on.

Topic		Replies	Views
Help .. rebuild app failed Installation	21	3034	April 4, 2018
Trouble upgrading from 3.3.0.beta1 to 3.3.0.beta6 Installation	22	119	August 8, 2024
Rebuild app fails (Docker and cat) Installation	8	586	August 6, 2021
Discourse wont upgrade from 1.8 to 1.8.1? Support	15	1518	June 8, 2024
I can't operate my site after rebuild app Installation	2	259	March 9, 2024

Rebuild goes into a loop

Related topics