Discourse not serving pages

Installation
21

Did you check the nginx log files in the app for clues?

@NoBugsBunny no not yet I’ll check and report back on my findings. Have been under the impression that it can’t be container that is wrong because it should have been built with the right stuff in it. I did check however the settings for Nginx in the container and it appears to be configured to serve the ‘Welcome to Nginx’ html file.

You need to fix that before you install discourse (or likely, anything else).

@pfaffman the strange thing is this is our production ESXi server with a lot of other VMs running on it all fine.

2 Likes
22

@NoBugsBunny looks like it is due to Nginx believing it needs to use a certificate despite me not entering anything when it asked for the Let’s Encrypt details. Is there a way to temporarily not use any certificates?

/var/log/nginx/error.log

2020/08/03 14:51:00 [emerg] 24093#24093: cannot load certificate "/shared/ssl/uat.xxxxx.com.cer": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)

/var/log/nginx/error.letsencrypt.log

2020/08/02 12:54:46 [error] 42#42: *2 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 218.103.208.140, server: , request: "GET /favicon.ico HTTP/1.1", host: "uat.xxxxx.com", referrer: "http://uat.xxxxx.com/"
2020/08/03 07:27:56 [error] 35#35: *1 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 218.103.208.140, server: , request: "GET /favicon.ico HTTP/1.1", host: "uat.xxxxx.com", referrer: "http://uat.xxxxx.com/"

/var/log/nginx/access.letsencrypt.log

18.196.96.172 - - [03/Aug/2020:07:23:19 +0000] "GET /.well-known/acme-challenge/1nstApP9BeEaE3oC-WYBCvqMUuePRq6AV_JICf6XOM4 HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
3.128.26.105 - - [03/Aug/2020:07:23:20 +0000] "GET /.well-known/acme-challenge/1nstApP9BeEaE3oC-WYBCvqMUuePRq6AV_JICf6XOM4 HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
34.211.6.84 - - [03/Aug/2020:07:23:20 +0000] "GET /.well-known/acme-challenge/1nstApP9BeEaE3oC-WYBCvqMUuePRq6AV_JICf6XOM4 HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
64.78.149.164 - - [03/Aug/2020:07:23:29 +0000] "GET /.well-known/acme-challenge/1nstApP9BeEaE3oC-WYBCvqMUuePRq6AV_JICf6XOM4 HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
218.103.208.140 - - [03/Aug/2020:07:27:56 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
218.103.208.140 - - [03/Aug/2020:07:27:56 +0000] "GET /favicon.ico HTTP/1.1" 404 555 "http://uat.xxxxx.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
1 Like
23

Remove the ssl templates out of app.yml file

Then rebuild

24

Yes.

There is a number of ways to do this.

I suggest you just comment out the Letsencrypt (LE) template in your container yml file and comment out the other environment vars related to LE and rebuild.

Let me know if you need more help @titusc and congrats to you for tracking down your issue.

Great job.

You are almost there! :slight_smile:

25

@IAmGav @neounix thanks for the info. So yes I find the following lines in the containers/app.yml file after running ./discourse-setup.

templates:
  - "templates/postgres.template.yml"
  - "templates/redis.template.yml"
  - "templates/web.template.yml"
  - "templates/web.ratelimited.template.yml"
## Uncomment these two lines if you wish to add Lets Encrypt (https)
  - "templates/web.ssl.template.yml"
  - "templates/web.letsencrypt.ssl.template.yml"

This is a bit disappointing because the file is generated as is even I have hit Enter for the question Optional email address for Let’s Encrypt warnings? (ENTER to skip).

Commenting the last two lines and running ./launcher stop app and ./launcher rebuild app fixes the problem.

Argh. I think something like this would be nice to be stated on the Simple 30 minute basic install

Special call out to @neounix for being so encouraging.

1 Like
27

Dear, @IAmGav, if your read the last post by @titusc:

:wink:

Great job @titusc !!

I knew you could do it if we just went though this one-step-at-a-time in a logical manner.

Best wishes.

Thanks for posting back and letting us know your success.

2 Likes