ikarus84
November 4, 2016, 11:24am
1
First of all a big thank you for the software, that you are developing! It is absolutely amazing and sometimes unbelievable to me, that it is open source:
Bonn.Community ist ein Angebot der Bonn.digital eGbR, Endenicher Str. 51, 53115 Bonn, E-Mail: kontakt@bonn.digital, Telefon: 0228 24954600, Gesellschafter: Sascha Foerster und Johannes Mirus, USt-ID: DE302265202
Lately I’ve been working a lot on design and the webserver, which is also serving some other websites. Everything seemed to work after my changes of design and webserver, I was even able to post some “release notes”:
Nach 443 Tages wurde es noch mal Zeit Bonn.Community noch mal etwas aufzufrischen. Die Kategorien sind jetzt an die bestehenden Portale und deren Funktionen angelehnt, die Farben entsprechen dem neuen Design, da @Johannes erarbeitet hat. Ich habe...
Just now, whenever I try to add an article or change options, I get an error 403.
I’m getting a lot of 403 errors when doing anything - replying to posts, changing settings etc. This happened right after adding a bit of JS to the header, so I’m trying to remove it as step 1. Problem is, the errors prevent me from saving the changed header.
So that I can delete it manually, where are site customizations like this kept?
Maybe you can help me find the error?
ikarus84
November 4, 2016, 11:30am
2
Discourse version: v1.7.0.beta7 +15
Added code in </body> to add a topmenü:
<script type="text/javascript">
$(function() {
var $topDiscourseSub = $('#top-discourse-sub');
$('#top-discourse-link').hover(function() {
$topDiscourseSub.show();
}, function() {
$topDiscourseSub.hide();
});
});
</script>
zogstrip
November 4, 2016, 1:42pm
3
Seems like your site is down?
1 Like
ikarus84
November 4, 2016, 4:09pm
4
It’s just you. http://bonn.community is up.
ikarus84
November 4, 2016, 6:13pm
5
Maybe someone can help debugging, when he see the menu and font-files. There is javascript-code involved, hope that this doesn’t cause the bug:
schriftart.dcstyle.json.html (437 Bytes)piwik-statistiken.dcstyle.json.html (1.1 KB)menue.dcstyle.json.html (6.6 KB)
neil
November 4, 2016, 6:15pm
6
It’s down for me too. It’s always redirecting to https, and it fails to load on https.
2 Likes
ikarus84
November 4, 2016, 7:35pm
8
Sorry, there was in error in my nginx-config. For me everything was fine and visible. Now it should be for you as well. Still the problem with error 403 stays.
I case, my nginx-config as well:
##############################
### Docker: Bonn.Community ###
##############################
server {
listen 80;
server_name bonn.community www.bonn.community;
return 301 https://bonn.community$request_uri;
}
server {
listen 443 ssl spdy;
server_name www.bonn.community;
ssl_certificate /etc/letsencrypt/live/bonn.community/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bonn.community/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;
return 301 https://bonn.community$request_uri;
}
server {
listen 443 ssl spdy;
server_name bonn.community;
ssl_certificate /etc/letsencrypt/live/bonn.community/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bonn.community/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;
add_header Strict-Transport-Security max-age=31536000;
location / {
proxy_pass http://unix:/var/discourse/shared/standalone/nginx.http.sock:;
proxy_set_header Host $http_host;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
ikarus84
November 4, 2016, 7:53pm
9
And a last hint for today…
ikarus84
November 5, 2016, 12:40am
10
A new day, new try:
2016/11/05 01:16:30 [crit] 788#0: *27 connect() to unix:/var/discourse/shared/standalone/nginx.http.sock failed (2: No such file or directory) while connecting to upstream, client: 93.232.205.234, server: bonn.community, request: "GET / HTTP/1.1", upstream: "http://unix:/var/discourse/shared/standalone/nginx.http.sock:/", host: "bonn.community"
2016/11/05 01:16:31 [crit] 788#0: *49 connect() to unix:/var/discourse/shared/standalone/nginx.http.sock failed (2: No such file or directory) while connecting to upstream, client: 93.232.205.234, server: bonn.community, request: "GET / HTTP/1.1", upstream: "http://unix:/var/discourse/shared/standalone/nginx.http.sock:/", host: "bonn.community"
2016/11/05 01:16:59 [crit] 788#0: *27 connect() to unix:/var/discourse/shared/standalone/nginx.http.sock failed (2: No such file or directory) while connecting to upstream, client: 93.232.205.234, server: bonn.community, request: "GET / HTTP/1.1", upstream: "http://unix:/var/discourse/shared/standalone/nginx.http.sock:/", host: "bonn.community"
ikarus84
November 5, 2016, 11:10am
11
My browser tells me, that discourse is failing to load the file “timings”. Because of [‘BAD CSRF’] I get error 403.I am really lost, where else to search to solve the bug.
I rebuild discourse with plenty of different options
I tried to proxy nginx with sockets and ports and different config-files
I reinstalled the docker image.
I read all related articles here and tried the solutions, but none of them worked out.
and I don’t know where to look else.
ikarus84
November 5, 2016, 12:06pm
12
Also removed all modifications following this post:https://meta.discourse.org/t/customization-hangs-on-save/31796/12
ikarus84
November 5, 2016, 12:26pm
13
Holy moly, finally!
I was indeed missing the line
proxy_set_header X-Forwarded-Proto https;
It’s now working again, thanks a lot!!
proxy_set_header X-Forwarded-Proto https;
Who could guess that? So thank you and see you!
3 Likes
.
