ikarus84
(Sascha Foerster)
November 4, 2016, 11:24am
1
First of all a big thank you for the software, that you are developing! It is absolutely amazing and sometimes unbelievable to me, that it is open source: .
I’ve been using discourse for building a community forum for the city of Bonn:
Bonn.Community ist ein Angebot der Bonn.digital eGbR, Endenicher Str. 51, 53115 Bonn, E-Mail: kontakt@bonn.digital, Telefon: 0228 24954600, Gesellschafter: Sascha Foerster und Johannes Mirus, USt-ID: DE302265202
Lately I’ve been working a lot on design and the webserver, which is also serving some other websites. Everything seemed to work after my changes of design and webserver, I was even able to post some “release notes”:
Nach 443 Tages wurde es noch mal Zeit Bonn.Community noch mal etwas aufzufrischen. Die Kategorien sind jetzt an die bestehenden Portale und deren Funktionen angelehnt, die Farben entsprechen dem neuen Design, da @Johannes erarbeitet hat. Ich habe...
Just now, whenever I try to add an article or change options, I get an error 403.
I tried to change some options in my nginx-config back to previous states, but it didn’t help. I tried to change the css-additions, but I can’t save them. I tried to understand this article to try this, but I didn’t understood, where to copy-paste the code:
I’m getting a lot of 403 errors when doing anything - replying to posts, changing settings etc. This happened right after adding a bit of JS to the header, so I’m trying to remove it as step 1. Problem is, the errors prevent me from saving the changed header.
So that I can delete it manually, where are site customizations like this kept?
Maybe you can help me find the error?
ikarus84
(Sascha Foerster)
November 4, 2016, 11:30am
2
Discourse version: v1.7.0.beta7 +15
Added code in </body>
to add a topmenü:
<script type="text/javascript">
$(function() {
var $topDiscourseSub = $('#top-discourse-sub');
$('#top-discourse-link').hover(function() {
$topDiscourseSub.show();
}, function() {
$topDiscourseSub.hide();
});
});
</script>
zogstrip
(Régis Hanol)
November 4, 2016, 1:42pm
3
Seems like your site is down?
1 Like
ikarus84
(Sascha Foerster)
November 4, 2016, 4:09pm
4
It’s just you. http://bonn.community is up.
ikarus84
(Sascha Foerster)
November 4, 2016, 6:13pm
5
Maybe someone can help debugging, when he see the menu and font-files. There is javascript-code involved, hope that this doesn’t cause the bug:
schriftart.dcstyle.json.html (437 Bytes)
piwik-statistiken.dcstyle.json.html (1.1 KB)
menue.dcstyle.json.html (6.6 KB)
neil
(Neil Lalonde)
November 4, 2016, 6:15pm
6
It’s down for me too. It’s always redirecting to https, and it fails to load on https.
2 Likes
ikarus84
(Sascha Foerster)
November 4, 2016, 7:35pm
8
Sorry, there was in error in my nginx-config. For me everything was fine and visible. Now it should be for you as well. Still the problem with error 403 stays.
I case, my nginx-config as well:
##############################
### Docker: Bonn.Community ###
##############################
server {
listen 80;
server_name bonn.community www.bonn.community;
return 301 https://bonn.community$request_uri;
}
server {
listen 443 ssl spdy;
server_name www.bonn.community;
ssl_certificate /etc/letsencrypt/live/bonn.community/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bonn.community/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;
return 301 https://bonn.community$request_uri;
}
server {
listen 443 ssl spdy;
server_name bonn.community;
ssl_certificate /etc/letsencrypt/live/bonn.community/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bonn.community/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;
add_header Strict-Transport-Security max-age=31536000;
location / {
proxy_pass http://unix:/var/discourse/shared/standalone/nginx.http.sock:;
proxy_set_header Host $http_host;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
ikarus84
(Sascha Foerster)
November 4, 2016, 7:53pm
9
And a last hint for today…
ikarus84
(Sascha Foerster)
November 5, 2016, 12:40am
10
A new day, new try:
2016/11/05 01:16:30 [crit] 788#0: *27 connect() to unix:/var/discourse/shared/standalone/nginx.http.sock failed (2: No such file or directory) while connecting to upstream, client: 93.232.205.234, server: bonn.community, request: "GET / HTTP/1.1", upstream: "http://unix:/var/discourse/shared/standalone/nginx.http.sock:/", host: "bonn.community"
2016/11/05 01:16:31 [crit] 788#0: *49 connect() to unix:/var/discourse/shared/standalone/nginx.http.sock failed (2: No such file or directory) while connecting to upstream, client: 93.232.205.234, server: bonn.community, request: "GET / HTTP/1.1", upstream: "http://unix:/var/discourse/shared/standalone/nginx.http.sock:/", host: "bonn.community"
2016/11/05 01:16:59 [crit] 788#0: *27 connect() to unix:/var/discourse/shared/standalone/nginx.http.sock failed (2: No such file or directory) while connecting to upstream, client: 93.232.205.234, server: bonn.community, request: "GET / HTTP/1.1", upstream: "http://unix:/var/discourse/shared/standalone/nginx.http.sock:/", host: "bonn.community"
ikarus84
(Sascha Foerster)
November 5, 2016, 11:10am
11
My browser tells me, that discourse is failing to load the file “timings”. Because of [‘BAD CSRF’] I get error 403.I am really lost, where else to search to solve the bug.
I rebuild discourse with plenty of different options
I tried to proxy nginx with sockets and ports and different config-files
I reinstalled the docker image.
I read all related articles here and tried the solutions, but none of them worked out.
and I don’t know where to look else.
ikarus84
(Sascha Foerster)
November 5, 2016, 12:06pm
12
Also removed all modifications following this post:
https://meta.discourse.org/t/customization-hangs-on-save/31796/12
No help, even after rebuilding.
ikarus84
(Sascha Foerster)
November 5, 2016, 12:26pm
13
Holy moly, finally!
I need to add a simple line to my nginx config:
I was indeed missing the line
proxy_set_header X-Forwarded-Proto https;
It’s now working again, thanks a lot!!
proxy_set_header X-Forwarded-Proto https;
Who could guess that? So thank you and see you!
3 Likes