FAILED
--------------------
Pups::ExecError: /tmp/add-cloudflare-ips failed with return #<Process::Status: pid 1484 exit 8>
Location of failure: /usr/local/lib/ruby/gems/2.7.0/gems/pups-1.1.1/lib/pups/exec_command.rb:117:in `spawn'
exec failed with the params "/tmp/add-cloudflare-ips"
9fe8337bb7b8e64abb480bd2527551585759e48df340dc74bb84c67bdf1ee6b2
** FAILED TO BOOTSTRAP ** please scroll up and look for earlier error messages, there may be more than one.
./discourse-doctor may help diagnose the problem.
This error was safe with enable and disable proxy (orange cloud) on CloudFlare
Done compiling CSS: 2022-03-22 16:54:37 UTC
I, [2022-03-22T16:54:37.832057 #1] INFO -- : Downloading MaxMindDB...
Compressing Javascript and Generating Source Maps
I, [2022-03-22T16:54:37.874506 #1] INFO -- : File > /usr/local/bin/discourse chmod: +x chown:
I, [2022-03-22T16:54:37.880784 #1] INFO -- : File > /usr/local/bin/rails chmod: +x chown:
I, [2022-03-22T16:54:37.887872 #1] INFO -- : File > /usr/local/bin/rake chmod: +x chown:
I, [2022-03-22T16:54:37.894248 #1] INFO -- : File > /usr/local/bin/rbtrace chmod: +x chown:
I, [2022-03-22T16:54:37.900136 #1] INFO -- : File > /usr/local/bin/stackprof chmod: +x chown:
I, [2022-03-22T16:54:37.907873 #1] INFO -- : File > /etc/update-motd.d/10-web chmod: +x chown:
I, [2022-03-22T16:54:37.912825 #1] INFO -- : File > /etc/logrotate.d/rails chmod: chown:
I, [2022-03-22T16:54:37.917132 #1] INFO -- : File > /etc/logrotate.d/nginx chmod: chown:
I, [2022-03-22T16:54:37.924129 #1] INFO -- : File > /etc/runit/1.d/00-ensure-links chmod: +x chown:
I, [2022-03-22T16:54:37.930083 #1] INFO -- : File > /etc/runit/1.d/01-cleanup-web-pids chmod: +x chown:
I, [2022-03-22T16:54:37.936780 #1] INFO -- : File > /root/.bash_profile chmod: 644 chown:
I, [2022-03-22T16:54:37.941664 #1] INFO -- : File > /usr/local/etc/ImageMagick-7/policy.xml chmod: chown:
I, [2022-03-22T16:54:37.949303 #1] INFO -- : Replacing (?-mix:server.+{) with limit_req_zone $binary_remote_addr zone=flood:10m rate=$reqs_per_secondr/s;
limit_req_zone $binary_remote_addr zone=bot:10m rate=$reqs_per_minuter/m;
limit_req_status 429;
limit_conn_zone $binary_remote_addr zone=connperip:10m;
limit_conn_status 429;
server {
in /etc/nginx/conf.d/discourse.conf
I, [2022-03-22T16:54:37.952599 #1] INFO -- : Replacing (?-mix:location @discourse {) with location @discourse {
limit_conn connperip $conn_per_ip;
limit_req zone=flood burst=$burst_per_second nodelay;
limit_req zone=bot burst=$burst_per_minute nodelay; in /etc/nginx/conf.d/discourse.conf
I, [2022-03-22T16:54:37.960935 #1] INFO -- : File > /tmp/add-cloudflare-ips chmod: +x chown:
I, [2022-03-22T16:54:37.961856 #1] INFO -- : > /tmp/add-cloudflare-ips
--2022-03-22 16:54:37-- https://www.cloudflare.com/ips-v4/
Resolving www.cloudflare.com (www.cloudflare.com)... 104.16.124.96, 104.16.123.96, 2606:4700::6810:7c60, ...
Connecting to www.cloudflare.com (www.cloudflare.com)|104.16.124.96|:443... connected.
HTTP request sent, awaiting response... 403 Forbidden
2022-03-22 16:54:38 ERROR 403: Forbidden.
I, [2022-03-22T16:54:38.130543 #1] INFO -- :
I, [2022-03-22T16:54:38.146489 #1] INFO -- : Terminating async processes
I, [2022-03-22T16:54:38.148916 #1] INFO -- : Sending INT to HOME=/var/lib/postgresql USER=postgres exec chpst -u postgres:postgres:ssl-cert -U postgres:postgres:ssl-cert /usr/lib/postgresql/13/bin/postmaster -D /etc/postgresql/13/main pid: 42
2022-03-22 16:54:38.149 UTC [42] LOG: received fast shutdown request
I, [2022-03-22T16:54:38.150508 #1] INFO -- : Sending TERM to exec chpst -u redis -U redis /usr/bin/redis-server /etc/redis/redis.conf pid: 103
103:signal-handler (1647968078) Received SIGTERM scheduling shutdown...
2022-03-22 16:54:38.155 UTC [42] LOG: aborting any active transactions
2022-03-22 16:54:38.167 UTC [42] LOG: background worker "logical replication launcher" (PID 51) exited with exit code 1
2022-03-22 16:54:38.171 UTC [46] LOG: shutting down
103:M 22 Mar 2022 16:54:38.203 # User requested shutdown...
103:M 22 Mar 2022 16:54:38.204 * Saving the final RDB snapshot before exiting.
103:M 22 Mar 2022 16:54:38.213 * DB saved on disk
103:M 22 Mar 2022 16:54:38.214 # Redis is now ready to exit, bye bye...
2022-03-22 16:54:38.228 UTC [42] LOG: database system is shut down
FAILED
--------------------
Pups::ExecError: /tmp/add-cloudflare-ips failed with return #<Process::Status: pid 1487 exit 8>
Location of failure: /usr/local/lib/ruby/gems/2.7.0/gems/pups-1.1.1/lib/pups/exec_command.rb:117:in `spawn'
exec failed with the params "/tmp/add-cloudflare-ips"
3123cbaef859e04ff382e3194e1745b88ee6e4777de9f0f7b45cb6cf2ac6d757
** FAILED TO BOOTSTRAP ** please scroll up and look for earlier error messages, there may be more than one.
./discourse-doctor may help diagnose the problem.
root@app:/var/discourse#
Cloudflare has blocked your IP from retrieving its list of IPs. You can try again, ask them why, or manage the list yourself.
To fix the immediate problem I would probably retrieve the list from your local computer and adapt the template to hardcode it instead of retrieving from Cloudflare, then get in touch with them.
@RyanK any suggestions on this? our template pulls the lists every build, but this shouldn’t be a problem. I would expect to get 429 rate-limited rather than 403ed if it were
Sorry, for the question, I’m not profi How I can added CloudFlare IPs without use this template cloudflare.template.yml? I’m use Discourse Docker on Ubuntu 20.04.
Unless you run a community that attracts abusers it shouldn’t be a problem. And running discourse if such a way that your ip isn’t leaked is rather tricky.
I try replace url cloudflare.com/ips-v4/, cloudflare.com/ips-v6/ in cloudflare.template.yml to IPs on my server (when hosted ip list).
contents: |
#!/bin/bash -e
# Download list of CloudFlare ips
wget -q https://www.myserver.com/ips-v4/ -O - > /tmp/cloudflare-ips
echo >> /tmp/cloudflare-ips
wget -q https://www.myserver.com/ips-v6/ -O - >> /tmp/cloudflare-ips
# Make into nginx commands and escape for inclusion into sed append command
CONTENTS=$(</tmp/cloudflare-ips sed '/^$/d; s/^.*/set_real_ip_from &;/' | tr '\n' '\\' | sed 's/\\/\\n/g')
Have this result
I, [2022-03-22T18:49:10.469231 #1] INFO -- : Downloading MaxMindDB...
Compressing Javascript and Generating Source Maps
I, [2022-03-22T18:49:10.514524 #1] INFO -- : File > /usr/local/bin/discourse chmod: +x chown:
I, [2022-03-22T18:49:10.521050 #1] INFO -- : File > /usr/local/bin/rails chmod: +x chown:
I, [2022-03-22T18:49:10.528727 #1] INFO -- : File > /usr/local/bin/rake chmod: +x chown:
I, [2022-03-22T18:49:10.534748 #1] INFO -- : File > /usr/local/bin/rbtrace chmod: +x chown:
I, [2022-03-22T18:49:10.541288 #1] INFO -- : File > /usr/local/bin/stackprof chmod: +x chown:
I, [2022-03-22T18:49:10.549718 #1] INFO -- : File > /etc/update-motd.d/10-web chmod: +x chown:
I, [2022-03-22T18:49:10.554428 #1] INFO -- : File > /etc/logrotate.d/rails chmod: chown:
I, [2022-03-22T18:49:10.558589 #1] INFO -- : File > /etc/logrotate.d/nginx chmod: chown:
I, [2022-03-22T18:49:10.565929 #1] INFO -- : File > /etc/runit/1.d/00-ensure-links chmod: +x chown:
I, [2022-03-22T18:49:10.571595 #1] INFO -- : File > /etc/runit/1.d/01-cleanup-web-pids chmod: +x chown:
I, [2022-03-22T18:49:10.578243 #1] INFO -- : File > /root/.bash_profile chmod: 644 chown:
I, [2022-03-22T18:49:10.583602 #1] INFO -- : File > /usr/local/etc/ImageMagick-7/policy.xml chmod: chown:
I, [2022-03-22T18:49:10.589959 #1] INFO -- : Replacing (?-mix:server.+{) with limit_req_zone $binary_remote_addr zone=flood:10m rate=$reqs_per_secondr/s;
limit_req_zone $binary_remote_addr zone=bot:10m rate=$reqs_per_minuter/m;
limit_req_status 429;
limit_conn_zone $binary_remote_addr zone=connperip:10m;
limit_conn_status 429;
server {
in /etc/nginx/conf.d/discourse.conf
I, [2022-03-22T18:49:10.592764 #1] INFO -- : Replacing (?-mix:location @discourse {) with location @discourse {
limit_conn connperip $conn_per_ip;
limit_req zone=flood burst=$burst_per_second nodelay;
limit_req zone=bot burst=$burst_per_minute nodelay; in /etc/nginx/conf.d/discourse.conf
I, [2022-03-22T18:49:10.601940 #1] INFO -- : File > /tmp/add-cloudflare-ips chmod: +x chown:
I, [2022-03-22T18:49:10.604368 #1] INFO -- : > /tmp/add-cloudflare-ips
I, [2022-03-22T18:49:10.791696 #1] INFO -- :
I, [2022-03-22T18:49:10.811681 #1] INFO -- : Terminating async processes
I, [2022-03-22T18:49:10.813970 #1] INFO -- : Sending INT to HOME=/var/lib/postgresql USER=postgres exec chpst -u postgres:postgres:ssl-cert -U postgres:postgres:ssl-cert /usr/lib/postgresql/13/bin/postmaster -D /etc/postgresql/13/main pid: 42
2022-03-22 18:49:10.815 UTC [42] LOG: received fast shutdown request
I, [2022-03-22T18:49:10.816541 #1] INFO -- : Sending TERM to exec chpst -u redis -U redis /usr/bin/redis-server /etc/redis/redis.conf pid: 103
103:signal-handler (1647974950) Received SIGTERM scheduling shutdown...
2022-03-22 18:49:10.820 UTC [42] LOG: aborting any active transactions
2022-03-22 18:49:10.834 UTC [42] LOG: background worker "logical replication launcher" (PID 51) exited with exit code 1
2022-03-22 18:49:10.837 UTC [46] LOG: shutting down
2022-03-22 18:49:10.877 UTC [42] LOG: database system is shut down
103:M 22 Mar 2022 18:49:10.896 # User requested shutdown...
103:M 22 Mar 2022 18:49:10.897 * Saving the final RDB snapshot before exiting.
103:M 22 Mar 2022 18:49:10.923 * DB saved on disk
103:M 22 Mar 2022 18:49:10.924 # Redis is now ready to exit, bye bye...
FAILED
--------------------
Pups::ExecError: /tmp/add-cloudflare-ips failed with return #<Process::Status: pid 1487 exit 8>
Location of failure: /usr/local/lib/ruby/gems/2.7.0/gems/pups-1.1.1/lib/pups/exec_command.rb:117:in `spawn'
exec failed with the params "/tmp/add-cloudflare-ips"
7b755fd1f149c4b1bfb984edccf952001a7d97621aba59a111d07784bf39dc78
** FAILED TO BOOTSTRAP ** please scroll up and look for earlier error messages, there may be more than one.
./discourse-doctor may help diagnose the problem.
I think in the perspective need create mirror to CloudFlare IPs website https://www.cloudflare.com/ips-v4 and https://www.cloudflare.com/ips-v6 to get fresh list and bypass block.