Movi isto para um novo tópico @Monikas. Para esclarecer, você notou este problema após uma reconstrução recente do site?
Você também pode verificar em justnainai.com/logs, este tipo de mensagem de erro voltada para o usuário geralmente tem uma entrada de log correspondente.
Não sei o que significa esse erro.
Movi meu fórum na última semana usando backups + sobrescritas de app.yml e depois alterei o SMTP de Microsoft Mail 360 para Google Mail. Além disso, usei o painel para construí-lo usando o 1Panel com o “OpenResty Web Platform baseado em NGINX e LuaJIT” e, em seguida, usei proxies reversos. Aqui está o código-fonte do proxy reverso e seu arquivo de configuração.
error.txt|anexo (614,2 KB)
Também usei o Cloudflare e segui as configurações nos fóruns para configurar o
Resultados da pesquisa por ‘cloudflare’ - Discourse Meta
O certificado usa o Origin Server no Cloudflare
Não tenho nenhum firewall ativo.
Configuração do Site
server {
listen 80 ;
listen 443 ssl http2 ;
server_name www.justnainai.com;
index index.php index.html index.htm default.php default.htm default.html;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
access_log /www/sites/www.justnainai.com/log/access.log main;
error_log /www/sites/www.justnainai.com/log/error.log;
location ^~ /.well-known/acme-challenge {
allow all;
root /usr/share/nginx/html;
}
include /www/sites/www.justnainai.com/proxy/*.conf;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
ssl_certificate /www/sites/www.justnainai.com/ssl/fullchain.pem;
ssl_certificate_key /www/sites/www.justnainai.com/ssl/privkey.pem;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4:!3DES:!MD5:!PSK:!KRB5:!SRP:!CAMELLIA:!SEED;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
error_page 497 https://$host$request_uri;
proxy_set_header X-Forwarded-Proto https;
add_header Strict-Transport-Security "max-age=31536000";
}
Proxy reverso original
location ^~ / {
proxy_pass http://127.0.0.1:50080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
add_header X-Cache $upstream_cache_status;
add_header Cache-Control no-cache;
proxy_ssl_server_name off;
proxy_ssl_name $proxy_host;
add_header Strict-Transport-Security “max-age=31536000”;
}
(google_oauth2) Falha na autenticação! access_denied: OmniAuth::Strategies::OAuth2::CallbackError, access_denied
BUG
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:134:in `block in error'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `block in dispatch'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `each'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `dispatch'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:134:in `error'
omniauth-1.9.2/lib/omniauth/strategy.rb:163:in `log'
omniauth-1.9.2/lib/omniauth/strategy.rb:486:in `fail!'
omniauth-oauth2-1.7.3/lib/omniauth/strategies/oauth2.rb:89:in `callback_phase'
omniauth-1.9.2/lib/omniauth/strategy.rb:238:in `callback_call'
omniauth-1.9.2/lib/omniauth/strategy.rb:189:in `call!'
omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'
omniauth-1.9.2/lib/omniauth/builder.rb:45:in `call'
/var/www/discourse/lib/middleware/omniauth_bypass_middleware.rb:43:in `call'
rack-2.2.10/lib/rack/tempfile_reaper.rb:15:in `call'
rack-2.2.10/lib/rack/conditional_get.rb:27:in `call'
rack-2.2.10/lib/rack/head.rb:12:in `call'
actionpack-7.2.2/lib/action_dispatch/http/permissions_policy.rb:38:in `call'
/var/www/discourse/lib/content_security_policy/middleware.rb:12:in `call'
/var/www/discourse/lib/middleware/anonymous_cache.rb:397:in `call'
/var/www/discourse/lib/middleware/csp_script_nonce_injector.rb:12:in `call'
/var/www/discourse/config/initializers/008-rack-cors.rb:14:in `call'
rack-2.2.10/lib/rack/session/abstract/id.rb:266:in `context'
rack-2.2.10/lib/rack/session/abstract/id.rb:260:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/cookies.rb:704:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/callbacks.rb:31:in `block in call'
activesupport-7.2.2/lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack-7.2.2/lib/action_dispatch/middleware/callbacks.rb:30:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/debug_exceptions.rb:31:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/show_exceptions.rb:32:in `call'
logster-2.20.0/lib/logster/middleware/reporter.rb:40:in `call'
railties-7.2.2/lib/rails/rack/logger.rb:41:in `call_app'
railties-7.2.2/lib/rails/rack/logger.rb:29:in `call'
/var/www/discourse/config/initializers/100-quiet_logger.rb:20:in `call'
/var/www/discourse/config/initializers/100-silence_logger.rb:29:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/request_id.rb:33:in `call'
/var/www/discourse/lib/middleware/enforce_hostname.rb:24:in `call'
rack-2.2.10/lib/rack/method_override.rb:24:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/executor.rb:16:in `call'
rack-2.2.10/lib/rack/sendfile.rb:110:in `call'
rack-mini-profiler-3.3.1/lib/mini_profiler.rb:191:in `call'
/var/www/discourse/lib/middleware/processing_request.rb:12:in `call'
message_bus-4.3.8/lib/message_bus/rack/middleware.rb:60:in `call'
/var/www/discourse/lib/middleware/request_tracker.rb:360:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/remote_ip.rb:96:in `call'
railties-7.2.2/lib/rails/engine.rb:535:in `call'
railties-7.2.2/lib/rails/railtie.rb:226:in `public_send'
railties-7.2.2/lib/rails/railtie.rb:226:in `method_missing'
rack-2.2.10/lib/rack/urlmap.rb:74:in `block in call'
rack-2.2.10/lib/rack/urlmap.rb:58:in `each'
rack-2.2.10/lib/rack/urlmap.rb:58:in `call'
unicorn-6.1.0/lib/unicorn/http_server.rb:634:in `process_client'
unicorn-6.1.0/lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn-6.1.0/lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn-6.1.0/lib/unicorn/http_server.rb:143:in `start'
unicorn-6.1.0/bin/unicorn:128:in `<top (required)>'
/var/www/discourse/vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `load'
/var/www/discourse/vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `<main>'
(microsoft_office365) Falha na autenticação! access_denied: OmniAuth::Strategies::OAuth2::CallbackError, access_denied | O usuário negou acesso ao escopo solicitado pelo aplicativo cliente.
BUG2
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:134:in `block in error'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `block in dispatch'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `each'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `dispatch'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:134:in `error'
omniauth-1.9.2/lib/omniauth/strategy.rb:163:in `log'
omniauth-1.9.2/lib/omniauth/strategy.rb:486:in `fail!'
omniauth-oauth2-1.7.3/lib/omniauth/strategies/oauth2.rb:89:in `callback_phase'
omniauth-1.9.2/lib/omniauth/strategy.rb:238:in `callback_call'
omniauth-1.9.2/lib/omniauth/strategy.rb:189:in `call!'
omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'
omniauth-1.9.2/lib/omniauth/strategy.rb:192:in `call!'
omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'
omniauth-1.9.2/lib/omniauth/builder.rb:45:in `call'
/var/www/discourse/lib/middleware/omniauth_bypass_middleware.rb:43:in `call'
rack-2.2.10/lib/rack/tempfile_reaper.rb:15:in `call'
rack-2.2.10/lib/rack/conditional_get.rb:27:in `call'
rack-2.2.10/lib/rack/head.rb:12:in `call'
actionpack-7.2.2/lib/action_dispatch/http/permissions_policy.rb:38:in `call'
/var/www/discourse/lib/content_security_policy/middleware.rb:12:in `call'
/var/www/discourse/lib/middleware/anonymous_cache.rb:397:in `call'
/var/www/discourse/lib/middleware/csp_script_nonce_injector.rb:12:in `call'
/var/www/discourse/config/initializers/008-rack-cors.rb:14:in `call'
rack-2.2.10/lib/rack/session/abstract/id.rb:266:in `context'
rack-2.2.10/lib/rack/session/abstract/id.rb:260:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/cookies.rb:704:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/callbacks.rb:31:in `block in call'
activesupport-7.2.2/lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack-7.2.2/lib/action_dispatch/middleware/callbacks.rb:30:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/debug_exceptions.rb:31:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/show_exceptions.rb:32:in `call'
logster-2.20.0/lib/logster/middleware/reporter.rb:40:in `call'
railties-7.2.2/lib/rails/rack/logger.rb:41:in `call_app'
railties-7.2.2/lib/rails/rack/logger.rb:29:in `call'
/var/www/discourse/config/initializers/100-quiet_logger.rb:20:in `call'
/var/www/discourse/config/initializers/100-silence_logger.rb:29:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/request_id.rb:33:in `call'
/var/www/discourse/lib/middleware/enforce_hostname.rb:24:in `call'
rack-2.2.10/lib/rack/method_override.rb:24:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/executor.rb:16:in `call'
rack-2.2.10/lib/rack/sendfile.rb:110:in `call'
rack-mini-profiler-3.3.1/lib/mini_profiler.rb:191:in `call'
/var/www/discourse/lib/middleware/processing_request.rb:12:in `call'
message_bus-4.3.8/lib/message_bus/rack/middleware.rb:60:in `call'
/var/www/discourse/lib/middleware/request_tracker.rb:360:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/remote_ip.rb:96:in `call'
railties-7.2.2/lib/rails/engine.rb:535:in `call'
railties-7.2.2/lib/rails/railtie.rb:226:in `public_send'
railties-7.2.2/lib/rails/railtie.rb:226:in `method_missing'
rack-2.2.10/lib/rack/urlmap.rb:74:in `block in call'
rack-2.2.10/lib/rack/urlmap.rb:58:in `each'
rack-2.2.10/lib/rack/urlmap.rb:58:in `call'
unicorn-6.1.0/lib/unicorn/http_server.rb:634:in `process_client'
unicorn-6.1.0/lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn-6.1.0/lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn-6.1.0/lib/unicorn/http_server.rb:143:in `start'
unicorn-6.1.0/bin/unicorn:128:in `<top (required)>'
/var/www/discourse/vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `load'
/var/www/discourse/vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `<main>'
app.yml
templates:
- "templates/postgres.template.yml"
- "templates/redis.template.yml"
- "templates/web.template.yml"
- "templates/web.ratelimited.template.yml"
- "templates/cloudflare.template.yml"
expose:
- "50080:80"
- "50443:443"
params:
db_default_text_search_config: "pg_catalog.english"
#db_shared_buffers: "256MB"
#db_work_mem: "40MB"
#version: tests-passed
env:
LC_ALL: en_US.UTF-8
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
# DISCOURSE_DEFAULT_LOCALE: en
#UNICORN_WORKERS: 3
DISCOURSE_HOSTNAME: 'www.justnainai.com'
DISCOURSE_DEVELOPER_EMAILS: ''
DISCOURSE_MAX_REQS_PER_IP_PER_10_SECONDS: 400
DISCOURSE_MAX_ASSET_REQS_PER_IP_PER_10_SECONDS: 800
DISCOURSE_SMTP_ADDRESS: smtp.gmail.com
DISCOURSE_SMTP_PORT: 587
DISCOURSE_SMTP_USER_NAME: ''
DISCOURSE_SMTP_PASSWORD: ''
DISCOURSE_SMTP_ENABLE_START_TLS: true
DISCOURSE_SMTP_AUTHENTICATION: login
volumes:
- volume:
host: /var/discourse/shared/standalone
guest: /shared
- volume:
host: /var/discourse/shared/standalone/log/var-log
guest: /var/log
OAuth2::ConnectionError (FinalDestination: todos os IPs resolvidos foram bloqueados)
E recentemente esse erro começou a aparecer nos fóruns, e 4797 deles não estão sendo exibidos nos logs de uma só vez.
Acabei de testar no meu computador local.
Não vi nenhum problema no login do Google.
Isso indica um problema de rede em seu novo host. Suspeito que os problemas começaram a acontecer quando você se mudou. Algo em sua pilha está bloqueando as solicitações para os servidores de autenticação… infelizmente, não posso ajudar mais, mas testei em um site que hospedamos e a autenticação do Google funciona corretamente.