我已将此移至新主题@Monikas。为澄清起见,您是在最近重建网站后注意到此问题的吗?
您能否也查看一下 justnainai.com/logs,这种面向用户的错误消息通常会附带一个日志条目。
3 个赞
I don’t know what this error means.
I’ve moved my forums in the last week using backups + app.yml overrides and then I switched smtp from Microsoft Mail 360 to Google Mail and then there’s also the panel I used to build it using 1Panel using the “OpenResty Web Platform based on NGINX and LuaJIT” in there and then using reverse proxies. Here’s the source code for the reverse proxy and its configuration file.
error.txt (614.2 KB)
I also used cloudflare and followed the configuration in the forums to set up the
Search results for ‘cloudflare’ - Discourse Meta
The certificate uses the Origin Server in cloudflare
I don’t have any firewalls up.
Website Configuration
server {
listen 80 ;
listen 443 ssl http2 ;
server_name www.justnainai.com;
index index.php index.html index.htm default.php default.htm default.html;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
access_log /www/sites/www.justnainai.com/log/access.log main;
error_log /www/sites/www.justnainai.com/log/error.log;
location ^~ /.well-known/acme-challenge {
allow all;
root /usr/share/nginx/html;
}
include /www/sites/www.justnainai.com/proxy/*.conf;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
ssl_certificate /www/sites/www.justnainai.com/ssl/fullchain.pem;
ssl_certificate_key /www/sites/www.justnainai.com/ssl/privkey.pem;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4:!3DES:!MD5:!PSK:!KRB5:!SRP:!CAMELLIA:!SEED;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
error_page 497 https://$host$request_uri;
proxy_set_header X-Forwarded-Proto https;
add_header Strict-Transport-Security "max-age=31536000";
}
Reverse proxy original
location ^~ / {
proxy_pass http://127.0.0.1:50080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
add_header X-Cache $upstream_cache_status;
add_header Cache-Control no-cache;
proxy_ssl_server_name off;
proxy_ssl_name $proxy_host;
add_header Strict-Transport-Security “max-age=31536000”;
}
(google_oauth2) Authentication failure! access_denied: OmniAuth::Strategies::OAuth2::CallbackError, access_denied
BUG
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:134:in `block in error'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `block in dispatch'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `each'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `dispatch'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:134:in `error'
omniauth-1.9.2/lib/omniauth/strategy.rb:163:in `log'
omniauth-1.9.2/lib/omniauth/strategy.rb:486:in `fail!'
omniauth-oauth2-1.7.3/lib/omniauth/strategies/oauth2.rb:89:in `callback_phase'
omniauth-1.9.2/lib/omniauth/strategy.rb:238:in `callback_call'
omniauth-1.9.2/lib/omniauth/strategy.rb:189:in `call!'
omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'
omniauth-1.9.2/lib/omniauth/builder.rb:45:in `call'
/var/www/discourse/lib/middleware/omniauth_bypass_middleware.rb:43:in `call'
rack-2.2.10/lib/rack/tempfile_reaper.rb:15:in `call'
rack-2.2.10/lib/rack/conditional_get.rb:27:in `call'
rack-2.2.10/lib/rack/head.rb:12:in `call'
actionpack-7.2.2/lib/action_dispatch/http/permissions_policy.rb:38:in `call'
/var/www/discourse/lib/content_security_policy/middleware.rb:12:in `call'
/var/www/discourse/lib/middleware/anonymous_cache.rb:397:in `call'
/var/www/discourse/lib/middleware/csp_script_nonce_injector.rb:12:in `call'
/var/www/discourse/config/initializers/008-rack-cors.rb:14:in `call'
rack-2.2.10/lib/rack/session/abstract/id.rb:266:in `context'
rack-2.2.10/lib/rack/session/abstract/id.rb:260:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/cookies.rb:704:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/callbacks.rb:31:in `block in call'
activesupport-7.2.2/lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack-7.2.2/lib/action_dispatch/middleware/callbacks.rb:30:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/debug_exceptions.rb:31:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/show_exceptions.rb:32:in `call'
logster-2.20.0/lib/logster/middleware/reporter.rb:40:in `call'
railties-7.2.2/lib/rails/rack/logger.rb:41:in `call_app'
railties-7.2.2/lib/rails/rack/logger.rb:29:in `call'
/var/www/discourse/config/initializers/100-quiet_logger.rb:20:in `call'
/var/www/discourse/config/initializers/100-silence_logger.rb:29:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/request_id.rb:33:in `call'
/var/www/discourse/lib/middleware/enforce_hostname.rb:24:in `call'
rack-2.2.10/lib/rack/method_override.rb:24:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/executor.rb:16:in `call'
rack-2.2.10/lib/rack/sendfile.rb:110:in `call'
rack-mini-profiler-3.3.1/lib/mini_profiler.rb:191:in `call'
/var/www/discourse/lib/middleware/processing_request.rb:12:in `call'
message_bus-4.3.8/lib/message_bus/rack/middleware.rb:60:in `call'
/var/www/discourse/lib/middleware/request_tracker.rb:360:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/remote_ip.rb:96:in `call'
railties-7.2.2/lib/rails/engine.rb:535:in `call'
railties-7.2.2/lib/rails/railtie.rb:226:in `public_send'
railties-7.2.2/lib/rails/railtie.rb:226:in `method_missing'
rack-2.2.10/lib/rack/urlmap.rb:74:in `block in call'
rack-2.2.10/lib/rack/urlmap.rb:58:in `each'
rack-2.2.10/lib/rack/urlmap.rb:58:in `call'
unicorn-6.1.0/lib/unicorn/http_server.rb:634:in `process_client'
unicorn-6.1.0/lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn-6.1.0/lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn-6.1.0/lib/unicorn/http_server.rb:143:in `start'
unicorn-6.1.0/bin/unicorn:128:in `<top (required)>'
/var/www/discourse/vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `load'
/var/www/discourse/vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `<main>'
(microsoft_office365) Authentication failure! access_denied: OmniAuth::Strategies::OAuth2::CallbackError, access_denied | The user has denied access to the scope requested by the client application.
BUG2
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:134:in `block in error'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `block in dispatch'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `each'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:231:in `dispatch'
activesupport-7.2.2/lib/active_support/broadcast_logger.rb:134:in `error'
omniauth-1.9.2/lib/omniauth/strategy.rb:163:in `log'
omniauth-1.9.2/lib/omniauth/strategy.rb:486:in `fail!'
omniauth-oauth2-1.7.3/lib/omniauth/strategies/oauth2.rb:89:in `callback_phase'
omniauth-1.9.2/lib/omniauth/strategy.rb:238:in `callback_call'
omniauth-1.9.2/lib/omniauth/strategy.rb:189:in `call!'
omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'
omniauth-1.9.2/lib/omniauth/strategy.rb:192:in `call!'
omniauth-1.9.2/lib/omniauth/strategy.rb:169:in `call'
omniauth-1.9.2/lib/omniauth/builder.rb:45:in `call'
/var/www/discourse/lib/middleware/omniauth_bypass_middleware.rb:43:in `call'
rack-2.2.10/lib/rack/tempfile_reaper.rb:15:in `call'
rack-2.2.10/lib/rack/conditional_get.rb:27:in `call'
rack-2.2.10/lib/rack/head.rb:12:in `call'
actionpack-7.2.2/lib/action_dispatch/http/permissions_policy.rb:38:in `call'
/var/www/discourse/lib/content_security_policy/middleware.rb:12:in `call'
/var/www/discourse/lib/middleware/anonymous_cache.rb:397:in `call'
/var/www/discourse/lib/middleware/csp_script_nonce_injector.rb:12:in `call'
/var/www/discourse/config/initializers/008-rack-cors.rb:14:in `call'
rack-2.2.10/lib/rack/session/abstract/id.rb:266:in `context'
rack-2.2.10/lib/rack/session/abstract/id.rb:260:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/cookies.rb:704:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/callbacks.rb:31:in `block in call'
activesupport-7.2.2/lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack-7.2.2/lib/action_dispatch/middleware/callbacks.rb:30:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/debug_exceptions.rb:31:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/show_exceptions.rb:32:in `call'
logster-2.20.0/lib/logster/middleware/reporter.rb:40:in `call'
railties-7.2.2/lib/rails/rack/logger.rb:41:in `call_app'
railties-7.2.2/lib/rails/rack/logger.rb:29:in `call'
/var/www/discourse/config/initializers/100-quiet_logger.rb:20:in `call'
/var/www/discourse/config/initializers/100-silence_logger.rb:29:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/request_id.rb:33:in `call'
/var/www/discourse/lib/middleware/enforce_hostname.rb:24:in `call'
rack-2.2.10/lib/rack/method_override.rb:24:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/executor.rb:16:in `call'
rack-2.2.10/lib/rack/sendfile.rb:110:in `call'
rack-mini-profiler-3.3.1/lib/mini_profiler.rb:191:in `call'
/var/www/discourse/lib/middleware/processing_request.rb:12:in `call'
message_bus-4.3.8/lib/message_bus/rack/middleware.rb:60:in `call'
/var/www/discourse/lib/middleware/request_tracker.rb:360:in `call'
actionpack-7.2.2/lib/action_dispatch/middleware/remote_ip.rb:96:in `call'
railties-7.2.2/lib/rails/engine.rb:535:in `call'
railties-7.2.2/lib/rails/railtie.rb:226:in `public_send'
railties-7.2.2/lib/rails/railtie.rb:226:in `method_missing'
rack-2.2.10/lib/rack/urlmap.rb:74:in `block in call'
rack-2.2.10/lib/rack/urlmap.rb:58:in `each'
rack-2.2.10/lib/rack/urlmap.rb:58:in `call'
unicorn-6.1.0/lib/unicorn/http_server.rb:634:in `process_client'
unicorn-6.1.0/lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn-6.1.0/lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn-6.1.0/lib/unicorn/http_server.rb:143:in `start'
unicorn-6.1.0/bin/unicorn:128:in `<top (required)>'
/var/www/discourse/vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `load'
/var/www/discourse/vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `<main>'
app.yml
templates:
- "templates/postgres.template.yml"
- "templates/redis.template.yml"
- "templates/web.template.yml"
- "templates/web.ratelimited.template.yml"
- "templates/cloudflare.template.yml"
expose:
- "50080:80"
- "50443:443"
params:
db_default_text_search_config: "pg_catalog.english"
#db_shared_buffers: "256MB"
#db_work_mem: "40MB"
#version: tests-passed
env:
LC_ALL: en_US.UTF-8
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
# DISCOURSE_DEFAULT_LOCALE: en
#UNICORN_WORKERS: 3
DISCOURSE_HOSTNAME: 'www.justnainai.com'
DISCOURSE_DEVELOPER_EMAILS: ''
DISCOURSE_MAX_REQS_PER_IP_PER_10_SECONDS: 400
DISCOURSE_MAX_ASSET_REQS_PER_IP_PER_10_SECONDS: 800
DISCOURSE_SMTP_ADDRESS: smtp.gmail.com
DISCOURSE_SMTP_PORT: 587
DISCOURSE_SMTP_USER_NAME: ''
DISCOURSE_SMTP_PASSWORD: ''
DISCOURSE_SMTP_ENABLE_START_TLS: true
DISCOURSE_SMTP_AUTHENTICATION: login
volumes:
- volume:
host: /var/discourse/shared/standalone
guest: /shared
- volume:
host: /var/discourse/shared/standalone/log/var-log
guest: /var/log
OAuth2::ConnectionError (FinalDestination: all resolved IPs were disallowed)
And I recently started this error on the forums and 4797 of them are not showing up in the logs at once.
已在本地计算机上进行了测试。
未发现 Google 登录问题。
1 个赞
这表明您的新主机存在网络问题,我怀疑问题是在您迁移之后开始出现的。您的某个组件正在阻止对身份验证服务器的请求……很抱歉,我无法提供进一步的帮助,但我测试了我们托管的网站,Google身份验证可以正常工作。
3 个赞
此主题在上次回复后 30 天自动关闭。不再允许回复。