New user invite links give a ERR_SSL_PROTOCOL_ERROR even though the rest of the site works fine.
Context
I’ve been running a completely stock Discourse Docker image for about 5 years with no troubles. About a year ago I moved to https with Let’s Encrypt using this guide.
Since then the site has performed well, and existing users can log in and out.
Problem and troubleshooting
As described, new user invite links give a ERR_SSL_PROTOCOL_ERROR even though the rest of the site works fine.
I have run all of the debugging steps in the Debugging section of the Discourse Let’s Encrypt setup guide. Everything ran fine, and the problem persists.
The logs don’t look perfect, though:
warning: nginx: unable to open supervise/ok: file does not exist
[Wed Dec 5 20:41:53 UTC 2018] Reload error for :
Started runsvdir, PID is 1086
ok: run: redis: (pid 1101) 0s
ok: run: postgres: (pid 1096) 0s
rsyslogd: command 'KLogPermitNonKernelFacility' is currently not permitted - did you already set it via a RainerScript command (v6+ config)? [v8.16.0 try http://www.rsyslog.com/e/2222 ]
Server listening on 0.0.0.0 port 22.
rsyslogd: imklog: cannot open kernel log (/proc/kmsg): Operation not permitted.
rsyslogd: activation of module imklog failed [v8.16.0 try http://www.rsyslog.com/e/2145 ]
Server listening on :: port 22.
rsyslogd: Could not open output pipe '/dev/xconsole':: No such file or directory [v8.16.0 try http://www.rsyslog.com/e/2039 ]
supervisor pid: 1099 unicorn pid: 1125
For the first error, I found this post but I am not using a proxy.
Has anyone else run into this problem? I run another site, started a little later, which does not show this problem.
Well, DISCOURSE_HOSTNAME is exactly the name of the site as it should be.
The only place that 80 appears is in this block:
## which TCP/IP ports should this container expose?
expose:
- "80:80" # fwd host port 80 to container port 80 (http)
- "2222:22" # fwd host port 2222 to container port 22 (ssh)
- "443:443" # https
I can’t find anywhere that we might be explicitly setting the port anywhere. And to clarify from Erick’s post above, DISCOURSE_HOSTNAME: www.phylobabble.org, which seems as it should be.
I thought for a while that maybe one of the templates getting loaded might be causing the issue, but these should all be exactly as we found them in the discourse docker. For the sake of thoroughness, here are the templates we’re using, all of which should match those here: GitHub - discourse/discourse_docker: A Docker image for Discourse
I can’t figure out how either of these would be coming out wrong though. My next thought is to litter that discourse.rb file with print statements to see what’s going on, but any help you could provide in helping us track how those values are being computed would be helpful in us narrowing in on where things are going wrong.