Troubles on setup StartSLL


(Kmi Cic) #1

Faced with this problem, I installed a free certificate from StartSSL for this instruction:
https://leland.me/https-discourse/

After

./launch rebuild app

I get this error:

I, [2017-02-18T01:57:06.007241 #13]  INFO -- : Purging temp files
Bundling assets
Compressing Javascript and Generating Source Maps

I, [2017-02-18T01:57:06.023512 #13]  INFO -- : File > /usr/local/bin/discourse  chmod: +x
I, [2017-02-18T01:57:06.029642 #13]  INFO -- : File > /usr/local/bin/rails  chmod: +x
I, [2017-02-18T01:57:06.036734 #13]  INFO -- : File > /usr/local/bin/rake  chmod: +x
I, [2017-02-18T01:57:06.043627 #13]  INFO -- : File > /etc/update-motd.d/10-web  chmod: +x
I, [2017-02-18T01:57:06.048132 #13]  INFO -- : File > /etc/logrotate.d/rails  chmod: 
I, [2017-02-18T01:57:06.051864 #13]  INFO -- : File > /etc/logrotate.d/nginx  chmod: 
I, [2017-02-18T01:57:06.058561 #13]  INFO -- : File > /etc/runit/1.d/00-ensure-links  chmod: +x
I, [2017-02-18T01:57:06.064783 #13]  INFO -- : File > /root/.bash_profile  chmod: 644
I, [2017-02-18T01:57:06.069187 #13]  INFO -- : Replacing (?-mix:server.+{) with limit_req_zone $binary_remote_addr zone=flood:10m rate=$reqs_per_secondr/s;
limit_req_zone $binary_remote_addr zone=bot:10m rate=$reqs_per_minuter/m;
limit_req_status 429;
server {
 in /etc/nginx/conf.d/discourse.conf
I, [2017-02-18T01:57:06.070917 #13]  INFO -- : Replacing (?-mix:location @discourse {) with location @discourse {
  limit_req zone=flood burst=$burst_per_second nodelay;
  limit_req zone=bot burst=$burst_per_minute nodelay; in /etc/nginx/conf.d/discourse.conf
I, [2017-02-18T01:57:06.074786 #13]  INFO -- : Terminating async processes
I, [2017-02-18T01:57:06.075885 #13]  INFO -- : Sending INT to HOME=/var/lib/postgresql USER=postgres exec chpst -u postgres:postgres:ssl-cert -U postgres:postgres:ssl-cert /usr/lib/postgresql/9.5/bin/postmaster -D /etc/postgresql/9.5/main pid: 42
I, [2017-02-18T01:57:06.076845 #13]  INFO -- : Sending TERM to exec chpst -u redis -U redis /usr/bin/redis-server /etc/redis/redis.conf pid: 155
2017-02-18 01:57:06 UTC [42-2] LOG:  received fast shutdown request
2017-02-18 01:57:06 UTC [42-3] LOG:  aborting any active transactions
2017-02-18 01:57:06 UTC [49-2] LOG:  autovacuum launcher shutting down
155:signal-handler (1487383026) Received SIGTERM scheduling shutdown...
2017-02-18 01:57:06 UTC [46-1] LOG:  shutting down
2017-02-18 01:57:06 UTC [46-2] LOG:  database system is shut down
155:M 18 Feb 01:57:06.174 # User requested shutdown...
155:M 18 Feb 01:57:06.175 * Saving the final RDB snapshot before exiting.
155:M 18 Feb 01:57:06.213 * DB saved on disk
155:M 18 Feb 01:57:06.213 # Redis is now ready to exit, bye bye...
/pups/lib/pups/config.rb:106:in `block (2 levels) in run_commands': Invalid run command cmd (SyntaxError)
	from /pups/lib/pups/config.rb:100:in `each'
	from /pups/lib/pups/config.rb:100:in `block in run_commands'
	from /pups/lib/pups/config.rb:99:in `each'
	from /pups/lib/pups/config.rb:99:in `run_commands'
	from /pups/lib/pups/config.rb:78:in `run'
	from /pups/lib/pups/cli.rb:31:in `run'
	from /pups/bin/pups:8:in `<main>'
77b9e445854ec87e7f697f10f0bc21372342b4e2a6b3cb2769179b3a4c6e160f
** FAILED TO BOOTSTRAP ** please scroll up and look for earlier error messages, there may be more than one

What am I doing wrong?


(Régis Hanol) #2

This tutorial is over 2 year old. Things surely have changed since then.

Does you app.yml pass the http://www.yamllint.com/ test?


(Kmi Cic) #3

Green bar “Valid YAML!”

My yaml

## BE *VERY* CAREFUL WHEN EDITING!
## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
## visit http://www.yamllint.com/ to validate this file as needed

templates:
  - "templates/postgres.template.yml"
  - "templates/redis.template.yml"
  - "templates/web.template.yml"
  - "templates/web.ratelimited.template.yml"
  - "templates/web.ssl.template.yml"
## Uncomment these two lines if you wish to add Lets Encrypt (https) 
#  - "templates/web.ssl.template.yml"
#  - "templates/web.letsencrypt.ssl.template.yml"

(Matt Palmer) #4

Don’t use StartSSL for a certificate. They’re not a valid, broadly-trusted Certificate Authority any more. Also, we’ve got built-in Let’s Encrypt support, for automatic certificate provisioning and renewal, so you’re making things harder than they need to be by using another CA.