Les mises à niveau/reconstructions échouent en raison de la fin de vie de la base de données MaxMind

Salut à tous,

J’espère que quelqu’un pourra m’aider. Je n’ai rencontré aucun problème avec les mises à jour de mon forum, qui tourne dans un conteneur Docker sur EC2, depuis plus de 12 mois.

J’ai essayé :

• Nettoyage du launcher, mais aucun problème d’espace disque
• Dernier git pull
• Plusieurs rebuilds de l’application
• Même une réinstallation complète de discourse-setup, et j’allais essayer une restauration de la base de données
• Redémarrage du serveur
• apt-get update ; apt-get upgrade

Voici la fin du journal :

Terminé la compression de tous les fichiers JS : 88,88 secondes
rake aborted!
SocketError: Échec de l'ouverture de la connexion TCP vers geolite.maxmind.com:443 (getaddrinfo: Aucune adresse associée au nom d'hôte)
/var/www/discourse/lib/final_destination.rb:411:in `safe_session'
/var/www/discourse/lib/final_destination.rb:362:in `safe_get'
/var/www/discourse/lib/final_destination.rb:131:in `get'
/var/www/discourse/lib/file_helper.rb:51:in `download'
/var/www/discourse/lib/discourse_ip_info.rb:30:in `mmdb_download'
/var/www/discourse/lib/tasks/assets.rake:220:in `block (3 levels) in <top (required)>'
/var/www/discourse/lib/tasks/assets.rake:219:in `each'
/var/www/discourse/lib/tasks/assets.rake:219:in `block (2 levels) in <top (required)>'

Causé par :

SocketError: getaddrinfo: Aucune adresse associée au nom d'hôte

/var/www/discourse/lib/final_destination.rb:411:in `safe_session'
/var/www/discourse/lib/final_destination.rb:362:in `safe_get'
/var/www/discourse/lib/final_destination.rb:131:in `get'
/var/www/discourse/lib/file_helper.rb:51:in `download'
/var/www/discourse/lib/discourse_ip_info.rb:30:in `mmdb_download'
/var/www/discourse/lib/tasks/assets.rake:220:in `block (3 levels) in <top (required)>'
/var/www/discourse/lib/tasks/assets.rake:219:in `each'
/var/www/discourse/lib/tasks/assets.rake:219:in `block (2 levels) in <top (required)>'

Tâches : TOP => assets:precompile

(Voir la trace complète en exécutant la tâche avec --trace)

I, [2019-12-30T18:56:27.608998 #1] INFO -- : Téléchargement de MaxMindDB...
Compression de JavaScript et génération des cartes sources
I, [2019-12-30T18:56:27.633923 #1] INFO -- : Arrêt des processus asynchrones
I, [2019-12-30T18:56:27.637383 #1] INFO -- : Envoi de INT à HOME=/var/lib/postgresql USER=postgres exec chpst -u postgres:postgres:ssl-cert -U postgres:postgres:ssl-cert /usr/lib/postgresql/10/bin/postmaster -D /etc/postgresql/10/main pid: 49
I, [2019-12-30T18:56:27.639770 #1] INFO -- : Envoi de TERM à exec chpst -u redis -U redis /usr/bin/redis-server /etc/redis/redis.conf pid: 166
166:signal-handler (1577732187) SIGTERM reçu, planification de l'arrêt...
2019-12-30 18:56:27.639 UTC [49] LOG : demande d'arrêt rapide reçue
2019-12-30 18:56:27.654 UTC [49] LOG : annulation de toutes les transactions actives
166:M 30 Dec 2019 18:56:27.666 # Arrêt demandé par l'utilisateur...
166:M 30 Dec 2019 18:56:27.694 * Sauvegarde du dernier snapshot RDB avant la fermeture.
2019-12-30 18:56:27.702 UTC [49] LOG : processus worker : lanceur de réplication logique (PID 58) terminé avec le code de sortie 1
2019-12-30 18:56:27.711 UTC [53] LOG : arrêt en cours
2019-12-30 18:56:27.819 UTC [49] LOG : le système de base de données est arrêté
166:M 30 Dec 2019 18:56:27.885 * Base de données sauvegardée sur le disque
166:M 30 Dec 2019 18:56:27.886 # Redis est maintenant prêt à quitter, au revoir...

ÉCHEC
--------------------
Pups::ExecError: cd /var/www/discourse && su discourse -c 'bundle exec rake assets:precompile' a échoué avec le code de retour #<Process::Status: pid 507 exit 1>
Emplacement de l'échec : /pups/lib/pups/exec_command.rb:112:in `spawn'
exec a échoué avec les paramètres {"cd"=>"$home", "hook"=>"assets_precompile", "cmd"=>["su discourse -c 'bundle exec rake assets:precompile'"]}
fcf17d793c27c4e87616420ead222cc3f4a9fc163f239a5542b1c9a092579b30

** ÉCHEC DU BOOTSTRAP ** Veuillez faire défiler vers le haut et rechercher les messages d'erreur antérieurs, il peut y en avoir plus d'un.
./discourse-doctor peut aider à diagnostiquer le problème.

J’espère vraiment que quelqu’un pourra éclaircir cette situation.

Merci à tous.

In case anyone wants to continue using the last files published under the old license, I have saved all of them to archive.org.

All files are created by MaxMind and distributed under the Creative Commons Attribution-ShareAlike 4.0 International License.

Archive of info-page (Screenshot)

We now support the officially supported way of obtaining databases per:

If you wish to get regular MaxMind updates you will have to head to GeoLite sign up | MaxMind to register an account and generate a license key.

Then you would amend your container to include it in the env: section:

env:
   DISCOURSE_MAXMIND_LICENSE_KEY: ...key here...

The fix ensures there is no time bomb anymore. If we have no license key we will never try to download the files.

We are discussing with MaxMind the possibility of bundling the updated DBs in our new base images. There are 2 alternatives here for self hosters depending on the outcome:

1. No IP resolution on user profile page and admin page until you add a license

2. Stale IP resolution for up to N days since you got a base image (aka did ./launcher rebuild app )

It is very likely (1) will be the self-hoster outcome.

We are also investigating other alternatives here, but our hands are pretty tied.

I am pretty against adding functionality to core that does IP lookups via a web service cause that exposes information to a third party. There are only 2 real big alternatives out there and both require registration.

@sam I have a small feature request, can a setting be added to admin panel to add the maxmind license key?

Unlikely in the near future, this is a global setting, per site in a Multisite makes no sense

Anybody else getting this error when trying to sign up to maxmind account?

no-account1446×240 20.1 KB

I can confirm that we were able to sign up for an account without issue. You’ll need to reach out to MaxMind for support with account issues, nothing we can help with here.

I’m trying to upgrade from 2.3.8 o 2.3.9 but nothing works.

The relevant error, as far as I can tell, is the one discussed in this topic.

rake aborted!
SocketError: Failed to open TCP connection to geolite.maxmind.com:443 (getaddrinfo: Name or service not known)

In my app.yml I’ve tried values 30, 100, and 0 for that env flag:

DISCOURSE_REFRESH_MAXMIND_DB_DURING_PRECOMPILE_DAYS: 0

But it never seems to make any difference (I wonder if it’s being properly recognized).

What else could I try?

Thanks to everyone who worked on the quick fix the past few weeks. Had to do the same thing with Matomo, which was much more painful (manual).

That brings me to my question: Where all is the MaxMind data used? Just in cases of admins looking at users’ IP addresses? Something else I’m not thinking of?

Obviously already have the MM account but wondering if it’s worth the effort to do with any urgency.

It does geographical lookups of ip numbers. I’ve done a bunch of installs and upgrades lately without setting an API key and rebuilds work fine. (current version is beta 10)

Also it’s not that hard to get a key to download the database.

I’m hoping to update discourse-setup to all for the key next week.

Correct, it is used for user IP lookup by admins. Also for the “recently used devices” list in user preferences, and for admin alerts when a new signin is detected to their account from a different location.

Sorry for the intrusion, but I wanted to ask whether it is planned to keep the ability to have the IP lookup disabled. It seems to me that forcing admins to subscribe to a third party service is not a good idea. Myself I already have a license key for other uses, so I am speaking in a general sense here.

If you don’t enter a license key, then it will be disabled. There is nothing forcing admins to set it up.

Also, just in case there is any confusion, Discourse never sends IP addresses to a third party. Discourse downloads an entire database of IP locations from MaxMind, and then does the lookup internally.

Great, thanks for the clarification!

Revising this … this was backported to stable.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.