Develop Reference

OpenProject Installed using Docker - Problem with Nginx: Redireted too many times

I have hit a wall trying to fix a problem with my openProject installation. I installed it following the instructions in this guide. Then, I added an A record for my public IP and subdomain using world4you. I also created SSL certificates with Let's Encrypt:
mkdir /var/www/certbot/openproject.invert.at
certbot certonly --webroot -w /var/www/certbot/openproject.invert.at -d openproject.invert.at
Then I created and modified a file named /etc/nginx/sites-enabled/openproject.eeg_invert.de as follows:
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
# ssl_certificate /etc/letsencrypt/live/openproject.eeg_invert.de/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/openproject.eeg_invert.de/privkey.pem;
access_log /var/log/nginx/access_openproject.eeg_invert.de.log;
error_log /var/log/nginx/error_openproject.eeg_invert.de.log;
server_name openproject.eeg_invert.de;
if ($http_user_agent ~* ".*SemrushBot.*") {return 403;}
location '/.well-known/acme-challenge' {
root /var/www/certbot/openproject.eeg_invert.de;
}
location / {
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
proxy_set_header X-Script-Name /;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Remote-User $remote_user;
proxy_set_header Host $http_host;
# proxy_redirect http:// https://;
proxy_pass http://localhost:8080;
}
}
I reloaded nginx and everything worked just fine. However, I updated this application using cd /docker/openproject/compose && docker-compose pull && docker-compose up -d and reloaded nginx but now I am getting this message on chrome:
This page isn’t working openproject.eeg_invert.de redirected you too many times.
Try clearing your cookies.
ERR_TOO_MANY_REDIRECTS
I backed up all relevant docker volumes and the entire project folder (where the compose file is located) before updating. I am in no way an expert in IT so what I did so far is to run docker-compose down after updating. Then I restored the project folder and ran docker-compose up -d.
The problem is that now I am still getting the same error. I looked at the nginx error log files, but nothing comes up. I tried disabling some of the options at random from the nginx files to see if that changes something but it is always the same.
I have hit a wall now and I would very much appreciate your help! Thanks in advance for any suggestions or ideas you may have.

Did you try clearing cookies in your browser? There are many reasons why this issue can occur:
Issues with the browser's cache/cookies. The browser may be caching faulty data that leads to the redirection error.
The browser extensions. Sometimes a browser extension can cause a redirection error.
The website's URL. A misconfiguration in URL settings can cause the redirection error.
WordPress cache. The website cache could be causing a redirect loop.
SSL certificate. A misconfigured security protocol (SSL certificate) can cause a redirect loop.
Third-party services and plugins. A faulty WordPress plugin could be causing the redirection loop.
The site's .htaccess file. A user-level configuration file WordPress uses to rewrite URLs to the index.php file. The website URL is defined as a value in the database.

Trouble getting SSL to work with NGINX in Docker

I am trying to use NGINX as a proxy with a next.js frontend and FastAPI backend, each running in their own container.
I got everything working fine with HTTP, but having some issues getting things to work with HTTPS.
All containers start running without any issues, and things seem to be working, but when I try to communicate with the proxy, I get the following errors:
From host:
lafton#lafton-platform:~$ curl localhost -L
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to localhost:443
Form inside NGINX container using localhost:
root#6016e75698cf:/# curl localhost -L
curl: (60) SSL: no alternative certificate subject name matches target host name 'localhost'
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
From inside NGINX container using lafton.io:
root#6016e75698cf:/# curl https://lafton.io
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to lafton.io:443
I tried to install NGINX locally instead of inside Docker and it works as expected. I tried to enable the SSL configuration which is commented out in the default configuration, and it worked perfectly with SSL locally.
I then tried to use the default SSL configuration with my setup, but it does not work.
This is the NGINX config I am running inside /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
load_module /etc/nginx/modules/ngx_http_js_module.so;
events {
worker_connections 1024;
}
http {
server {
listen 80;
server_name lafton.io;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name lafton.io;
ssl_certificate /etc/certs/fullchain1.pem;
ssl_certificate_key /etc/certs/privkey1.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://lafton-website:3000;
}
location /api/albums {
proxy_pass http://lafton-albums:8000;
}
}
}
The port 80 part is just a redirect to https. It is the exact same without it.
The ciphers is from Mozillas recommendations. I tried to change this from the default as some of the troubleshooting I did seemed to indicate no matching ciphers.
I am really lost here and not sure where to look for further troubleshooting. Any help would be really appreciated!

Timo Stark's comment solved the issue.
It didn't work inside the container because the certificates CN was lafton.io, so I had to use the -k flag in the curl command.
When that worked, I saw a typo in my docker-compose file, so the container had exposed port 433, not 443.

Still seeing welcome to ngnix after setup

I have set up and deployed an application using Capistrano and set up the server and ngnix config file, however, I'm still seeing the Welcome to ngnix welcome screen.
Here is what I have in the /etc/nginx/sites-enabled/default file
server {
listen 80;
listen [::]:80 ipv6only=on;
server_name IP;
passenger_enabled on;
rails_env production;
root /home/poladmin/poetry-out-loud-v2/current/public/;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
But as I said when I go to the server IP all I see is

Since you edited /etc/nginx/sites-enabled/default file, try to reload nginx with nginx -s reload command (if you are using Linux, or similar depending on your operating system and nginx version).

As you have edited the nginx config file you can try to restart nginx by doing sudo /etc/init.d/nginx restartto make the config file take effort. Also do not forget to start the real ruby server and make sure it is listening to the same port you configured through nginx.(some times the ruby app may be running on a different port)

Nginx reverse proxy to Unicorn - nginx configuration is incorrect?

I followed this tutorial to configure my rails app to run Unicorn, and be reversed proxy by Nginx on my AWS ubuntu instance.
I am able to access the nginx, "Welcome to nginx!" default page, running on the site from the outside(security is configured properly). But it is not serving the rails app.
My unicorn is running under /home/ubuntu/appname/shared/sockets/unicorn.sock=
I ran sudo service unicorn restart just in case.
when i run sudo service --status-all it returns:
[ ? ] unicorn_gpei-tk
As I mentioned nginx is definitely running, here is the config located in /etc/nginx/sites-available/default:
upstream app {
# Path to Unicorn SOCK file, as defined previously
server unix:/home/ubuntu/appname/shared/sockets/unicorn.sock fail_timeout=0;
}
server {
listen 80;
server_name localhost;
root /home/ubuntu/appname/public;
try_files $uri/index.html $uri #app;
location #app {
proxy_pass http://app;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}
symlink in /etc/nginx/sites-enabled is default -> /etc/nginx/sites-available/default -- I guess second question would be: is the sites-enabled necessary? The tutorial does not mention/require it, I came across this after the 1000 other resources I am attempting to decipher this issue.
Other info: if I run Unicorn as a user I am able to connect to it on port 8080, so Unicorn does run on it's own as well and serve the site.
And I've also restarted nginx service a few times as well, still does not update the config, probably because I have it wrong somewhere.
Really am not seeing what I am missing, any clues/ideas? thanks.
Edit:
I went into /var/log/nginx/error.log (there's an error.log.1 but it doesnt seem to be updating) and this is showing up:
2016/07/28 16:21:19 [error] 11763#11763: *2 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: XX.XXX.XXX.XX, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "my_public_address.com", referrer: "http://my_public_address.com/"
and /var/log/nginx/access.log is:
XX.XXX.XXX.XX - - [28/Jul/2016:16:24:58 +0000] "GET /favicon.ico HTTP/1.1" 404 571 "http://my_public_address.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36" "-"

I found the issue and fixed it.
You need to include the configuration for what you want. in /etc/nginx/nginx.conf comment out the default config because it is pointing to localhost.
add the configuration you want to the here. in my case it was this:
/etc/nginx/sites-available/* i only have one config file in there but just felt like putting *.
restart nginx service.
many newbie hours of headache all gone now.

Check the permission of /home/ubuntu/appname/shared/sockets/unicorn.sock, see if it can be accessed by nginx running user.

Ruby on rails nginx , unicorn, capistrano vps hosting error

Hi I am learning how to deploy rails application in VPS, I have followed https://coderwall.com/p/yz8cha this tutorial, and everything worked well, I got some errors and corrected them by searching the net, and all works correctly capistrano deploys the files and folders to VPS and if I am changing any code then after type cap deploy it will changed in VPS also, everything works fine there is no error shown in terminal, But the problem is the nginx server is not running (at initial stage it shows its index page -welcome to nginx), I dont know where may be ther problem occurs and what I have to do any help will be appreciated ,,I am using rails 4.1.4, ruby 2.1.2, capistrano (2.15.5) if its matters..
I dont know which code has to be shown here If you want to see any code I am eager to show you....This is my nginx.conf file
upstream unicorn {
server unix:/tmp/unicorn.projectname.sock fail_timeout=0;
}
server {
listen 80 default_server deferred;
# server_name example.com;
root /home/administrator/apps/testvps/current/public;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri #unicorn;
location #unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 20M;
keepalive_timeout 10;
}
This is the error I got while nginx -t in VPS terminal
nginx: [alert] could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied)
2014/08/01 15:40:35 [warn] 5682#0: the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:1
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
2014/08/01 15:40:35 [emerg] 5682#0: open() "/run/nginx.pid" failed (13: Permission denied)
nginx: configuration file /etc/nginx/nginx.conf test failed

As per error shown by nginx -t, user don't have permission to write into nginx log files.
Try running nginx -t as root user sudo nginx -t, if still it shows permission error then try updating permissions:
sudo chown -R www-data:www-data /var/log/nginx;
sudo chmod -R 755 /var/log/nginx;
Edit:
As per our discussion, your nginx configuration is successfully set. Now you are seeing blank page while accessing the app.
You need to add root to your routes.rb file. Rails 4 don't have public/index.html file . So, you are seeing blank page. After setting root you will be able to see your home page.
Your further doubt:
so this is nginx.conf file
root /home/administrator/apps/testvps/current/public;
shall i change like this:
root /home/administrator/apps/testvps/current;
No, nginx should look to your public directory of the app. it's rails responsibility to navigate the request to root_path as mentioned in routes.rb