First, please excuse my frequent posts, that may often seen a bit bizzare. Thanks for the tolerance.
Have docker/let’s encrypt version of docker-control.yml working (again).
Now Loads without complaint, but receive “503 Error” nginx.
This is either via IP or site name (local dns in use) http or https.
This is what I have been working with, installed on a Pi4b, for testing:
Gramps 5.1.6
Gramps Web API 1.5.1
Gramps Web Frontend 24.1.2
locale: en
multi-tree: false
task queue: true
503 always signals an incorrect setup of the reverse proxy (nginx, domain, etc.), so requests are not even routed to Gramps Web.
I gathered that. The question is, how do I determine what is wrong?
All I have to go on is what is provided in the documentation and the provided docker-compose.yml file and what I can scrounge up on the internet.
There are only, far as I can tell, a few things for me to specify and I think those are correct.
Attempting to “surf” my way to a solution, I see referenced to the docker command “export” as in, I guess, making a port visible to other containers, or to nginx-proxy, but I see none in the docker-compose.yml file.
I can post the file I am using, if someone cares to review it. Or provide it in some other way if more appropriate.
BTW, I am no longer receiving email notification of replies to my posts.
I find I can access grampsweb via “mydomain.com”, but not “www.mydomain.com” or, “ipaddress”.
Below is a snippet of the file containing my edits. The other local edits worked in the non proxy configuration. I did try "GRAMPSWEB_BASE_URL:“www.mydomain.com” with no apparent change in response.
version: “3.7”
services:
grampsweb: &grampsweb
container_name: grampsweb
image: Package grampsweb · GitHub
restart: always
environment: &grampsweb-env
GRAMPSWEB_TREE: “Gramps Web” # will create a new tree if not exists
VIRTUAL_PORT: “5000”
VIRTUAL_HOST: “mydomain.com” # e.g. gramps.mydomain.com
LETSENCRYPT_HOST: “mydomain.com” # e.g. gramps.mydomain.com
LETSENCRYPT_EMAIL: “joea@my-email.com” # your email
GRAMPSWEB_CELERY_CONFIG__broker_url: “redis://grampsweb_redis:6379/0”
GRAMPSWEB_CELERY_CONFIG__result_backend: “redis://grampsweb_redis:6379/0”
GRAMPSWEB_RATELIMIT_STORAGE_URI: redis://grampsweb_redis:6379/1
GRAMPSWEB_EMAIL_USE_TLS: “false”
GRAMPSWEB_EMAIL_HOST: “mail.someplace.com”
GRAMPSWEB_EMAIL_HOST_USER: “admin@mydomain.com”
GRAMPSWEB_EMAIL_PORT: 587
GRAMPSWEB_EMAIL_HOST_PASSWORD: “SoMeWoRd”
GRAMPSWEB_DEFAULT_FROM_EMAIL: “admin@mydomain.com”
GRAMPSWEB_BASE_URL: “mydomain.com”
The provided docker-compose file is a combination of several open source services of which Gramps Web is only one. If you are facing issues already with the nginx Proxy, it might be worth checking their documentation. You should also use docker-compose logs ... to look at the logs of all the services, that might give you a hint what is wrong.
By the way, BASE_URL should be a URL, i.e. start with https://. But that can’t be the cause of your issue.
Should base URL be “https://www.mydomain.com” or just “https://mydomain.com”?
I found that even though https://mydomain.com will bring up the registration page, https://mydomain.com, after presenting the certificate warning, also gives a 503 error.
Checking logs earlier did not reveal any warnings or errors, the nginx-proxy logs showing the 503 errors and/or the transactions when in worked.
There is this, but, have always seen it:
$ docker logs grampsweb_redis
1:C 06 Feb 2024 20:38:16.960 * oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 06 Feb 2024 20:38:16.960 * Redis version=7.2.4, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 06 Feb 2024 20:38:16.960 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
This has been once a rewarding and very painful process. More painful at the moment.
BTW there seems to be a +5 hour discrepancy in the logged time vs my server’s time (NTP in use).
If you specifiy mydomain.com as virtual host, you have to use https://mydomain.com, and if you specify www.mydomain.com, you have to use https://www.mydomain.com. And of course it will not work with the IP address or the wrong subdomain.
Thanks, that helped. By “wrong subdomain”, do you mean anything other than “www.mydomain.com”?
That aside for now, I can now access the first run page via htttp://www.mydomain.com, but https://www.mydomain.com produces “500 Error Internal Server Error”.
This shows in the nginx-proxy log:
nginx.1 | www.mydomain.com 192.168.yyy.xxx - - [06/Feb/2024:23:08:32 +0000] “GET /images/favicon.ico HTTP/1.1” 200 4286 “http://www.mydomain.com/firstrun” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0” “172.23.0.3:5000”
nginx.1 | www.mydomain.com 192.168.yyy.xxx - - [06/Feb/2024:23:08:43 +0000] “GET /favicon.ico HTTP/2.0” 500 177 “https://www.mydomain.com/firstrun” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0” <mark"-"
Edit: Oh dear, just noticed the GET is different as well.
Edit1: After deleting the certs stored in FF for that site, accessing https does present the certificate warning, but, upon accepting it, again presents the 500 error.
If I make "VIRTUAL_HOST: “www.mydomain.com, mydomain.com, My_IP_ADDR”
Then the grampsweb page can be reached, by entering any of those in the browser. At first I did get a 502 bad gateway, but after a few moments a reload worked fine. I did not wait long after completing “docker-compose up -d” to try it so perhaps the first try was before things settled.
No further testing was done, it was just a curiosity thing on my part.
I still get the 500 Internal server error attempting https access and have come up empty looking at logs, event within containers, and searching the internet.
I hope it is not “bad manners” to tag you in this fashion.
Perhaps related to my other issue(s) in this thread, I found, via “docker compose config”, that the celery container may not be inheriting values previously defined. It was my understanding that it is not necessary to repeatedly enter the values.
Thanks.
In the documentation, there is a YAML merge key that copies all the environment variables, but you removed that, so you have to repeat the env variables.
If you get server error 500, that’s likely raised by Gramps Web API, so please inspect its logs.
I don’t recall removing anything, only adding. But I will check to see.
Finding some logs a challenge to locate. Those should be in the container? Will dig a bit deeper.
docker-compose logs grampsweb
It doesn’t find favicon.ico.
You’re going to have to share your full configuration - sharing snippets bit by bit it’s just guesswork what’s wrong.
Yep. The path is different between the two attempts. The successful http tries "GET /images/favicon.ico . . "
Should I just post it here, obfuscated or “as is”?
@DavidMStraub (tagging you only to ensure you are aware of this)
I am attempting to post with some things obfuscated.
docker-compose-yml-joea.html (4.3 KB)
# overriding let's encrypt variables since celery is not exposed
VIRTUAL_PORT: "5000"
VIRTUAL_HOST: "www.my-domain.com.my-domain.com"
LETSENCRYPT_HOST: "www.my-domain.com,my-domain.com"
LETSENCRYPT_EMAIL: "joea@my-email.com"
They should all be “” as in the example file. We are copying all environment variables from the other service, but those ones have to be unset again as we DON’T want to expose the celery service. This can explain your issues.
I made those as you stated. Same problem exists,500 error, even after starting fresh, ie “docker-compose down --rmi” and “docker volume prune all” and “docker-compose up -d”.
I don’t know if this is significant, but after an evolution such as above, the first access to “http://my-domain.com” produces as 502 bad gateway error for perhaps a minute or so, then will access without error. I just dismissed that as the Pi4b being slow to initialize everything.
Please share the output of docker-compose ps as well as the logs of all containers.