https://gramps.malakan.co.uk for both the sync addon and browser
Please check if this works (don’t post the token here…)
curl -X POST https://gramps.malakan.co.uk/api/token/ \
-H "Content-Type: application/json" \
-d '{"username": "desktop", "password": "YOUR_PASSWORD"}'
Also, please make sure the user desktop is actually a tree owner, not just editor. That could also explain the error.
desktop was not a owner but error still occurs with the owner account.
As for the curl and with the owner account details, I get json back with an access_token and refresh_token.
Which error do you get in sync addon using the owner account and triple checking that the password is correct?
The same error as before, after tripple checking username and password:
Server authorization error: insufficient permissions.
I also tried resetting the password but I get the same error.
Ok, here is a combination of things that I think are simply impossible:
- You see log entries like
grampsweb | [2024-12-05 09:29:25 +0000] [14] [DEBUG] GET /api/metadata/when using Gramps Web - You do not see log entries when connecting with the sync addon
- The sync addon responds with
Server authorization error: insufficient permissions.
The reason I think this is impossible is that 3. is only possible if the server responds with 403, as shown by the code snippet above. But if the server responds, you must see the request.
The only other explanation is that you have some weird authenticating proxy or something in between, that you didn’t mention here.
I don’t understand it myself, thank you so much for spending your time in helping me with this!
I don’t have an authenticating proxy that I’m aware of.
So my setup in full, as it may help shine a light on the issue:
- I have a domain via cloudflare, I have A records pointing to me.
- My home router is set to forward http/https/ssh requests to the server itself
- The server (old laptop) is running docker-compose and setup with let’s encrypt following this guide.
- I have nginx reverse proxy setup inline with the guide and is the only proxy I have.
Would my docker-compose.yml and nginx.conf help to diagnose here?
When you did the curl, did you see a log entry
grampsweb | [...] [14] [DEBUG] GET /api/token/?
I see this
“POST /api/token/ HTTP/2.0” 200 813 “-” “curl/8.5.0”
1 Like
Great. And when you use sync, this does not show up? Sorry for asking the same thing again and again, just can’t wrap my head around this 
In my nginx.conf file I have
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
in both the http block and the server block.
I see the POST log in access.log each time I do the curl command, nothing appears in access.log or error.log when attempting to use sync.
I don’t know if this is relevant to the situation but might be something:
curl -w ‘%{http_code}’ https://gramps.malakan.co.uk
results in
curl: (35) schannel: next InitializeSecurityContext failed: CRYPT_E_NO_REVOCATION_CHECK (0x80092012) - The revocation function was unable to check revocation for the certificate.
‘000’
but removing https:// from the url and adding in the -ssh flag I get a different response
curl -w ‘%{http_code}’ -ssl gramps.malakan.co.uk
results in
301 Moved Permanently301 Moved Permanently
nginx ':301'
so if i curl with https:// it seems I’m get blocked by the certificate?