search

AmruthPillai / Reactive-Resume

A one-of-a-kind resume builder that keeps your privacy in mind. Completely secure, customizable, portable, open-source and free forever. Try it out today!
https://rxresu.me
MIT License
25.88k stars 2.65k forks source link

[Bug] about:blank SSL error, Not working PDF Export #2078

Closed jamess7995 closed 1 month ago

jamess7995 commented 1 month ago

Is there an existing issue for this?

Product Variant

Docker

Current Behavior

I open up a resume named with non-accented english characters and click export pdf. I receive a new tab with the URL about:blank. Empty tab, no PDF. I check the app container logs in docker and see this: Trace: Error: net::ERR_SSL_PROTOCOL_ERROR at https://app:3000/artboard/preview at navigate (/app/node_modules/.pnpm/puppeteer-core@22.10.0/node_modules/puppeteer-core/lib/cjs/puppeteer/cdp/Frame.js:175:27) at async Deferred.race (/app/node_modules/.pnpm/puppeteer-core@22.10.0/node_modules/puppeteer-core/lib/cjs/puppeteer/util/Deferred.js:36:20) at async CdpFrame.goto (/app/node_modules/.pnpm/puppeteer-core@22.10.0/node_modules/puppeteer-core/lib/cjs/puppeteer/cdp/Frame.js:141:25) at async CdpPage.goto (/app/node_modules/.pnpm/puppeteer-core@22.10.0/node_modules/puppeteer-core/lib/cjs/puppeteer/api/Page.js:585:20) at async PrinterService.generateResume (/app/dist/apps/server/main.js:13224:13) at async PrinterService.printResume (/app/dist/apps/server/main.js:13171:21) at async ResumeService.printResume (/app/dist/apps/server/main.js:13969:21) at async ResumeController.printResume (/app/dist/apps/server/main.js:13616:25) at PrinterService.generateResume (/app/dist/apps/server/main.js:13276:21) at async PrinterService.printResume (/app/dist/apps/server/main.js:13171:21) at async ResumeService.printResume (/app/dist/apps/server/main.js:13969:21) at async ResumeController.printResume (/app/dist/apps/server/main.js:13616:25) Trace: Error: net::ERR_SSL_PROTOCOL_ERROR at https://app:3000/artboard/preview at navigate (/app/node_modules/.pnpm/puppeteer-core@22.10.0/node_modules/puppeteer-core/lib/cjs/puppeteer/cdp/Frame.js:175:27) at async Deferred.race (/app/node_modules/.pnpm/puppeteer-core@22.10.0/node_modules/puppeteer-core/lib/cjs/puppeteer/util/Deferred.js:36:20) at async CdpFrame.goto (/app/node_modules/.pnpm/puppeteer-core@22.10.0/node_modules/puppeteer-core/lib/cjs/puppeteer/cdp/Frame.js:141:25) at async CdpPage.goto (/app/node_modules/.pnpm/puppeteer-core@22.10.0/node_modules/puppeteer-core/lib/cjs/puppeteer/api/Page.js:585:20) at async PrinterService.generateResume (/app/dist/apps/server/main.js:13224:13) at async PrinterService.printResume (/app/dist/apps/server/main.js:13171:21) at async ResumeService.printResume (/app/dist/apps/server/main.js:13969:21) at async ResumeController.printResume (/app/dist/apps/server/main.js:13616:25) at PrinterService.generateResume (/app/dist/apps/server/main.js:13276:21) at async PrinterService.printResume (/app/dist/apps/server/main.js:13171:21) at async ResumeService.printResume (/app/dist/apps/server/main.js:13969:21) at async ResumeController.printResume (/app/dist/apps/server/main.js:13616:25)

Expected Behavior

I'd expect a new tab where I can download the PDF of the resume.

Steps To Reproduce

  1. Using this docker compose file with redacted details and a .env file. I never changed the tokens because I don't get how they work but I'm not receiving errors about token. 
version: "3.8"

############################# NETWORKS
networks:
  m2_proxy:
    external:
      name: m2_proxy
  default:
    driver: bridge

services:
  # Database (Postgres)
  rs-postgres:
    image: postgres:16-alpine
    restart: unless-stopped
    networks:
      - m2_proxy
    volumes:
      - postgres_data:/var/lib/postgresql/data
    environment:
      POSTGRES_DB: $DB_NAME
      POSTGRES_USER: $ADMIN_USER
      POSTGRES_PASSWORD: $ADMIN_PASS
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U postgres -d postgres"]
      interval: 10s
      timeout: 5s
      retries: 5

  # Storage (for image uploads)
  rs-minio:
    image: minio/minio
    restart: unless-stopped
    command: server /data
    networks:
      - m2_proxy
    ports:
      - "9880:9000"
    volumes:
      - minio_data:/data
    environment:
      MINIO_ROOT_USER: minioadmin
      MINIO_ROOT_PASSWORD: minioadmin

  # Chrome Browser (for printing and previews)
  rs-chrome:
    image: ghcr.io/browserless/chromium:latest
    restart: unless-stopped
    networks:
      - m2_proxy
    environment:
      TOKEN: chrome_token
      EXIT_ON_HEALTH_FAILURE: true
      PRE_REQUEST_HEALTH_CHECK: true

  # Redis (for cache & server session management)
  redis:
    image: redis:alpine
    restart: unless-stopped
    networks:
      - m2_proxy
    command: redis-server --requirepass password

  app:
    image: amruthpillai/reactive-resume:latest
    restart: unless-stopped
    networks:
      - m2_proxy
    ports:
      - "3080:3000"
    depends_on:
      - rs-postgres
      - rs-minio
      - redis
      - rs-chrome
    environment:
      # -- Environment Variables --
      PORT: 3000
      NODE_ENV: production

      # -- URLs --
      PUBLIC_URL: https://app:3000
      STORAGE_URL: http://localhost:9000/default

      # -- Printer (Chrome) --
      CHROME_TOKEN: chrome_token
      CHROME_URL: ws://rs-chrome:3000

      # -- Database (Postgres) --
      DATABASE_URL: postgresql://$ADMIN_USER:$ADMIN_PASS@rs-postgres:5432/$DB_NAME

      # -- Auth --
      ACCESS_TOKEN_SECRET: access_token_secret
      REFRESH_TOKEN_SECRET: refresh_token_secret

      # -- Emails --
      MAIL_FROM: noreply@localhost
      # SMTP_URL: smtp://user:pass@smtp:587 # Optional

      # -- Storage (Minio) --
      STORAGE_ENDPOINT: rs-minio
      STORAGE_PORT: 9000
      STORAGE_REGION: us-east-1 # Optional
      STORAGE_BUCKET: default
      STORAGE_ACCESS_KEY: minioadmin
      STORAGE_SECRET_KEY: minioadmin
      STORAGE_USE_SSL: false

      # -- Cache (Redis) --
      REDIS_URL: redis://default:password@redis:6379

      # -- GitHub (Optional) --
      GITHUB_CLIENT_ID: github_client_id
      GITHUB_CLIENT_SECRET: github_client_secret
      GITHUB_CALLBACK_URL: http://localhost:3000/api/auth/github/callback

      # -- Google (Optional) --
      GOOGLE_CLIENT_ID: google_client_id
      GOOGLE_CLIENT_SECRET: google_client_secret
      GOOGLE_CALLBACK_URL: http://localhost:3000/api/auth/google/callback

    labels:
      - "com.centurylinklabs.watchtower.enable=true"
      - "traefik.enable=true"
      ## HTTP Routers
      - "traefik.http.routers.$SUB_URL.middlewares=private-network-ipwhitelist"
      - "traefik.http.routers.$SUB_URL-rtr.entrypoints=https"
      - "traefik.http.routers.$SUB_URL-rtr.rule=Host(`$SUB_URL.$DOMAINNAME`)"
      - "traefik.http.routers.$SUB_URL-rtr.tls=true"
      ## Middlewares
      - "traefik.http.routers.$SUB_URL-rtr.middlewares=chain-no-auth@file"
      ## HTTP Services
      - "traefik.http.routers.$SUB_URL-rtr.service=$SUB_URL-svc"
      - "traefik.http.services.$SUB_URL-svc.loadbalancer.server.port=3000"

volumes:
  minio_data:
  postgres_data:
  1. Navigate to clippy.domainName.com, create user, create resume, export PDF, fail. Does about:blank with a blank page.

What browsers are you seeing the problem on?

Firefox, Chrome

What template are you using?

Pikachu

Anything else?

I'm using traefik, I've tried different things on similar issues that don't seem related to SSL. I tried changing local host to 127.0.0.1, then I tried using app and minioadmin for public and storage, no joy.

jamess7995 commented 1 month ago

I learned what tokens are, I went to the docker site and made one for chrome. I found a different compose example from what I was using, and noticed labels for storage and chrome. I added my labels I use for these containers. Then I put the actual web addresses I created with these labels for the environment variables. Issues are resolved, thank you for all the hard work at creating such a great tool!

jamess7995 commented 1 month ago

Resolved

kmanwar89 commented 1 month ago

Hi @jamess7995 , do you mind sharing which resource you used to generate the various tokens? The self-hosted solution is not documented, and it's a bit hard to read the mind of the person who wrote the compose file :)

Would you be willing to share your working (redacted) compose file perhaps? I'm not using Traefik (using NPM) as my reverse proxy, but I can figure out the rest from a working example.

jamess7995 commented 1 month ago

Hi @jamess7995 , do you mind sharing which resource you used to generate the various tokens? The self-hosted solution is not documented, and it's a bit hard to read the mind of the person who wrote the compose file :)

Would you be willing to share your working (redacted) compose file perhaps? I'm not using Traefik (using NPM) as my reverse proxy, but I can figure out the rest from a working example.

Compose: https://pastebin.com/PYnt5rnB . Docker access token info, ppotentially unnecessary: https://docs.docker.com/security/for-developers/access-tokens/ . I remember needing get this working was SSL was expected, something like that, so put all containers on proxy network and provide labels for each container.

kmanwar89 commented 4 weeks ago

Thanks!