Lothiraldan
commented
9 years ago The problem is located in the salt-api side. Saltpad should better catch such exceptions and show them in UI. Please check your salt-master log.
Open schlussbilanz opened 9 years ago
Lothiraldan
commented
9 years ago The problem is located in the salt-api side. Saltpad should better catch such exceptions and show them in UI. Please check your salt-master log.
schlussbilanz
commented
9 years ago You are right. It was a problem with the internal secret....
saltpad works now (sometimes a little bit slowly, but its ok), but i have another problem.
i would like to use ssl between my user and the haproxy. The ssl connection works, bur after submit the login form a redirect links to http://
Can i configure saltpad to redirect to https://.... ?
Lothiraldan
commented
9 years ago It's weird, the login view doesn't set the protocol, you tell me that you go on the login page over https and the login page redirect you to an http page, right?
If so could you please paste your saltpad config and the html code of the login page, just the form node.
iggy
commented
9 years ago Should saltpad even be bothering bouncing back and forth between http and https? If I've got a cert setup, I want the whole thing https (not just login).
Lothiraldan
commented
9 years ago Totally agree, I don't know what saltpad return an http link when the login page is over https., maybe a flask settings missing or a particular deployment.
We currently run it only over https and it works without problems.
schlussbilanz
commented
9 years ago import os API_URL = "http://localhost:8000/" SECRET_KEY = os.urandom(24) LOG_FILE = "saltpad.log" HOST = "127.0.0.1" EAUTH = "pam"
In local_settings.py all lines are uncommented. In the HTML the form action links to "/login".
Slind14
commented
9 years ago @schlussbilanz how did you solve the initial issue. I have the exact same exception but unfortunately is the salt master log empty. :/
schlussbilanz
commented
9 years ago Du you have entered a secret in the salpad local_settings.py ?
Slind14
commented
9 years ago I did (but generated from a password manager). (got another exception before) Does it need to be created by "os.urandom(24)" or can I use any? Unfortunately I have 0 python experience and wouldn't know how to generate it properly.
Lothiraldan
commented
9 years ago You can use whatever you want for the secret, os.urandom(24) generate a good enough secret for most installations.
I think the problem is that you access the login page over http and not https, you should configure haproxy to only listen to tls connection and then proxy the connection to 127.0.0.1:5000, I don't know enough haproxy to give you a valid configuration but it's how we deploy it with nginx:
http {
server {
listen 443 ssl;
ssl_certificate /etc/pki/tls/certs/wildcard.tinyclues.net.crt;
ssl_certificate_key /etc/pki/tls/certs/wildcard.tinyclues.net.pem;
location / {
proxy_pass http://localhost:8080/;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering off;
proxy_intercept_errors on;
}
}And saltpad doesn't define any explicit scheme (http or https), so every view is served only over https.
Slind14
commented
9 years ago ok thanks. quick question, whenever I print the os.urandom(24) something like this gets printed, is that normal?
c▒j3M▒▒▒▒?▒
Lothiraldan
commented
9 years ago Do not print it, only type os.urandom(24) in a python shell or print repr(os.urandom(24))
Slind14
commented
9 years ago ok, great thanks.
so it kinda looks like this then: 'a\xca\xd1\x1d\x8c*\xcewV\xb3~\xa0I\xf5\x8e[\xf2Q\xa2X\xa8\x100\x01'?
Does it mean that the doc is outdated, cause I don't see anything about ssl connections being required on there: https://github.com/tinyclues/saltpad#launch-saltpad (just wondering)
Lothiraldan
commented
9 years ago Yes the secret looks good but please generate another one before pasting it in your local_settings, or it will not be secret anymore.
Yes the documentation is only for testing purpose, I will add a part about production deployment using ssl.
Technically ssl connection is not required to use saltpad when you just want to test it, but when you want to use it in production, ssl is mandatory, if you success to configure haproxy, could you please paste your haproxy configuration so I could add it in doc.
Slind14
commented
9 years ago don't worry I did already create a new one. hmm, in my case it is a testing setup. well, doesn't matter to use ssl in testing, either.
edit for testing I started off with your nginx example, unfortunately I still end up with the same exception: https://gist.github.com/anonymous/e27771f76a5ab71e6da5
Lothiraldan
commented
9 years ago Weird, could you check the salt-master log to see if you can have more details? The error is like to be located on salt-api side.
Slind14
commented
9 years ago unfortunately the master log is nearly empty, only this one line:
2015-04-04 10:49:38,822 [salt.master ][WARNING ] Authentication failure of type "eauth" occurred.
(/var/log/salt/master)
Lothiraldan
commented
9 years ago Could you please retry and set log_level to debug?
CedNantes
commented
9 years ago Hi, i don't know if this issue is still current but i got the same error. I launched the salt-api with -l debug and it gave me a cherrypy related error. (and then i just saw i forgot to install it :p) and now it's working (well at least dashboard is working and most of the tabs too)
Still, i've got a few tabs not working in saltpad. Minions Keys and Jobs Templates give me a 500 Server Error. If i'm looking at salt-pad debug logs i get : "SaltReqTimeoutError: SaltReqTimeoutError: after 60 seconds"
Pip versions informations :
CherryPy==3.7.0 Werkzeug==0.10.4 salt==2014.7.0 salt-api==0.8.4.1 wheel==0.22.0
Should i open another issue or is it related ?
regards, Ced
Lothiraldan
commented
9 years ago There is a known performances issues for some pages but the minions keys and the jobs templates are not part of them, very weird, do you have lots of minions or very big salt master config file ?
CedNantes
commented
9 years ago not at all, i'm on test environment with only one salt-master and he's it's own minion. I'll try different settings.
edit : i've restarted my VM and now everything is working. It's weird but something wasn't working properly and i don't know what. Well it's ok now ! A quick question : when i'm trying to use salt cloud.action is the "fun" space is supposed to be for "function" because every time i've tried to enter something here i got "SaltCloudSystemExit: The "Mycloudpv" cloud provider alias, for the 'vsphere' driver, does not define the function None"
whiteinge
commented
9 years ago The installed version of salt-api is old. It was merged into Salt-core in
the 2014.7 release so the salt-api --version output should start with
'2014.7.x'. It's possible you have more than one version installed.
Once you're upgraded, if you're still seeing the error, that SaltReqTimeoutError comes from ZeroMQ and can be caused by a number of things. Run the salt master with debug logging to find the full traceback and then please file an issue with that on the upstream salt repo.
On Mon, May 4, 2015 at 6:39 AM, CedNantes notifications@github.com wrote:
not at all, i'm on test environment with only one salt-master and he's it's own minion. I'll try different settings.
— Reply to this email directly or view it on GitHub https://github.com/tinyclues/saltpad/issues/46#issuecomment-98696275.
Lothiraldan
commented
9 years ago @schlussbilanz Did you updated the salt-api? Did it fixed the problem?
Hi,
i use saltpad with Ubuntu 14.04 Server behind a haproxy. I can view the login page but after i enter my username and password i get a http 500 error:
requests.exceptions.HTTPError HTTPError: 500 Server Error: Internal Server Error
Traceback (most recent call last) File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1836, in call return self.wsgi_app(environ, start_response) File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1820, in wsgi_app response = self.make_response(self.handle_exception(e)) File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1403, in handle_exception reraise(exc_type, exc_value, tb) File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1817, in wsgi_app response = self.full_dispatch_request() File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1477, in full_dispatch_request rv = self.handle_user_exception(e) File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1381, in handle_user_exception reraise(exc_type, exc_value, tb) File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1475, in full_dispatch_request rv = self.dispatch_request() File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1461, in dispatch_request return self.view_functionsrule.endpoint File "/home/kisahm/saltpad-master/saltpad/app.py", line 68, in login user_token = client.login(form['username'].data, form['password'].data) File "/home/kisahm/saltpad-master/saltpad/core.py", line 65, in login headers=headers, verify=self.verify_ssl)['return'][0]['token'] File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 507, in post return self.request('POST', url, data=data, json=json, **kwargs) File "/home/kisahm/saltpad-master/saltpad/core.py", line 40, in request response.raise_for_status() File "/usr/local/lib/python2.7/dist-packages/requests/models.py", line 834, in raise_for_status raise HTTPError(http_error_msg, response=self) HTTPError: 500 Server Error: Internal Server Error
What is the problem? i'm not a good python programer ;-)
greets schlussbilanz