dappnode / DAppNode

General repository of the project dappnode
GNU General Public License v3.0
586 stars 103 forks source link

Clean install of ISO - no working http/s server #495

Closed troykelly closed 1 year ago

troykelly commented 2 years ago

Describe the bug After a clean install from ISO - the web server response is empty. After a clean install from script - the web server response is empty.

To Reproduce

  1. Install DAppNode-v0.2.56-debian-bullseye-amd64

  2. Try and open the server per instructions

  3. Receive an empty response

    or...

  4. sudo apt update && sudo apt -y install wget

  5. sudo wget -O - https://prerequisites.dappnode.io | sudo bash

  6. sudo wget -O - https://installer.dappnode.io | sudo bash

Expected behaviour The web page should come up per the instructions

Screenshots

➜  ~ curl -vvv dappnode.local
*   Trying REDACTED:80...
* Connected to dappnode.local (REDACTED) port 80 (#0)
> GET / HTTP/1.1
> Host: dappnode.local
> User-Agent: curl/7.79.1
> Accept: */*
> 
* Empty reply from server
* Closing connection 0
curl: (52) Empty reply from server
➜  ~ curl -vvv --insecure https://dappnode.local 
*   Trying REDACTED:443...
* Connected to dappnode.local (REDACTED) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=default-server.example.com
*  start date: Oct  7 04:02:12 2022 GMT
*  expire date: Sep 13 04:02:12 2122 GMT
*  issuer: CN=default-server.example.com
*  SSL certificate verify result: self signed certificate (18), continuing anyway.
> GET / HTTP/1.1
> Host: dappnode.local
> User-Agent: curl/7.79.1
> Accept: */*
> 
* Empty reply from server
* Closing connection 0
curl: (52) Empty reply from server

DAppNode version:

Additional context

troykelly commented 2 years ago

More info:

Container seems to be working

========================================
HTTPS-PORTAL v1.17.2
========================================

[cont-init.d] 00-welcome: exited 0.
[cont-init.d] 20-setup: executing... 
RSA key ok
[cont-init.d] 20-setup: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
Server listening on: http://0.0.0.0:5000
root@dapp001:~# docker ps -a
CONTAINER ID   IMAGE                                        COMMAND                  CREATED             STATUS                  PORTS                                                                                                                     NAMES
b8d65b451ea1   wifi.dnp.dappnode.eth:0.2.8                  "/bin/sh -c 'iw dev'"    1 second ago        Up Less than a second                                                                                                                             funny_archimedes
6dd8b96e10d9   https.dnp.dappnode.eth:0.1.3                 "/init"                  About an hour ago   Up 30 minutes           0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp                                                  DAppNodeCore-https.dnp.dappnode.eth
f91848cd5cbb   wireguard.wireguard.dnp.dappnode.eth:0.1.1   "/init"                  About an hour ago   Up About an hour        0.0.0.0:51820->51820/udp, :::51820->51820/udp                                                                             DAppNodeCore-wireguard.wireguard.dnp.dappnode.eth
0a8b8eb48f1a   api.wireguard.dnp.dappnode.eth:0.1.1         "node src/index"         About an hour ago   Up About an hour                                                                                                                                  DAppNodeCore-api.wireguard.dnp.dappnode.eth
275c51888362   wifi.dnp.dappnode.eth:0.2.8                  "/usr/bin/entrypoint…"   About an hour ago   Up About a minute                                                                                                                                 DAppNodeCore-wifi.dnp.dappnode.eth
0c08ee85d855   ipfs.dnp.dappnode.eth:0.2.16                 "/sbin/tini -- /usr/…"   About an hour ago   Up About an hour        5001/tcp, 4001/udp, 0.0.0.0:4001->4001/tcp, :::4001->4001/tcp, 0.0.0.0:4002->4002/udp, :::4002->4002/udp, 8080-8081/tcp   DAppNodeCore-ipfs.dnp.dappnode.eth
a1f83f21b547   dappmanager.dnp.dappnode.eth:0.2.51          "docker-entrypoint.s…"   About an hour ago   Up About an hour                                                                                                                                  DAppNodeCore-dappmanager.dnp.dappnode.eth
bad23899e5ed   bind.dnp.dappnode.eth:0.2.6                  "supervisord"            About an hour ago   Up About an hour        53/udp                                                                                                                    DAppNodeCore-bind.dnp.dappnode.eth
3alpha commented 2 years ago

Hey!

Can you try to run docker exec DAppNodeCore-https.dnp.dappnode.eth cat /etc/nginx/nginx.conf command in your dappnode and verify that towards the end of the output you have this part

    server {
        server_name   dappnode.local;
        listen        80;
        listen [::]:80;
        resolver 172.33.1.2;
        allow 10.0.0.0/8;
        allow 172.16.0.0/12;
        allow 192.168.0.0/16;
        allow fc00::/7;
        deny all;
        location      / {
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_pass http://my.dappnode;
        }
    }
troykelly commented 2 years ago

Thank you @3alpha - the file is basically empty...

➜  ~ docker exec DAppNodeCore-https.dnp.dappnode.eth cat /etc/nginx/nginx.conf
# This file will be compiled into /etc/nginx/nginx.conf

user  nginx;
worker_processes  1;

pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    ssl_protocols TLSv1.2 TLSv1.3;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    map $http_upgrade $connection_upgrade {
        default upgrade;
        ''      close;
    }

    access_log off;

    error_log /dev/stderr error;

    sendfile        on;

    keepalive_timeout  65;

        gzip on;
        gzip_disable "msie6";
        gzip_vary on;
        gzip_proxied any;
        gzip_comp_level 6;
        gzip_buffers 16 8k;
        gzip_http_version 1.1;
        gzip_types application/javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font application/x-font-opentype application/x-font-otf application/x-font-truetype application/x-font-ttf application/x-javascript application/xhtml+xml application/xml font/opentype font/otf font/ttf image/svg+xml image/x-icon text/css text/javascript text/plain text/xml;

    server_tokens off;

    server_names_hash_max_size 4096;

    server_names_hash_bucket_size 128;

    resolver 127.0.0.11;

    include /etc/nginx/conf.d/*.conf;

    # Prevent Nginx from leaking other server configurations on the same machine
    server {
        listen      80 default_server;
        listen      443 ssl default_server;

        ssl_certificate /var/lib/https-portal/default_server/default_server.crt;
        ssl_certificate_key /var/lib/https-portal/default_server/default_server.key;
        server_name _;
        return      444;
    }
}

and there is nothing in the conf.d either

➜  ~ docker exec DAppNodeCore-https.dnp.dappnode.eth ls -al /etc/nginx/conf.d/
total 12
drwxr-xr-x    1 root     root          4096 Mar  7  2022 .
drwxr-xr-x    1 root     root          4096 Dec 17  2020 ..
3alpha commented 2 years ago

Did you try restarting HTTPS package? Somethimes something breaks during the startup and that server configuration doesn't get injected.

pablomendezroyo commented 2 years ago

@3alpha we should find out the root problem, should we create an issue the HTTPS package related to this?

troykelly commented 2 years ago

@3alpha this is easily reproducible - just run the iso or install script - it fails every time for me.

alexpeterson91 commented 2 years ago

I just did a fresh install on a test machine. Can't reproduce your error either.

troykelly commented 2 years ago

Not sure what to say - I've tried multiple times, ISO install and script install - always fails. Happy to close because I've given up and doing something else with the resources.

alexpeterson91 commented 2 years ago

What hardware are you using and what's your network connection? We'd much rather solve a bug if it's there, we just need to figure out why this is happening for you. Because there's obviously some sort of issue based on your provided logs and outputs.

troykelly commented 2 years ago

I've just been testing on a Poweredge 410, and esxi 7 VM's 10Gigabit network core, 2Gigabit link to Poweredge, 10 on the esxi box. 1Gigabit links to peers for Internet.

Does something need to download in a particular timeframe, or could latency cause this?

I've been messing with a Solana validator as well - and, there are no validators close enough (by latency/speed) to get the snapshot fast enough.

stale[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions!

troykelly commented 1 year ago

@alexpeterson91 should I give up?

alexpeterson91 commented 1 year ago

How are you trying to access. You can’t access the local proxy on a non local server. It’s not even a good feature locally.  Very limited. No ssl. Your logs showed 443 you can’t access that over that port nor anything else ui related for that matter really. You must be inside the local docker network of dappnode to access the UIs which is. Why a VPN is needed or other special connection. We offer WireGuard (preferred) and openVPN . For dappnode.local you have to be on the same LAN and use port 80.  But it’s buggy and can only access one of the many UIs. You need to ssh to the nodes public IP get WireGuard credentials install them on your local device. Connect to the vpn. Then access at HTTP://my.dappnode. I don’t know if I missed something but it looks like you never were actually trying to connect properly. At least from this issue’s comments. You need to connect over VPN to access the UI, it’s auto generated wifi hotspot or from the LAN Proxy. Let me know if you’ve been trying to access any of these ways. Or if you need more help let me know. Sent from my iPhoneOn Dec 15, 2022, at 11:11 PM, Troy Kelly @.***> wrote: @alexpeterson91 should I give up?

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you were mentioned.Message ID: @.***>

stale[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions!

stale[bot] commented 1 year ago

This issue or pull request has been automatically been closed due to inactivity.