mlsmaycon
commented
1 month ago Hello @HybridRCG can you please share the logs from the management service? you can get them with the following command:
docker compose logs management
Open HybridRCG opened 1 month ago
mlsmaycon
commented
1 month ago Hello @HybridRCG can you please share the logs from the management service? you can get them with the following command:
docker compose logs management
HybridRCG
commented
1 month ago Hi Thanks for the help!
This is some of the log file entries there. They are all identical a few seconds apart.
management-1 | Error: failed reading provided config file: /etc/netbird/management.json: OIDC configuration request returned status 502 with response: management-1 |
mlsmaycon
commented
1 month ago It seems like there is an issue with either caddy or zitadel, can you please share all logs?
docker compose logs
HybridRCG
commented
1 month ago logs :
WARN[0000] /home/hybrid/netbird/infrastructure_files/artifacts/docker-compose.yml: version is obsolete
dashboard-1 | + LETSENCRYPT_DOMAIN=nb.groblers.co.uk
dashboard-1 | + LETSENCRYPT_EMAIL=riaangrobler@me.com
dashboard-1 | + NGINX_SSL_PORT=443
dashboard-1 | + '[' nb.groblers.co.uk-x == none-x ']'
dashboard-1 | + certbot -n --nginx --agree-tos --email riaangrobler@me.com -d nb.groblers.co.uk --https-port 443
dashboard-1 | NetBird latest version:
dashboard-1 | Saving debug log to /var/log/letsencrypt/letsencrypt.log
dashboard-1 | NetBird latest version:
dashboard-1 | Requesting a certificate for nb.groblers.co.uk
dashboard-1 |
dashboard-1 | Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
dashboard-1 | Domain: nb.groblers.co.uk
dashboard-1 | Type: unauthorized
dashboard-1 | Detail: 41.149.60.65: Invalid response from https://nb.groblers.co.uk/.well-known/acme-challenge/bXtOOWgctTOU2-SPDJfxqZpxz4vk32WcuHnek0A5g94: 404
dashboard-1 |
dashboard-1 | Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
dashboard-1 |
dashboard-1 | Some challenges have failed.
signal-1 | 2024-05-11T06:03:10Z INFO signal/cmd/run.go:110: running gRPC backward compatibility server: [::]:10000
signal-1 | 2024-05-11T06:03:10Z INFO signal/cmd/run.go:132: running gRPC server: [::]:80
signal-1 | 2024-05-11T06:03:10Z INFO signal/cmd/run.go:135: signal server version 0.27.4
signal-1 | 2024-05-11T06:03:10Z INFO signal/cmd/run.go:136: started Signal Service
signal-1 | 2024-05-11T06:10:39Z INFO signal/cmd/run.go:110: running gRPC backward compatibility server: [::]:10000
signal-1 | 2024-05-11T06:10:39Z INFO signal/cmd/run.go:132: running gRPC server: [::]:80
signal-1 | 2024-05-11T06:10:39Z INFO signal/cmd/run.go:135: signal server version 0.27.4
signal-1 | 2024-05-11T06:10:39Z INFO signal/cmd/run.go:136: started Signal Service
dashboard-1 | Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
dashboard-1 | 2024-05-11 06:03:24,805 WARN received SIGINT indicating exit request
dashboard-1 | 2024-05-11 06:03:24,805 WARN received SIGINT indicating exit request
dashboard-1 | + LETSENCRYPT_DOMAIN=nb.groblers.co.uk
dashboard-1 | + LETSENCRYPT_EMAIL=riaangrobler@me.com
dashboard-1 | + NGINX_SSLPORT=443
dashboard-1 | + '[' nb.groblers.co.uk-x == none-x ']'
dashboard-1 | + certbot -n --nginx --agree-tos --email riaangrobler@me.com -d nb.groblers.co.uk --https-port 443
dashboard-1 | NetBird latest version:
dashboard-1 | Saving debug log to /var/log/letsencrypt/letsencrypt.log
dashboard-1 | NetBird latest version:
dashboard-1 | Requesting a certificate for nb.groblers.co.uk
dashboard-1 | 192.168.1.3 - - [11/May/2024:06:10:46 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03D\xC8{\x0By\x10y\xB3\xED\xB1\xB7\xA7\x1F\x05j\xB2R\x8A\x1D[j@\x90;\x03\xA6$\xB9\x92{?U\x00\x008\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 150 "-" "-" "-"
dashboard-1 | 192.168.1.3 - - [11/May/2024:06:10:48 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03?w\xFC\xFE\x9Bv6i" 400 150 "-" "-" "-"
dashboard-1 |
dashboard-1 | Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
dashboard-1 | Domain: nb.groblers.co.uk
dashboard-1 | Type: unauthorized
dashboard-1 | Detail: 41.149.60.65: Invalid response from https://nb.groblers.co.uk/.well-known/acme-challenge/WX7bdhcXbhNji0JqnWAWEntbWirZsuzB0FhfebNp4c8: 404
dashboard-1 |
dashboard-1 | Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
dashboard-1 |
dashboard-1 | Some challenges have failed.
dashboard-1 | Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
dashboard-1 | 192.168.1.3 - - [11/May/2024:06:10:53 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03\xAB\xB4\xC7\xEC\x8E\xC0D]\xBCJ\xD9\x8F\xD3\xAB\xBA<\x0EN>\xF9\x0B\xCC\xCD/+\xD5Y\x13\xC2\x09\x8F\xBB\x00\x008\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 150 "-" "-" "-"
dashboard-1 | 192.168.1.3 - - [11/May/2024:06:11:02 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03e'J\x84\xFB\xEA\xE7\xF4\xA6K\xE7\xF4\x02\x89\xBB;\xD5\x1EE\xD7\x82\x9B;d`G/\xE5\x072\xD9\xB0\x00\x008\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 150 "-" "-" "-"
dashboard-1 | 192.168.1.3 - - [11/May/2024:06:11:11 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03L\xAE\xA0\xE0\x9C\xF8-\x01\x04U\xF9\x88\x87\xAF\x06hI\xF4\x1F\xBB\xE0\x1C\xE3\xB6w\xA19&t\xED\xB2l\x00\x008\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 150 "-" "-" "-"
dashboard-1 | 192.168.1.3 - - [11/May/2024:06:11:18 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03\xD3\xF2\xA7" 400 150 "-" "-" "-"
dashboard-1 | 192.168.1.3 - - [11/May/2024:06:59:54 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03\xE0@\xE1\x0C\xB1\x03{\x02\x9De\xFB?\xF9{IU}" 400 150 "-" "-" "-"
dashboard-1 | 192.168.1.3 - - [11/May/2024:06:59:54 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03\xA2\xE2J\x9C&\x1C\xCE\xC3%M;\xE9\xBC\xFCkF\xEB.\x89L2#D\x0F\x8C\x1E\xA4\x9C\xF6=\xB6\x9D\x00\x008\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 150 "-" "-" "-"
dashboard-1 | 192.168.1.3 - - [11/May/2024:07:00:03 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03\xB4\x83Y\x97\x95r8V\xE1\x1C\xD7[o4\x1A24u\x0BZr\xA0\xB1E\xE5\x1Eu\xD2\x22\x0EB\x95\x00\x008\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 150 "-" "-" "-"
dashboard-1 | 192.168.1.3 - - [11/May/2024:07:00:05 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03#\xEC3\xDD\x9F\x06w,d^X\xCB\xFC\xE6\x09_\xE5\xDBT\xC5\xB8\x1A\xFC\x22\x12J9[>utt\x00\x008\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 150 "-" "-" "-"
dashboard-1 | 192.168.1.3 - - [11/May/2024:07:00:07 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03B\xBF\xABNJP\xF6\xA4\xEBW\xA5\xA1\xEB\x9C2:F\x90*|'1\x00\x0F\xC2\xEC5&\x97~\xE8!\x00\x008\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 150 "-" "-" "-"
dashboard-1 | 192.168.1.3 - - [11/May/2024:07:00:07 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03J\xBD\x03\xE2;\x9E\xC3\xD5\xC6RP\x09\xDA[\x04\xC1m\x15/b\xEA\xABr\x86\x1F\xE2\xE3@\xBE\x17\x0F\x1F\x00\x008\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 150 "-" "-" "-"
dashboard-1 | 192.168.1.3 - - [11/May/2024:07:00:49 +0000] "\x16\x03\x01\x00\xB7\x01\x00\x00\xB3\x03\x03\xCC\x11&Z\x06\x1D\xEF\xE8\xA3\xDE\x9E\xF8\x1E\xFD\xDClV\x0F:\x9D)?\xED\x1F@R\x96\x9A\xD3!\x8A@\x00\x008\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 150 "-" "-" "-"
mrcxs
commented
1 month ago 您好,您能分享管理服务的日志吗?您可以使用以下命令获取它们:
docker compose 日志管理
I'm also having issues with 502 when I'm building.
management-1 | 2024-05-11T14:14:17Z INFO management/server/telemetry/app_metrics.go:177: enabled application metrics and exposing on http://0.0.0.0:8081 management-1 | 2024-05-11T14:14:17Z INFO management/server/store.go:95: using SQLite store engine management-1 | 2024-05-11T14:14:17Z INFO management/server/migration/migration.go:114: Table for peer.Peer does not exist, no migration needed management-1 | 2024-05-11T14:14:17Z INFO management/server/migration/migration.go:114: Table for peer.Peer does not exist, no migration needed management-1 | 2024-05-11T14:14:17Z INFO management/cmd/management.go:161: update config with activity store key
HybridRCG
commented
1 month ago 您好,您能分享管理服务的日志吗?您可以使用以下命令获取它们: docker compose 日志管理
I'm also having issues with 502 when I'm building.
management-1 | 2024-05-11T14:14:17Z INFO management/server/telemetry/app_metrics.go:177: enabled application metrics and exposing on http://0.0.0.0:8081 management-1 | 2024-05-11T14:14:17Z INFO management/server/store.go:95: using SQLite store engine management-1 | 2024-05-11T14:14:17Z INFO management/server/migration/migration.go:114: Table for peer.Peer does not exist, no migration needed management-1 | 2024-05-11T14:14:17Z INFO management/server/migration/migration.go:114: Table for peer.Peer does not exist, no migration needed management-1 | 2024-05-11T14:14:17Z INFO management/cmd/management.go:161: update config with activity store key
Not sure why you would hijack a thread if the symptoms of your problem is not the same as mine? Apart from the 502 the errors are totally diffrent. :)
mrcxs
commented
1 month ago 您好,您能分享管理服务的日志吗?您可以使用以下命令获取它们: docker compose 日志管理
I'm also having issues with 502 when I'm building.
management-1 | 2024-05-11T14:14:17Z INFO management/server/telemetry/app_metrics.go:177: enabled application metrics and exposing on http://0.0.0.0:8081 management-1 | 2024-05-11T14:14:17Z INFO management/server/store.go:95: using SQLite store engine management-1 | 2024-05-11T14:14:17Z INFO management/server/migration/migration.go:114: Table for peer.Peer does not exist, no migration needed management-1 | 2024-05-11T14:14:17Z INFO management/server/migration/migration.go:114: Table for peer.Peer does not exist, no migration needed management-1 | 2024-05-11T14:14:17Z INFO management/cmd/management.go:161: update config with activity store keyNot sure why you would hijack a thread if the symptoms of your problem is not the same as mine? Apart from the 502 the errors are totally diffrent. :)
Nothing to do, he fixed it himself, and the next day he was able to access normally.
HybridRCG
commented
1 month ago Ah ok. Any insight ne my problem? :)
Just as a side note... If i use the self hosting quick option... Zitadel does not install if my nginx is pointing to https://ip:443 , Zitadel only installs if Nginx is pointing to http://IP:80.
I get this after the install with nginx on : http:IP/80.. You can access the NetBird dashboard at https://nb.groblers.co.uk
I can obviously not go to http , so trying to go provided adress gives me 502 gateway error.
I run the install. No issues on screen. tells met to go to my domain with this username and password. I get error 502. Bad Gateway.
Doing a docker PS I see my management server is restarting.
logs for management container as follows. (i replaced my domain name. with example.com
2024-05-10T13:55:18Z INFO management/cmd/management.go:455: loading OIDC configuration from the provided IDP configuration endpoint https://example.com/.well-known/openid-configuration Error: failed reading provided config file: /etc/netbird/management.json: OIDC configuration request returned status 502 with response:
502 Bad Gateway
This duplicates over and over on every restart of management container.
Tried restarting the server, Ubuntu 24.04 and tried Ubuntu 22.4. Updated all updates. Fixed ip on Ubuntu server running on proxmox. I use Nginx as on a diffrent container wich portforwards https > 192.168.1.1 , port 443 , with a Lets encrypt SSL through Cloudflare.
Please specify whether you use NetBird Cloud or self-host NetBird's control plane.
NetBird version Self-hosted : latest