search

pterodactyl / panel

Pterodactyl® is a free, open-source game server management panel built with PHP, React, and Go. Designed with security in mind, Pterodactyl runs all game servers in isolated Docker containers while exposing a beautiful and intuitive UI to end users.
https://pterodactyl.io
Other
6.56k stars 1.64k forks source link

Node connected but cannot spin up server #4862

Closed BossAimbot closed 8 months ago

BossAimbot commented 12 months ago

Current Behavior

My panel cannot connect to node after auto-deploy. i have created a node and used the auto deploy and started wings using systemctl and get a connection with a green heartbeat but cannot view the nodes system information and cannot create any servers on the node

edit: all neccessary ports have been opened and forwared i am NOT on the same connection as the panel and node. image

Expected Behavior

having the node connected

Steps to Reproduce

on the pterodactyl admin dashboard; Create node > configure node with my FQDN > used auto-deploy as well as manually importing configuration to /etc/pterodactyl/config.yml > and starting wings. result stated above

Panel Version

1.11.3

Wings Version

1.11.7

Games and/or Eggs Affected

N/A

Docker Image

No response

Error Logs

No response

Is there an existing issue for this?

Jcodeerd commented 12 months ago

Have you checked your firewall?

Boy132 commented 12 months ago

This not a bug with the software. Please visit the Discord for support.

BossAimbot commented 12 months ago

Have you checked your firewall?

yes i have all the ports open and forwarded, 80,2022,8080,443 etc

BossAimbot commented 12 months ago

This not a bug with the software. Please visit the Discord for support.

this is a fresh installation of both the panel and wings and my tickets was just closed with no responses…

parkervcp commented 12 months ago

You can provided no logs or even screenshots.

If you are running this internally, it may be having issues with NAT routing or is unable to reach the host running wings. The green heart means your machine can reach it but the panel host cannot.

BossAimbot commented 12 months ago

You can provided no logs or even screenshots.

If you are running this internally, it may be having issues with NAT routing or is unable to reach the host running wings. The green heart means your machine can reach it but the panel host cannot.

i am not running this internally i can provide screenshots but my logs show no errors image image Untitled

BossAimbot commented 12 months ago

update, i still havent resolved this issue and cannot find a solution on discord server.. link to my post on the discord: https://discord.com/channels/122900397965705216/1151227816055156747

guillaumearnx commented 10 months ago

Same issue on fresh install Panel : 1.11.5 Wings : 1.11.8

Node is green but i can't fetch infos about it.

image

image

No logs while doing wings --debug

Boy132 commented 10 months ago

Please visit the Discord for configuration specific issues. This is not a bug.

Dampfwalze commented 8 months ago

I also had many errors in my panel and the issue mentioned by @guillaumearnx

The issue for me was, that the panel could not verify the ssl certificate from the Wing, since I am in a local environment and I used self signed certificates (using Nginx Proxy Manager).

At some point, the laravel logs at "storage/logs" started to report this error:

RequestException: cURL error 60: SSL certificate problem: self-signed certificate in certificate chain

To solve this, I tried to generate all my certificates with a certificate authority (CA) and tried to configure the CA on all my clients. I followed this tutorial. While I could get the CA working with my desktop machine (The browser does not complain anymore and recognizes the certificate as valid), I wasn't able to get it to work with the panel. I am running it using docker and I wasn't able to configure the CA correctly inside the container. I got to the point where openssl s_client -connect <domain>:443 could actually verify it inside the container, but somehow, the panel process didn't recognize it...

To configure the CA inside the container, I mounted the host CA into the container:

volumes:
    "/etc/ssl/certs/ca.pem:/etc/ssl/certs/ca.pem"

I ran update-ca-certificates inside the running container, after which openssl s_client -connect <domain>:443 could actually verify the certificate of my Wing. But even after restarting the container, the panel still could not validate the certificate...

Is there any proper way to configure a CA inside a docker container? Or to just inherit it from the host?

Working solution

After looking through the source code a bit, I stumbled across this function:

https://github.com/pterodactyl/panel/blob/fe83a4f7552dd7ffe5a8455d09d42c443e6b3e91/app/Repositories/Wings/DaemonRepository.php#L46-L64

The verify property of the Client is set to true, when the environment is set to production. So I checked my docker-compose.yml and the APP_ENV environment variable was set to production. I just set it to something else (local in my case), but you could probably also just remove it. Et voilà, it worked!

Note: It is probably not a good idea to completely skip the certificate verification in a public production environment. If you are in such an environment, you should just go the route and get a valid certificate from a trusted CA (Using Let's Encrypt for example). But in a local environment, it is just not possible, nor worth it, to get a publicly trusted certificate.