search

redimp / otterwiki

A minimalistic wiki powered by python, markdown and git.
https://otterwiki.com
MIT License
648 stars 29 forks source link

Otterwiki serves (almost) no files #152

Closed Valhrafnaz closed 1 week ago

Valhrafnaz commented 1 month ago

I have been trying to setup an instance of otterwiki on my rocky server, sadly to no results. I have modified the podman command to label the volume correctly, and I get no SELinux events happening accordingly. Still, if I try to browse the site, it only serves the basic home site with no css and non-functional js (tested on both my regular installation of firefox and a completely clean install of chromium), no links are functional. If I restrict access (as I intend to do) to registered users, the server serves a fully empty html doc and nothing else. The network tab shows no attempts at other connections, only the empty html and default favicon are served with status 200. Apart from labeling the volume :Z, the only other modification I did to the base config was switch the "external" port to 8081 since 8080 is in use.

podman run -d --name otterwiki -p 8081:80 -v $PWD/otterwiki/app-data:/app-data:Z --restart always redimp/otterwiki:2.6 (I have tried both using the image for 2 and 2.6)

I am running the most basic possible caddy reverse proxy and my site is proxied via cloudflare (just the free tier stuff); I suspect cloudflare is the culprit, though disabling the proxying didn't help. Any ideas what else this might be?

redimp commented 1 month ago

Hey @Valhrafnaz, to rule. out, that something beyond An Otter Wiki goes wrong, can you please:

  1. Share the logs (podman logs otterwiki) of the container?
  2. Check if you can connect to the pod directly on the machine where you started the pod? e.g. with curl localhost:8081?

The podman command looks good to me. I've tested the deployment today in order to document in the FAQ how to handle SELinux. Which worked fine.

Valhrafnaz commented 1 month ago
  1. podman logs:
Initialized empty Git repository in /app-data/repository/.git/
2024-10-19 22:56:33,795 INFO Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
2024-10-19 22:56:33,795 INFO Set uid to user 0 succeeded
2024-10-19 22:56:33,799 INFO RPC interface 'supervisor' initialized
2024-10-19 22:56:33,800 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2024-10-19 22:56:33,800 INFO supervisord started with pid 1
2024-10-19 22:56:34,804 INFO spawned: 'quit_on_failure' with pid 11
2024-10-19 22:56:34,807 INFO spawned: 'nginx' with pid 12
2024-10-19 22:56:34,810 INFO spawned: 'uwsgi' with pid 13
2024/10/19 22:56:34 [notice] 12#12: using the "epoll" event method
2024/10/19 22:56:34 [notice] 12#12: nginx/1.25.3
2024/10/19 22:56:34 [notice] 12#12: built by gcc 12.2.0 (Debian 12.2.0-14) 
2024/10/19 22:56:34 [notice] 12#12: OS: Linux 5.14.0-427.40.1.el9_4.x86_64
2024/10/19 22:56:34 [notice] 12#12: getrlimit(RLIMIT_NOFILE): 524288:524288
2024/10/19 22:56:34 [notice] 12#12: start worker processes
2024/10/19 22:56:34 [notice] 12#12: start worker process 14
[uwsgi] implicit plugin requested python3
[uWSGI] getting INI configuration from /app/uwsgi.ini
*** Starting uWSGI 2.0.21-debian (64bit) on [Sat Oct 19 22:56:34 2024] ***
compiled with version: 12.2.0 on 19 May 2023 13:59:29
os: Linux-5.14.0-427.40.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Oct 16 14:57:47 UTC 2024
nodename: fec64fa3b2a7
machine: x86_64
clock source: unix
pcre jit disabled
detected number of CPU cores: 8
current working directory: /
writing pidfile to /tmp/uwsgi.pid
detected binary path: /usr/bin/uwsgi-core
chdir() to /app
your processes number limit is 94958
your memory page size is 4096 bytes
detected max file descriptor number: 524288
lock engine: pthread robust mutexes
thunder lock: disabled (you can enable it with --thunder-lock)
uwsgi socket 0 bound to UNIX address /tmp/uwsgi.sock fd 3
setgid() to 33
setuid() to 33
Python version: 3.11.2 (main, Aug 26 2024, 07:20:54) [GCC 12.2.0]
PEP 405 virtualenv detected: /opt/venv
Set PythonHome to /opt/venv
Python main interpreter initialized at 0x7f859c767018
python threads support enabled
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 5 seconds
mapped 145840 bytes (142 KB) for 1 cores
*** Operational MODE: single process ***
[2024-10-19 22:56:35,804] INFO in server: server: Created initial /Home.
2024-10-19 22:56:35,804 INFO success: quit_on_failure entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
WSGI app 0 (mountpoint='') ready in 2 seconds on interpreter 0x7f859c767018 pid: 13 (default app)
2024-10-19 22:56:36,050 INFO success: nginx entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2024-10-19 22:56:36,050 INFO success: uwsgi entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
spawned uWSGI master process (pid: 13)
spawned uWSGI worker 1 (pid: 26, cores: 1)
running "unix_signal:15 gracefully_kill_them_all" (master-start)...
10.0.2.100 - - [19/Oct/2024:22:56:42 +0000] "GET / HTTP/1.1" 200 8932 "-" "curl/7.76.1" "-"
2024-10-19 23:01:05,229 WARN received SIGQUIT indicating exit request
2024-10-19 23:01:05,231 INFO waiting for quit_on_failure, nginx, uwsgi to die
Sat Oct 19 23:01:05 2024 - graceful shutdown triggered...
Gracefully killing worker 1 (pid: 26)...
worker 1 buried after 1 seconds
goodbye to uWSGI.
2024-10-19 23:01:07,245 INFO stopped: uwsgi (exit status 0)
2024-10-19 23:01:07,246 INFO reaped unknown pid 23 (exit status 0)
2024-10-19 23:01:07,246 INFO reaped unknown pid 24 (exit status 0)
2024/10/19 23:01:07 [notice] 12#12: signal 15 (SIGTERM) received from 1, exiting
2024/10/19 23:01:07 [notice] 14#14: exiting
2024/10/19 23:01:07 [notice] 14#14: exit
2024-10-19 23:01:07,248 WARN received SIGTERM indicating exit request
2024/10/19 23:01:07 [notice] 12#12: signal 17 (SIGCHLD) received from 14
2024/10/19 23:01:07 [notice] 12#12: worker process 14 exited with code 0
2024/10/19 23:01:07 [notice] 12#12: exit
2024-10-19 23:01:07,283 INFO stopped: nginx (exit status 0)
2024-10-19 23:01:07,284 WARN stopped: quit_on_failure (terminated by SIGTERM)
2024-10-19 23:01:07,713 INFO Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
2024-10-19 23:01:07,713 INFO Set uid to user 0 succeeded
2024-10-19 23:01:07,716 INFO RPC interface 'supervisor' initialized
2024-10-19 23:01:07,716 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2024-10-19 23:01:07,717 INFO supervisord started with pid 1
2024-10-19 23:01:08,720 INFO spawned: 'quit_on_failure' with pid 4
2024-10-19 23:01:08,723 INFO spawned: 'nginx' with pid 5
2024-10-19 23:01:08,726 INFO spawned: 'uwsgi' with pid 6
2024/10/19 23:01:08 [notice] 5#5: using the "epoll" event method
2024/10/19 23:01:08 [notice] 5#5: nginx/1.25.3
2024/10/19 23:01:08 [notice] 5#5: built by gcc 12.2.0 (Debian 12.2.0-14) 
2024/10/19 23:01:08 [notice] 5#5: OS: Linux 5.14.0-427.40.1.el9_4.x86_64
2024/10/19 23:01:08 [notice] 5#5: getrlimit(RLIMIT_NOFILE): 524288:524288
2024/10/19 23:01:08 [notice] 5#5: start worker processes
2024/10/19 23:01:08 [notice] 5#5: start worker process 7
[uwsgi] implicit plugin requested python3
[uWSGI] getting INI configuration from /app/uwsgi.ini
*** Starting uWSGI 2.0.21-debian (64bit) on [Sat Oct 19 23:01:08 2024] ***
compiled with version: 12.2.0 on 19 May 2023 13:59:29
os: Linux-5.14.0-427.40.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Oct 16 14:57:47 UTC 2024
nodename: fec64fa3b2a7
machine: x86_64
clock source: unix
pcre jit disabled
detected number of CPU cores: 8
current working directory: /
writing pidfile to /tmp/uwsgi.pid
detected binary path: /usr/bin/uwsgi-core
chdir() to /app
your processes number limit is 94958
your memory page size is 4096 bytes
detected max file descriptor number: 524288
lock engine: pthread robust mutexes
thunder lock: disabled (you can enable it with --thunder-lock)
uwsgi socket 0 bound to UNIX address /tmp/uwsgi.sock fd 3
setgid() to 33
setuid() to 33
Python version: 3.11.2 (main, Aug 26 2024, 07:20:54) [GCC 12.2.0]
PEP 405 virtualenv detected: /opt/venv
Set PythonHome to /opt/venv
Python main interpreter initialized at 0x7f5b246aa018
python threads support enabled
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 5 seconds
mapped 145840 bytes (142 KB) for 1 cores
*** Operational MODE: single process ***
WSGI app 0 (mountpoint='') ready in 1 seconds on interpreter 0x7f5b246aa018 pid: 6 (default app)
spawned uWSGI master process (pid: 6)
spawned uWSGI worker 1 (pid: 12, cores: 1)
running "unix_signal:15 gracefully_kill_them_all" (master-start)...
10.0.2.100 - - [19/Oct/2024:23:01:09 +0000] "GET / HTTP/1.1" 302 204 "-" "curl/7.76.1" "-"
2024-10-19 23:01:09,847 INFO success: quit_on_failure entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2024-10-19 23:01:09,847 INFO success: nginx entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2024-10-19 23:01:09,847 INFO success: uwsgi entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
10.0.2.100 - - [19/Oct/2024:23:01:24 +0000] "GET / HTTP/1.1" 302 204 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:131.0) Gecko/20100101 Firefox/131.0" "162.158.222.128"
10.0.2.100 - - [19/Oct/2024:23:01:31 +0000] "GET / HTTP/1.1" 302 204 "-" "curl/7.76.1" "-"
10.0.2.100 - - [19/Oct/2024:23:01:40 +0000] "GET /-/login HTTP/1.1" 200 5458 "-" "curl/7.76.1" "-"

This includes one restart command.

  1. curl localhost:8081 :
<!doctype html><html lang="en"> <title>Redirecting...</title> <h1>Redirecting...</h1> <p>You should be redirected automatically to the target URL: <a href="/-/login">/-/login</a>. If not, click the link. %

    and then with the uri, which the browser does manage to do as well:

    
curl localhost:8081/-/login
<!DOCTYPE html><html lang="en" class="auto-scaling-disabled"> <head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"><meta content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0" name="viewport"><meta name="viewport" content="width=device-width"><meta property="og:title" content="(name)"><meta property="og:type" content="website"><meta property="og:url" content="http://localhost:8081/"><meta property="og:description" content="(desc)"><meta property="og:image" content="http://localhost:8081/static/img/otterhead.png"><link rel="icon" href="/static/img/otter-favicon2.png"><title>Login &ndash; (name)</title><link href="/static/css/halfmoon.min.css?v2.6.2-0-gbf8ae8a" rel="stylesheet" media="screen"><link href="/static/css/otterwiki.css?v2.6.2-0-gbf8ae8a" rel="stylesheet" media="screen"><link href="/static/css/print.css?v2.6.2-0-gbf8ae8a" rel="stylesheet" media="print"><link rel="stylesheet" href="/static/css/fontawesome-all.min.css?v2.6.2-0-gbf8ae8a"><link href="/static/css/pygments.css?v2.6.2-0-gbf8ae8a" rel="stylesheet" media="screen"><link href="/static/css/pygments-print.css?v2.6.2-0-gbf8ae8a" rel="stylesheet" media="print"><link href="/static/css/roboto.css?v2.6.2-0-gbf8ae8a" rel="stylesheet"><link href="/static/custom/custom.css" rel="stylesheet" media="screen"><meta name="robots" content="noindex, nofollow"></head> <body class="with-custom-webkit-scrollbars with-custom-css-scrollbars" data-set-preferred-mode-onload="true"> <div id="page-wrapper" class="page-wrapper with-navbar with-sidebar" data-sidebar-type="overlayed-sm-and-down"> <div class="sticky-alerts"></div> <nav class="navbar"> <div class="navbar-content relative"> <button id="toggle-sidebar-btn" class="btn btn-action" type="button" onclick="halfmoon.toggleSidebar()"> <i class="fas fa-bars"></i> </button> </div> <a href="/" class="navbar-brand ml-10 ml-sm-20" title="(desc)"> <img src="/static/img/otterhead.png" alt id="site_logo"> <span class="d-none d-sm-flex text-truncate">(name)</span> </a> <div class="navbar-content ml-auto"> <form action="/-/search" method="post" class="relative"> <span class="top-search"> <input id="search-query" name="query" type="text" class="form-control mr-5" placeholder="Search" style="padding-right:3.5rem"> </span> </form> <div class="dropdown"> <button class="btn btn-action" data-toggle="dropdown" type="button" id="navbar-dropdown-toggle-btn-1"> <i class="fas fa-ellipsis-v"></i> </button> <div class="dropdown-menu dropdown-menu-right w-200" aria-labelledby="navbar-dropdown-toggle-btn-1"> <a href="/-/help" class="dropdown-item-with-icon"> <span class="dropdown-icon"> <i class="fas fa-question-circle"></i> </span> Documentation </a> <a href="#" class="dropdown-item-with-icon" onclick="halfmoon.toggleDarkMode()"> <span class="dropdown-icon"> <i class="far fa-moon"></i> </span> Toggle dark mode </a> <a href="/-/login " class="dropdown-item-with-icon"> <span class="dropdown-icon"> <i class="fas fa-sign-in-alt"></i> </span> Login </a> </div> </div> </div> </nav> <div class="sidebar-overlay" onclick="halfmoon.toggleSidebar()"></div> <div class="sidebar d-flex flex-column relative"> <div class="sidebar-menu w-full flex-grow-1"> <a href="/" class="sidebar-link sidebar-link-with-icon"> <span class="sidebar-icon"> <i class="fas fa-home"></i> </span> Home </a> <br> <div id="sidebar-toc" class="sidebar-toc d-xl-none"> </div> </div> <div class="sidebar-otter"> <a href=" /-/about" class="sidebar-link"> <img class="sidebar-logo" src="/static/img/otter.png?v2.6.2-0-gbf8ae8a" alt><br> An Otter Wiki </a> </div> </div> <div class="content-wrapper" id="content-wrapper"> <div class="container-fluid"> <div class="row"> <div class="col-xl-9"> <div class="content"> <div class="col-sm-12 col-md-12 col-lg-10"> <div class="card"> <h2 class="card-title">Login</h2> <form action="/-/login" method="POST" class="form-inline"> <div class="form-group"> <label for="email" class="required w-100">eMail Address</label> <input type="text" class="form-control" name="email" id="email" placeholder="you@example.com" value autofocus> </div> <div class="form-group"> <label for="password" class="required w-100">Password</label> <input type="password" class="form-control" id="password" name="password" placeholder="Password"> </div> <div class="form-group"> <div class="custom-switch"> <input type="checkbox" id="remember-my-information" name="remember"> <label for="remember-my-information">Remember me</label> </div> </div> <input class="btn btn-primary" type="submit" value="Login"> <a href="/-/register" class="btn btn-link" role="button">Register</a> <a href="/-/lost_password" class="btn btn-link" role="button">Lost your password?</a> </form> </div> </div> </div> </div> <div class="col-xl-3 d-none d-xl-block extra-nav-container"> <div class="extra-nav" id="extra-nav"> <div id="extranav-toc"></div> <div style="visibility:hidden">0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9</div> </div> </div> </div> </div> </div> </div> <script src="/static/js/halfmoon.js?v2.6.2-0-gbf8ae8a"></script> <script src="/static/js/otterwiki.js?v2.6.2-0-gbf8ae8a" type="text/javascript" charset="utf-8"></script> <script type="text/javascript">

% 


This html file never reaches the browser, both with the caddy directive `file_server` turned on and off.
redimp commented 1 month ago

Hey @Valhrafnaz, thank you for adding this information. This brings some clarity into this issue:

  1. The logs look fine, everything started up as it should.
  2. The curl commands can fetch what they are supposed to fetch, the wiki is up and running.

For me it looks like the issue is either in the caddy configuration or in cloudflare proxying. Lets first check what caddy thinks is happening.

Can you check the caddy logs for errors? Maybe share the part of the Caddyfile where you configured the reverse proxy for the wiki, e.g.

otterwiki.example.com {
    reverse_proxy :8081
}

or simpler for testing, run a caddy listening on port 2080 forwarding to 8081 with

caddy reverse-proxy --from :2080 --to :8081

and check if the curl localhost:2080 matches the output from above.

Valhrafnaz commented 1 month ago

The caddy logs look pretty normal to me:

2024/10/20 17:09:40.347 INFO
http.log.access.log0
handled request {
    "request": {
        "remote_ip": "REDACTED",
        "remote_port": "23662",
        "proto": "HTTP/2.0",
        "method": "GET",
        "host": "REDACTED",
        "uri": "/-/login",
        "headers": {
            "Cookie": [],
            "Sec-Fetch-Site": ["none"],
            "Cf-Visitor": ["{\"scheme\":\"https\"}"],
            "Upgrade-Insecure-Requests": ["1"],
            "Dnt": ["1"],
            "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8"],
            "Accept-Encoding": ["gzip, br"],
            "X-Forwarded-Proto": ["https"],
            "Cf-Ipcountry": ["NO"],
            "Sec-Fetch-Mode": ["navigate"],
            "Cf-Ray": ["8d5a9deed8ec949f-LHR"],
            "X-Forwarded-For": ["REDACTED"],
            "Sec-Fetch-Dest": ["document"],
            "Cf-Connecting-Ip": ["REDACTED"],
            "Priority": ["u=0, i"],
            "Cdn-Loop": ["cloudflare; loops=1"],
            "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:131.0) Gecko/20100101 Firefox/131.0"],
            "Accept-Language": ["en-US,en;q=0.5"],
            "Sec-Fetch-User": ["?1"]
        },
        "tls": {
            "resumed": false,
            "version": 772,
            "cipher_suite": 4865,
            "proto": "h2",
            "server_name": "REDACTED"
        }
    },
    "user_id": "",
    "duration": 0.000014126, "size": 0,
    "status": 0,
    "resp_headers": {
        "Server": ["Caddy"],
        "Alt-Svc": ["h3=\":443\"; ma=2592000"]
    }
}

2024/10/20 17:09:41.770 INFO    
http.log.access.log0    
handled request {
    "request": {
        "remote_ip": "REDACTED",
        "remote_port": "23662",
        "proto": "HTTP/2.0",
        "method": "GET",
        "host": "REDACTED",
        "uri": "/-/login",
        "headers": {
            "Sec-Fetch-Mode": ["navigate"],
            "Cf-Ray": ["8d5a9df7ff2d949f-LHR"],
            "Sec-Fetch-User": ["?1"],
            "X-Forwarded-Proto": ["https"],
            "Sec-Fetch-Site": ["none"],
            "Priority": ["u=0, i"],
            "Cdn-Loop": ["cloudflare; loops=1"],
            "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:131.0) Gecko/20100101 Firefox/131.0"],
            "X-Forwarded-For": ["REDACTED"],
            "Cf-Ipcountry": ["NO"],
            "Upgrade-Insecure-Requests": ["1"],
            "Dnt": ["1"],
            "Accept-Language": ["en-US,en;q=0.5"],
            "Cookie": [],
            "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8"],
            "Accept-Encoding": ["gzip, br"],
            "Cf-Visitor": ["{\"scheme\":\"https\"}"],
            "Sec-Fetch-Dest": ["document"],
            "Cf-Connecting-Ip": ["REDACTED"]
        },
        "tls": {
            "resumed": false,
            "version": 772,
            "cipher_suite": 4865,
            "proto": "h2",
            "server_name": "REDACTED"
        }
    },
    "user_id": "",
    "duration": 0.000014036,
    "size": 0,
    "status": 0,
    "resp_headers": {
        "Server": ["Caddy"],
        "Alt-Svc": ["h3=\":443\"; ma=2592000"]
    }
}

2024/10/20 17:09:42.653 INFO
http.log.access.log0
handled request {
    "request": {
        "remote_ip": "REDACTED",
        "remote_port": "23662",
        "proto": "HTTP/2.0",
        "method": "GET",
        "host": "REDACTED",
        "uri": "/-/login",
        "headers": {
            "Accept": ["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8"],
            "Sec-Fetch-User": ["?1"],
            "Sec-Fetch-Mode": ["navigate"],
            "Cf-Connecting-Ip": ["REDACTED"],
            "X-Forwarded-For": ["REDACTED"],
            "X-Forwarded-Proto": ["https"],
            "Sec-Fetch-Dest": ["document"],
            "Cf-Visitor": ["{\"scheme\":\"https\"}"],
            "Upgrade-Insecure-Requests": ["1"],
            "User-Agent": ["Mozilla/5.0 (X11; Linux x86_64; rv:131.0) Gecko/20100101 Firefox/131.0"],
            "Accept-Encoding": ["gzip, br"],
            "Cf-Ipcountry": ["NO"],
            "Sec-Fetch-Site": ["none"],
            "Dnt": ["1"],
            "Priority": ["u=0, i"],
            "Cdn-Loop": ["cloudflare; loops=1"],
            "Cf-Ray": ["8d5a9dfd7f65949f-LHR"],
            "Accept-Language": ["en-US,en;q=0.5"],
            "Cookie": []
        },
        "tls": {
            "resumed": false,
            "version": 772,
            "cipher_suite": 4865,
            "proto": "h2",
            "server_name": "REDACTED"
        }
    },
    "user_id": "",
    "duration": 0.000011601,
    "size": 0,
    "status": 0,
    "resp_headers": {
        "Server": ["Caddy"],
        "Alt-Svc": ["h3=\":443\"; ma=2592000"]
    }
}
Valhrafnaz commented 1 month ago

I should also note the same caddy server flawless serves 6 other reverse proxies, so I am really not sure what's happening here.

redimp commented 1 month ago

My assumption was that your caddy is already serving at least one other service, since you mentioned that the port 8080 is in use.

Any errors in the caddy log?

I just had an idea what might be the problem: Is caddy serving An Otter Wiki on a subdomain? or in a subfolder? Unfortunately, the latter is not supported.

Valhrafnaz commented 1 month ago

No errors in any caddy log I can find, otterwiki is being served at https://wiki../. Whats interesting here is that it manages to serve the home page if I don't require signups, but without functioning links or css. The only log I can get out of caddy is what I sent, which is just: 

log {
    output file /var/log/caddy/otter.log
}

I still assume the issue is somehow with cloudflare since caddy itself doesn't seem to struggle fulfilling the request.

redimp commented 1 month ago

Hm, if the wiki is served under https://wiki.example.com can you check what you get via

For comparison:

Valhrafnaz commented 1 month ago

Sadly, again just an empty response over https, curl'ing via localhost gives the expected result.

redimp commented 1 month ago

Can you curl the local caddy? Ypu can add the host like this

curl -H "Host: wiki.example.com" http://caddy_ip:caddy_port

in case your caddy serves https:

curl --insecure -H "Host: wiki.example.com" https://caddy_ip:caddy_port

The --insecure is necessary because cert will not match the ip.

e.g.

curl --insecure -H "Host: otterwiki.com" https://116.202.5.242/-/healthz
Valhrafnaz commented 1 month ago

The request to port 80 does nothing, which is a bit strange because it should at least acknowledge the forced redirect, but the https/port 443 request gives:

curl: (35) error:0A000438:SSL routines::tlsv1 alert internal error

redimp commented 1 month ago

The imo most readable forced re-direct test is with curl -I -H "Host: example.com" http://ip .. e.g.

$ curl -I -H "Host: otterwiki.com" http://116.202.5.242
HTTP/1.1 308 Permanent Redirect
Date: Sun, 20 Oct 2024 21:41:58 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Location: https://otterwiki.com
Valhrafnaz commented 1 month ago

Running that gets me:

HTTP/1.1 308 Permanent Redirect
Connection: close
Location: https://wiki.domain.tld/
Server: Caddy
Date: Sun, 20 Oct 2024 21:54:13 GMT

Trying to do the same with the https gets the same error as before.

redimp commented 2 weeks ago

Unfortunately I have no new ideas on what to do to solve the problem.

Since the requests to the local machine that is running An Otter Wiki work, I expect the the caddy reverse proxy to be the cause of the problem.

Valhrafnaz commented 1 week ago

That seems likely. Luckily whatever has not been working on that front seems to have been resolved since Caddy is now serving the site correctly. Thank you for the assistance!