Open djsmoke2018 opened 6 years ago
Terminate SSL with nginx, forward over http. Pool software requires no changes
On Aug 26, 2018, at 11:11, djsmoke2018 notifications@github.com wrote:
what settings must be changed in the pool config when switching to https. as soon as i switch to https i get the error message
Stats API Temporarily Down
without https i have no problems
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.
hi what do you mean forward this to. when i set nginx to forward i get the error message
Stats API Temporarily Down
Usually it's just a temporal issue and mining is not affected.
@djsmoke2018 Try this:
# Here is a sample nginx conf file that goes into `/etc/nginx/sites-enabled` and will redirect
# http to https connections using a letsencrypt certificate. If you use a different certificate please change the path.
# Assumes your oep install is in /home/openethereumpool/open-ethereum-pool/ and you configured config.json and environment.js correctly
server {
listen 80;
listen [::]:80;
server_name yourpool.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name yourpool.com;
ssl_certificate /etc/letsencrypt/live/yourpool.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourpool.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
root /home/openethereumpool/open-ethereum-pool/www/dist;
index index.html;
location / {
try_files $uri $uri/ =404;
}
location /api {
proxy_pass http://api;
}
}
upstream api {
server 127.0.0.1:8080;
}
Please close issue if this works.
i tried several nginx config and im unable to access the frontend under SSL, allways receive the api error
@bunkerGrin
That is not a very helpful comment. Did you try my sample config above? What exactly happened when you tried it?
@stone212
Hello, have tried you config, still having error message "Stats API Temporarily Down". Here is my config
server {
listen 80;
listen [::]:80;
server_name mypool.com www.mypool.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name mypool.com www.mypool.com;
ssl_certificate /etc/letsencrypt/live/mypool.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mypool.com/privkey.pem; # managed by Certbot
ssl_dhparam /etc/nginx/dhparam.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
root /home/ibm/open-ethereum-pool/www/dist;
index index.html;
location / {
try_files $uri $uri/ =404;
}
location /api {
proxy_pass http://api;
}
}
upstream api {
server 127.0.0.1:8080;
}
Http version without redirecting to https just working grate, no any problem. Port 443 on router is opened. Also ports 80, 8080, 8008, 8888 are opened.
If you leave this as is:
location /api {
proxy_pass http://api;
}
What errors do you get? nginx is acting as a proxy to the api, the api only works over http if i remember correctly.
In simple terms, there is an https connection from the user on the internet, to the webserver. Once nginx receives that request on the ssl port, it forwards the request to the api over http.
So in the end, you should just be leaving your location /api using http in the proxy_pass setting
@mikeyb The error is: "Stats API Temporarily Down Usually it's just a temporal issue and mining is not affected."
You get that using proxy_pass http://api;
?
Make sure the api is running on port 8080 as well as you have defined in the upstream
@mikeyb
You get that using
proxy_pass http://api;
?
Isn't it what i mentioned above in my config file? :)
Make sure the api is running on port 8080 as well as you have defined in the upstream
Also mentioned above :)
Http version without redirecting to https just working grate, no any problem.
so i guess there is no problem with api setup, it is relate to any SSL connection setup
what settings must be changed in the pool config when switching to https. as soon as i switch to https i get the error message
Stats API Temporarily Down
without https i have no problems