can deploy on Ubuntu 20.04, but not on Ubuntu 21.10

[soolidtech]

Hi all !

Mup version (mup --version): 1.5.7

Mup config

```js { "servers": { "one": { "host": "1.2.3.4", "username": "ubuntu", "password": "password" } }, "app": { "name": "my-app", "path": "../", "servers": { "one": {} }, "buildOptions": { "serverOnly": true, "buildLocation": "/tmp/mup-meteor-39f5093b-f10a-4efd-90e6-f8846f44bb0c", "cleanBuildLocation": true }, "env": { "ROOT_URL": "https://host.com", "MONGO_URL": "mongodb://mongodb:27017/my-app", "MONGO_OPLOG_URL": "mongodb://mongodb/local", "VIRTUAL_HOST": "host.com", "HTTPS_METHOD": "redirect", "LETSENCRYPT_HOST": "host.com", "LETSENCRYPT_EMAIL": "email@domain.com", "VIRTUAL_PORT": 3000, "HTTP_FORWARDED_COUNT": 1 }, "docker": { "image": "zodern/meteor:root", "stopAppDuringPrepareBundle": true, "imagePort": 3000, "args": [ "--link=mongodb:mongodb" ] }, "enableUploadProgressBar": true, "type": "meteor" }, "mongo": { "version": "5.0.5", "servers": { "one": {} }, "dbName": "delaisAbusifs" }, "proxy": { "domains": "host.com", "ssl": { "letsEncryptEmail": "email@domain.com", "forceSSL": true } } } ```

docker logs mup-nginx-proxy

```bash ubuntu@vps-9bf46307:~$ docker logs mup-nginx-proxy WARNING: /etc/nginx/dhparam/dhparam.pem was not found. A pre-generated dhparam.pem will be used for now while a new one is being generated in the background. Once the new dhparam.pem is in place, nginx will be reloaded. forego | starting dockergen.1 on port 5000 forego | starting nginx.1 on port 5100 dockergen.1 | 2022/03/21 14:55:09 Generated '/etc/nginx/conf.d/default.conf' from 2 containers dockergen.1 | 2022/03/21 14:55:09 Running 'nginx -s reload' dockergen.1 | 2022/03/21 14:55:09 Watching docker events dockergen.1 | 2022/03/21 14:55:10 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload' dockergen.1 | 2022/03/21 14:55:12 Received event start for container dd7ea95d3aad dockergen.1 | 2022/03/21 14:55:12 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload' 2022/03/21 14:55:18 [notice] 68#68: signal process started Generating DSA parameters, 4096 bit long prime dhparam generation complete, reloading nginx dockergen.1 | 2022/03/21 14:55:21 Received event start for container ef361ebb74a6 dockergen.1 | 2022/03/21 14:55:21 Generated '/etc/nginx/conf.d/default.conf' from 4 containers dockergen.1 | 2022/03/21 14:55:21 Running 'nginx -s reload' dockergen.1 | 2022/03/21 14:55:21 Error running notify command: nginx -s reload, exit status 1 dockergen.1 | 2022/03/21 14:55:38 Received event die for container ef361ebb74a6 dockergen.1 | 2022/03/21 14:55:38 Generated '/etc/nginx/conf.d/default.conf' from 3 containers dockergen.1 | 2022/03/21 14:55:38 Running 'nginx -s reload' dockergen.1 | 2022/03/21 14:55:41 Received event start for container 20c61e4a20ce dockergen.1 | 2022/03/21 14:55:42 Generated '/etc/nginx/conf.d/default.conf' from 4 containers dockergen.1 | 2022/03/21 14:55:42 Running 'nginx -s reload' dockergen.1 | 2022/03/21 14:55:42 Error running notify command: nginx -s reload, exit status 1 nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:56:19 +0000] "GET / HTTP/2.0" 503 599 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:56:19 +0000] "GET /favicon.ico HTTP/2.0" 503 599 "https://delais-abusifs.fr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:56:20 +0000] "GET / HTTP/2.0" 503 599 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:56:20 +0000] "GET /favicon.ico HTTP/2.0" 503 599 "https://delais-abusifs.fr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:56:25 +0000] "GET / HTTP/1.1" 503 599 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:56:25 +0000] "GET /favicon.ico HTTP/1.1" 503 599 "http://delais-abusifs.fr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:56:27 +0000] "GET / HTTP/1.1" 503 599 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:56:27 +0000] "GET /favicon.ico HTTP/1.1" 503 599 "http://delais-abusifs.fr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:56:28 +0000] "GET / HTTP/1.1" 503 599 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:56:29 +0000] "GET /favicon.ico HTTP/1.1" 503 599 "http://delais-abusifs.fr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:57:38 +0000] "GET / HTTP/1.1" 503 599 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:57:38 +0000] "GET /favicon.ico HTTP/1.1" 503 599 "http://delais-abusifs.fr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:57:39 +0000] "GET / HTTP/1.1" 503 599 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:57:39 +0000] "GET /favicon.ico HTTP/1.1" 503 599 "http://delais-abusifs.fr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 85.215.2.227 - - [21/Mar/2022:14:58:20 +0000] "GET / HTTP/1.1" 503 197 "-" "Server-Daten Check your Website (https://check-your-website.server-daten.de/)" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:58:20 +0000] "GET / HTTP/1.1" 503 197 "-" "Server-Daten Check your Website (https://check-your-website.server-daten.de/)" nginx.1 | delais-abusifs.fr 85.215.2.227 - - [21/Mar/2022:14:58:20 +0000] "GET / HTTP/1.1" 503 197 "-" "Server-Daten Check your Website (https://check-your-website.server-daten.de/)" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:58:23 +0000] "GET / HTTP/1.1" 503 197 "-" "Server-Daten Check your Website (https://check-your-website.server-daten.de/)" nginx.1 | delais-abusifs.fr 85.215.2.227 - - [21/Mar/2022:14:58:26 +0000] "GET /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de HTTP/1.1" 503 197 "-" "Server-Daten Check your Website (https://check-your-website.server-daten.de/)" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:58:27 +0000] "GET /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de HTTP/1.1" 503 197 "-" "Server-Daten Check your Website (https://check-your-website.server-daten.de/)" nginx.1 | 51.254.38.194 85.215.2.227 - - [21/Mar/2022:14:58:27 +0000] "GET / HTTP/1.1" 503 197 "-" "Server-Daten Check your Website (https://check-your-website.server-daten.de/)" nginx.1 | [2001:41d0:0401:3000:0000:0000:0000:3b33] 172.17.0.1 - - [21/Mar/2022:14:58:30 +0000] "GET / HTTP/1.1" 503 197 "-" "Server-Daten Check your Website (https://check-your-website.server-daten.de/)" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:58:38 +0000] "GET / HTTP/2.0" 503 599 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/96.0.4664.93 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:58:38 +0000] "GET / HTTP/2.0" 503 599 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/96.0.4664.93 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:58:39 +0000] "GET / HTTP/2.0" 503 599 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/96.0.4664.93 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:14:58:40 +0000] "GET / HTTP/2.0" 503 599 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/96.0.4664.93 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:15:02:36 +0000] "GET / HTTP/1.1" 503 599 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | delais-abusifs.fr 172.17.0.1 - - [21/Mar/2022:15:02:37 +0000] "GET /favicon.ico HTTP/1.1" 503 599 "http://delais-abusifs.fr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.74 Safari/537.36" nginx.1 | 51.254.38.194 178.213.122.116 - - [21/Mar/2022:15:04:25 +0000] "GET / HTTP/1.0" 503 599 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)" ```

docker logs mup-nginx-proxy-letsencrypt

``` ubuntu@vps-9bf46307:~$ docker logs mup-nginx-proxy-letsencrypt Info: Custom Diffie-Hellman group found, generation skipped. Reloading nginx proxy (mup-nginx-proxy)... 2022/03/21 14:55:17 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification '' 2022/03/21 14:55:17 [notice] 65#65: signal process started 2022/03/21 14:55:17 Generated '/app/letsencrypt_service_data' from 3 containers 2022/03/21 14:55:17 Running '/app/signal_le_service' 2022/03/21 14:55:17 Watching docker events 2022/03/21 14:55:17 Contents of /app/letsencrypt_service_data did not change. Skipping notification '/app/signal_le_service' Reloading nginx proxy (mup-nginx-proxy)... 2022/03/21 14:55:20 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification '' 2022/03/21 14:55:20 [notice] 91#91: signal process started Sleep for 3600s 2022/03/21 14:55:21 Received event start for container ef361ebb74a6 2022/03/21 14:55:36 Debounce minTimer fired 2022/03/21 14:55:36 Generated '/app/letsencrypt_service_data' from 4 containers 2022/03/21 14:55:36 Running '/app/signal_le_service' /etc/nginx/certs/delais-abusifs.fr /app Reloading nginx proxy (mup-nginx-proxy)... 2022/03/21 14:55:37 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification '' 2022/03/21 14:55:37 [emerg] 115#115: no servers are inside upstream in /etc/nginx/conf.d/default.conf:65 Creating/renewal delais-abusifs.fr certificates... (delais-abusifs.fr) 2022/03/21 14:55:38 Received event die for container ef361ebb74a6 2022-03-21 14:55:40,141:INFO:simp_le:1581: Certificates already exist and renewal is not necessary, exiting with status code 1. /app Reloading nginx proxy (mup-nginx-proxy)... 2022/03/21 14:55:41 Received event start for container 20c61e4a20ce 2022/03/21 14:55:42 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification '' 2022/03/21 14:55:42 [emerg] 140#140: no servers are inside upstream in /etc/nginx/conf.d/default.conf:65 Sleep for 3600s 2022/03/21 14:55:56 Debounce minTimer fired 2022/03/21 14:55:56 Generated '/app/letsencrypt_service_data' from 4 containers 2022/03/21 14:55:56 Running '/app/signal_le_service' /etc/nginx/certs/delais-abusifs.fr /app Creating/renewal delais-abusifs.fr certificates... (delais-abusifs.fr) 2022-03-21 14:55:58,324:INFO:simp_le:1581: Certificates already exist and renewal is not necessary, exiting with status code 1. /app Sleep for 3600s ```

mup status

``` !  ~/d/f/t/.deploy  DEBUG=mup* mup status --verbose 4483ms  Mon Mar 21 18:25:10 2022 => Servers - delais-abusifs.fr: Ubuntu 21.10 => Docker Status - delais-abusifs.fr: 20.10.13 Running => Meteor Status - delaisAbusifs - delais-abusifs.fr: running Created at 2022-03-21T15:18:22.012558746Z Restarted 0 times ENV: - ROOT_URL=https://delais-abusifs.fr - MONGO_URL=mongodb://mongodb:27017/delaisAbusifs?replicaSet=meteor - MONGO_OPLOG_URL=mongodb://mongodb/local - VIRTUAL_HOST=delais-abusifs.fr - HTTPS_METHOD=redirect - LETSENCRYPT_HOST=delais-abusifs.fr - LETSENCRYPT_EMAIL=contact@delais-abusifs.fr - VIRTUAL_PORT=3000 - HTTP_FORWARDED_COUNT=1 - METEOR_SETTINGS={"public":{}} - PORT=3000 - PATH=/home/app/.onbuild-node/bin:/home/app/.onbuild-node/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - NODE_PATH=/home/app/.onbuild-node/lib/node_modules Exposed Ports: - 3000/tcp App available through reverse proxy - Available in app's docker container: true => Mongo Status running on server delais-abusifs.fr Restarted 0 times Running since 2022-03-21T00:20:15.743010112Z Version 5.0.5 Connections: 5 Storage Engine: wiredTiger => Reverse Proxy Status - delais-abusifs.fr: - NGINX: - Status: running - Ports: - HTTPS: 443 - HTTP: 80 - Let's Encrypt - Status: running ```

mup setup

``` ~/d/f/t/.deploy  DEBUG=mup* mup setup --verbose 1352ms  Mon Mar 21 16:02:39 2022 Started TaskList: Setup Docker [delais-abusifs.fr] - Setup Docker 20.10.13 Major 20 Minor 10 [delais-abusifs.fr] - Setup Docker: SUCCESS Started TaskList: Setup Meteor [delais-abusifs.fr] - Setup Environment [delais-abusifs.fr] - Setup Environment: SUCCESS Started TaskList: Setup Mongo [delais-abusifs.fr] - Setup Environment [delais-abusifs.fr] - Setup Environment: SUCCESS [delais-abusifs.fr] - Copying Mongo Config [delais-abusifs.fr] - Copying Mongo Config: SUCCESS Started TaskList: Start Mongo [delais-abusifs.fr] - Start Mongo Same start script [delais-abusifs.fr] - Start Mongo: SUCCESS Started TaskList: Setup proxy [delais-abusifs.fr] - Setup Environment [] Error: No such network: mup-proxy Error response from daemon: This node is not a swarm manager. Use "docker swarm init" or "docker swarm join" to connect this node to swarm and try again. [delais-abusifs.fr] - Setup Environment: SUCCESS [delais-abusifs.fr] - Pushing the Startup Script [delais-abusifs.fr] - Pushing the Startup Script: SUCCESS [delais-abusifs.fr] - Pushing Nginx Config Template [delais-abusifs.fr] - Pushing Nginx Config Template: SUCCESS [delais-abusifs.fr] - Pushing Nginx Config rm: cannot remove 'delais-abusifs.fr_location': No such file or directory [delais-abusifs.fr] - Pushing Nginx Config: SUCCESS [delais-abusifs.fr] - Cleaning Up SSL Certificates [delais-abusifs.fr] - Cleaning Up SSL Certificates: SUCCESS [delais-abusifs.fr] - Configure Nginx Upstream rm: cannot remove '/opt/mup-nginx-proxy/upstream/delaisAbusifs': No such file or directory 2022/03/21 15:16:23 [emerg] 147#147: no servers are inside upstream in /etc/nginx/conf.d/default.conf:65 nginx: [emerg] no servers are inside upstream in /etc/nginx/conf.d/default.conf:65 [delais-abusifs.fr] - Configure Nginx Upstream: SUCCESS Started TaskList: Start proxy [delais-abusifs.fr] - Start proxy mup-nginx-proxy Error response from daemon: endpoint mup-nginx-proxy not found Error response from daemon: network mup-proxy not found Removed mup-nginx-proxy mup-nginx-proxy-letsencrypt Error response from daemon: endpoint mup-nginx-proxy-letsencrypt not found Error response from daemon: network mup-proxy not found Removed mup-nginx-proxy-letsencrypt v1.13.1: Pulling from jrcs/letsencrypt-nginx-proxy-companion Digest: sha256:e357f37c08366b7dbd6793daa5792a44ff3d764dfebdce85047bff5e06e3e7a7 Status: Image is up to date for jrcs/letsencrypt-nginx-proxy-companion:v1.13.1 docker.io/jrcs/letsencrypt-nginx-proxy-companion:v1.13.1 1.0.0: Pulling from zodern/nginx-proxy Digest: sha256:62219e5d23cdacca6e7791b0a44016814e938a5346cd049403a5965da39434aa Status: Image is up to date for zodern/nginx-proxy:1.0.0 docker.io/zodern/nginx-proxy:1.0.0 Pulled zodern/nginx-proxy and jrcs/letsencrypt-nginx-proxy-companion 825f5cadf372f3245b2eee44bfc358f6e7c2d62afad64e7eee702027ca412949 Ran nginx-proxy as mup-nginx-proxy [] Error: No such network: mup-proxy 3ea0a27a195f2d168d7cfb97c56388819cf6b800bbbbd05f769ed898289cd755 Ran jrcs/letsencrypt-nginx-proxy-companion [delais-abusifs.fr] - Start proxy: SUCCESS Next, you should run: mup deploy ```

mup reconfig

``` ~/d/f/t/.deploy  DEBUG=mup* mup reconfig --verbose 12.3s  Mon Mar 21 16:16:31 2022 Started TaskList: Configuring App [delais-abusifs.fr] - Pushing the Startup Script [delais-abusifs.fr] - Pushing the Startup Script: SUCCESS [delais-abusifs.fr] - Sending Environment Variables [delais-abusifs.fr] - Sending Environment Variables: SUCCESS Started TaskList: Start Meteor [delais-abusifs.fr] - Start Meteor using image removing last Image mup-delaisabusifs:latest Volume Removing docker containers. Errors about nonexistent endpoints and containers are normal. delaisAbusifs Error response from daemon: endpoint delaisAbusifs not found Error: No such container: delaisAbusifs-frontend Error response from daemon: endpoint delaisAbusifs-frontend not found Error: No such container: delaisAbusifs-nginx-letsencrypt Error response from daemon: endpoint delaisAbusifs-nginx-letsencrypt not found Error: No such container: delaisAbusifs-nginx-proxy Error response from daemon: endpoint delaisAbusifs-nginx-proxy not found Finished removing docker containers 8d7fecc3f03014d56c72879d95ac738f9ffd162d9fe95a2d0100ff324f2db422 Ran zodern/meteor:root [delais-abusifs.fr] - Start Meteor: SUCCESS [delais-abusifs.fr] - Verifying Deployment IP: 172.17.0.5 curl: (7) Failed to connect to 172.17.0.5 port 3000: Connection refused IP: 172.17.0.5

Minimal Meteor app

This Meteor app uses as few Meteor packages as possible, to keep the client JavaScript bundle as small as possible.

Server time: Mon Mar 21 2022 15:18:27 GMT+0000 (Coordinated Universal Time)

Learn Meteor!

• Do the Tutorial
• Follow the Guide
• Read the Docs
• Discussions

[delais-abusifs.fr] - Verifying Deployment: SUCCESS ```

generated Proxy conf.d

``` ubuntu@vps-9bf46307:~$ docker exec mup-nginx-proxy cat '/etc/nginx/conf.d/default.conf' # V=1 # If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the # scheme used to connect to this server map $http_x_forwarded_proto $proxy_x_forwarded_proto { default $http_x_forwarded_proto; '' $scheme; } # If we receive X-Forwarded-Port, pass it through; otherwise, pass along the # server port the client connected to map $http_x_forwarded_port $proxy_x_forwarded_port { default $http_x_forwarded_port; '' $server_port; } # If we receive Upgrade, set Connection to "upgrade"; otherwise, delete any # Connection header that may have been passed to this server map $http_upgrade $proxy_connection { default upgrade; '' close; } # Apply fix for very long server names server_names_hash_bucket_size 128; # Default dhparam ssl_dhparam /etc/nginx/dhparam/dhparam.pem; # Set appropriate X-Forwarded-Ssl header map $scheme $proxy_x_forwarded_ssl { default off; https on; } gzip_types text/plain text/css application/javascript application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; log_format vhost '$host $remote_addr - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent"'; access_log off; resolver 213.186.33.99; # HTTP 1.1 support proxy_http_version 1.1; proxy_buffering off; proxy_set_header Host $http_host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $proxy_connection; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto; proxy_set_header X-Forwarded-Ssl $proxy_x_forwarded_ssl; proxy_set_header X-Forwarded-Port $proxy_x_forwarded_port; # Mitigate httpoxy attack (see README for details) proxy_set_header Proxy ""; server { server_name _; # This is just an invalid value which will never trigger on a real hostname. listen 80; access_log /var/log/nginx/access.log vhost; return 503; } server { server_name _; # This is just an invalid value which will never trigger on a real hostname. listen 443 ssl http2; access_log /var/log/nginx/access.log vhost; return 503; ssl_session_tickets off; ssl_certificate /etc/nginx/certs/default.crt; ssl_certificate_key /etc/nginx/certs/default.key; } # delais-abusifs.fr upstream delais-abusifs.fr { } server { server_name delais-abusifs.fr; listen 80 ; access_log /var/log/nginx/access.log vhost; return 301 https://$host$request_uri; } server { server_name delais-abusifs.fr; listen 443 ssl http2 ; access_log /var/log/nginx/access.log vhost; ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS'; ssl_prefer_server_ciphers on; ssl_session_timeout 5m; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_certificate /etc/nginx/certs/delais-abusifs.fr.crt; ssl_certificate_key /etc/nginx/certs/delais-abusifs.fr.key; ssl_dhparam /etc/nginx/certs/delais-abusifs.fr.dhparam.pem; ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /etc/nginx/certs/delais-abusifs.fr.chain.pem; add_header Strict-Transport-Security "max-age=31536000" always; include /etc/nginx/vhost.d/delais-abusifs.fr; location / { proxy_pass http://delais-abusifs.fr; } } ```

docker inspect

``` ubuntu@vps-9bf46307:~$ docker inspect delaisAbusifs [ { "Id": "8d7fecc3f03014d56c72879d95ac738f9ffd162d9fe95a2d0100ff324f2db422", "Created": "2022-03-21T15:18:22.012558746Z", "Path": "/bin/sh", "Args": [ "-c", "bash /home/app/scripts/start.sh" ], "State": { "Status": "running", "Running": true, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, "Pid": 43727, "ExitCode": 0, "Error": "", "StartedAt": "2022-03-21T15:18:22.461960048Z", "FinishedAt": "0001-01-01T00:00:00Z" }, "Image": "sha256:2174aea3e119ba694fc726cafc05eb664bcca7d63ada4972c5fadd7029f31282", "ResolvConfPath": "/var/lib/docker/containers/8d7fecc3f03014d56c72879d95ac738f9ffd162d9fe95a2d0100ff324f2db422/resolv.conf", "HostnamePath": "/var/lib/docker/containers/8d7fecc3f03014d56c72879d95ac738f9ffd162d9fe95a2d0100ff324f2db422/hostname", "HostsPath": "/var/lib/docker/containers/8d7fecc3f03014d56c72879d95ac738f9ffd162d9fe95a2d0100ff324f2db422/hosts", "LogPath": "/var/lib/docker/containers/8d7fecc3f03014d56c72879d95ac738f9ffd162d9fe95a2d0100ff324f2db422/8d7fecc3f03014d56c72879d95ac738f9ffd162d9fe95a2d0100ff324f2db422-json.log", "Name": "/delaisAbusifs", "RestartCount": 0, "Driver": "overlay2", "Platform": "linux", "MountLabel": "", "ProcessLabel": "", "AppArmorProfile": "docker-default", "ExecIDs": null, "HostConfig": { "Binds": null, "ContainerIDFile": "", "LogConfig": { "Type": "json-file", "Config": { "max-file": "10", "max-size": "100m" } }, "NetworkMode": "default", "PortBindings": {}, "RestartPolicy": { "Name": "always", "MaximumRetryCount": 0 }, "AutoRemove": false, "VolumeDriver": "", "VolumesFrom": null, "CapAdd": null, "CapDrop": null, "CgroupnsMode": "private", "Dns": [], "DnsOptions": [], "DnsSearch": [], "ExtraHosts": null, "GroupAdd": null, "IpcMode": "private", "Cgroup": "", "Links": [ "/mongodb:/delaisAbusifs/mongodb" ], "OomScoreAdj": 0, "PidMode": "", "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": false, "SecurityOpt": null, "UTSMode": "", "UsernsMode": "", "ShmSize": 67108864, "Runtime": "runc", "ConsoleSize": [ 0, 0 ], "Isolation": "", "CpuShares": 0, "Memory": 0, "NanoCpus": 0, "CgroupParent": "", "BlkioWeight": 0, "BlkioWeightDevice": [], "BlkioDeviceReadBps": null, "BlkioDeviceWriteBps": null, "BlkioDeviceReadIOps": null, "BlkioDeviceWriteIOps": null, "CpuPeriod": 0, "CpuQuota": 0, "CpuRealtimePeriod": 0, "CpuRealtimeRuntime": 0, "CpusetCpus": "", "CpusetMems": "", "Devices": [], "DeviceCgroupRules": null, "DeviceRequests": null, "KernelMemory": 0, "KernelMemoryTCP": 0, "MemoryReservation": 0, "MemorySwap": 0, "MemorySwappiness": null, "OomKillDisable": null, "PidsLimit": null, "Ulimits": null, "CpuCount": 0, "CpuPercent": 0, "IOMaximumIOps": 0, "IOMaximumBandwidth": 0, "MaskedPaths": [ "/proc/asound", "/proc/acpi", "/proc/kcore", "/proc/keys", "/proc/latency_stats", "/proc/timer_list", "/proc/timer_stats", "/proc/sched_debug", "/proc/scsi", "/sys/firmware" ], "ReadonlyPaths": [ "/proc/bus", "/proc/fs", "/proc/irq", "/proc/sys", "/proc/sysrq-trigger" ] }, "GraphDriver": { "Data": { "LowerDir": "/var/lib/docker/overlay2/62647c4e738e0a6d24988c75a46fd118939978458fac990c8e7ee341661de822-init/diff:/var/lib/docker/overlay2/1aafcba07e31572b4cb6593170a4ab8d53f6a84bb19bc4e7f0b36f4d3e070fa5/diff:/var/lib/docker/overlay2/b559b3629151c72f8369bea910746c7265e96e5218146e382b98424d03598f5e/diff:/var/lib/docker/overlay2/8d58af70826c107606f2103c3554aea2027ccc780593a22b587d07bc50ec5bef/diff:/var/lib/docker/overlay2/67c0faabfef834a02a10f05d2f3f598ffd1fee11378d50c98fc7d123c3468660/diff:/var/lib/docker/overlay2/d889047e80fc61eddd5cec80955a33eda5fa13d804efb032abbc4042843dd340/diff:/var/lib/docker/overlay2/48bc989ab94d6833f1c09a78ea2b2475c38929a981db3af3057282c0bab558e3/diff:/var/lib/docker/overlay2/72a472bdd00c5c94b7566232d375e2503d7a9290e3edb5e86e6d955344f1c38c/diff:/var/lib/docker/overlay2/15e1132f879c042ae6166267642ad80110dde45a3dc74b8ccc2a6464328ea548/diff:/var/lib/docker/overlay2/92f3f330d763fd192aa82156907f8883b3f0de2b28107fb2bbe28c78dff753cd/diff:/var/lib/docker/overlay2/fcd65512d6cb52db88cdeacca87d86a4f545fc13fa11e48d2d8f60d2845ee886/diff:/var/lib/docker/overlay2/48c2c532d427a83f12f8955f32b7c5ff0021dba605444901e22717e0d370662c/diff:/var/lib/docker/overlay2/74ff9c36eda42f0d8ee5a592017de5de2cac6ed405c0ebf04e7f845f7a5ff498/diff:/var/lib/docker/overlay2/103c7ee68dca13a2cda752809b50968088e267a228876a0696cfe4e22554d284/diff:/var/lib/docker/overlay2/f99bcf20e05283d5fdeabcf42dda2c5281a382e54e2e61bc5274cbc6e2f50e64/diff:/var/lib/docker/overlay2/b39f2e992f3eb03a656fbea3f0ae0fbe3ad092136f52793cea81e9fce9829c71/diff", "MergedDir": "/var/lib/docker/overlay2/62647c4e738e0a6d24988c75a46fd118939978458fac990c8e7ee341661de822/merged", "UpperDir": "/var/lib/docker/overlay2/62647c4e738e0a6d24988c75a46fd118939978458fac990c8e7ee341661de822/diff", "WorkDir": "/var/lib/docker/overlay2/62647c4e738e0a6d24988c75a46fd118939978458fac990c8e7ee341661de822/work" }, "Name": "overlay2" }, "Mounts": [], "Config": { "Hostname": "vps-9bf46307-delaisAbusifs", "Domainname": "", "User": "root", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "ExposedPorts": { "3000/tcp": {} }, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "ROOT_URL=http://localhost", "ROOT_URL=https://delais-abusifs.fr", "MONGO_URL=mongodb://mongodb:27017/delaisAbusifs?replicaSet=meteor", "MONGO_OPLOG_URL=mongodb://mongodb/local", "VIRTUAL_HOST=delais-abusifs.fr", "HTTPS_METHOD=redirect", "LETSENCRYPT_HOST=delais-abusifs.fr", "LETSENCRYPT_EMAIL=contact@delais-abusifs.fr", "VIRTUAL_PORT=3000", "HTTP_FORWARDED_COUNT=1", "METEOR_SETTINGS={\"public\":{}}", "PORT=3000", "PATH=/home/app/.onbuild-node/bin:/home/app/.onbuild-node/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "NODE_PATH=/home/app/.onbuild-node/lib/node_modules" ], "Cmd": null, "Image": "mup-delaisabusifs:latest", "Volumes": null, "WorkingDir": "/home/app", "Entrypoint": [ "/bin/sh", "-c", "bash /home/app/scripts/start.sh" ], "OnBuild": null, "Labels": { "maintainer": "zodern" } }, "NetworkSettings": { "Bridge": "", "SandboxID": "09a990669994bd4efde9b59673d0fa2322a651cfdf6ba2ea6f84d57a14451e4b", "HairpinMode": false, "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "Ports": { "3000/tcp": null }, "SandboxKey": "/var/run/docker/netns/09a990669994", "SecondaryIPAddresses": null, "SecondaryIPv6Addresses": null, "EndpointID": "9a2400810d1bfb313ca0abf83ed88de2e090368a3dc451e5fb418d9a2bb24c13", "Gateway": "172.17.0.1", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAddress": "172.17.0.5", "IPPrefixLen": 16, "IPv6Gateway": "", "MacAddress": "02:42:ac:11:00:05", "Networks": { "bridge": { "IPAMConfig": null, "Links": null, "Aliases": null, "NetworkID": "e5073927a61f45d57b0ea11c1683c5135839d1a6b9e63282d1f3f310fe06d243", "EndpointID": "9a2400810d1bfb313ca0abf83ed88de2e090368a3dc451e5fb418d9a2bb24c13", "Gateway": "172.17.0.1", "IPAddress": "172.17.0.5", "IPPrefixLen": 16, "IPv6Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "MacAddress": "02:42:ac:11:00:05", "DriverOpts": null } } } } ] ```

DNS settings

``` $TTL 3600 @ IN SOA dns200.anycast.me. tech.ovh.net. (2022032107 86400 3600 3600000 60) IN NS ns200.anycast.me. IN NS dns200.anycast.me. IN MX 1 mx1.mail.ovh.net. IN MX 5 mx2.mail.ovh.net. IN MX 100 mx3.mail.ovh.net. IN A 51.254.38.194 IN AAAA 2001:41d0:401:3000::3b33 IN CAA 0 iodef "mailto:contact@delais-abusifs.fr" IN CAA 0 issuewild "letsencrypt.org" 600 IN TXT "v=spf1 include:mx.ovh.com ~all" _autodiscover._tcp IN SRV 0 0 443 mailconfig.ovh.net. _imaps._tcp IN SRV 0 0 993 ssl0.ovh.net. _submission._tcp IN SRV 0 0 465 ssl0.ovh.net. ownercheck IN TXT "XXXXXXXX" ```

I'm just trying to deploy a meteor example project, on a OVH (french cloud hosting) VPS,

Result :

Diagnostic :

https://check-your-website.server-daten.de/?q=delais-abusifs.fr

I'm going to cry, i tried everything i could, reinstalled, rebooted everything, tried to check docs, learnt many things (that's the good point), but I can't see the end of this dark tunnel !

The main trouble I see is that there's no upstream server, but I don't know if its a proper issue, and the root cause or not...

If a charitable soul reads this message, it would be very kind to give me some advice. Thank you so much !

[soolidtech]

Ok;

I can confirm that if I manually add upstream server in my proxy container :

docker exec -it mup-nginx-proxy /bin/bash

then :
apt-get update
apt-get install nano
nano /etc/nginx/conf.d/default.conf

then change file content : 
upstream delais-abusifs.fr {
    server 172.17.0.5:3000;
}

then
exit

then 
docker restart mup-nginx-proxy

it fixes 503 errors.

However, Issue is still open since :

• I can't understant why it isn't the default behavior
• I can't find a way to define this upstream server in mup.js file on my workstation (i've tried to use proxy.shared.nginxConfig & proxy.nginxServerConfig without success)
• There's still an issue with ssl feature

[WilliamKelley]

@soolidtech What is the OS and version of the server you're deploying to?

I recently faced an issue where deploys silently fail to set an upstream server with Ubuntu v21.x and the ~deploy timeout-fails as a consequence~ server returns 503's or 404's to browser web requests .

[soolidtech]

Hi William, Thank you very much for your feedback

I'm working on WSL2 (Ubuntu 18.04.6 LTS) My server runs on Ubuntu 21.10.

Deploy (of the app) doesn't seem to fall into timeout since Verifying Deployment step returns webpage content.

Did downgrading your ubuntu version was enough in order to fix your issue ?

I'll deploy with a custom solution (disney/meteor-base image) with traefik. Everything looks OK so far. I hope I'll deduce the reason of this issue with meteor-up, and will keep you up to date here with news if any.

Maybe it's related to SSL challenge, I don't know. Too many root causes are possible.

Thanks again.

[WilliamKelley]

Oops I was misremembering the silent failure behavior, it was actually that the server was giving 503's or 404's when i visited on my browser. That's a version of "returns webpage content" so is that what's happening? Downgrading the server to Ubuntu v20 fixed it (local dev OS didn't matter).

[soolidtech]

Hi William,

I downgraded ubuntu to version 20, and made the setting as simple as possible (no ssl, no LE). It still doesn't work.

mup status returns :

    App running at http://51.254.38.194:80
      - Available in app's docker container: true
      - Available on server: false
      - Available on local computer: false

... no way to access app on port 80. but if i create a simple node server on port 80, it works, so i'm almost sure it's not related to server's firewall issue ...

[WilliamKelley]

@soolidtech Gotcha, sorry I don't think I can help more. That was my only relating experience. Best of luck.

[soolidtech]

You were right @WilliamKelley ! After fixing tls certificate regeneration, proxy works.

So i can confirm that there's a problem with mup & Ubuntu 21.10

Thank you very much for your time & energy

[WilliamKelley]

Great! Perhaps you can change your issue title to reflect that now that it's known