[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#32233: Cuirass: Berlin web API times out
|
From: |
Clément Lassieur |
|
Subject: |
bug#32233: Cuirass: Berlin web API times out |
|
Date: |
Mon, 23 Jul 2018 13:54:43 +0200 |
|
User-agent: |
mu4e 1.0; emacs 26.1 |
Hello Ludovic,
Ludovic Courtès <address@hidden> writes:
> Hello,
>
> Clément Lassieur <address@hidden> skribis:
>
>> https://berlin.guixsd.org:8081/ times out.
>
> Note that Cuirass listens on localhost:8081, so you cannot reach it from
> the outside (and it’s HTTP, too.) There’s nginx that proxies things,
> see guix-maintenance.git.
Ha :-) I had forgotten about it! So it's not a bug at all, closing it.
> Now, with the version currently running, I can tell you that this URL is
> not very interesting:
>
> --8<---------------cut here---------------start------------->8---
> $ wget -O - http://localhost:8081
> --2018-07-23 11:06:22-- http://localhost:8081/
> Resolving localhost (localhost)... 127.0.0.1
> Connecting to localhost (localhost)|127.0.0.1|:8081... connected.
> HTTP request sent, awaiting response... 404 Not Found
> 2018-07-23 11:06:22 ERROR 404: Not Found.
> --8<---------------cut here---------------end--------------->8---
>
> :-)
Well yes, I was expecting 404, because even though it's not very
interesting, it shows that the url handler works.
> Is the Web UI already in the current ‘cuirass’ package?
Soon! But I think we should change the NGINX config nonetheless because
the json API is useful.
> If so, what do we need to change in the nginx config?
I guess we could add:
--8<---------------cut here---------------start------------->8---
server {
listen 8081 ssl;
server_name berlin.guixsd.org;
ssl_certificate /etc/letsencrypt/live/berlin.guixsd.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/berlin.guixsd.org/privkey.pem;
# Make sure SSL is disabled.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# Disable weak cipher suites.
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Use our own DH parameters created with:
# openssl dhparam -out dhparams.pem 2048
# as suggested at <https://weakdh.org/sysadmin.html>.
ssl_dhparam /etc/dhparams.pem;
access_log /var/log/nginx/https.access.log;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / {
proxy_pass http://localhost:8081;
}
}
--8<---------------cut here---------------end--------------->8---
I can do the commit if you want (and agree with the content), as you
wish.
Clément
- bug#32233: Cuirass: Berlin web API times out, Clément Lassieur, 2018/07/21
- bug#32233: Cuirass: Berlin web API times out, Ludovic Courtès, 2018/07/23
- bug#32233: Cuirass: Berlin web API times out,
Clément Lassieur <=
- bug#32233: Cuirass: Berlin web API times out, Ludovic Courtès, 2018/07/23
- bug#32233: Cuirass: Berlin web API times out, Clément Lassieur, 2018/07/23
- bug#32233: Cuirass: Berlin web API times out, Ludovic Courtès, 2018/07/23
- bug#32233: Cuirass: Berlin web API times out, Clément Lassieur, 2018/07/23
- bug#32233: Cuirass: Berlin web API times out, Clément Lassieur, 2018/07/29