Community

Lost connection to nodebb after setting up ssl

Technical Support
  • Nam VuN
    Nam VuN
    GNU/Linux
    #1

    Hi guys, first off, thank you so much for the supports! Please read my full issue as I have a little bit of explaining to do.

    Here is the error I'm seeing:

    Looks like your connection to NodeBB was lost, please wait while we try to reconnect.

    You see, I have seen this post but the issue seems unrelated.

    Here is my nodebb config.json at all time:

    {
    "url": "http://static-external-ip:4567",
    "secret": "0c2fa0de-5bc4-4e59-8b4b-3eea84f98beb",
    "database": "mongo",
    "mongo": {
        "host": "x.x.x.x",
        "port": "x",
        "username": "x",
        "password": "x",
        "database": "x",
        "uri": ""
    },
    "port": "4567"
}

    Alright here is the actual issue description:

    • This nginx config without ssl works:
    server {
    listen 80;
    server_name static-external-ip;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;

        proxy_pass http://127.0.0.1:4567;
        proxy_redirect off;

        # Socket.IO Support
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

    I can visit my ip address and everything works fine just as expected.

    • This nginx config doesn't:
    server {
    listen [::]:443 ssl;
    listen 443 ssl;    

    ssl_certificate /etc/letsencrypt/live/my-domain/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/my-domain/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    server_name mydomain www.mydomain;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;

        proxy_pass http://127.0.0.1:4567;
        proxy_redirect off;

        # Socket.IO Support
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

    With the above config, visiting my webpage gives me a:
    Looks like your connection to NodeBB was lost, please wait while we try to reconnect. 😞

    I bought my domain from Google Domain, and it requires ssl. Any pointer would be greatly appreciated!

    Thanks

    0
  • PitaJP
    PitaJP
    Global Moderator Plugin & Theme Dev
    #2

    Try checking out this post: https://community.nodebb.org/topic/13388/faq-websockets-not-working-due-to-misconfigured-origins

    I'm guessing your issue is caused by the URL property in config.json not exactly matching the URL at which you're accessing the site.

    Nam VuN 1 Reply
    1
  • Nam VuN
    Nam VuN
    GNU/Linux
    #3

    @PitaJ
    Thanks for the helping. However, what I'm getting on the console is this:

    socket.io.js:7 GET https://www.my-domain/socket.io/?EIO=3&transport=polling&t=M_I_o5r 403 (Forbidden)

    Instead of

    WebSocket connection to 'wss://<site>/socket.io/?EIO=3&transport=websocket' failed:
Error during WebSocket handshake: Unexpected response code: 400

    As suggested by the above page, the weird thing is that running it with:

    $ nodebb dev

    Does eliminate the issue. I have tried to change the ip for my config.json also but it doesn't seem to help. Any idea?

    P.S. here are my current config

    config.json:

    {
    "url": "http://mydomainame",
    "secret": "xxx",
    "database": "mongo",
    "mongo": {
        "host": "x.x.x.x",
        "port": "x",
        "username": "x",
        "password": "x",
        "database": "x",
        "uri": ""
    },
    "port": "4567"
}

    nginx ssl config:

    ### redirects http requests to https
server {
    listen 80;
    server_name www.mydomain mydomain;
    return 302 https://$server_name$request_uri;
}

server {
    # listen on ssl, deliver with speedy if possible
    listen 443 ssl spdy;

    # server_name 34.70.169.20;
    server_name www.mydomain mydomain;

    # ssl paths
    ssl_certificate /etc/letsencrypt/live/domain/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/domain/privkey.pem;    
    
    # enables all TSL 
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    
    # disables all weak ciphers
    ssl_ciphers 'AES128+EECDH:AES128+EDH';

    ssl_prefer_server_ciphers on;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;

        proxy_pass http://127.0.0.1:4567;
        proxy_redirect off;

        # Socket.IO Support
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}
    0
  • oplik0O
    oplik0O
    Plugin & Theme Dev Community Rep
    #4

    I see the probable cause of the problem - your config needs full url, including the "https" part. Currently it has "http" there instead.

    Nam VuN 1 Reply
    1
  • Nam VuN
    Nam VuN
    GNU/Linux
    #5

    @PitaJ @oplik0 it's working, thanks guys!

    0

Suggested Topics

  • S

    Redis persistent connection

    Technical Support
    0 Votes
    5 Posts
    320 Views

    S

    @pitaj said in Redis persistent connection:

    @sanatisharif how many do you see? It's possible our redis client uses a connection pool

    # Clients connected_clients:82

    Maybe, NodeBB has connection pool?

  • 巫易澄巫

    Nodebb Service always restart

    Technical Support
    0 Votes
    1 Posts
    178 Views

    巫易澄巫

    Earlier I installed a search plugin on nodebb, and then I restarted the nodebb service, it shows that the nodebb service has been restarting. I searched for it. I can disable the plugin via ./nodebb reset -p, but my nodebb is installed. In the container, what can I do to knock this order?

  • A

    apache/nodebb issues

    Technical Support
    0 Votes
    6 Posts
    1653 Views

    M

    thanks for the solution, issue is fixed now ☺

  • N

    NodeBB won't restart

    Technical Support
    0 Votes
    13 Posts
    2783 Views

    SfnerS

    I've got the same problem a while ago. Deactivating the broken plug-ins isn't enough: you have to uninstall (npm un <package-name>) the right one from your installation.

    They usually show up in the logs from template building (node nodebb build) as errors or warns and in the dev console (node nodebb dev) as errors.

    Good luck!

  • JenklerJ

    Latest pull breaks NodeBB, packages are out-of-date?

    Technical Support
    0 Votes
    14 Posts
    4324 Views

    W

    Even running ./nodebb upgrade on a working 0.9.1 installation produces the problem

    It happened on my sandbox as well as on the production system.

    Well, the upgrade is done, and there is no reason for me to worry about it. I just wanted to mention it, in case it's others had the same problem and to enable the developers to investigate, if needed

| | | |
Copyright © 2023 NodeBB | Contributors