Bug 185 - Getting 502 Bad Gateway
Summary: Getting 502 Bad Gateway
Status: RESOLVED FIXED
Alias: None
Product: Libre-SOC Website
Classification: Unclassified
Component: website (show other bugs)
Version: unspecified
Hardware: All All
: High critical
Assignee: Alain D D Williams
URL:
Depends on:
Blocks:
 
Reported: 2020-02-23 23:04 GMT by Jacob Lifshay
Modified: 2020-04-15 18:06 BST (History)
3 users (show)

See Also:
NLnet milestone: ---
total budget (EUR) for completion of task and all subtasks: 0
budget (EUR) for this task, excluding subtasks' budget: 0
parent task for budget allocation:
child tasks for budget allocation:
The table of payments (in EUR) for this task; TOML format:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jacob Lifshay 2020-02-23 23:04:18 GMT
See http://web.archive.org/web/20200223214548/http://bugs.libre-riscv.org/query.cgi

Produced by using https://web.archive.org/save
to save http://bugs.libre-riscv.org/ and
checking "save outlinks" (only appears when logged in to archive.org)
Comment 1 Jacob Lifshay 2020-02-24 21:01:48 GMT
it's probably a good idea to check this soon before the logged errors on the server are deleted
Comment 2 Luke Kenneth Casson Leighton 2020-02-24 21:17:55 GMT
(In reply to Jacob Lifshay from comment #1)
> it's probably a good idea to check this soon before the logged errors on the
> server are deleted

there's only the access log.  the error log is empty, and does *not*
contain any errors for that date and time.
Comment 3 Jacob Lifshay 2020-02-24 21:29:16 GMT
(In reply to Luke Kenneth Casson Leighton from comment #2)
> (In reply to Jacob Lifshay from comment #1)
> > it's probably a good idea to check this soon before the logged errors on the
> > server are deleted
> 
> there's only the access log.  the error log is empty, and does *not*
> contain any errors for that date and time.

Seems odd, maybe we should try getting archive.org to access it again but log the whole connection this time, that way we could replay it and determine if it's our server that's causing the error
Comment 4 Luke Kenneth Casson Leighton 2020-02-24 21:37:39 GMT
(In reply to Jacob Lifshay from comment #3)

> Seems odd, maybe we should try getting archive.org to access it again but
> log the whole connection this time, that way we could replay it and
> determine if it's our server that's causing the error

they claim a 50x error occurred however there is no such error in the logs.
Comment 5 Jacob Lifshay 2020-02-24 21:47:23 GMT
(In reply to Luke Kenneth Casson Leighton from comment #4)
> they claim a 50x error occurred however there is no such error in the logs.

either our server is producing an error but not logging it (not impossible), or archive.org's internal stuff is failing. The idea was to try to reproduce the exact requests that archive.org sent to see which case occurred.
Comment 6 Jacob Lifshay 2020-04-02 18:50:46 BST
Now I'm getting 502 Bad Gateway from my local computer:
curl --verbose --ipv6 --no-progress-meter http://libre-riscv.org/ &> curl.log
produces:
*   Trying 2a00:1098:82:f::1:80...
* Connected to libre-riscv.org (2a00:1098:82:f::1) port 80 (#0)
> GET / HTTP/1.1
> Host: libre-riscv.org
> User-Agent: curl/7.69.1
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 502 Bad Gateway
< Server: nginx
< Date: Thu, 02 Apr 2020 17:44:04 GMT
< Content-Type: text/html
< Content-Length: 166
< Connection: keep-alive
<
{ [166 bytes data]
* Connection #0 to host libre-riscv.org left intact
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>

Either we should fix the server's config or remove the IPv6 DNS entry, since it works through IPv4.
Comment 7 Luke Kenneth Casson Leighton 2020-04-02 19:26:01 BST
ngggh annoying.  am going to assign this one to alain to investigate.
Comment 8 Alain D D Williams 2020-04-03 19:32:03 BST
All sites need the lines:

 listen 80 ;
 listen [::]:80;

I have done that with all of them.
Comment 9 Luke Kenneth Casson Leighton 2020-04-03 19:50:39 BST
(In reply to Alain D D Williams from comment #8)
> All sites need the lines:
> 
>  listen 80 ;
>  listen [::]:80;

fantastic.

ah!  i previously added ::443 and of course that wasn't it.

thanks alain.
Comment 10 Alain D D Williams 2020-04-06 22:32:03 BST
git.libre-soc.org does not have an IPv6 address.

It should be 2a00:1098:82:f::1
Comment 11 Luke Kenneth Casson Leighton 2020-04-06 22:55:41 BST
(In reply to Alain D D Williams from comment #10)
> git.libre-soc.org does not have an IPv6 address.
> 
> It should be 2a00:1098:82:f::1

added to /etc/bind/libre-soc.db
Comment 12 Alain D D Williams 2020-04-07 12:02:25 BST
Please add to /etc/bind/libre-soc.db an IPv6 address for lists.libre-soc.org
Comment 13 Alain D D Williams 2020-04-07 12:21:42 BST
Please create DNS entries for inbox.libre-soc.org
IPv4 & IPv6

Ta
Comment 14 Luke Kenneth Casson Leighton 2020-04-07 12:35:12 BST
(In reply to Alain D D Williams from comment #13)
> Please create DNS entries for inbox.libre-soc.org
> IPv4 & IPv6
> 
> Ta

done - it's in /etc/bind/libre-soc.org.db
Comment 15 Luke Kenneth Casson Leighton 2020-04-07 12:37:51 BST
btw i'm just doing a snapshot of the offsite rsync backups that i do,
before rsync'ing.  3.2 GB copied so far, another 3 GB to go.

that way we have a comparison of before-and-after the libre-soc state,
and can do "diffs" on the configs (etc.)
Comment 16 Alain D D Williams 2020-04-07 15:58:41 BST
All done - except a quick tidy up - removing old config commented out.

Done:

* all libre-riscv sites redirect to a corresponding libre-soc site

* all http:// sites redirect to a https:// site

This might mean that web browsers will not auto fill passwords, since they are looking at different domains.

Also: what to do with uelves.com ? What is this ?
Comment 17 Luke Kenneth Casson Leighton 2020-04-07 16:01:01 BST
(In reply to Alain D D Williams from comment #16)
> All done - except a quick tidy up - removing old config commented out.
> 
> Done:
> 
> * all libre-riscv sites redirect to a corresponding libre-soc site
> 
> * all http:// sites redirect to a https:// site
> 
> This might mean that web browsers will not auto fill passwords, since they
> are looking at different domains.

yes.  found that out already :)

> Also: what to do with uelves.com ? What is this ?

that's another domain i'm running, nothing to do with libre-soc.
Comment 18 Luke Kenneth Casson Leighton 2020-04-07 16:04:21 BST
the next one, before we get much further, is the mailing lists:
https://bugs.libre-soc.org/show_bug.cgi?id=184

however at the same time, each list needs a public-inbox:
https://bugs.libre-soc.org/show_bug.cgi?id=181

see /home/publicinbox and fortunately it's possible to have
a per-list-filter despite all messages going into /home/publicinbox/Maildir

to discuss at bug #184
Comment 19 Jacob Lifshay 2020-04-07 16:31:39 BST
(In reply to Alain D D Williams from comment #16)
> All done - except a quick tidy up - removing old config commented out.
> 
> Done:
> 
> * all libre-riscv sites redirect to a corresponding libre-soc site
> 
> * all http:// sites redirect to a https:// site

Bugzilla needs to be updated to send out the correct url.
Comment 20 Luke Kenneth Casson Leighton 2020-04-07 16:50:47 BST
(In reply to Jacob Lifshay from comment #19)

> Bugzilla needs to be updated to send out the correct url.

well spotted.  done (in bzla admin interface)
Comment 21 Alain D D Williams 2020-04-07 17:29:43 BST
uelves.com is now done to the standard of the others.

I have removed certbot - replaced with my scripts.
Comment 22 Alain D D Williams 2020-04-15 18:06:05 BST
All now done