404 after upgrading artifactory from 6.20 to 7.6.2 - artifactory

I am getting 404 accesing to https://my-dmain/ui/. If I try to access to https://my-dmain/artifactory it redirects to https://my-dmain/ui/ with 404. No log errors, only one warning:
2020-07-10T08:06:04.535L [35m[tomct][0m [WARNING] [ ]
[org.apache.catalina.startup.HostConfig]
[org.apache.catalina.startup.HostConfig deployDescriptor] - A docBase
[/opt/jfrog/artifactory/app/artifactory/tomcat/webapps/artifactory.war]
inside the host appBase has been specified, and will be ignored
2020-07-10T08:06:04.540L [35m[tomct][0m [WARNING] [ ]
[org.apache.catalina.startup.HostConfig]
[org.apache.catalina.startup.HostConfig deployDescriptor] - A docBase
[/opt/jfrog/artifactory/app/artifactory/tomcat/webapps/access.war]
inside the host appBase has been specified, and will be ignored

Just to confirm it, can you try to access the Artifactory using the server IP and port, like HTTP://1.2.3.4:8082? If you are able to access the Artifactory UI using the server IP and Port, I believe you need to tweak the reverse proxy being used.

Your problem is that with Artifactory 7.x the reverse proxy configuration is different. In this KB article you can find a working NGINX configuration.
One easy way to generate such configuration is to bypass your reverse proxy and go to Artifactory directly, there in the UI you will be able to log in, head to HTTP settings, and generate a new Apache or NGINX config.

Related

Traefik as a simple Http Reverse Proxy not working

I am using Traefik as HTTP reverse proxy. I have two servers created using spring boot. Both servers are working properly on port 8081 and 8082
Traefik web UI is visible in port 8080.
What I wanted is to redirect http://localhost:7070/ to http://localhost:8081/ or http://localhost:8082/
traefik.toml config file
loglevel="INFO"
defaultEntryPoints = ["http"]
[entryPoints]
[entryPoints.http]
address = ":7070"
[file]
[frontends]
[frontends.frontend1]
backend = "backend1"
[frontends.frontend1.routes.test_1]
rule = "Host: localhost"
[backends]
[backends.backend1]
[backends.backend1.LoadBalancer]
method = "drr"
[backends.backend1.healthcheck]
path = "/app/health"
interval = "60s"
[backends.backend1.servers.server1]
url = "http://127.0.0.1:8081"
weight = 1
[backends.backend1.servers.server2]
url = "http://127.0.0.1:8082"
weight = 1
[api]
[ping]
[docker]
console output
INFO[2018-03-20T18:38:58+05:30] Using TOML configuration file
/home/kasun/apps/temp/traefik.toml
INFO[2018-03-20T18:38:58+05:30] Traefik version v1.5.4 built on 2018-
03-15_01:33:52PM
INFO[2018-03-20T18:38:58+05:30]
Stats collection is disabled.
Help us improve Traefik by turning this feature on :)
More details on https://docs.traefik.io/basics/#collected-data
INFO[2018-03-20T18:38:58+05:30] Preparing server http &{Network:
Address::7070 TLS:<nil> Redirect:<nil> Auth:<nil>
WhitelistSourceRange:[] Compress:false ProxyProtocol:<nil>
ForwardedHeaders:0xc4202a4520} with readTimeout=0s writeTimeout=0s
idleTimeout=3m0s
INFO[2018-03-20T18:38:58+05:30] Preparing server traefik &{Network:
Address::8080 TLS:<nil> Redirect:<nil> Auth:<nil>
WhitelistSourceRange:[] Compress:false ProxyProtocol:<nil>
ForwardedHeaders:0xc4202a4540} with readTimeout=0s writeTimeout=0s
idleTimeout=3m0s
INFO[2018-03-20T18:38:58+05:30] Starting server on :7070
INFO[2018-03-20T18:38:58+05:30] Starting provider *docker.Provider
{"Watch":true,"Filename":"","Constraints":null,"Trace":false,
"DebugLogGen
eratedTemplate":false,"Endpoint":
"unix:///var/run/docker.sock","Domain":"","TLS":null,
"ExposedByDefault":true,"UseBindPortIP":false,"SwarmMode":false}
INFO[2018-03-20T18:38:58+05:30] Starting server on :8080
INFO[2018-03-20T18:38:58+05:30] Starting provider *file.Provider
{"Watch":true,"Filename":"/home/kasun/apps/temp/traefik.toml",
"Constraints":null,"Trace":false,"DebugLogGeneratedTemplate":false,
"Directory":""}
INFO[2018-03-20T18:38:58+05:30] Server configuration reloaded on :7070
INFO[2018-03-20T18:38:58+05:30] Server configuration reloaded on :8080
INFO[2018-03-20T18:38:58+05:30] Server configuration reloaded on :7070
INFO[2018-03-20T18:38:58+05:30] Server configuration reloaded on :8080
WARN[2018-03-20T18:38:58+05:30] HealthCheck has failed
[http://127.0.0.1:8081]: Remove from server list
WARN[2018-03-20T18:38:58+05:30] HealthCheck has failed
[http://127.0.0.1:8082]: Remove from server list
WARN[2018-03-20T18:38:58+05:30] HealthCheck has failed
[http://127.0.0.1:8082]: Remove from server list
WARN[2018-03-20T18:38:58+05:30] HealthCheck has failed
[http://127.0.0.1:8081]: Remove from server list
When I load http://localhost:7070/ from the browser it gives
Service Unavailable
when I go to Traefik health dashboard it displays
Can anybody tell me what I am doing wrong here? I went through a few articles but unable to find the correct answer.
I suppose your are running Træfik in a container.
127.0.0.1 -> localhost inside the container, not in your local machine.

Lapis - 403 error when accessing /static/ directory. Lapis unable to use port 80

I have Lapis installed and working on Debian 9. I have two beginner issues I need to solve running the simple init setup that serves static content from /static/ and the Lua app from all other requests:
I put an index.html file in a directory called static which is in the same directory I start Lapis from, but attempting to access via IP/static/index.html results in a 403 access error.
I cannot set the server to use port 80 because the address is already in use by nginx (confirmed with netstat). There is a "Welcome to OpenResty!" page served there, with the Lapis app only being served on other set ports.
I'd appreciate any advice that would solve these issues. Also any pointers towards documentation that fully describes the relationship between nginx, OpenResty and Lapis would be very helpful.
Thanks to help from LordRyan on the moonscript IRC the issues are solved.
The 403 issue was a permission error caused by the Lapis app directory being at root level.
Inability to use port 80 was caused by an nginx instance running in the background which was discovered using...
ps aux | grep nginx root
... shutting it down solved the issue and gave the Lapis app control.

Tyk gateway with Nginx and Apache Tomcat 8 (ubuntu 14.04)

Just wondering what I am missing here when trying to create an API with Tyk Dashboard.
My setup is:
Nginx > Apache Tomcat 8 > Java Web Application > (database)
Nginx is already working, redirecting calls to apache tomcat at default port 8080.
Example: tomcat.myserver.com/webapp/get/1
200-OK
I have setup tyk-dashboard and tyk-gateway previously as follows using a custom node port 8011:
Tyk dashboard:
$ sudo /opt/tyk-dashboard/install/setup.sh --listenport=3000 --redishost=localhost --redisport=6379 --mongo=mongodb://127.0.0.1/tyk_analytics --tyk_api_hostname=$HOSTNAME --tyk_node_hostname=http://127.0.0.1 --tyk_node_port=8011 --portal_root=/portal --domain="dashboard.tyk-local.com"
Tyk gateway:
/opt/tyk-gateway/install/setup.sh --dashboard=1 --listenport=8011 --redishost=127.0.0.1 --redisport=6379 --domain=""
/etc/hosts already configured (not really needed):
127.0.0.1 dashboard.tyk-local.com
127.0.0.1 portal.tyk-local.com
Tyk Dashboard configurations (nothing special here):
API name: foo
Listen path: /foo
API slug: foo
Target URL: tomcat.myserver.com/webapp/
What URI I suppose to call? Is there any setup I need to add in Nginx?
myserver.com/foo 502 nginx
myserver.com:8011/foo does not respond
foo.myserver.com 502 nginx
(everything is running under the same server)
SOLVED:
Tyk Gateway configuration was incorrect.
Needed to add --mongo and remove --domain directives at setup.sh :
/opt/tyk-gateway/install/setup.sh --dashboard=1 --listenport=8011 --redishost=localhost --redisport=6379 --mongo=mongodb://127.0.0.1/tyk_analytics
So, calling curl -H "Authorization: null" 127.0.0.1:8011/foo
I get:
{
"error": "Key not authorised"
}
I am not sure about the /foo path. I think that was previously what the /hello path is. But it appears there is a key not authorized issue. If the call is made using the Gateway API, then the secret value may be missing. It is required when making calls to the gateway (except the hello and reload paths)
x-tyk-authorization: <your-secret>
However, since there is a dashboard present, then I would suggest using the Dashboard APIs to create the API definition instead.

Varnish + Nginx proxy configuration on plesk

I followed the official tuto for the Varnish via Docker configuration on plesk. https://www.plesk.com/blog/product-t...cker-container
i have a VPS Ubuntu with plesk and many domains.
I followed all steps :
I created a domain test.monserveur.com
I use the Docker image million12/varnish
On the Docker container setting, the mapping redirect the 80 port to the 32780
On plesk for the hosting parameters, the option “SSL/TLS support” and “Permanent SEO-safe 301 redirect from HTTP to HTTPS” are deactivated
I deactived also the security mod for this domain
On the proxy rules of the docker container (/etc/varnish/default.vcl), i put fo the .host test.monserveur.com and .port 7080
On the function sub vcl_deliver, i put :
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
I still have a 503 page with a MISS on the header for the page on test.monserveur.com
I can't understand where is the problem. I tried to put on the .host the serveur IP and with a link to another domain of the server. I think it's a problem with a setting but i don't know where.
Thanks in advance
A 503 error response from Varnish means that your Docker container is not configured properly. You should check whether the container and Varnish within the container are running properly. Additionally, the configuration file must have valid syntax and the correct port and IP address of the server have to be set in the configuration file.
Without knowing what you've entered, I cannot give you a better advice! If you follow the tutorial completely, it will work. I've created over 10 working instances while I wrote the text!
PS: Please use the official Plesk forum with more information (also add your configuration file) if you still cannot solve your problem - https://talk.plesk.com/
Have success!

502 gateway error with meteor, browser policy, HTTP connecting to S3

I am using meteor with the BrowerPolicy package and Meteor Up with the abernix/meteord:base docker image to deploy my app to a EC2 instance. I use HTTPS using nginx all on the same server. The trouble comes when I allow connections to an AWS S3 bucket using the following line:
BrowserPolicy.content.allowOriginForAll('*.s3-us-west-2.amazonaws.com');
It works locally but when I deploy to the EC2 server, I get a 502 bad gateway error for the entire app.
I have read that this problem can sometimes be due to the header size being too large and that it can be fixed by changing proxy_buffer_size 8k; in the /var/lib/docker/aufs/mnt/CHECKEDID/opt/nginx/conf/nginx.conf file. I checked and my header size is 499 for a random svg that I have S3.
If indeed I need to make a change to the docker image to have this larger header size, how do I do that? I believe that this is the source repo for the docker image. If I am totally off base and there is a different problem, please let me know that too.
Thanks!
I ended up figuring it out. So it turns out to be a configuration error with nginx. I configured my EC2 instance using this guide. In order to fix nginx, I first logged into my cluster and opened this file:
sudo vi /etc/nginx/sites-available/default
I then added the proxy_buffer_size 8k; line to the server block of the configuration file. Finally, I checked the syntax with sudo nginx -t and restarted nginx nginx restart. That was it!
The best part is that since I configured my nginx instance manually and deploy my meteor instance on top of this running on port 3000, these settings persist even after I deploy new versions of my app.

Resources