I've been waiting over a week to get any reply, with no success. I'm trying to get a basic server up. Can anybody help me with what should be a pretty simple problem?
On Tue, Jun 13, 2017 at 5:51 PM, Doug Snyder <[email protected]> wrote: > I'm trying to set up a CouchDB 2.0 instance up on my CentOS 7 server. I've > got it installed and running as a systemd service and it responses with its > friendly hello world message when I access it from the server using > 127.0.0.1 or 0.0.0.0 > > $ curl 127.0.0.1:5984 > {"couchdb":"Welcome","version":"2.0.0","vendor":{"name":"The Apache > Software Foundation"}} > $ curl 0.0.0.0:5984 > {"couchdb":"Welcome","version":"2.0.0","vendor":{"name":"The Apache > Software Foundation"}} > > in my local.ini file I've configed the bind_address to 0.0.0.0 > > [httpd] > bind_address = 0.0.0.0 > > My understanding was that if I had this bind address I could connect to > port 5984 from any ip address open in my firewall > > I'm using firewalld for my firewall and I've configured it to open port > 5984 This config is confirmed by listing the configuration of the public > zone: > > $ sudo firewall-cmd --zone=public --list-all > public (active) > target: default > icmp-block-inversion: no > interfaces: eth0 > sources: > services: couchdb2 dhcpv6-client http https ssh > ports: 443/tcp 5984/tcp > protocols: > masquerade: no > forward-ports: > sourceports: > icmp-blocks: > rich rules: > > I've also created a service called couchdb2 at > /etc/firewalld/services/couchdb2.xml > with XML: > > <service> > <short>couchdb2</short> > <description>CouchDB 2.0 Instance</description> > <port protocol="tcp" port="5984"/> > </service> > > From what I know about firewalld I should be able to receive connection on > 5984 now > > but when I curl from my laptop my connection is refused: > > $ curl my-server:5984 --verbose > * Rebuilt URL to: my-server:5984/ > * Trying <my-ip>... > * connect to <my-ip> port 5984 failed: Connection refused > * Failed to connect to my-server port 5984: Connection refused > * Closing connection 0 > > When I connect to the couchdb instance locally via either 127.0.0.1 or > 0.0.0.0 I can see the 200 response in my couchdb log: > > $ sudo journalctl -u couchdb2 > ... > [notice] 2017-06-06T00:35:01.159244Z couchdb@localhost <0.3328.0> > 222d655c69 0.0.0.0:5984 127.0.0.1 undefined GET / 200 ok 28 > [notice] 2017-06-06T00:37:21.819298Z couchdb@localhost <0.5598.0> > 2f8986d14b 127.0.0.1:5984 127.0.0.1 undefined GET / 200 ok 1 > > But when I curled from my laptop nothing shows up in the couchdb log for > the Connection Refused error. > > I tried to figure out if firewalld was blocking the connection to CouchDB > by looking in the logs.I turned on logging by editing the FIREWALLD_ARGS at > /etc/sysconfig/firewalld > > FIREWALLD_ARGS=--debug=10 > > I restart firewalld and confirm its running at debug level 10: > > $ sudo systemctl status firewalld > Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; > vendor preset: enabled) > Active: active (running) since Tue 2017-06-13 16:41:26 EDT; 28min ago > Docs: man:firewalld(1) > Main PID: 25209 (firewalld) > CGroup: /system.slice/firewalld.service > └─25209 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid > --debug=10 > > Then I curl from my laptop again, get a connection refused error, and look > at the logs: > > $ tail -n 64 /var/log/firewalld > 2017-06-13 16:41:26 DEBUG1: config.ZoneAdded('trusted') > 2017-06-13 16:41:26 DEBUG1: > config.zone.8.GetAll('org.fedoraproject.FirewallD1.config.zone') > 2017-06-13 16:41:26 DEBUG1: config.ZoneAdded('work') > 2017-06-13 16:41:26 > DEBUG1:config.GetAll('org.fedoraproject.FirewallD1.config') > > These are config messages from when firewalld restarted. There's nothing > logged regarding the connection refused. I'm not sure if firewalld would > log a connection that passed through to CouchDB on 5984 or not. Maybe it > got through to CouchDB and this is a CouchDB issue? > > To the best of my knowledge both CouchDB and firewalld are configured > correctly, but its not working like I expected. Any help would be > appreciated, whether you know the problem or whether you can just help me > discern if the problem is related to CouchDB or firewalld. >
