FWIW, I tried the instructions I provided earlier this week and didn’t get them to work again. I don’t know if it’s a change made by Let’s Encrypt or I forget exactly what I did.
I’ll go through the process setting up a Digital Ocean vps again as soon as I get some time because getting those certs configured has always been a bit of a pain and it’d be a good thing to nail that process down. If anyone has a list of instruction on setting up haproxy they can share I’d be glad to have them and give that a shot too. Kindest Regards, Bill Stephenson Tech Support www.cherrypc.com <http://www.ezinvoice.com/> 1-417-546-8390 > On Apr 30, 2020, at 3:56 PM, Joan Touzet <[email protected]> wrote: > > On 2020-04-30 16:22, Rene Veerman wrote: >> i'm really only looking for a quick and easy way to getting https to work >> again.. > > Bill Stephenson gave you a step-by-step that seemed reasonable to me. > >> do the creators of couchdb read this mailinglist? > > Yes. > > Most of us terminate SSL ahead of CouchDB at a reverse proxy (such as > haproxy). Some of us have even contemplated dropping native SSL support in > CouchDB entirely, because configuring it is a bit of a pain, as you've found. > But it can be done, and it does work. > > For SSL in pure CouchDB, when I must, I use something like EasyRSA: > > https://github.com/OpenVPN/easy-rsa > > to generate the certs, then munge them together and start it. It works OK. > But I do this about once every 2 years max. > > -Joan "Erlang's SSL support isn't great" Touzet > > >> On Sun, Apr 26, 2020 at 3:04 PM Joel Jucá <[email protected]> wrote: >>> Rene, >>> >>> Your problem seems to be infrastructure-related, rather than CouchDB >>> related. I would recommend you to read about Infrastructure as Code. This >>> is a practice that allows a developer to declare its infrastructure (in >>> your specific case, server configuration) and have some sort of >>> reproducibility from it. Then, you could also understand every single >>> change made to your server infrastructure - and even share it as a Gist, >>> for instance, and have some sort of feedback/pull request directly on it. >>> >>> I would recommend you Ansible ( >>> https://www.ansible.com/resources/get-started). >>> It's a great solution that allows you to declare your server configuration >>> as YAML files and use it within Ansible CLI to reproduce the declared >>> configuration on a targeted server (eg: your Ubuntu-powered CouchDB >>> server). >>> >>> I've struggled a lot with server configuration back in 2010-2012 when I was >>> a full-stack PHP/Drupal developer, and after discovering Ansible I could >>> never imagine myself handling performing a complex task (server >>> configuration) manually! >>> >>> I hope it helps you in some way. >>> >>> On Sat, Apr 25, 2020 at 6:28 PM Rene Veerman <[email protected]> >>> wrote: >>> >>>> yes, i did.. >>>> >>>> On Sat, Apr 25, 2020 at 9:16 PM Bill Stephenson >>> <[email protected] >>>>> >>>> wrote: >>>> >>>>> Did you do a "sudo ufw allow 6984”? >>>>> >>>>> >>>>> Kindest Regards, >>>>> >>>>> Bill Stephenson >>>>> Tech Support >>>>> www.cherrypc.com <http://www.ezinvoice.com/> >>>>> 1-417-546-8390 >>>>> >>>>> >>>>> >>>>> >>>>>> On Apr 25, 2020, at 9:28 AM, Rene Veerman <[email protected]> >>>>> wrote: >>>>>> >>>>>> also (FYI) : i have already entered the right port forwarding >>> commands >>>>> into >>>>>> my ADSL modem.. >>>>>> >>>>>> On Sat, Apr 25, 2020 at 4:21 PM Rene Veerman < >>> [email protected]> >>>>>> wrote: >>>>>> >>>>>>> that gets me a 'connection refused' : >>>>>>> >>>>>>> ('albatross' === localhost === nicer.app) >>>>>>> >>>>>>> root@albatross:/opt/couchdb/letsencrypt# service couchdb stop >>>>>>> root@albatross:/opt/couchdb/letsencrypt# telnet localhost 6984 >>>>>>> Trying 127.0.0.1... >>>>>>> telnet: Unable to connect to remote host: Connection refused >>>>>>> root@albatross:/opt/couchdb/letsencrypt# telnet nicer.app 6984 >>>>>>> Trying 127.0.0.1... >>>>>>> Trying 82.161.37.94... >>>>>>> telnet: Unable to connect to remote host: Connection refused >>>>>>> root@albatross:/opt/couchdb/letsencrypt# >>>>>>> >>>>>>> On Sat, Apr 25, 2020 at 1:41 PM Florian Westreicher < >>>>> [email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Did you try to telnet to the port while couchdb is down? If there >>> is >>>> no >>>>>>>> open port, telnet won't connect. >>>>>>>> >>>>>>>> >>>>>>>> On April 25, 2020 03:50:56 Rene Veerman <[email protected]> >>>>> wrote: >>>>>>>> >>>>>>>>>> >>>>>>>>>> unfortunately that didn't fix things either. i'm still stuck at >>> the >>>>>>>>>> eaddrinuse error.. >>>>>>>>>> >>>>>>>>> >>>>>>>>> [info] 2020-04-25T01:49:15.730815Z [email protected] <0.232.0> >>>>> -------- >>>>>>>>> Apache CouchDB has started on https://0.0.0.0:6984/ >>>>>>>>> [info] 2020-04-25T01:49:15.731032Z [email protected] <0.11.0> >>>>> -------- >>>>>>>>> Application couch started on node '[email protected]' >>>>>>>>> [info] 2020-04-25T01:49:15.731178Z [email protected] <0.11.0> >>>>> -------- >>>>>>>>> Application ets_lru started on node '[email protected]' >>>>>>>>> [notice] 2020-04-25T01:49:15.737605Z [email protected] <0.284.0> >>>>>>>> -------- >>>>>>>>> rexi_server : started servers >>>>>>>>> [notice] 2020-04-25T01:49:15.738914Z [email protected] <0.288.0> >>>>>>>> -------- >>>>>>>>> rexi_buffer : started servers >>>>>>>>> [info] 2020-04-25T01:49:15.739062Z [email protected] <0.11.0> >>>>> -------- >>>>>>>>> Application rexi started on node '[email protected]' >>>>>>>>> [notice] 2020-04-25T01:49:15.786354Z [email protected] <0.318.0> >>>>>>>> -------- >>>>>>>>> mem3_reshard_dbdoc start init() >>>>>>>>> [notice] 2020-04-25T01:49:15.790014Z [email protected] <0.320.0> >>>>>>>> -------- >>>>>>>>> mem3_reshard start init() >>>>>>>>> [notice] 2020-04-25T01:49:15.790112Z [email protected] <0.321.0> >>>>>>>> -------- >>>>>>>>> mem3_reshard db monitor <0.321.0> starting >>>>>>>>> [notice] 2020-04-25T01:49:15.792025Z [email protected] <0.320.0> >>>>>>>> -------- >>>>>>>>> mem3_reshard starting reloading jobs >>>>>>>>> [notice] 2020-04-25T01:49:15.792087Z [email protected] <0.320.0> >>>>>>>> -------- >>>>>>>>> mem3_reshard finished reloading jobs >>>>>>>>> [info] 2020-04-25T01:49:15.792900Z [email protected] <0.11.0> >>>>> -------- >>>>>>>>> Application mem3 started on node '[email protected]' >>>>>>>>> [info] 2020-04-25T01:49:15.793024Z [email protected] <0.11.0> >>>>> -------- >>>>>>>>> Application fabric started on node '[email protected]' >>>>>>>>> [error] 2020-04-25T01:49:15.796505Z [email protected] <0.330.0> >>>>>>>> -------- >>>>>>>>> CRASH REPORT Process (<0.330.0>) with 0 neighbors exited with >>>> reason: >>>>>>>>> eaddrinuse at gen_server:init_it/6(line:349) <= >>>>>>>>> proc_lib:init_p_do_apply/3(line:247); initial_call: >>>>>>>>> {mochiweb_socket_server,init,['Argument__1']}, ancestors: >>>>>>>>> [chttpd_sup,<0.327.0>], message_queue_len: 0, messages: [], links: >>>>>>>>> [<0.328.0>], dictionary: [], trap_exit: true, status: running, >>>>>>>> heap_size: >>>>>>>>> 376, stack_size: 27, reductions: 990 >>>>>>>>> [error] 2020-04-25T01:49:15.796670Z [email protected] <0.328.0> >>>>>>>> -------- >>>>>>>>> Supervisor chttpd_sup had child chttpd started with >>>>> chttpd:start_link() >>>>>>>> at >>>>>>>>> undefined exit with reason eaddrinuse in context start_error >>>>>>>>> [error] 2020-04-25T01:49:15.796942Z [email protected] <0.326.0> >>>>>>>> -------- >>>>>>>>> CRASH REPORT Process (<0.326.0>) with 0 neighbors exited with >>>> reason: >>>>>>>>> >>>>>>>> >>>>> >>>> >>> {{shutdown,{failed_to_start_child,chttpd,eaddrinuse}},{chttpd_app,start,[normal,[]]}} >>>>>>>>> at application_master:init/4(line:134) <= >>>>>>>>> proc_lib:init_p_do_apply/3(line:247); initial_call: >>>>>>>>> {application_master,init,['Argument__1',...]}, ancestors: >>>> [<0.325.0>], >>>>>>>>> message_queue_len: 1, messages: [{'EXIT',<0.327.0>,normal}], >>> links: >>>>>>>>> [<0.325.0>,<0.11.0>], dictionary: [], trap_exit: true, status: >>>>> running, >>>>>>>>> heap_size: 376, stack_size: 27, reductions: 172 >>>>>>>>> [info] 2020-04-25T01:49:15.797060Z [email protected] <0.11.0> >>>>> -------- >>>>>>>>> Application chttpd exited with reason: >>>>>>>>> >>>>>>>> >>>>> >>>> >>> {{shutdown,{failed_to_start_child,chttpd,eaddrinuse}},{chttpd_app,start,[normal,[]]}} >>>>>>>>> [info] 2020-04-25T01:49:17.882186Z [email protected] <0.11.0> >>>>> -------- >>>>>>>>> Application couch_log started on node '[email protected]' >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>> >>>>> >>>> >>> >>> >>> -- >>> Joel Jucá >>> joelwallis.com >>>
