Hi Bill,
haproxy should be as simple as installing the binary on your *NIX
platform, then using something similar to our shipped configuration:
https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
Also, I see this walkthrough is referenced elsewhere as working for
Let's Encrypt and CouchDB:
https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
Hope they help,
Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet
On 2020-05-01 15:16, Bill Stephenson wrote:
FWIW, I tried the instructions I provided earlier this week and didn’t
get them to work again. I don’t know if it’s a change made by Let’s Encrypt
or I forget exactly what I did.
I’ll go through the process setting up a Digital Ocean vps again as soon
as I get some time because getting those certs configured has always been a
bit of a pain and it’d be a good thing to nail that process down.
If anyone has a list of instruction on setting up haproxy they can share
I’d be glad to have them and give that a shot too.
Kindest Regards,
Bill Stephenson
Tech Support
www.cherrypc.com <http://www.ezinvoice.com/>
1-417-546-8390
On Apr 30, 2020, at 3:56 PM, Joan Touzet <woh...@apache.org> wrote:
On 2020-04-30 16:22, Rene Veerman wrote:
i'm really only looking for a quick and easy way to getting https to
work
again..
Bill Stephenson gave you a step-by-step that seemed reasonable to me.
do the creators of couchdb read this mailinglist?
Yes.
Most of us terminate SSL ahead of CouchDB at a reverse proxy (such as
haproxy). Some of us have even contemplated dropping native SSL support in
CouchDB entirely, because configuring it is a bit of a pain, as you've
found. But it can be done, and it does work.
For SSL in pure CouchDB, when I must, I use something like EasyRSA:
https://github.com/OpenVPN/easy-rsa
to generate the certs, then munge them together and start it. It works
OK. But I do this about once every 2 years max.
-Joan "Erlang's SSL support isn't great" Touzet
On Sun, Apr 26, 2020 at 3:04 PM Joel Jucá <joelwal...@gmail.com>
wrote:
Rene,
Your problem seems to be infrastructure-related, rather than CouchDB
related. I would recommend you to read about Infrastructure as Code.
This
is a practice that allows a developer to declare its infrastructure
(in
your specific case, server configuration) and have some sort of
reproducibility from it. Then, you could also understand every single
change made to your server infrastructure - and even share it as a
Gist,
for instance, and have some sort of feedback/pull request directly on
it.
I would recommend you Ansible (
https://www.ansible.com/resources/get-started).
It's a great solution that allows you to declare your server
configuration
as YAML files and use it within Ansible CLI to reproduce the declared
configuration on a targeted server (eg: your Ubuntu-powered CouchDB
server).
I've struggled a lot with server configuration back in 2010-2012 when
I was
a full-stack PHP/Drupal developer, and after discovering Ansible I
could
never imagine myself handling performing a complex task (server
configuration) manually!
I hope it helps you in some way.
On Sat, Apr 25, 2020 at 6:28 PM Rene Veerman <seductivea...@gmail.com
wrote:
yes, i did..
On Sat, Apr 25, 2020 at 9:16 PM Bill Stephenson
<b...@cherrypc.com.invalid
wrote:
Did you do a "sudo ufw allow 6984”?
Kindest Regards,
Bill Stephenson
Tech Support
www.cherrypc.com <http://www.ezinvoice.com/>
1-417-546-8390
On Apr 25, 2020, at 9:28 AM, Rene Veerman <seductivea...@gmail.com
wrote:
also (FYI) : i have already entered the right port forwarding
commands
into
my ADSL modem..
On Sat, Apr 25, 2020 at 4:21 PM Rene Veerman <
seductivea...@gmail.com>
wrote:
that gets me a 'connection refused' :
('albatross' === localhost === nicer.app)
root@albatross:/opt/couchdb/letsencrypt# service couchdb stop
root@albatross:/opt/couchdb/letsencrypt# telnet localhost 6984
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
root@albatross:/opt/couchdb/letsencrypt# telnet nicer.app 6984
Trying 127.0.0.1...
Trying 82.161.37.94...
telnet: Unable to connect to remote host: Connection refused
root@albatross:/opt/couchdb/letsencrypt#
On Sat, Apr 25, 2020 at 1:41 PM Florian Westreicher <
st...@meredrica.org>
wrote:
Did you try to telnet to the port while couchdb is down? If there
is
no
open port, telnet won't connect.
On April 25, 2020 03:50:56 Rene Veerman <seductivea...@gmail.com
wrote:
unfortunately that didn't fix things either. i'm still stuck at
the
eaddrinuse error..
[info] 2020-04-25T01:49:15.730815Z couchdb@127.0.0.1 <0.232.0>
--------
Apache CouchDB has started on https://0.0.0.0:6984/
[info] 2020-04-25T01:49:15.731032Z couchdb@127.0.0.1 <0.11.0>
--------
Application couch started on node 'couchdb@127.0.0.1'
[info] 2020-04-25T01:49:15.731178Z couchdb@127.0.0.1 <0.11.0>
--------
Application ets_lru started on node 'couchdb@127.0.0.1'
[notice] 2020-04-25T01:49:15.737605Z couchdb@127.0.0.1
<0.284.0>
--------
rexi_server : started servers
[notice] 2020-04-25T01:49:15.738914Z couchdb@127.0.0.1
<0.288.0>
--------
rexi_buffer : started servers
[info] 2020-04-25T01:49:15.739062Z couchdb@127.0.0.1 <0.11.0>
--------
Application rexi started on node 'couchdb@127.0.0.1'
[notice] 2020-04-25T01:49:15.786354Z couchdb@127.0.0.1
<0.318.0>
--------
mem3_reshard_dbdoc start init()
[notice] 2020-04-25T01:49:15.790014Z couchdb@127.0.0.1
<0.320.0>
--------
mem3_reshard start init()
[notice] 2020-04-25T01:49:15.790112Z couchdb@127.0.0.1
<0.321.0>
--------
mem3_reshard db monitor <0.321.0> starting
[notice] 2020-04-25T01:49:15.792025Z couchdb@127.0.0.1
<0.320.0>
--------
mem3_reshard starting reloading jobs
[notice] 2020-04-25T01:49:15.792087Z couchdb@127.0.0.1
<0.320.0>
--------
mem3_reshard finished reloading jobs
[info] 2020-04-25T01:49:15.792900Z couchdb@127.0.0.1 <0.11.0>
--------
Application mem3 started on node 'couchdb@127.0.0.1'
[info] 2020-04-25T01:49:15.793024Z couchdb@127.0.0.1 <0.11.0>
--------
Application fabric started on node 'couchdb@127.0.0.1'
[error] 2020-04-25T01:49:15.796505Z couchdb@127.0.0.1 <0.330.0>
--------
CRASH REPORT Process (<0.330.0>) with 0 neighbors exited with
reason:
eaddrinuse at gen_server:init_it/6(line:349) <=
proc_lib:init_p_do_apply/3(line:247); initial_call:
{mochiweb_socket_server,init,['Argument__1']}, ancestors:
[chttpd_sup,<0.327.0>], message_queue_len: 0, messages: [],
links:
[<0.328.0>], dictionary: [], trap_exit: true, status: running,
heap_size:
376, stack_size: 27, reductions: 990
[error] 2020-04-25T01:49:15.796670Z couchdb@127.0.0.1 <0.328.0>
--------
Supervisor chttpd_sup had child chttpd started with
chttpd:start_link()
at
undefined exit with reason eaddrinuse in context start_error
[error] 2020-04-25T01:49:15.796942Z couchdb@127.0.0.1 <0.326.0>
--------
CRASH REPORT Process (<0.326.0>) with 0 neighbors exited with
reason:
{{shutdown,{failed_to_start_child,chttpd,eaddrinuse}},{chttpd_app,start,[normal,[]]}}
at application_master:init/4(line:134) <=
proc_lib:init_p_do_apply/3(line:247); initial_call:
{application_master,init,['Argument__1',...]}, ancestors:
[<0.325.0>],
message_queue_len: 1, messages: [{'EXIT',<0.327.0>,normal}],
links:
[<0.325.0>,<0.11.0>], dictionary: [], trap_exit: true, status:
running,
heap_size: 376, stack_size: 27, reductions: 172
[info] 2020-04-25T01:49:15.797060Z couchdb@127.0.0.1 <0.11.0>
--------
Application chttpd exited with reason:
{{shutdown,{failed_to_start_child,chttpd,eaddrinuse}},{chttpd_app,start,[normal,[]]}}
[info] 2020-04-25T01:49:17.882186Z couchdb@127.0.0.1 <0.11.0>
--------
Application couch_log started on node 'couchdb@127.0.0.1'
--
Joel Jucá
joelwallis.com
