-
There is still something odd with the public IP detected by the cloudron (it does not exist)
and instead of using my ens160 network card IP it uses a local IP but I'm progressingcloudron@T00MID01:/home/yellowtent/box/src/scripts$ sudo grc tail -f /home/yellowtent/platformdata/logs/box.log 2024-04-01T09:19:49.677Z box:mail upsertDnsRecords: records of cloudron.***.** added 2024-04-01T09:19:49.679Z box:provision setProgress: setup - Registering location my.cloudron.***.** 2024-04-01T09:19:49.680Z box:mailserver restartMailIfActivated: skipping restart of mail container since Cloudron is not activated yet 2024-04-01T09:19:49.684Z box:dns upsertDNSRecord: location my on domain cloudron.***.** of type A with values ["10.200.XXX.XXX"] 2024-04-01T09:19:49.685Z box:dns/manual upsert: my for zone ***.** of type A with values ["10.200.XXX.XXX"] 2024-04-01T09:19:49.687Z box:provision setProgress: setup - Waiting for propagation of my.cloudron.***.** 2024-04-01T09:19:49.688Z box:dns/waitfordns waitForDns: waiting for my.cloudron.***.** to be 10.200.XXX.XXX in zone ns1.***.** 2024-04-01T09:19:49.689Z box:dns/waitfordns waitForDns: nameservers are ["ns1.***.**","ns2.***.**","ns3.***.**"] 2024-04-01T09:19:49.691Z box:dns/waitfordns resolveIp: Checking if my.cloudron.***.** has A record at 172.16.64.5 2024-04-01T09:19:54.638Z box:box Received SIGHUP. Re-reading configs. 2024-04-01T09:21:04.763Z box:dns/waitfordns resolveIp: No A record. Checking if my.cloudron.***.** has CNAME record at 172.16.64.5 2024-04-01T09:22:19.837Z box:dns/waitfordns isChangeSynced: NS ns1.***.** (172.16.64.5) not resolving my.cloudron.***.** (A): Error: queryCname ETIMEOUT my.cloudron.***.**. Ignoring 2024-04-01T09:22:19.837Z box:dns/waitfordns waitForDns: my.cloudron.***.** at ns ns1.***.**: done 2024-04-01T09:22:19.845Z box:dns/waitfordns resolveIp: Checking if my.cloudron.***.** has A record at 172.16.64.3
I think I just need to define my A record to point to the VM IP and define a DNS record for cloudron.*. and I should be moving forward another step !
-
@rmdes the default public IP detection works by
curl https://ipv4.api.cloudron.io/api/v1/helper/public_ip
. If this is not the case in your set up, you have to choose Manual IPv4 configuration in the networking . This is also available under Advanced options, when you set up DNS initially. -
this curl command does resolve but I guess it's detecting our F5 proxy/load-balancer not the actual IP of the VM on the intranet
I'm tyring to setup the dashboard but even tho I select manual and I specify the IP of the VM, it keeps expecting an A record with an internal 172.XXX.X.XXX IP in the logs
I do see this kind of log entries tho2024-04-02T08:45:07.987Z box:dns/waitfordns waitForDns: my.cloudron.***.***.*** at ns .***.***.***: done 2024-04-02T08:45:07.988Z box:dns/waitfordns resolveIp: Checking if my.cloudron.***.***.*** has A record at NS 2024-04-02T08:45:07.990Z box:dns/waitfordns isChangeSynced: my.cloudron..***.***.*** (A) was resolved to 10.200.XXX.XX4 at NS .***.***.*** Expecting 10.200.XXX.XX4. Match true
-
The setup token here would be sent to the Cloudron backend on the VM and that will attempt to verify it calling api.cloudron.io so I guess that connection does not work. Not sure what would need to be configured to make the
box
nodejs process use the proxy... -
@rmdes said in [Intranet] Install cloudron in a corporate network environment:
Perhaps related to how (see first post) I had to comment the "check version" part of the cloudron-setup and manually set the box_src_dir and the version (7.7.1)
requestedVersion="7.7.1"
version="7.7.1"Perhaps something should have been done to that VERSION thing when it's retrieved via the api ?
just for the sake of leaving a trail about this :
I had to manually add 7.7.1 inside the VERSION file at /home/yellowtent/box
-
in line with different issues I was having earlier (no DIST folder inside ~/box/dashabord/dist)
I tested zipping and copying a dist folder from another cloudron to this intranet VM and that's when I managed to have the nginx service to run and the box to actually start, I searched for why the dist folder wasn't being built but I could not find a root cause, since I did manage to run each part of the cloudron-setup, in the end, even if I had to run the last part multiples times to get it done in full without any issues.$ sudo docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 68c9ba37e3fc registry.docker.com/cloudron/sftp:3.8.6 "/app/code/start.sh" 25 minutes ago Up 25 minutes 0.0.0.0:222->22/tcp sftp d2b73ebf372d registry.docker.com/cloudron/graphite:3.4.3 "/app/code/start.sh" 25 minutes ago Up 25 minutes 127.0.0.1:2003->2003/tcp graphite d92d85ddd963 registry.docker.com/cloudron/mongodb:6.0.0 "/app/code/start.sh" 26 minutes ago Up 26 minutes mongodb 7abb3c530b8e registry.docker.com/cloudron/postgresql:5.2.1 "/app/code/start.sh" 26 minutes ago Up 26 minutes postgresql 198524bd2eff registry.docker.com/cloudron/mysql:3.4.2 "/app/code/start.sh" 27 minutes ago Up 27 minutes mysql f3dd10277ac2 registry.docker.com/cloudron/turn:1.7.2 "/app/code/start.sh" 27 minutes ago Up 27 minutes turn 8381d2785cf4 registry.docker.com/cloudron/mail:3.12.1 "/app/code/start.sh" 27 minutes ago Up 27 minutes mail cloudron@T00MID01:/home/yellowtent$
-
@rmdes apparently, node.js does not respect those variables. See thread at https://groups.google.com/g/nodejs/c/2ZFLIAUfTFs?pli=1 . Maybe https://github.com/TooTallNate/proxy-agents/tree/main/packages/proxy-agent
-
I'm going to investigate redsocks
in the meantime the only error remaining has to do with collectd, the service appears to be running fine
but the graphie containers freaks out as if graphite had never been initialized┐ │ │ │ WSGI app 0 (mountpoint='') ready in 0 seconds on interpreter 0x55988453aa90 pid: 19 (default app) │ │ *** uWSGI is running in multiple interpreter mode *** │ │ spawned uWSGI master process (pid: 19) │ │ spawned uWSGI worker 1 (pid: 26, cores: 1) │ │ spawned uWSGI worker 2 (pid: 27, cores: 1) │ │ 2024-04-02 09:38:27,960 INFO success: uwsgi entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) │ │ 2024-04-02 09:38:27,960 INFO success: carbon-cache entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) │ │ 2024-04-02 09:38:27,963 INFO spawned: 'whisper-cleanup' with pid 28 │ │ Cleanup old whisper databases... │ │ find: ‘/var/lib/graphite/whisper/collectd/localhost/’: No such file or directory │ │ 2024-04-02 09:38:27,978 INFO exited: whisper-cleanup (exit status 1; not expected) │ │ 2024-04-02 09:38:29,984 INFO spawned: 'whisper-cleanup' with pid 30 │ │ Cleanup old whisper databases... │ │ find: ‘/var/lib/graphite/whisper/collectd/localhost/’: No such file or directory │ │ 2024-04-02 09:38:30,000 INFO exited: whisper-cleanup (exit status 1; not expected) │ │ 2024-04-02 09:38:33,007 INFO spawned: 'whisper-cleanup' with pid 32 │ │ Cleanup old whisper databases... │ │ find: ‘/var/lib/graphite/whisper/collectd/localhost/’: No such file or directory │ │ 2024-04-02 09:38:33,022 INFO exited: whisper-cleanup (exit status 1; not expected) │ │ 2024-04-02 09:38:34,023 INFO gave up: whisper-cleanup entered FATAL state, too many start retries too quickly
-
Hmm redsocks is difficult, I need more time to analyze which local IP I have to configure so that requets are temporarily routed to it
2024/04/02 14:44:39 [error] 88905#88905: *1350 upstream prematurely closed connection while reading response header from upstream, client: 10.200.3.157, server: my.c loudron.***.****.***, request: "POST /api/v1/appstore/register_cloudron_with_setup_token HTTP/2.0", upstream: "http://127.0.0.1:3000/api/v1/appstore/register_cloudro n_with_setup_token", host: "my.cloudron.***.****.***", referrer: "https://my.cloudron.***.****.***/" 2024/04/02 14:44:39 [error] 88905#88905: *1350 connect() failed (111: Unknown error) while connecting to upstream, client: 10.200.3.157, server: my.cloudron..***.****.***, request: "GET /api/v1/cloudron/status HTTP/2.0", upstream: "http://127.0.0.1:3000/api/v1/cloudron/status", host: "my.cloudron.***.****.***", referrer: "https:/ /my.cloudron.***.****.***/"
i'm wondering if there is a curl command I could do to register this token and then a file I could edit with the token