DSS instance in https - this site can't be reached

datafrecb
datafrecb Registered Posts: 1

Hello,

I al trying to move from htto to https url my DSS instance installed i a GCP instance.

I installed nginx and followed instructions for the configuration file here https://doc.dataiku.com/dss/latest/installation/custom/reverse-proxy.html?_gl=1*12gmuah*_ga*OTg3MDU3Mjg5LjE2OTcxMzQ1ODE.*_ga_B3YXRYMY48*MTY5OTMxOTMzOS4zNi4xLjE2OTkzMjM5NzguNTUuMC4w#configuring-a-reverse-proxy-in-front-of-data-science-studio

command sudo nginx -t is OK

ngnix reloaded after conf file modifications and certificates generated.

Howevere when I try to access DD with my DNS , i have the message "This site can't be reached"

any thoughts+?

thanks very much for any help!


Operating system used: CentOS8

Answers

  • Turribeach
    Turribeach Dataiku DSS Core Designer, Neuron, Dataiku DSS Adv Designer, Registered, Neuron 2023 Posts: 2,168 Neuron

    What does the /var/log/nginx/error.log say? Any errors in the Audit log?

  • moisesmarrero
    moisesmarrero Registered Posts: 12

    this is part of the logs:

    023/11/07 21:00:04 [warn] 13181#0: conflicting server name "dss-instance-1.c.host-58458.internal" on 0.0.0.0:443, ignored
    2023/11/07 21:01:51 [warn] 13210#0: conflicting server name "dss-instance-1.c.host-58458.internal" on 0.0.0.0:443, ignored
    2023/11/07 21:01:51 [warn] 13213#0: conflicting server name "dss-instance-1.c.host-58458.internal" on 0.0.0.0:443, ignored
    2023/11/07 21:06:00 [warn] 13227#0: conflicting server name "dss-instance-1.c.host-58458.internal" on 0.0.0.0:443, ignored
    2023/11/07 21:06:44 [warn] 13236#0: conflicting server name "dss-instance-1.c.host-58458.internal" on 0.0.0.0:443, ignored

    what this could be?

    thanks in advance for any help

  • Turribeach
    Turribeach Dataiku DSS Core Designer, Neuron, Dataiku DSS Adv Designer, Registered, Neuron 2023 Posts: 2,168 Neuron

    It sounds to me that you got duplicate names in your nginx.conf config file. Can you post your full config file?

  • Turribeach
    Turribeach Dataiku DSS Core Designer, Neuron, Dataiku DSS Adv Designer, Registered, Neuron 2023 Posts: 2,168 Neuron

    This is unreadable. Please use a code block to put code and config files:

    Screenshot 2023-11-07 at 21.57.45.png

  • moisesmarrero
    moisesmarrero Registered Posts: 12
    edited July 2024

    sorry in last post I was intented to do it in code quotes. following the file

    # For more information on configuration, see:
    #   * Official English Documentation: http://nginx.org/en/docs/
    #   * Official Russian Documentation: http://nginx.org/ru/docs/
    
    user nginx;
    worker_processes auto;
    error_log /var/log/nginx/error.log;
    pid /run/nginx.pid;
    
    # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
    #include /usr/share/nginx/modules/*.conf;
    
    events {
        worker_connections 1024;
    }
    
    http {
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';
    
        access_log  /var/log/nginx/access.log  main;
    
        ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;
        ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
    
    
        sendfile            on;
        tcp_nopush          on;
        tcp_nodelay         on;
        keepalive_timeout   65;
        types_hash_max_size 2048;
    
        include             /etc/nginx/mime.types;
        default_type        application/octet-stream;
    
        # Load modular configuration files from the /etc/nginx/conf.d directory.
        # See http://nginx.org/en/docs/ngx_core_module.html#include
        # for more information.
        #include /etc/nginx/conf.d/*.conf;
    
        server {
            listen       80 default_server;
            listen       [::]:80 default_server;
            #server_name  _;
            root         /usr/share/nginx/html;
    
            # Load configuration files for the default server block.
            include /etc/nginx/default.d/*.conf;
    
            location / {
            }
    
            error_page 404 /404.html;
                location = /40x.html {
            }
    
            error_page 500 502 503 504 /50x.html;
                location = /50x.html {
            }
        }
    
    # Settings for a TLS enabled server.
    #
    #    server {
    #        listen       443 ssl http2 default_server;
    #        listen       [::]:443 ssl http2 default_server;
    #        server_name  _;
    #        root         /usr/share/nginx/html;
    #
    #        ssl_certificate "/etc/pki/nginx/server.crt";
    #        ssl_certificate_key "/etc/pki/nginx/private/server.key";
    #        ssl_session_cache shared:SSL:1m;
    #        ssl_session_timeout  10m;
    #        ssl_ciphers PROFILE=SYSTEM;
    #        ssl_prefer_server_ciphers on;
    #
    #        # Load configuration files for the default server block.
    #        include /etc/nginx/default.d/*.conf;
    #
    #        location / {
    #        }
    #
    #        error_page 404 /404.html;
    #            location = /40x.html {
    #        }
    #
    #        error_page 500 502 503 504 /50x.html;
    #            location = /50x.html {
    #        }
    #    }
    
    
    server {
        # Host/port on which to expose Data Science Studio to users
        listen 443 ssl;
        server_name dss-instance-1.c.instancename.internal;
        ssl_certificate /etc/nginx/ssl/dss_server_cert.pem;
        ssl_certificate_key /etc/nginx/ssl/dss_server.key;
        location / {
            # Base url of the Data Science Studio installation
            proxy_pass http://ip:11000//;
            proxy_redirect off;
            # Allow long queries
            proxy_read_timeout 3600;
            proxy_send_timeout 600;
            # Allow large uploads
            client_max_body_size 0;
            # Allow protocol upgrade to websocket
            proxy_http_version 1.1;
            proxy_set_header Host $http_host;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
    
    }
    
    }
  • Turribeach
    Turribeach Dataiku DSS Core Designer, Neuron, Dataiku DSS Adv Designer, Registered, Neuron 2023 Posts: 2,168 Neuron

    Looks OK to me but you may have multiple config files and these will get loaded from this line:

    include /etc/nginx/default.d/*.conf

    There should be only 1 .conf file in /etc/nginx/default.d/

  • moisesmarrero
    moisesmarrero Registered Posts: 12

    yes, I have few /default folders. I will check

    thnanks for the input

    here my folder nginx

    ro@dss-instance-1 nginx]$ ls -l
    total 72
    drwxr-xr-x. 2 root root 6 Dec 21 2021 default.d
    -rw-r--r--. 1 root root 1077 Dec 21 2021 fastcgi.conf
    -rw-r--r--. 1 root root 1077 Dec 21 2021 fastcgi.conf.default
    -rw-r--r--. 1 root root 1007 Dec 21 2021 fastcgi_params
    -rw-r--r--. 1 root root 1007 Dec 21 2021 fastcgi_params.default
    -rw-r--r--. 1 root root 2837 Dec 21 2021 koi-utf
    -rw-r--r--. 1 root root 2223 Dec 21 2021 koi-win
    -rw-r--r--. 1 root root 5170 Dec 21 2021 mime.types
    -rw-r--r--. 1 root root 5170 Dec 21 2021 mime.types.default
    -rw-r--r--. 1 root root 3745 Nov 7 21:52 nginx.conf
    -rw-r--r--. 1 root root 2469 Nov 7 03:22 nginx.conf.BK
    -rw-r--r--. 1 root root 2656 Dec 21 2021 nginx.conf.default
    -rw-r--r--. 1 root root 636 Dec 21 2021 scgi_params
    -rw-r--r--. 1 root root 636 Dec 21 2021 scgi_params.default
    drwxrwxrwx. 2 root root 55 Nov 7 02:37 ssl
    -rw-r--r--. 1 root root 664 Dec 21 2021 uwsgi_params
    -rw-r--r--. 1 root root 664 Dec 21 2021 uwsgi_params.default
    -rw-r--r--. 1 root root 3610 Dec 21 2021 win-utf

  • Turribeach
    Turribeach Dataiku DSS Core Designer, Neuron, Dataiku DSS Adv Designer, Registered, Neuron 2023 Posts: 2,168 Neuron

    This path seems to be /etc/nginx/ not /etc/nginx/default.d/

  • moisesmarrero
    moisesmarrero Registered Posts: 12

    I have nothing in

    [@dss-instance-1 default.d]$ pwd
    /etc/nginx/default.d
    [@dss-instance-1 default.d]$ ls -l
    total 0
    [@dss-instance-1 default.d]$

    Shloud I also copy the nginx.conf in default.d folder?

Setup Info
    Tags
      Help me…