This website uses cookies. By clicking OK, you consent to the use of cookies. Read our cookie policy.
Accept
Reject
Community

DSS instance in https - this site can't be reached

datafrecb
Level 1
โ€Ž11-07-2023 05:17 PM
DSS instance in https - this site can't be reached

Hello, 

I al trying to move from htto to https url my DSS instance installed i a GCP instance. 

I installed nginx and followed instructions for the configuration file here https://doc.dataiku.com/dss/latest/installation/custom/reverse-proxy.html?_gl=1*12gmuah*_ga*OTg3MDU3...

command sudo nginx -t is OK

ngnix reloaded after conf file modifications and certificates generated.

Howevere when I try to access DD with my DNS , i have the message "This site can't be reached"

any thoughts+?

 

thanks very much for any help!

Operating system used: CentOS8

0 Kudos
Reply
9 Replies
Turribeach
Neuron
Neuron
โ€Ž11-07-2023 08:06 PM

What does the /var/log/nginx/error.log say? Any errors in the Audit log?

0 Kudos
Reply
moisesmarrero
Level 3
โ€Ž11-07-2023 10:13 PM

this is part of the logs:

023/11/07 21:00:04 [warn] 13181#0: conflicting server name "dss-instance-1.c.host-58458.internal" on 0.0.0.0:443, ignored
2023/11/07 21:01:51 [warn] 13210#0: conflicting server name "dss-instance-1.c.host-58458.internal" on 0.0.0.0:443, ignored
2023/11/07 21:01:51 [warn] 13213#0: conflicting server name "dss-instance-1.c.host-58458.internal" on 0.0.0.0:443, ignored
2023/11/07 21:06:00 [warn] 13227#0: conflicting server name "dss-instance-1.c.host-58458.internal" on 0.0.0.0:443, ignored
2023/11/07 21:06:44 [warn] 13236#0: conflicting server name "dss-instance-1.c.host-58458.internal" on 0.0.0.0:443, ignored

 

what this could be? 

thanks in advance for any help

0 Kudos
Reply
Turribeach
Neuron
Neuron
In response to moisesmarrero
โ€Ž11-07-2023 10:23 PM

It sounds to me that you got duplicate names in your nginx.conf config file. Can you post your full config file?

0 Kudos
Reply
Turribeach
Neuron
Neuron
In response to moisesmarrero
โ€Ž11-07-2023 10:58 PM

This is unreadable. Please use a code block to put code and config files:

Screenshot 2023-11-07 at 21.57.45.png

 

 

0 Kudos
Reply
moisesmarrero
Level 3
In response to Turribeach
โ€Ž11-07-2023 11:17 PM

sorry in last post I was intented to do it in code quotes. following the file

 

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
#include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;


    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    #include /etc/nginx/conf.d/*.conf;

    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        #server_name  _;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

# Settings for a TLS enabled server.
#
#    server {
#        listen       443 ssl http2 default_server;
#        listen       [::]:443 ssl http2 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers PROFILE=SYSTEM;
#        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }


server {
    # Host/port on which to expose Data Science Studio to users
    listen 443 ssl;
    server_name dss-instance-1.c.instancename.internal;
    ssl_certificate /etc/nginx/ssl/dss_server_cert.pem;
    ssl_certificate_key /etc/nginx/ssl/dss_server.key;
    location / {
        # Base url of the Data Science Studio installation
        proxy_pass http://ip:11000//;
        proxy_redirect off;
        # Allow long queries
        proxy_read_timeout 3600;
        proxy_send_timeout 600;
        # Allow large uploads
        client_max_body_size 0;
        # Allow protocol upgrade to websocket
        proxy_http_version 1.1;
        proxy_set_header Host $http_host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

}

}
0 Kudos
Reply
Turribeach
Neuron
Neuron
In response to moisesmarrero
โ€Ž11-07-2023 11:23 PM

Looks OK to me but you may have multiple config files and these will get loaded from this line:

include /etc/nginx/default.d/*.conf

There should be only 1 .conf file in /etc/nginx/default.d/

0 Kudos
Reply
moisesmarrero
Level 3
โ€Ž11-07-2023 11:34 PM

yes, I have few /default folders. I will check

thnanks for the input

here my folder nginx

ro@dss-instance-1 nginx]$ ls -l
total 72
drwxr-xr-x. 2 root root 6 Dec 21 2021 default.d
-rw-r--r--. 1 root root 1077 Dec 21 2021 fastcgi.conf
-rw-r--r--. 1 root root 1077 Dec 21 2021 fastcgi.conf.default
-rw-r--r--. 1 root root 1007 Dec 21 2021 fastcgi_params
-rw-r--r--. 1 root root 1007 Dec 21 2021 fastcgi_params.default
-rw-r--r--. 1 root root 2837 Dec 21 2021 koi-utf
-rw-r--r--. 1 root root 2223 Dec 21 2021 koi-win
-rw-r--r--. 1 root root 5170 Dec 21 2021 mime.types
-rw-r--r--. 1 root root 5170 Dec 21 2021 mime.types.default
-rw-r--r--. 1 root root 3745 Nov 7 21:52 nginx.conf
-rw-r--r--. 1 root root 2469 Nov 7 03:22 nginx.conf.BK
-rw-r--r--. 1 root root 2656 Dec 21 2021 nginx.conf.default
-rw-r--r--. 1 root root 636 Dec 21 2021 scgi_params
-rw-r--r--. 1 root root 636 Dec 21 2021 scgi_params.default
drwxrwxrwx. 2 root root 55 Nov 7 02:37 ssl
-rw-r--r--. 1 root root 664 Dec 21 2021 uwsgi_params
-rw-r--r--. 1 root root 664 Dec 21 2021 uwsgi_params.default
-rw-r--r--. 1 root root 3610 Dec 21 2021 win-utf

0 Kudos
Reply
Turribeach
Neuron
Neuron
In response to moisesmarrero
โ€Ž11-07-2023 11:37 PM

This path seems to be /etc/nginx/ not /etc/nginx/default.d/

0 Kudos
Reply
moisesmarrero
Level 3
In response to Turribeach
โ€Ž11-07-2023 11:42 PM

I have nothing in 

[@dss-instance-1 default.d]$ pwd
/etc/nginx/default.d
[@dss-instance-1 default.d]$ ls -l
total 0
[@dss-instance-1 default.d]$ 

Shloud I also copy the nginx.conf in default.d folder? 

0 Kudos
Reply

Setup info

?
A banner prompting to get Dataiku
Didn't Find What You Needed?

Post a Question

Help me โ€ฆ
โ€ฆ ask a question โ€ฆ search for an answer โ€ฆ learn to use the Community