Not able to access openHAB home dashboard on custom openHAB cloud instance

Hi,

I am having trouble to access my openHAB dashboard through my custom openHAB cloud instance.

To fix the link in the openHAB Home tab to point to a separate host I added the proxyHost config entry to the config.json:

{
    "system": {
      "host": "openhab.mydomain.com",
"proxyHost": "home.openhab.mydomain.com",

as I read in some other thread here.
Both domain names point to the same EC2 instance.
When I try to access the home dashboard I have to accept the invalid SSL cert and then I get
404 page not found

Activating in the config.json the
"subDomainCookies": true
setting does not allow me to login anymore.
The login fails then with invalid csrf token, see AWS openhab-cloud setup user login fails with: "ForbiddenError: invalid csrf token"

I am stuck atm.

Can somebody give me a hint how to go on here?

Thanks a lot,
Maik

Can’t help you with the issue, but please change the topic so that people who could help you know what this is about. It will be more likely that other read it if the topic describes the problem :wink:

2 Likes
  • check your reverse proxy’s logfile to check which page it tries to access.
  • in case you need to accept an invalid SSL cert then there is room for improvement :slight_smile:
  • do you run two instances of the cloud app one for main part an done for web part ?
    ( I think this part is not well documented did also several trials for that part )

Hi Wolfgang,

I use the docker-compose setup as explained in the openHAB cloud documentation.
So the proxy is within that docker setup I guess. Nothing I am in control atm afaik.

I do not understand the two instances part either :expressionless:

Hi again,

I reverted the whole docker-compose setup and tried the manual standard setup approach.

I setup the letsencrypt stuff, so the invalid certificate problem is gone.

Nevertheless I can still not make the home.mydomain.com part work :frowning:

I tried several configuration examples from openhab-cloud/etc at main · openhab/openhab-cloud · GitHub

I get the web GUI to work, but not the proxy part…

Atm. I have again just a white browser window when I access home.mydomain.com.
That’s the same status which I had using the docker-compose setup.
It’s so frustrating :cry:

My current nginx config is like this:

server {
listen *:443;
listen *:80;
ssl on;
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.comprivkey.pem;
server_name openhab.mydomain.com home.mydomain.com;

if ( $scheme = "http" ) {
    rewrite ^/(.*)$     https://$host/$1 permanent;
}

charset utf-8;

access_log /var/log/nginx/openhab-cloud.org-access.log;
error_log /var/log/nginx/openhab-cloud.org-error.log;
client_max_body_size 300m;


location /css {
    alias  /home/ubuntu/openhab-cloud/public/css;
    }
location /js {
    alias  /home/ubuntu/openhab-cloud/public/js;
    }
location /img {
    alias  /home/ubuntu/openhab-cloud/public/img;
    }
location /bootstrap {
    alias  /home/ubuntu/openhab-cloud/public/bootstrap;
    }
location /font-icons {
    alias  /home/ubuntu/openhab-cloud/public/font-icons;
    }
location /fonts {
    alias  /home/ubuntu/openhab-cloud/public/fonts;
    }
location /js-plugin {
    alias  /home/ubuntu/openhab-cloud/public/js-plugin;
    }
location /downloads {
    alias  /home/ubuntu/openhab-cloud/public/downloads;
    }
location / {
    proxy_pass http://localhost:3000;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Host $host;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header X-Real-IP $remote_addr ;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;
    proxy_set_header X-Forwarded-Proto https;
}

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}

My current app config.json is like that:

{
    "system": {
      "host": "openhab.mydomain.com",
      "proxyHost": "home.mydomain.com",
      "port": "443",
      "protocol": "https",
      "logger" : {
        "dir": "./logs",
        "maxFiles" : "7d",
        "level" : "debug",
        "morganOption" : null
      },
      "subDomainCookies": false,
      "muteNotifications": false
    },
    "express":{
      "key" : "some express key"
    },
    "gcm" : {
      "jid": "something@gcm.googleapis.com",
      "password": "password"
    },
    "ifttt" : {
      "iftttChannelKey" : "key",
      "iftttTestToken" : "token"
    },
    "mail": {
      "host" : "smtp",
      "port" : 465,
      "user" : "foo@bar.com",
      "pass" : "password"
    },
    "mongodb": {
        "hosts": ["127.0.0.1"],
        "db": "openhab"
    },
    "redis": {
        "host": "127.0.0.1",
        "port": "6379"
    },
    "mailer": {
        "host" : "smtp",
        "port": 465,
        "secureConnection": true,
        "user": "foo@bar.com",
        "password": "password",
        "from": "openHAB Cloud <your@email.address>"
    },
    "legal": {
        "terms" : "",
        "policy": ""
    },
    "registration_enabled": false
}

When I login to the web UI and then switch to home.mydomain.com it loads quiet a before it returns

404 Not Found

nginx/1.18.0 (Ubuntu)

The error log shows

2022/01/06 14:08:08 [error] 32454#32454: *379 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 84.113.20.35, server: openhab.mydomain.com, request: “GET /precache-manifest.924bfe288ff05ea1e57b36bc13ea7c47.js HTTP/1.1”, upstream: “http://127.0.0.1:3000/precache-manifest.924bfe288ff05ea1e57b36bc13ea7c47.js”, host: “home.mydomain.com
2022/01/06 14:08:08 [error] 32454#32454: *379 open() “/usr/share/nginx/html/50x.html” failed (2: No such file or directory), client: 84.113.20.35, server: openhab.mydomain.com, request: “GET /precache-manifest.924bfe288ff05ea1e57b36bc13ea7c47.js HTTP/1.1”, upstream: “http://127.0.0.1:3000/precache-manifest.924bfe288ff05ea1e57b36bc13ea7c47.js”, host: “home.mydomain.com
2022/01/06 14:08:08 [error] 32454#32454: *381 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 84.113.20.35, server: openhab.mydomain.com, request: “GET /service-worker.js HTTP/1.1”, upstream: “http://127.0.0.1:3000/service-worker.js”, host: “home.mydomain.com
2022/01/06 14:08:08 [error] 32454#32454: *381 open() “/usr/share/nginx/html/50x.html” failed (2: No such file or directory), client: 84.113.20.35, server: openhab.mydomain.com, request: “GET /service-worker.js HTTP/1.1”, upstream: “http://127.0.0.1:3000/service-worker.js”, host: “home.mydomain.com
2022/01/06 14:08:09 [error] 32454#32454: *384 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 84.113.20.35, server: openhab.mydomain.com, request: “GET / HTTP/1.1”, upstream: “http://127.0.0.1:3000/”, host: “home.mydomain.com
2022/01/06 14:08:09 [error] 32454#32454: *384 open() “/usr/share/nginx/html/50x.html” failed (2: No such file or directory), client: 84.113.20.35, server: openhab.mydomain.com, request: “GET / HTTP/1.1”, upstream: “http://127.0.0.1:3000/”, host: “home.mydomain.com

Any help is highly appreciated.

The configuration that I use is attached ( nginx-openhabcloud-lb.conf.txt (10.2 KB) )

It requires to start the app two times.
One time for the proxy and one time for the webapp.
Systemd startup routines are attached ( openhabcloud-web.service.txt (702 Bytes), openhabcloud-main.service.txt (649 Bytes) )

The files are based on the examples that are available on github.
It is required to remove the files’ extention ( .txt )

3 Likes

Thanks a lot Wolfgang, I assume I can make it work with your input :slight_smile:

Do you know where I can find any official documentation telling about that required setup of two app.js instances?

I haven’t found anything about. I just was reading and interpreting the code and error messages during the time I did my trials. The files I uploaded are the outcome of these trials. Although I do not have it in full production mode yet - as far as I can see - it works. Missing part is the update for my things and items with new model and the new skill to be tried.
According to a reply that I received in an other thread ( sorry, I do not remember which one it was ) it should work with one instance but I was not able to get that running although I had it running with one instance in a previous release of the openhab-cloud software.

It works for me too, thank!

1 Like

For anyone Openhab Cloud people that run into this issue in the future. Wolfgang’s config is great, you just need to edit it and change the ssl_certificate entry for both endpoints

# mydomain.com
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem #change from cert.pem

# home.mydomain.com
ssl_certificate /etc/letsencrypt/live/home.mydomain.com/fullchain.pem #change from cert.pem

Then restart your Nginx server

service nginx restart