Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Errors when trying to create new recipe #1043

Closed
familynerd opened this issue Nov 7, 2021 · 7 comments
Closed

Errors when trying to create new recipe #1043

familynerd opened this issue Nov 7, 2021 · 7 comments
Labels
setup issue possibly or definitely an issue with the user setup

Comments

@familynerd
Copy link

familynerd commented Nov 7, 2021

Issue

Installed TandoorRecipes via docker-compose. When I try to create a new recipe I can enter a name for it but then it says about 6 "There was an error fetching a resource!" Errors and stays loading the "Edit Recipe"-Page.

Setup Info

Version: 1.0.0
OS: Ubuntu

First I had the "normal" docker-compose setup with the nginx and nginx outside docker for serving different subdomains. I've now disabled the nginx and published a port for the tandoor-container itself but it stays the same behavior. As told by @vabene1111 on discord I open this Issue.

.env

# only set this to true when testing/debugging
# when unset: 1 (true) - dont unset this, just for development
DEBUG=1
SQL_DEBUG=1

# hosts the application can run under e.g. recipes.mydomain.com,cooking.mydomain.com,...
ALLOWED_HOSTS=*

# random secret key, use for example `base64 /dev/urandom | head -c50` to generate one
SECRET_KEY=HEREISTHESECRETKEY

# your default timezone See https://timezonedb.com/time-zones for a list of timezones
TIMEZONE=Europe/Berlin

# add only a database password if you want to run with the default postgres, otherwise change settings accordingly
DB_ENGINE=django.db.backends.postgresql
# DB_OPTIONS= {} # e.g. {"sslmode":"require"} to enable ssl
POSTGRES_HOST=db_recipes
POSTGRES_PORT=5432
POSTGRES_USER=djangouser
POSTGRES_PASSWORD=SUPERDUPERSECRETPASSWORD
POSTGRES_DB=djangodb

# database connection string, when used overrides other database settings.
# format might vary depending on backend
# DATABASE_URL = engine://username:password@host:port/dbname

# the default value for the user preference 'fractions' (enable/disable fraction support)
# default: disabled=0
FRACTION_PREF_DEFAULT=1

# the default value for the user preference 'comments' (enable/disable commenting system)
# default comments enabled=1
COMMENT_PREF_DEFAULT=1

# Users can set a amount of time after which the shopping list is refreshed when they are in viewing mode
# This is the minimum interval users can set. Setting this to low will allow users to refresh very frequently which
# might cause high load on the server. (Technically they can obviously refresh as often as they want with their own scripts)
SHOPPING_MIN_AUTOSYNC_INTERVAL=5

# Default for user setting sticky navbar
# STICKY_NAV_PREF_DEFAULT=1

# If base URL is something other than just /  (you are serving a subfolder in your proxy for instance http://recipe_app/recipes/)
# SCRIPT_NAME=/recipes

# If staticfiles are stored at a different location uncomment and change accordingly, MUST END IN /
# this is not required if you are just using a subfolder
# This can either be a relative path from the applications base path or the url of an external host
# STATIC_URL=/static/

# If mediafiles are stored at a different location uncomment and change accordingly, MUST END IN /
# this is not required if you are just using a subfolder
# This can either be a relative path from the applications base path or the url of an external host
# MEDIA_URL=/media/

# Serve mediafiles directly using gunicorn. Basically everyone recommends not doing this. Please use any of the examples
# provided that include an additional nxginx container to handle media file serving.
# If you know what you are doing turn this back on (1) to serve media files using djangos serve() method.
# when unset: 1 (true) - this is temporary until an appropriate amount of time has passed for everyone to migrate
GUNICORN_MEDIA=0

# S3 Media settings: store mediafiles in s3 or any compatible storage backend (e.g. minio)
# as long as S3_ACCESS_KEY is not set S3 features are disabled
# S3_ACCESS_KEY=
# S3_SECRET_ACCESS_KEY=
# S3_BUCKET_NAME=
# S3_REGION_NAME= # default none, set your region might be required
# S3_QUERYSTRING_AUTH=1 # default true, set to 0 to serve media from a public bucket without signed urls
# S3_QUERYSTRING_EXPIRE=3600 # number of seconds querystring are valid for
# S3_ENDPOINT_URL= # when using a custom endpoint like minio

# Email Settings, see https://docs.djangoproject.com/en/3.2/ref/settings/#email-host
# Required for email confirmation and password reset (automatically activates if host is set)
# EMAIL_HOST=
# EMAIL_PORT=
# EMAIL_HOST_USER=
# EMAIL_HOST_PASSWORD=
# EMAIL_USE_TLS=0
# EMAIL_USE_SSL=0
# DEFAULT_FROM_EMAIL= # email sender address (default 'webmaster@localhost')
# ACCOUNT_EMAIL_SUBJECT_PREFIX= # prefix used for account related emails (default "[Tandoor Recipes] ")

# allow authentication via reverse proxy (e.g. authelia), leave off if you dont know what you are doing
# see docs for more information https://vabene1111.github.io/recipes/features/authentication/
# when unset: 0 (false)
REVERSE_PROXY_AUTH=0

# Default settings for spaces, apply per space and can be changed in the admin view
# SPACE_DEFAULT_MAX_RECIPES=0 # 0=unlimited recipes
# SPACE_DEFAULT_MAX_USERS=0 # 0=unlimited users per space
# SPACE_DEFAULT_MAX_FILES=0 # Maximum file storage for space in MB. 0 for unlimited, -1 to disable file upload.
# SPACE_DEFAULT_ALLOW_SHARING=1 # Allow users to share recipes with public links

# allow people to create accounts on your application instance (without an invite link)
# when unset: 0 (false)
# ENABLE_SIGNUP=0

# If signup is enabled you might want to add a captcha to it to prevent spam
# HCAPTCHA_SITEKEY=
# HCAPTCHA_SECRET=

# if signup is enabled you might want to provide urls to data protection policies or terms and conditions
# TERMS_URL=
# PRIVACY_URL=
# IMPRINT_URL=

# enable serving of prometheus metrics under the /metrics path
# ATTENTION: view is not secured (as per the prometheus default way) so make sure to secure it
# trough your web server (or leave it open of you dont care if the stats are exposed)
# ENABLE_METRICS=0

# allows you to setup OAuth providers
# see docs for more information https://vabene1111.github.io/recipes/features/authentication/
# SOCIAL_PROVIDERS = allauth.socialaccount.providers.github, allauth.socialaccount.providers.nextcloud,

# Should a newly created user from a social provider get assigned to the default space and given permission by default ?
# ATTENTION: This feature might be deprecated in favor of a space join and public viewing system in the future
# default 0 (false), when 1 (true) users will be assigned space and group
# SOCIAL_DEFAULT_ACCESS = 1

# if SOCIAL_DEFAULT_ACCESS is used, which group should be added
# SOCIAL_DEFAULT_GROUP=guest

# Django session cookie settings. Can be changed to allow a single django application to authenticate several applications
# when running under the same database
# SESSION_COOKIE_DOMAIN=.example.com
# SESSION_COOKIE_NAME=sessionid # use this only to not interfere with non unified django applications under the same top level domain

# by default SORT_TREE_BY_NAME is disabled this will store all Keywords and Food in the order they are created
# enabling this setting makes saving new keywords and foods very slow, which doesn't matter in most usecases.
# however, when doing large imports of recipes that will create new objects, can increase total run time by 10-15x
# Keywords and Food can be manually sorted by name in Admin
# This value can also be temporarily changed in Admin, it will revert the next time the application is started
# This will be fixed/changed in the future by changing the implementation or finding a better workaround for sorting
# SORT_TREE_BY_NAME=0
# LDAP authentication
# default 0 (false), when 1 (true) list of allowed users will be fetched from LDAP server
#LDAP_AUTH=
#AUTH_LDAP_SERVER_URI=
#AUTH_LDAP_BIND_DN=
#AUTH_LDAP_BIND_PASSWORD=
#AUTH_LDAP_USER_SEARCH_BASE_DN=

docker-compose.yml

version: "3"
services:
  db_recipes:
    restart: always
    image: postgres:11-alpine
    volumes:
      - ./postgresql:/var/lib/postgresql/data
    env_file:
      - ./.env

  web_recipes:
    image: vabene1111/recipes
    restart: always
    ports:
      - 8889:8080
    env_file:
      - ./.env
    volumes:
      - staticfiles:/opt/recipes/staticfiles
      - ./mediafiles:/opt/recipes/mediafiles
    depends_on:
      - db_recipes

volumes:
  staticfiles:

Logs

the log-file is attached, but I can't see anything strange there, hopefully someone else can maybe see something

log_web_recipe_container.txt
d

@familynerd familynerd added the setup issue possibly or definitely an issue with the user setup label Nov 7, 2021
@MikeQufi
Copy link

MikeQufi commented Nov 8, 2021

Hi,
I experienced exactly the same error and took the same way.
Regards, Mike

@vabene1111
Copy link
Collaborator

I don not recommend removing the nginx and can only offer limited support if you do so.

Other than that the logs look like the recipe gets created just fine but no API request is made afterwards which is weird. Could you please post the output of the browser console log after creating a recipe ?

@familynerd
Copy link
Author

The recipe is created, in the space settings i can see that there are already reciepes. I've created a screenshot of the console after creating a recipe and it says that some of the ressources are blocked because they are delivered via HTTP instead of HTTPS. In my nginx settings I've configured SSL with a Let's Encrypt Certificate for that subdomain.

Looks like that could be my problem.
edit_reciep_console_log

@vabene1111
Copy link
Collaborator

Ok so the issue is one that has started appearing since the last update. It happens if django thinks that its running under http but is actually running securely. This is likely because a header is missing.

Can you go to the system page and copy the value of the debug textarea below and post it here ? also this is the post were this issue is detailed #959

@familynerd
Copy link
Author

of course :-) (just changed the ip and servername :-))

Gunicoren Media: False
Sqlite: False
Debug: True

SERVER_PROTOCOL:HTTP/1.0
REMOTE_ADDR:xxx.xxx.xxx.xxx
SERVER_PORT:8080

HTTP_HOST:rezepte.mydomain.de
HTTP_CONNECTION:close
HTTP_SEC_CH_UA:"Microsoft Edge";v="95", "Chromium";v="95", ";Not A Brand";v="99"
HTTP_SEC_CH_UA_MOBILE:?0
HTTP_SEC_CH_UA_PLATFORM:"Windows"
HTTP_UPGRADE_INSECURE_REQUESTS:1
HTTP_DNT:1
HTTP_SEC_FETCH_SITE:same-origin
HTTP_SEC_FETCH_MODE:navigate
HTTP_SEC_FETCH_USER:?1
HTTP_SEC_FETCH_DEST:document
HTTP_USER_AGENT:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Edg/95.0.1020.30
HTTP_ACCEPT:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9
HTTP_REFERER:https://rezepte.mydomain.de/search/
HTTP_ACCEPT_ENCODING:gzip, deflate, br
HTTP_ACCEPT_LANGUAGE:de,de-DE;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6
HTTP_COOKIE:csrftoken=Q4JvyHy2qahz6O6FcrtYYcMGMaRKAyZNJk61vDx4qR6iUf9tQeEo2rmDtTMwOReW; sessionid=wyquktuj4i9ezspz6kxmdbhgcpvnl1yu

wsgi.errors:<gunicorn.http.wsgi.WSGIErrorsWrapper object at 0x7efefee46850>
wsgi.version:(1, 0)
wsgi.multithread:False
wsgi.multiprocess:False
wsgi.run_once:False
wsgi.file_wrapper:
wsgi.input_terminated:True
wsgi.input:<gunicorn.http.body.Body object at 0x7efefee46e20>
wsgi.url_scheme:http

@familynerd
Copy link
Author

familynerd commented Nov 8, 2021

Thanks for your help, with a little bit into #959 i've found a working solution.

I've changed my nginx-config to $http_host like mentioned there and added

proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Proto https;

After adding the protocol and restarting the nginx i can now see my recipes and got rid of the mixed content errors.

this is my nginx config:

server {
    server_name rezepte.mydomain.de;

    location / {
        proxy_set_header X-Forwarded-Host $http_host;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Proto https;
        proxy_pass http://127.0.0.1:8889;
        proxy_redirect off;
    }

    #listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/rezepte.mydomain.de/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/rezepte.mydomain.de/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
    if ($host = rezepte.mydomain.de) {
        return 301 https://$http_host$request_uri;
    } # managed by Certbot

    listen 80;
    listen [::]:80;

    server_name Rezepte.mydomain.de;
    return 404; # managed by Certbot
}

@vabene1111
Copy link
Collaborator

awesome, glad it works now :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
setup issue possibly or definitely an issue with the user setup
Projects
None yet
Development

No branches or pull requests

3 participants