I tried to set up Forem using the instructions through GCP, but when I go to the IP the playbook gave me, it says it can't establish a secure connection. I tried setting up my domain to redirect to it anyway, and am still hitting the same issue. The response given is SSL_INTERNAL_ERROR_ALERT. The instructions for Forem aren't terribly clear for those of us who don't use these tools on a daily basis, but I would really like to make this a success (and foremctl seems like it will be really cool once the site can actually be reached).
For further actions, you may consider blocking this person and/or reporting abuse
Top comments (21)
Hey! We definitely want this to be a success for you too. Can you walk me through the last few steps you took before you got this error so I can help you debug this?
After you provisioned the ansible-playbook for Google Cloud did you set up the DNS for your website?
And if so, were you able to run the command
systemctl restart forem-traefik.service
via SSH to restart your Forem VM?I've been trying to figure out how to get it to do that. This is my first time working with GCP. DreamHost is my domain registrar. I have an A record at DreamHost with the IP from the playbook. I cannot access the site from the IP either.
Ok thank you.
If you have set up DNS with DreamHost can you go to your terminal and type in the following command:
dig <you url>
And then see if the ip address in the Answer Section looks the same as your IP address?
Here is an example using dig with google.com. Check the section with the red box and see if the IP address matches the one you put in DreamHost:
After that is confirmed I can help you with the next step.
The answer section and the A record both match. I just checked and logged into DreamHost to make sure.
Ok great! So DNS is set up correctly and we can now go to the next step.
Next step:
If you haven't done it already you will need to SSH in to your Forem server. You have to do this to restart your Forem once DNS is set up.
You can do this with the following command:
ssh core@<SERVER IP ADDRESS>
`ssh core@
So for my community I can run
ssh core@rootlinux.tech
or I could use the IP address instead of the url.You should see something like this in your terminal:
You may be asked to may see a warning that about the authenticity of the host and it will ask you to accept the
fingerprint
you can typeyes
in your terminal here.Once you are connected you can then run this command to restart your Forem:
sudo systemctl restart forem-traefik.service
After that you should be able to navigate to your URL and see your Forem.
Let me know if you get stuck on any of those steps.
So, I SSH'd in, and ran the command, and the site is still not up. Same error. Is there a set of logs I need to dump somewhere? This is a stack I'm unfamiliar with, although I've used Rails lightly in the past.
Hey our systems team said you can use the
journalctl
command to view logs.To output logs for a single service to file:
Also they wanted me to ask when you orginially cloned the repo. If it was before Aug 9th you may need to repull the repo and rebuild your Forem from scratch because of the PR below.
Add retry logic to forem-container service #32
This backports a fix for an issue seen in Forem Cloud, where
forem-container.service
would run too quickly on initial boot, and be unable to pull the app container image down (but the service wouldn't fail, due to theexit 0
in the affectedif
block insideforemimg
).Gonna have to repull. The output of git show says the last commit was July 27th by you, actually lol
Let me know if you run in to any more trouble after you repull. I'm happy to help debug any more issues.
So, I just got done re-pulling and doing everything over. I deleted the original VM in GCP as well. Re-pulled from scratch, went through the motions, STILL getting an internal SSL error, same as before. Even re-ran the Traefik command in the VM. I can Zoom if you or any other staff are available, I followed the instructions down to a T. The most I can think of is user error in the GCP admin console, but even then I went through that to a T as well. I'm actually pretty frustrated right now. I don't know many web apps that are this difficult to get running...or maybe I'm just getting old lmao
I'm away from my computer right now but I'd be happy to set up a quick zoom call with you this week to see if we can debug this error you are getting.
I'll get back to you tomorrow morning with some possible times to see if you are available.
@coffeecraftcode I just took a log dump like recommended as well. It's a lot to post, and there's sensitive information in it such as IPs, connections made, etc, and in the interest of security I can't post it here. HOWEVER, Traefik appears to not be working even after restarting the service. It seems to loop, trying to create a cert, cert not working, failure to abort process, repeat. Too long to exactly to paste here.
Yeah, don't worry about pasting the logs here. Let's set up a time this week to chat over zoom and see if can help.
Thank you so much! I appreciate the work you and the kind folks at DEV do! :-)
I have some time available tomorrow and Friday. Let me know if any of the times/days work for you.
calendly.com/christina-forem/30min
Do you have any times available next Monday or Tuesday?
I added some time on Monday and Tuesday.
calendly.com/christina-forem/30min
I'm sorry, I'm gonna have to wait for a day off it looks like. Most days I work 11AM-10PM.
If you happen to have a Calendly you could send me a link and I can see if there is a time available for both of us? Maybe that would be easier for you 😄
Yeah, I'll set one up
I don't know if it's relevant but I ran into a similar issue that ended up being related to HTTPS-only config in Cloudflare. Maybe GCP is doing something similar? I detailed my experience here: github.com/derekenos/forem-selfhos...