Loomio
Thu 18 May 2017 7:39PM

SSL errors in loomio container. Homelab setup behind a firewall.

GB Gustavo Benjamin Public Seen by 40

Hi!,
I have installed loomio following loomio-deploy guide, in a debian jessie VM. I can create a user and a group, but something is going wrong, because the application has a very strange behavior. For example, I can't logout. I am attaching a file with the ssl error that I'm getting in this case. As suggested in some places, I have installed ca-certificates in loomio and worker containers and updated, ssl software with no result. Can anyone point me some clues, on how can I solve this. I am not a rails developer and have no idea where else to look at. Thanks in advance

RG

Robert Guthrie Mon 22 May 2017 12:29AM

Hi Gustavo,
The errors you're getting are happening when Loomio is trying to send message via FAYE, the websocket server used for live updates.

Seems like you need to sort out SSL with the FAYE container

GB

Gustavo Benjamin Mon 3 Jul 2017 9:54PM

Hi Robert,

Finally I realized what was happening, and so changed the thread title, to better reflect the situation.

My setup

In my setup, I am behind a firewall from which I am redirecting ports 80, 443 and 25 to a debian jessie VM with a local IP, where I installed loomio, following loomio-deploy instructions. Not exactly your recommended setup, but I thought it would work anyway. Not the case.

What I learned

The ssl errors I was getting, and the strange behaviour (basically loomio not updating the web interface) was because the loomio and worker containers, could not connect to the faye container. They were resolving the faye container IP, as the external IP of my firewall. Of course, they were no redirected by the firewall to my local VM, because the firewall rules are for connections coming from the internet.

My solution

My solution was to craft a new docker-compose.yml, using version 2 of docker-compose syntax. This way, I could define an alias for the nginx container, as faye.mydomain, and let the nginx container handle the ssl connection and redirection to the faye container. I am attaching a sample docker compose. Probably there are better solutions, but this worked for me.

RG

Robert Guthrie Tue 4 Jul 2017 2:08AM

Thanks for sharing how you got on. Well done working it out.