*'user that runs CouchDB needs to be a sudoer in order to bind to a port less that 1024'* I'm running CouchDb on a brand new DigitalOcean Ubuntu server. When I run commands I log in as root. I haven't even created a different user than root yet (I know this is necessary for security reasons and will do it. But I wanted to keep things simple until they work). So when a connection is refused, I thought there must be a different reason apart from user rights (which is exactly why I haven't created another user yet). But being a linux noob who knows...
*'since you have used a bind_address of 0.0.0.0… you should be able to access couchdb just by opening your browser to "http://arteigenschaften.ch <http://arteigenschaften.ch/>:5984"'* Yes, I get '{"couchdb":"Welcome","uuid":"806d95c490ca9743488a1257d71dd8d4","version":"1.4.0","vendor":{"name":"The Apache Software Foundation","version":"1.4.0"}}'. Goal is to open "/artendb/_design/artendb/index.html" *'and your rewrites should just work'* No, they don't *'provided you have good "from" and "to" specified'* This is what I'm trying: "from": "/artendb/_design/artendb", "to": "" *'and port 5984 isn't blocked from external access for some reason.'* How would I know? 'sudo ufw status' gives: inactive 'sudo netstat -ntlp | grep :80' gives: nothing 'sudo netstat -ntlp | grep :5984' gives: tcp 0 0 0.0.0.0:5984 0.0.0.0:* LISTEN 8827/beam 'sudo netstat -tulpn' gives: Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5984 0.0.0.0:* LISTEN 8827/beam tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 834/sshd tcp6 0 0 :::22 :::* LISTEN 834/sshd Thanks a lot for this help! Alex 2013/11/12 Jim Klo <jim....@sri.com> > Like Bob mentioned… the user that runs CouchDB needs to be a sudoer in > order to bind to a port less that 1024. > > > On Nov 12, 2013, at 2:27 AM, Alexander Gabriel <a...@barbalex.ch> > wrote: > > Hi Jim > > I had some trouble configuring my local.ini file. > > Setting > > [httpd] > port = 80 > > doesn't work because I get a "Connection refused" answer when connecting > with curl. > > > see above comment. > > The only way I got it working was: > > [httpd] > port = 5984 > bind_address = 0.0.0.0 > > then redirecting form 5984 to 80: "iptables -t nat -A PREROUTING -p tcp > --dport 80 -j REDIRECT --to-ports 5984" > > Is this the reason form my trouble with rewrites? > > > I'm definitely not an iptables guy… I'd have to look at the manpage to > figure out exactly what that incantation maps to… as well see the other > rules you have enabled, since they can effect what you add. Typicaly to > make that kind of change to iptables, you'd need to: > > *sudo* iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT > --to-ports 5984 > > Since I'm usually running both CouchDB and an application server or some > sort on the same machine - I typically use NGINX or Apache to do a reverse > proxy if I need external access to couchdb as I can be a bit more fine > grained than iptables. > > > The vhost I set was: arteigenschaften.ch:5984 = > /artendb/_design/artendb/_rewrite > > > since you have used a bind_address of 0.0.0.0… you should be able to > access couchdb just by opening your browser to > "http://arteigenschaften.ch:5984";, > and your rewrites should just work, provided you have good "from" and "to" > specified, and port 5984 isn't blocked from external access for some > reason. > > If you want it to work on port 80, besides getting you iptables > configuration working, you also need a vhost entry in CouchDB local.ini > file: > > arteigenschaften.ch:80=/artendb/_design/artendb/_rewrite > > I believe you can have multiple vhosts just using different ports or I > think you can omit the port and it will redirect from any port. Unless you > are trying to access different rewrite handlers from the same domain using > different ports, it's pretty safe to just omit the port number AFAIK. > >
