I'm trying to set up a CouchDB 2.0 instance up on my CentOS 7 server. I've got it installed and running as a systemd service and it responses with its friendly hello world message when I access it from the server using 127.0.0.1 or 0.0.0.0
$ curl 127.0.0.1:5984 {"couchdb":"Welcome","version":"2.0.0","vendor":{"name":"The Apache Software Foundation"}} $ curl 0.0.0.0:5984 {"couchdb":"Welcome","version":"2.0.0","vendor":{"name":"The Apache Software Foundation"}} in my local.ini file I've configed the bind_address to 0.0.0.0 [httpd] bind_address = 0.0.0.0 My understanding was that if I had this bind address I could connect to port 5984 from any ip address open in my firewall I'm using firewalld for my firewall and I've configured it to open port 5984 This config is confirmed by listing the configuration of the public zone: $ sudo firewall-cmd --zone=public --list-all public (active) target: default icmp-block-inversion: no interfaces: eth0 sources: services: couchdb2 dhcpv6-client http https ssh ports: 443/tcp 5984/tcp protocols: masquerade: no forward-ports: sourceports: icmp-blocks: rich rules: I've also created a service called couchdb2 at /etc/firewalld/services/couchdb2.xml with XML: <service> <short>couchdb2</short> <description>CouchDB 2.0 Instance</description> <port protocol="tcp" port="5984"/> </service> >From what I know about firewalld I should be able to receive connection on 5984 now but when I curl from my laptop my connection is refused: $ curl my-server:5984 --verbose * Rebuilt URL to: my-server:5984/ * Trying <my-ip>... * connect to <my-ip> port 5984 failed: Connection refused * Failed to connect to my-server port 5984: Connection refused * Closing connection 0 When I connect to the couchdb instance locally via either 127.0.0.1 or 0.0.0.0 I can see the 200 response in my couchdb log: $ sudo journalctl -u couchdb2 ... [notice] 2017-06-06T00:35:01.159244Z couchdb@localhost <0.3328.0> 222d655c69 0.0.0.0:5984 127.0.0.1 undefined GET / 200 ok 28 [notice] 2017-06-06T00:37:21.819298Z couchdb@localhost <0.5598.0> 2f8986d14b 127.0.0.1:5984 127.0.0.1 undefined GET / 200 ok 1 But when I curled from my laptop nothing shows up in the couchdb log for the Connection Refused error. I tried to figure out if firewalld was blocking the connection to CouchDB by looking in the logs.I turned on logging by editing the FIREWALLD_ARGS at /etc/sysconfig/firewalld FIREWALLD_ARGS=--debug=10 I restart firewalld and confirm its running at debug level 10: $ sudo systemctl status firewalld Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2017-06-13 16:41:26 EDT; 28min ago Docs: man:firewalld(1) Main PID: 25209 (firewalld) CGroup: /system.slice/firewalld.service └─25209 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid --debug=10 Then I curl from my laptop again, get a connection refused error, and look at the logs: $ tail -n 64 /var/log/firewalld 2017-06-13 16:41:26 DEBUG1: config.ZoneAdded('trusted') 2017-06-13 16:41:26 DEBUG1: config.zone.8.GetAll('org.fedoraproject.FirewallD1.config.zone') 2017-06-13 16:41:26 DEBUG1: config.ZoneAdded('work') 2017-06-13 16:41:26 DEBUG1:config.GetAll('org.fedoraproject.FirewallD1.config') These are config messages from when firewalld restarted. There's nothing logged regarding the connection refused. I'm not sure if firewalld would log a connection that passed through to CouchDB on 5984 or not. Maybe it got through to CouchDB and this is a CouchDB issue? To the best of my knowledge both CouchDB and firewalld are configured correctly, but its not working like I expected. Any help would be appreciated, whether you know the problem or whether you can just help me discern if the problem is related to CouchDB or firewalld.