ok Joan, thanks for your help. one final question : is this email list we're using here archived on the web anywhere? if so, where?
On Tue, Aug 13, 2019 at 7:19 AM Joan Touzet <[email protected]> wrote: > It doesn't look like CouchDB is listening on port 5984 at all if it's > refusing any connections there. > > Sorry, I'm out of ideas. I recommend you hop on the CouchDB Slack > (instructions at https://couchdb.apache.org/) and get some real-time help. > > On 2019-08-13 12:41 a.m., Rene Veerman wrote: > > total disobedience ;) > > > > root@albatross:/opt/couchdb/etc# curl --verbose http://localhost:5984/ > > * Trying 127.0.0.1... > > * TCP_NODELAY set > > * connect to 127.0.0.1 port 5984 failed: Connection refused > > * Failed to connect to localhost port 5984: Connection refused > > * Closing connection 0 > > curl: (7) Failed to connect to localhost port 5984: Connection refused > > root@albatross:/opt/couchdb/etc# curl --verbose https://localhost:5984/ > > * Trying 127.0.0.1... > > * TCP_NODELAY set > > * connect to 127.0.0.1 port 5984 failed: Connection refused > > * Failed to connect to localhost port 5984: Connection refused > > * Closing connection 0 > > curl: (7) Failed to connect to localhost port 5984: Connection refused > > root@albatross:/opt/couchdb/etc# > > > > On Tue, Aug 13, 2019 at 6:40 AM Joan Touzet <[email protected]> wrote: > > > >> What output do you get for: > >> > >> curl --verbose http://localhost:5984/ > >> > >> curl --verbose https://localhost:5984/ > >> > >> Let's get that working first before we try and sort out whatever the > >> heck is going on with .app domains. > >> > >> -Joan > >> > >> On 2019-08-13 12:38 a.m., Rene Veerman wrote: > >>> and the log : > >>> > >>> root@albatross:/opt/couchdb/etc# rm /var/log/couchdb/couchdb.log > >>> root@albatross:/opt/couchdb/etc# service couchdb restart > >>> root@albatross:/opt/couchdb/etc# cat /var/log/couchdb/couchdb.log > >>> [info] 2019-08-13T04:30:19.782183Z [email protected] <0.9.0> -------- > >>> Application couch_log started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.784813Z [email protected] <0.9.0> -------- > >>> Application folsom started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.809271Z [email protected] <0.9.0> -------- > >>> Application couch_stats started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.809378Z [email protected] <0.9.0> -------- > >>> Application khash started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.813194Z [email protected] <0.9.0> -------- > >>> Application couch_event started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.813291Z [email protected] <0.9.0> -------- > >>> Application hyper started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.816832Z [email protected] <0.9.0> -------- > >>> Application ibrowse started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.819801Z [email protected] <0.9.0> -------- > >>> Application ioq started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.819931Z [email protected] <0.9.0> -------- > >>> Application mochiweb started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.824769Z [email protected] <0.212.0> > -------- > >>> Apache CouchDB 2.3.1 is starting. > >>> > >>> [info] 2019-08-13T04:30:19.824829Z [email protected] <0.213.0> > -------- > >>> Starting couch_sup > >>> [notice] 2019-08-13T04:30:19.830479Z [email protected] <0.96.0> > -------- > >>> config: [features] pluggable-storage-engines set to true for reason nil > >>> [info] 2019-08-13T04:30:19.889337Z [email protected] <0.212.0> > -------- > >>> Apache CouchDB has started. Time to relax. > >>> > >>> [info] 2019-08-13T04:30:19.889419Z [email protected] <0.212.0> > -------- > >>> Apache CouchDB has started on http://127.0.0.1:5986/ > >>> [info] 2019-08-13T04:30:19.889518Z [email protected] <0.9.0> -------- > >>> Application couch started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.889624Z [email protected] <0.9.0> -------- > >>> Application ets_lru started on node '[email protected]' > >>> [notice] 2019-08-13T04:30:19.909310Z [email protected] <0.276.0> > >> -------- > >>> rexi_server : started servers > >>> [notice] 2019-08-13T04:30:19.911977Z [email protected] <0.280.0> > >> -------- > >>> rexi_buffer : started servers > >>> [info] 2019-08-13T04:30:19.912108Z [email protected] <0.9.0> -------- > >>> Application rexi started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.933416Z [email protected] <0.9.0> -------- > >>> Application mem3 started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.933443Z [email protected] <0.9.0> -------- > >>> Application fabric started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.943825Z [email protected] <0.9.0> -------- > >>> Application chttpd started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.950696Z [email protected] <0.9.0> -------- > >>> Application couch_index started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.950722Z [email protected] <0.9.0> -------- > >>> Application couch_mrview started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.950809Z [email protected] <0.9.0> -------- > >>> Application couch_plugins started on node '[email protected]' > >>> [notice] 2019-08-13T04:30:19.980249Z [email protected] <0.96.0> > -------- > >>> config: [features] scheduler set to true for reason nil > >>> [info] 2019-08-13T04:30:19.990117Z [email protected] <0.9.0> -------- > >>> Application couch_replicator started on node '[email protected]' > >>> [info] 2019-08-13T04:30:19.994567Z [email protected] <0.9.0> -------- > >>> Application couch_peruser started on node '[email protected]' > >>> [info] 2019-08-13T04:30:20.001778Z [email protected] <0.9.0> -------- > >>> Application ddoc_cache started on node '[email protected]' > >>> [info] 2019-08-13T04:30:20.010320Z [email protected] <0.9.0> -------- > >>> Application global_changes started on node '[email protected]' > >>> [info] 2019-08-13T04:30:20.010341Z [email protected] <0.9.0> -------- > >>> Application jiffy started on node '[email protected]' > >>> [info] 2019-08-13T04:30:20.013833Z [email protected] <0.9.0> -------- > >>> Application mango started on node '[email protected]' > >>> [info] 2019-08-13T04:30:20.017261Z [email protected] <0.9.0> -------- > >>> Application setup started on node '[email protected]' > >>> [info] 2019-08-13T04:30:20.017321Z [email protected] <0.9.0> -------- > >>> Application snappy started on node '[email protected]' > >>> root@albatross:/opt/couchdb/etc# > >>> > >>> > >>> > >>> On Tue, Aug 13, 2019 at 6:38 AM Rene Veerman <[email protected]> > >>> wrote: > >>> > >>>> included below here is the log of restarting couchdb, it looks > >> completely > >>>> normal to me. > >>>> i've included it so others won't have to guess what's in it. > >>>> > >>>> and yeah, when i bought the .app domain, they didn't mention enforced > >>>> https. > >>>> but hey, lets just update the docs and make this simple, shall we? > >>>> coz it seems according to the article posted by Jonathan just now, > >>>> that this is an encroaching "problem". > >>>> > >>>> and probably a non-problem for someone skilled at crypto setups on > >> ubuntu. > >>>> > >>>> ehm, i'm hesitant to try out the lets encrypt service ( > >>>> https://letsencrypt.org/getting-started/ ), > >>>> because i fear Google would enforce somehow, with another cryptic > >> browser > >>>> error, > >>>> that i use the same certificate as for regular https traffic to apache > >> on > >>>> the same machine. > >>>> > >>>> and since my primary use for couchdb is AJAX access from the browser > >> with > >>>> a javascript plugin, > >>>> this could be a real stubborn problem if i try letsencrypt. > >>>> > >>>> i may try it out later, ok... > >>>> i wanna get some coding work done too today. > >>>> > >>>> On Tue, Aug 13, 2019 at 6:25 AM Jonathan Aquilina < > >> [email protected]> > >>>> wrote: > >>>> > >>>>> Also have you tried to use a lets encrypt free SSL certificate? > >>>>> > >>>>> > >>>>> -----Original Message----- > >>>>> From: Rene Veerman <[email protected]> > >>>>> Sent: Tuesday, 13 August 2019 06:13 > >>>>> To: [email protected] > >>>>> Subject: Re: running couchdb on a .app domain (https enforced) > >>>>> > >>>>> ok, i followed your instructions to the letter, Joan. > >>>>> > >>>>> and with a self-signed key, i'm now stuck at ERR_CONNECTION_REFUSED > >> when > >>>>> connecting to the domain name. > >>>>> and i'm getting the same error when trying to connect to > >> localhost:5984, > >>>>> and even to 127.0.0.1, same error. > >>>>> > >>>>> could it be that Google (who run the .app TLD) enforces a real > >>>>> certificate? > >>>>> like the one i used on regular apache on the same machine? > >>>>> > >>>>> problem is, i can't find any step by step guide to get me to that > >>>>> key_file, cert_file, cacert_file setup... :( > >>>>> > >>>>> and anyone who's not an expert at this sorta thing is probably going > to > >>>>> run into the same problems. > >>>>> > >>>>> a couchdb installer that fails to ask for the simple files provided > by > >>>>> domain registrars (where you buy the certificate for a .app domain) > >> that > >>>>> are also fed to the regular apache daemon to make regular https to > the > >>>>> webserver work. > >>>>> > >>>>> normally you'd google yourself through that, like i did with apache > >>>>> itself, but here the online documentation is also quite lacking. > >>>>> > >>>>> i don't want to look a gift horse in the mouth of course, i'm a > >>>>> programmer myself, and i hate documentation work like the next guy, > >> but in > >>>>> this case, couchdb programmers, we could use at least a simple setup > >>>>> article (mentioned in the documentation, website, and installer for > >> couch), > >>>>> and then later or even straight away, that input request in the > couchdb > >>>>> installer. > >>>>> > >>>>> it sucks to have to remember the ins and outs of a OS sub system just > >> to > >>>>> get it to work, and then go through the same difficult process of > >> finding > >>>>> the right settings, > >>>>> > >>>>> when you need to re-install a machine a few months or years later. > >>>>> > >>>>> anyways, > >>>>> thanks for the help so far, people. > >>>>> > >>>>> but i'm still stuck, and would love some more good simple pointers. > >>>>> > >>>>> > >>>>> On Mon, Aug 12, 2019 at 7:48 PM Joan Touzet <[email protected]> > wrote: > >>>>> > >>>>>> CouchDB with SSL has 2 ports for general access: 5984, and 6984. > >>>>>> > >>>>>> 5984 is the insecure http version of the port. You can't turn it off > >>>>>> easily in CouchDB 2.3.1, but you can change what port it appears > at. I > >>>>>> recommend firewalling access to this port immediately. > >>>>>> > >>>>>> If you enable SSL, that'll be on port 6984 by default. You may have > >>>>>> changed it to port 7984. That's the one you want the world to see. > It > >>>>>> shares the same address binding as the insecure 5984 port, so you > must > >>>>>> bind both to 0.0.0.0 to see this externally. > >>>>>> > >>>>>> Do *not* change the settings for the administrative port (5986). > Leave > >>>>>> this bound only to 127.0.0.1. > >>>>>> > >>>>>> Since you're having so much trouble, I'll write up the settings you > >>>>>> need. The following has: > >>>>>> > >>>>>> * Standard (http) port bound to 0.0.0.0:1234 (*firewall this*!!) > >>>>>> * SSL (https) port bound to 0.0.0.0:5984 (this is the one you want) > >>>>>> * Administrative port bound only to 127.0.0.1:5986 > >>>>>> * **BE SURE TO RESTORE THE ORIGINAL DEFAULT.INI FILE WE SHIP > FIRST.** > >>>>>> > >>>>>> After changing this file, kill all running CouchDB processes, then > >>>>>> restart CouchDB. > >>>>>> > >>>>>> ``` > >>>>>> [chttpd] > >>>>>> port = 1234 > >>>>>> bind_address = 0.0.0.0 > >>>>>> > >>>>>> [httpd] > >>>>>> port = 5986 > >>>>>> bind_address = 127.0.0.1 > >>>>>> > >>>>>> [ssl] > >>>>>> port = 5984 > >>>>>> key_file = YOUR PATH HERE > >>>>>> cert_file = YOUR CERT HERE > >>>>>> cacert_file = YOUR CACERT HERE > >>>>>> ``` > >>>>>> > >>>>>> > >>>>>> > >>>>>> On 2019-08-12 8:18, Adam Kocoloski wrote: > >>>>>>> This means something else is already listening on one of the ports > >>>>>>> that > >>>>>> CouchDB is trying to use. > >>>>>>> > >>>>>>> Adam > >>>>>>> > >>>>>>>> On Aug 12, 2019, at 3:24 AM, Rene Veerman < > [email protected]> > >>>>>> wrote: > >>>>>>>> > >>>>>>>> eaddrinuse > >>>>>>> > >>>>>> > >>>>>> > >>>>> > >>>> > >>> > >> > > >
