Re: can't get couchdb to work on https

[Bill Stephenson <bi...@cherrypc.com.INVALID>]

FWIW, I tried the instructions I provided earlier this week and didn’t get them to work again. I don’t know if it’s a change made by Let’s Encrypt or I forget exactly what I did. 

I’ll go through the process setting up a Digital Ocean vps again as soon as I get some time because getting those certs configured has always been a bit of a pain and it’d be a good thing to nail that process down.

If anyone has a list of instruction on setting up haproxy they can share I’d be glad to have them and give that a shot too.


Kindest Regards,

Bill Stephenson
Tech Support
www.cherrypc.com <http://www.ezinvoice.com/>
1-417-546-8390




> On Apr 30, 2020, at 3:56 PM, Joan Touzet <wo...@apache.org> wrote:
> 
> On 2020-04-30 16:22, Rene Veerman wrote:
>> i'm really only looking for a quick and easy way to getting https to work
>> again..
> 
> Bill Stephenson gave you a step-by-step that seemed reasonable to me.
> 
>> do the creators of couchdb read this mailinglist?
> 
> Yes.
> 
> Most of us terminate SSL ahead of CouchDB at a reverse proxy (such as haproxy). Some of us have even contemplated dropping native SSL support in CouchDB entirely, because configuring it is a bit of a pain, as you've found. But it can be done, and it does work.
> 
> For SSL in pure CouchDB, when I must, I use something like EasyRSA:
> 
>  https://github.com/OpenVPN/easy-rsa
> 
> to generate the certs, then munge them together and start it. It works OK. But I do this about once every 2 years max.
> 
> -Joan "Erlang's SSL support isn't great" Touzet
> 
> 
>> On Sun, Apr 26, 2020 at 3:04 PM Joel Jucá <jo...@gmail.com> wrote:
>>> Rene,
>>> 
>>> Your problem seems to be infrastructure-related, rather than CouchDB
>>> related. I would recommend you to read about Infrastructure as Code. This
>>> is a practice that allows a developer to declare its infrastructure (in
>>> your specific case, server configuration) and have some sort of
>>> reproducibility from it. Then, you could also understand every single
>>> change made to your server infrastructure - and even share it as a Gist,
>>> for instance, and have some sort of feedback/pull request directly on it.
>>> 
>>> I would recommend you Ansible (
>>> https://www.ansible.com/resources/get-started).
>>> It's a great solution that allows you to declare your server configuration
>>> as YAML files and use it within Ansible CLI to reproduce the declared
>>> configuration on a targeted server (eg: your Ubuntu-powered CouchDB
>>> server).
>>> 
>>> I've struggled a lot with server configuration back in 2010-2012 when I was
>>> a full-stack PHP/Drupal developer, and after discovering Ansible I could
>>> never imagine myself handling performing a complex task (server
>>> configuration) manually!
>>> 
>>> I hope it helps you in some way.
>>> 
>>> On Sat, Apr 25, 2020 at 6:28 PM Rene Veerman <se...@gmail.com>
>>> wrote:
>>> 
>>>> yes, i did..
>>>> 
>>>> On Sat, Apr 25, 2020 at 9:16 PM Bill Stephenson
>>> <bill@cherrypc.com.invalid
>>>>> 
>>>> wrote:
>>>> 
>>>>> Did you do a "sudo ufw allow 6984”?
>>>>> 
>>>>> 
>>>>> Kindest Regards,
>>>>> 
>>>>> Bill Stephenson
>>>>> Tech Support
>>>>> www.cherrypc.com <http://www.ezinvoice.com/>
>>>>> 1-417-546-8390
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>>> On Apr 25, 2020, at 9:28 AM, Rene Veerman <se...@gmail.com>
>>>>> wrote:
>>>>>> 
>>>>>> also (FYI) : i have already entered the right port forwarding
>>> commands
>>>>> into
>>>>>> my ADSL modem..
>>>>>> 
>>>>>> On Sat, Apr 25, 2020 at 4:21 PM Rene Veerman <
>>> seductiveapps@gmail.com>
>>>>>> wrote:
>>>>>> 
>>>>>>> that gets me a 'connection refused' :
>>>>>>> 
>>>>>>> ('albatross' === localhost === nicer.app)
>>>>>>> 
>>>>>>> root@albatross:/opt/couchdb/letsencrypt# service couchdb stop
>>>>>>> root@albatross:/opt/couchdb/letsencrypt# telnet localhost 6984
>>>>>>> Trying 127.0.0.1...
>>>>>>> telnet: Unable to connect to remote host: Connection refused
>>>>>>> root@albatross:/opt/couchdb/letsencrypt# telnet nicer.app 6984
>>>>>>> Trying 127.0.0.1...
>>>>>>> Trying 82.161.37.94...
>>>>>>> telnet: Unable to connect to remote host: Connection refused
>>>>>>> root@albatross:/opt/couchdb/letsencrypt#
>>>>>>> 
>>>>>>> On Sat, Apr 25, 2020 at 1:41 PM Florian Westreicher <
>>>>> stuff@meredrica.org>
>>>>>>> wrote:
>>>>>>> 
>>>>>>>> Did you try to telnet to the port while couchdb is down? If there
>>> is
>>>> no
>>>>>>>> open port, telnet won't connect.
>>>>>>>> 
>>>>>>>> 
>>>>>>>> On April 25, 2020 03:50:56 Rene Veerman <se...@gmail.com>
>>>>> wrote:
>>>>>>>> 
>>>>>>>>>> 
>>>>>>>>>> unfortunately that didn't fix things either. i'm still stuck at
>>> the
>>>>>>>>>> eaddrinuse error..
>>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> [info] 2020-04-25T01:49:15.730815Z couchdb@127.0.0.1 <0.232.0>
>>>>> --------
>>>>>>>>> Apache CouchDB has started on https://0.0.0.0:6984/
>>>>>>>>> [info] 2020-04-25T01:49:15.731032Z couchdb@127.0.0.1 <0.11.0>
>>>>> --------
>>>>>>>>> Application couch started on node 'couchdb@127.0.0.1'
>>>>>>>>> [info] 2020-04-25T01:49:15.731178Z couchdb@127.0.0.1 <0.11.0>
>>>>> --------
>>>>>>>>> Application ets_lru started on node 'couchdb@127.0.0.1'
>>>>>>>>> [notice] 2020-04-25T01:49:15.737605Z couchdb@127.0.0.1 <0.284.0>
>>>>>>>> --------
>>>>>>>>> rexi_server : started servers
>>>>>>>>> [notice] 2020-04-25T01:49:15.738914Z couchdb@127.0.0.1 <0.288.0>
>>>>>>>> --------
>>>>>>>>> rexi_buffer : started servers
>>>>>>>>> [info] 2020-04-25T01:49:15.739062Z couchdb@127.0.0.1 <0.11.0>
>>>>> --------
>>>>>>>>> Application rexi started on node 'couchdb@127.0.0.1'
>>>>>>>>> [notice] 2020-04-25T01:49:15.786354Z couchdb@127.0.0.1 <0.318.0>
>>>>>>>> --------
>>>>>>>>> mem3_reshard_dbdoc start init()
>>>>>>>>> [notice] 2020-04-25T01:49:15.790014Z couchdb@127.0.0.1 <0.320.0>
>>>>>>>> --------
>>>>>>>>> mem3_reshard start init()
>>>>>>>>> [notice] 2020-04-25T01:49:15.790112Z couchdb@127.0.0.1 <0.321.0>
>>>>>>>> --------
>>>>>>>>> mem3_reshard db monitor <0.321.0> starting
>>>>>>>>> [notice] 2020-04-25T01:49:15.792025Z couchdb@127.0.0.1 <0.320.0>
>>>>>>>> --------
>>>>>>>>> mem3_reshard starting reloading jobs
>>>>>>>>> [notice] 2020-04-25T01:49:15.792087Z couchdb@127.0.0.1 <0.320.0>
>>>>>>>> --------
>>>>>>>>> mem3_reshard finished reloading jobs
>>>>>>>>> [info] 2020-04-25T01:49:15.792900Z couchdb@127.0.0.1 <0.11.0>
>>>>> --------
>>>>>>>>> Application mem3 started on node 'couchdb@127.0.0.1'
>>>>>>>>> [info] 2020-04-25T01:49:15.793024Z couchdb@127.0.0.1 <0.11.0>
>>>>> --------
>>>>>>>>> Application fabric started on node 'couchdb@127.0.0.1'
>>>>>>>>> [error] 2020-04-25T01:49:15.796505Z couchdb@127.0.0.1 <0.330.0>
>>>>>>>> --------
>>>>>>>>> CRASH REPORT Process  (<0.330.0>) with 0 neighbors exited with
>>>> reason:
>>>>>>>>> eaddrinuse at gen_server:init_it/6(line:349) <=
>>>>>>>>> proc_lib:init_p_do_apply/3(line:247); initial_call:
>>>>>>>>> {mochiweb_socket_server,init,['Argument__1']}, ancestors:
>>>>>>>>> [chttpd_sup,<0.327.0>], message_queue_len: 0, messages: [], links:
>>>>>>>>> [<0.328.0>], dictionary: [], trap_exit: true, status: running,
>>>>>>>> heap_size:
>>>>>>>>> 376, stack_size: 27, reductions: 990
>>>>>>>>> [error] 2020-04-25T01:49:15.796670Z couchdb@127.0.0.1 <0.328.0>
>>>>>>>> --------
>>>>>>>>> Supervisor chttpd_sup had child chttpd started with
>>>>> chttpd:start_link()
>>>>>>>> at
>>>>>>>>> undefined exit with reason eaddrinuse in context start_error
>>>>>>>>> [error] 2020-04-25T01:49:15.796942Z couchdb@127.0.0.1 <0.326.0>
>>>>>>>> --------
>>>>>>>>> CRASH REPORT Process  (<0.326.0>) with 0 neighbors exited with
>>>> reason:
>>>>>>>>> 
>>>>>>>> 
>>>>> 
>>>> 
>>> {{shutdown,{failed_to_start_child,chttpd,eaddrinuse}},{chttpd_app,start,[normal,[]]}}
>>>>>>>>> at application_master:init/4(line:134) <=
>>>>>>>>> proc_lib:init_p_do_apply/3(line:247); initial_call:
>>>>>>>>> {application_master,init,['Argument__1',...]}, ancestors:
>>>> [<0.325.0>],
>>>>>>>>> message_queue_len: 1, messages: [{'EXIT',<0.327.0>,normal}],
>>> links:
>>>>>>>>> [<0.325.0>,<0.11.0>], dictionary: [], trap_exit: true, status:
>>>>> running,
>>>>>>>>> heap_size: 376, stack_size: 27, reductions: 172
>>>>>>>>> [info] 2020-04-25T01:49:15.797060Z couchdb@127.0.0.1 <0.11.0>
>>>>> --------
>>>>>>>>> Application chttpd exited with reason:
>>>>>>>>> 
>>>>>>>> 
>>>>> 
>>>> 
>>> {{shutdown,{failed_to_start_child,chttpd,eaddrinuse}},{chttpd_app,start,[normal,[]]}}
>>>>>>>>> [info] 2020-04-25T01:49:17.882186Z couchdb@127.0.0.1 <0.11.0>
>>>>> --------
>>>>>>>>> Application couch_log started on node 'couchdb@127.0.0.1'
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>> 
>>>>> 
>>>> 
>>> 
>>> 
>>> --
>>> Joel Jucá
>>> joelwallis.com
>>> 

Re: can't get couchdb to work on https

[Joan Touzet <wo...@apache.org>]

Yup! Scroll a little bit down in our docs and we provide a minimal 
working config for Nginx. As the docs say:

"Proxy buffering must be disabled, or continuous replication will not 
function correctly behind nginx."

https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-nginx

-Joan "lisp machines are fun" Touzet

On 2020-05-01 15:29, Joel Jucá wrote:
> You can make this setup using Nginx too. I'm unsure about haproxy but Nginx
> is quite trivial to setup.
> 
> On Fri, May 1, 2020 at 4:26 PM Joan Touzet <wo...@apache.org> wrote:
> 
>> Hi Bill,
>>
>> haproxy should be as simple as installing the binary on your *NIX
>> platform, then using something similar to our shipped configuration:
>>
>>
>> https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
>>
>>
>> Also, I see this walkthrough is referenced elsewhere as working for
>> Let's Encrypt and CouchDB:
>>
>>
>> https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
>>
>> Hope they help,
>> Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet
>>
>> On 2020-05-01 15:16, Bill Stephenson wrote:
>>> FWIW, I tried the instructions I provided earlier this week and didn’t
>> get them to work again. I don’t know if it’s a change made by Let’s Encrypt
>> or I forget exactly what I did.
>>>
>>> I’ll go through the process setting up a Digital Ocean vps again as soon
>> as I get some time because getting those certs configured has always been a
>> bit of a pain and it’d be a good thing to nail that process down.
>>>
>>> If anyone has a list of instruction on setting up haproxy they can share
>> I’d be glad to have them and give that a shot too.
>>>
>>>
>>> Kindest Regards,
>>>
>>> Bill Stephenson
>>> Tech Support
>>> www.cherrypc.com <http://www.ezinvoice.com/>
>>> 1-417-546-8390
>>>
>>>
>>>
>>>
>>>> On Apr 30, 2020, at 3:56 PM, Joan Touzet <wo...@apache.org> wrote:
>>>>
>>>> On 2020-04-30 16:22, Rene Veerman wrote:
>>>>> i'm really only looking for a quick and easy way to getting https to
>> work
>>>>> again..
>>>>
>>>> Bill Stephenson gave you a step-by-step that seemed reasonable to me.
>>>>
>>>>> do the creators of couchdb read this mailinglist?
>>>>
>>>> Yes.
>>>>
>>>> Most of us terminate SSL ahead of CouchDB at a reverse proxy (such as
>> haproxy). Some of us have even contemplated dropping native SSL support in
>> CouchDB entirely, because configuring it is a bit of a pain, as you've
>> found. But it can be done, and it does work.
>>>>
>>>> For SSL in pure CouchDB, when I must, I use something like EasyRSA:
>>>>
>>>>    https://github.com/OpenVPN/easy-rsa
>>>>
>>>> to generate the certs, then munge them together and start it. It works
>> OK. But I do this about once every 2 years max.
>>>>
>>>> -Joan "Erlang's SSL support isn't great" Touzet
>>>>
>>>>
>>>>> On Sun, Apr 26, 2020 at 3:04 PM Joel Jucá <jo...@gmail.com>
>> wrote:
>>>>>> Rene,
>>>>>>
>>>>>> Your problem seems to be infrastructure-related, rather than CouchDB
>>>>>> related. I would recommend you to read about Infrastructure as Code.
>> This
>>>>>> is a practice that allows a developer to declare its infrastructure
>> (in
>>>>>> your specific case, server configuration) and have some sort of
>>>>>> reproducibility from it. Then, you could also understand every single
>>>>>> change made to your server infrastructure - and even share it as a
>> Gist,
>>>>>> for instance, and have some sort of feedback/pull request directly on
>> it.
>>>>>>
>>>>>> I would recommend you Ansible (
>>>>>> https://www.ansible.com/resources/get-started).
>>>>>> It's a great solution that allows you to declare your server
>> configuration
>>>>>> as YAML files and use it within Ansible CLI to reproduce the declared
>>>>>> configuration on a targeted server (eg: your Ubuntu-powered CouchDB
>>>>>> server).
>>>>>>
>>>>>> I've struggled a lot with server configuration back in 2010-2012 when
>> I was
>>>>>> a full-stack PHP/Drupal developer, and after discovering Ansible I
>> could
>>>>>> never imagine myself handling performing a complex task (server
>>>>>> configuration) manually!
>>>>>>
>>>>>> I hope it helps you in some way.
>>>>>>
>>>>>> On Sat, Apr 25, 2020 at 6:28 PM Rene Veerman <seductiveapps@gmail.com
>>>
>>>>>> wrote:
>>>>>>
>>>>>>> yes, i did..
>>>>>>>
>>>>>>> On Sat, Apr 25, 2020 at 9:16 PM Bill Stephenson
>>>>>> <bill@cherrypc.com.invalid
>>>>>>>>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Did you do a "sudo ufw allow 6984”?
>>>>>>>>
>>>>>>>>
>>>>>>>> Kindest Regards,
>>>>>>>>
>>>>>>>> Bill Stephenson
>>>>>>>> Tech Support
>>>>>>>> www.cherrypc.com <http://www.ezinvoice.com/>
>>>>>>>> 1-417-546-8390
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>> On Apr 25, 2020, at 9:28 AM, Rene Veerman <seductiveapps@gmail.com
>>>
>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>> also (FYI) : i have already entered the right port forwarding
>>>>>> commands
>>>>>>>> into
>>>>>>>>> my ADSL modem..
>>>>>>>>>
>>>>>>>>> On Sat, Apr 25, 2020 at 4:21 PM Rene Veerman <
>>>>>> seductiveapps@gmail.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> that gets me a 'connection refused' :
>>>>>>>>>>
>>>>>>>>>> ('albatross' === localhost === nicer.app)
>>>>>>>>>>
>>>>>>>>>> root@albatross:/opt/couchdb/letsencrypt# service couchdb stop
>>>>>>>>>> root@albatross:/opt/couchdb/letsencrypt# telnet localhost 6984
>>>>>>>>>> Trying 127.0.0.1...
>>>>>>>>>> telnet: Unable to connect to remote host: Connection refused
>>>>>>>>>> root@albatross:/opt/couchdb/letsencrypt# telnet nicer.app 6984
>>>>>>>>>> Trying 127.0.0.1...
>>>>>>>>>> Trying 82.161.37.94...
>>>>>>>>>> telnet: Unable to connect to remote host: Connection refused
>>>>>>>>>> root@albatross:/opt/couchdb/letsencrypt#
>>>>>>>>>>
>>>>>>>>>> On Sat, Apr 25, 2020 at 1:41 PM Florian Westreicher <
>>>>>>>> stuff@meredrica.org>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> Did you try to telnet to the port while couchdb is down? If there
>>>>>> is
>>>>>>> no
>>>>>>>>>>> open port, telnet won't connect.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On April 25, 2020 03:50:56 Rene Veerman <seductiveapps@gmail.com
>>>
>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> unfortunately that didn't fix things either. i'm still stuck at
>>>>>> the
>>>>>>>>>>>>> eaddrinuse error..
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> [info] 2020-04-25T01:49:15.730815Z couchdb@127.0.0.1 <0.232.0>
>>>>>>>> --------
>>>>>>>>>>>> Apache CouchDB has started on https://0.0.0.0:6984/
>>>>>>>>>>>> [info] 2020-04-25T01:49:15.731032Z couchdb@127.0.0.1 <0.11.0>
>>>>>>>> --------
>>>>>>>>>>>> Application couch started on node 'couchdb@127.0.0.1'
>>>>>>>>>>>> [info] 2020-04-25T01:49:15.731178Z couchdb@127.0.0.1 <0.11.0>
>>>>>>>> --------
>>>>>>>>>>>> Application ets_lru started on node 'couchdb@127.0.0.1'
>>>>>>>>>>>> [notice] 2020-04-25T01:49:15.737605Z couchdb@127.0.0.1
>> <0.284.0>
>>>>>>>>>>> --------
>>>>>>>>>>>> rexi_server : started servers
>>>>>>>>>>>> [notice] 2020-04-25T01:49:15.738914Z couchdb@127.0.0.1
>> <0.288.0>
>>>>>>>>>>> --------
>>>>>>>>>>>> rexi_buffer : started servers
>>>>>>>>>>>> [info] 2020-04-25T01:49:15.739062Z couchdb@127.0.0.1 <0.11.0>
>>>>>>>> --------
>>>>>>>>>>>> Application rexi started on node 'couchdb@127.0.0.1'
>>>>>>>>>>>> [notice] 2020-04-25T01:49:15.786354Z couchdb@127.0.0.1
>> <0.318.0>
>>>>>>>>>>> --------
>>>>>>>>>>>> mem3_reshard_dbdoc start init()
>>>>>>>>>>>> [notice] 2020-04-25T01:49:15.790014Z couchdb@127.0.0.1
>> <0.320.0>
>>>>>>>>>>> --------
>>>>>>>>>>>> mem3_reshard start init()
>>>>>>>>>>>> [notice] 2020-04-25T01:49:15.790112Z couchdb@127.0.0.1
>> <0.321.0>
>>>>>>>>>>> --------
>>>>>>>>>>>> mem3_reshard db monitor <0.321.0> starting
>>>>>>>>>>>> [notice] 2020-04-25T01:49:15.792025Z couchdb@127.0.0.1
>> <0.320.0>
>>>>>>>>>>> --------
>>>>>>>>>>>> mem3_reshard starting reloading jobs
>>>>>>>>>>>> [notice] 2020-04-25T01:49:15.792087Z couchdb@127.0.0.1
>> <0.320.0>
>>>>>>>>>>> --------
>>>>>>>>>>>> mem3_reshard finished reloading jobs
>>>>>>>>>>>> [info] 2020-04-25T01:49:15.792900Z couchdb@127.0.0.1 <0.11.0>
>>>>>>>> --------
>>>>>>>>>>>> Application mem3 started on node 'couchdb@127.0.0.1'
>>>>>>>>>>>> [info] 2020-04-25T01:49:15.793024Z couchdb@127.0.0.1 <0.11.0>
>>>>>>>> --------
>>>>>>>>>>>> Application fabric started on node 'couchdb@127.0.0.1'
>>>>>>>>>>>> [error] 2020-04-25T01:49:15.796505Z couchdb@127.0.0.1 <0.330.0>
>>>>>>>>>>> --------
>>>>>>>>>>>> CRASH REPORT Process  (<0.330.0>) with 0 neighbors exited with
>>>>>>> reason:
>>>>>>>>>>>> eaddrinuse at gen_server:init_it/6(line:349) <=
>>>>>>>>>>>> proc_lib:init_p_do_apply/3(line:247); initial_call:
>>>>>>>>>>>> {mochiweb_socket_server,init,['Argument__1']}, ancestors:
>>>>>>>>>>>> [chttpd_sup,<0.327.0>], message_queue_len: 0, messages: [],
>> links:
>>>>>>>>>>>> [<0.328.0>], dictionary: [], trap_exit: true, status: running,
>>>>>>>>>>> heap_size:
>>>>>>>>>>>> 376, stack_size: 27, reductions: 990
>>>>>>>>>>>> [error] 2020-04-25T01:49:15.796670Z couchdb@127.0.0.1 <0.328.0>
>>>>>>>>>>> --------
>>>>>>>>>>>> Supervisor chttpd_sup had child chttpd started with
>>>>>>>> chttpd:start_link()
>>>>>>>>>>> at
>>>>>>>>>>>> undefined exit with reason eaddrinuse in context start_error
>>>>>>>>>>>> [error] 2020-04-25T01:49:15.796942Z couchdb@127.0.0.1 <0.326.0>
>>>>>>>>>>> --------
>>>>>>>>>>>> CRASH REPORT Process  (<0.326.0>) with 0 neighbors exited with
>>>>>>> reason:
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>> {{shutdown,{failed_to_start_child,chttpd,eaddrinuse}},{chttpd_app,start,[normal,[]]}}
>>>>>>>>>>>> at application_master:init/4(line:134) <=
>>>>>>>>>>>> proc_lib:init_p_do_apply/3(line:247); initial_call:
>>>>>>>>>>>> {application_master,init,['Argument__1',...]}, ancestors:
>>>>>>> [<0.325.0>],
>>>>>>>>>>>> message_queue_len: 1, messages: [{'EXIT',<0.327.0>,normal}],
>>>>>> links:
>>>>>>>>>>>> [<0.325.0>,<0.11.0>], dictionary: [], trap_exit: true, status:
>>>>>>>> running,
>>>>>>>>>>>> heap_size: 376, stack_size: 27, reductions: 172
>>>>>>>>>>>> [info] 2020-04-25T01:49:15.797060Z couchdb@127.0.0.1 <0.11.0>
>>>>>>>> --------
>>>>>>>>>>>> Application chttpd exited with reason:
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>> {{shutdown,{failed_to_start_child,chttpd,eaddrinuse}},{chttpd_app,start,[normal,[]]}}
>>>>>>>>>>>> [info] 2020-04-25T01:49:17.882186Z couchdb@127.0.0.1 <0.11.0>
>>>>>>>> --------
>>>>>>>>>>>> Application couch_log started on node 'couchdb@127.0.0.1'
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Joel Jucá
>>>>>> joelwallis.com
>>>>>>
>>>
>>>
>>
> 
> 

Re: can't get couchdb to work on https

[Rene Veerman <se...@gmail.com>]

i'm still having problems getting nginx to work for my couchdb + https
setup.. i've followed https://konstruktor.ee/couchdb-setup-on-ubuntu/
<https://slack-redir.net/link?url=https%3A%2F%2Fkonstruktor.ee%2Fcouchdb-setup-on-ubuntu%2F>
as
advertised on the couchdb mailinglist a few weeks ago, but i can't get
nginx to actually work.. can anyone here help me with that please?
[image: konstruktor.ee]konstruktor.ee
CouchDB 3 setup on Ubuntu 18.04
<https://konstruktor.ee/couchdb-setup-on-ubuntu/>
Setting up a CouchDB 3 instance on Ubuntu 18.04.
2 replies <https://app.slack.com/client/T49P1AZRT/C49LEE7NW>
Last reply today at 9:36 AMView thread
Rene Veerman <https://app.slack.com/team/UMAEQMLJ1>  4:59 PM
<https://couchdb.slack.com/archives/C49LEE7NW/p1592837985303700>
please note that i'm using ubuntu 20.04, i don't know if that matters
5:00 <https://couchdb.slack.com/archives/C49LEE7NW/p1592838054303900>
systemctl status nginx.service returns :
5:01 <https://couchdb.slack.com/archives/C49LEE7NW/p1592838070304100>
jun 22 16:56:53 albatross nginx[187333]: nginx: [warn] the "ssl" directive
is deprecated, use the "listen ... ssl" d>
jun 22 16:56:53 albatross nginx[187333]: nginx: [emerg] cannot load
certificate "/etc/letsencrypt/live/couchdb.upcou>
jun 22 16:56:53 albatross systemd[1]: nginx.service: Control process
exited, code=exited, status=1/FAILURE
jun 22 16:56:53 albatross systemd[1]: Reload failed for A high performance
web server and a reverse proxy server.
5:01 <https://couchdb.slack.com/archives/C49LEE7NW/p1592838112304800>
please also note that i have https certificates from my domain registrar,
and i don't know if i should be using those if some form or another...

On Fri, May 22, 2020 at 12:04 PM Robert Samuel Newson <rn...@apache.org>
wrote:

> Hi,
>
> Your Slack account is reactivated. Welcome back.
>
> B.
>
> > On 22 May 2020, at 10:16, Rene Veerman <se...@gmail.com> wrote:
> >
> > sorry. i didn't know i was talking to a foundation-level organisation.
> >
> > i'm very sorry about what happened the other days over at slack.
> >
> > please re-instate me when you have some time for that.
> >
> > i'm most willing to learn more than i already know about systems
> > administration.
> >
> > in fact, i must do that (i only know web-browser-level coding so far), in
> > order to make my company grow and flourish.
> >
> > i will never repeat the mistakes i made the other day again.
> >
> > On Fri, May 22, 2020 at 10:17 AM Robert Samuel Newson <
> rnewson@apache.org>
> > wrote:
> >
> >> Hi Rene,
> >>
> >> I ejected you from couchdb.slack.com for good reason, you were being
> rude
> >> and abusive towards myself and others after we had spend many hours
> trying
> >> to assist you.
> >>
> >> Everyone here, and in Slack, is volunteering their time, for free, to
> help
> >> users or potential users of CouchDB. None of us owe you our time or
> >> assistance and it has been withdrawn solely because of your behaviour.
> >>
> >> We are not expecting humility or deference from you or anyone else, only
> >> polite, thoughtful engagement with those seeking to help you.
> >>
> >> With all that said, and depending on your response to my feedback here,
> I
> >> am willing to reinstate you on Slack on a trial basis. Any further
> descent
> >> into abuse on your part and I will remove you from Slack permanently and
> >> from our mailing lists.
> >>
> >> Sincerely,
> >>
> >> Robert Samuel Newson
> >>
> >> Apache CouchDB PMC Member
> >> Member of the Apache Software Foundation
> >>
> >>
> >>> On 22 May 2020, at 02:38, Rene Veerman <se...@gmail.com>
> wrote:
> >>>
> >>> i need user rnewson to unblock me on the slack feed of couchdb
> though.. i
> >>> need his help to even test this.
> >>>
> >>> On Fri, May 22, 2020 at 12:57 AM Rene Veerman <seductiveapps@gmail.com
> >
> >>> wrote:
> >>>
> >>>> i've found some time on my company's agenda, and i *might* be able to
> >>>> look into this issue over the next few days :)
> >>>>
> >>>> On Wed, May 20, 2020 at 5:18 PM Rene Veerman <seductiveapps@gmail.com
> >
> >>>> wrote:
> >>>>
> >>>>> ehm, Bill & the rest of the couchdb team....
> >>>>>
> >>>>> i have a company to run.
> >>>>>
> >>>>> so i can't test the solution you provided, at this time.
> >>>>>
> >>>>> i don't know when i'll be able to. sorry.
> >>>>>
> >>>>>
> >>>>> On Wed, May 20, 2020 at 3:42 AM Rene Veerman <
> seductiveapps@gmail.com>
> >>>>> wrote:
> >>>>>
> >>>>>> thanks, Bill :)
> >>>>>>
> >>>>>> i'll look into it within the next few days :)
> >>>>>>
> >>>>>> On Fri, May 15, 2020 at 8:18 PM Bill Stephenson
> >>>>>> <bi...@cherrypc.com.invalid> wrote:
> >>>>>>
> >>>>>>> I don’t check into Reddit much but I saw this post there today
> that’s
> >>>>>>> worth checking into:
> >>>>>>>
> >>>>>>> CouchDB 3 setup on Ubuntu 18.04 <
> >>>>>>> https://konstruktor.ee/couchdb-setup-on-ubuntu/>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> Kindest Regards,
> >>>>>>>
> >>>>>>> Bill Stephenson
> >>>>>>> Tech Support
> >>>>>>> www.cherrypc.com <http://www.ezinvoice.com/>
> >>>>>>> 1-417-546-8390
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>> On May 2, 2020, at 9:38 PM, Bill Stephenson
> >> <bi...@cherrypc.com.INVALID>
> >>>>>>> wrote:
> >>>>>>>>
> >>>>>>>> Thank you Joan!
> >>>>>>>>
> >>>>>>>> I’ll look into both those suggestions when I get a chance and I’ll
> >>>>>>> report back on the results.
> >>>>>>>>
> >>>>>>>> Kindest Regards,
> >>>>>>>>
> >>>>>>>> Bill Stephenson
> >>>>>>>> Tech Support
> >>>>>>>> www.cherrypc.com <http://www.ezinvoice.com/>
> >>>>>>>> 1-417-546-8390
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>> On May 1, 2020, at 2:26 PM, Joan Touzet <wo...@apache.org>
> wrote:
> >>>>>>>>>
> >>>>>>>>> Hi Bill,
> >>>>>>>>>
> >>>>>>>>> haproxy should be as simple as installing the binary on your *NIX
> >>>>>>> platform, then using something similar to our shipped
> configuration:
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>
> >>
> https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> Also, I see this walkthrough is referenced elsewhere as working
> for
> >>>>>>> Let's Encrypt and CouchDB:
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>
> >>
> https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
> >>>>>>>>>
> >>>>>>>>> Hope they help,
> >>>>>>>>> Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet
> >>>>>>>>
> >>>>>>>
> >>>>>>>
> >>
> >>
>
>

Re: can't get couchdb to work on https

[Robert Samuel Newson <rn...@apache.org>]

Hi,

Your Slack account is reactivated. Welcome back.

B.

> On 22 May 2020, at 10:16, Rene Veerman <se...@gmail.com> wrote:
> 
> sorry. i didn't know i was talking to a foundation-level organisation.
> 
> i'm very sorry about what happened the other days over at slack.
> 
> please re-instate me when you have some time for that.
> 
> i'm most willing to learn more than i already know about systems
> administration.
> 
> in fact, i must do that (i only know web-browser-level coding so far), in
> order to make my company grow and flourish.
> 
> i will never repeat the mistakes i made the other day again.
> 
> On Fri, May 22, 2020 at 10:17 AM Robert Samuel Newson <rn...@apache.org>
> wrote:
> 
>> Hi Rene,
>> 
>> I ejected you from couchdb.slack.com for good reason, you were being rude
>> and abusive towards myself and others after we had spend many hours trying
>> to assist you.
>> 
>> Everyone here, and in Slack, is volunteering their time, for free, to help
>> users or potential users of CouchDB. None of us owe you our time or
>> assistance and it has been withdrawn solely because of your behaviour.
>> 
>> We are not expecting humility or deference from you or anyone else, only
>> polite, thoughtful engagement with those seeking to help you.
>> 
>> With all that said, and depending on your response to my feedback here, I
>> am willing to reinstate you on Slack on a trial basis. Any further descent
>> into abuse on your part and I will remove you from Slack permanently and
>> from our mailing lists.
>> 
>> Sincerely,
>> 
>> Robert Samuel Newson
>> 
>> Apache CouchDB PMC Member
>> Member of the Apache Software Foundation
>> 
>> 
>>> On 22 May 2020, at 02:38, Rene Veerman <se...@gmail.com> wrote:
>>> 
>>> i need user rnewson to unblock me on the slack feed of couchdb though.. i
>>> need his help to even test this.
>>> 
>>> On Fri, May 22, 2020 at 12:57 AM Rene Veerman <se...@gmail.com>
>>> wrote:
>>> 
>>>> i've found some time on my company's agenda, and i *might* be able to
>>>> look into this issue over the next few days :)
>>>> 
>>>> On Wed, May 20, 2020 at 5:18 PM Rene Veerman <se...@gmail.com>
>>>> wrote:
>>>> 
>>>>> ehm, Bill & the rest of the couchdb team....
>>>>> 
>>>>> i have a company to run.
>>>>> 
>>>>> so i can't test the solution you provided, at this time.
>>>>> 
>>>>> i don't know when i'll be able to. sorry.
>>>>> 
>>>>> 
>>>>> On Wed, May 20, 2020 at 3:42 AM Rene Veerman <se...@gmail.com>
>>>>> wrote:
>>>>> 
>>>>>> thanks, Bill :)
>>>>>> 
>>>>>> i'll look into it within the next few days :)
>>>>>> 
>>>>>> On Fri, May 15, 2020 at 8:18 PM Bill Stephenson
>>>>>> <bi...@cherrypc.com.invalid> wrote:
>>>>>> 
>>>>>>> I don’t check into Reddit much but I saw this post there today that’s
>>>>>>> worth checking into:
>>>>>>> 
>>>>>>> CouchDB 3 setup on Ubuntu 18.04 <
>>>>>>> https://konstruktor.ee/couchdb-setup-on-ubuntu/>
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> Kindest Regards,
>>>>>>> 
>>>>>>> Bill Stephenson
>>>>>>> Tech Support
>>>>>>> www.cherrypc.com <http://www.ezinvoice.com/>
>>>>>>> 1-417-546-8390
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>>> On May 2, 2020, at 9:38 PM, Bill Stephenson
>> <bi...@cherrypc.com.INVALID>
>>>>>>> wrote:
>>>>>>>> 
>>>>>>>> Thank you Joan!
>>>>>>>> 
>>>>>>>> I’ll look into both those suggestions when I get a chance and I’ll
>>>>>>> report back on the results.
>>>>>>>> 
>>>>>>>> Kindest Regards,
>>>>>>>> 
>>>>>>>> Bill Stephenson
>>>>>>>> Tech Support
>>>>>>>> www.cherrypc.com <http://www.ezinvoice.com/>
>>>>>>>> 1-417-546-8390
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>> 
>>>>>>>>> On May 1, 2020, at 2:26 PM, Joan Touzet <wo...@apache.org> wrote:
>>>>>>>>> 
>>>>>>>>> Hi Bill,
>>>>>>>>> 
>>>>>>>>> haproxy should be as simple as installing the binary on your *NIX
>>>>>>> platform, then using something similar to our shipped configuration:
>>>>>>>>> 
>>>>>>>>> 
>>>>>>> 
>> https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> Also, I see this walkthrough is referenced elsewhere as working for
>>>>>>> Let's Encrypt and CouchDB:
>>>>>>>>> 
>>>>>>>>> 
>>>>>>> 
>> https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
>>>>>>>>> 
>>>>>>>>> Hope they help,
>>>>>>>>> Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet
>>>>>>>> 
>>>>>>> 
>>>>>>> 
>> 
>> 

Re: can't get couchdb to work on https

[Rene Veerman <se...@gmail.com>]

sorry. i didn't know i was talking to a foundation-level organisation.

i'm very sorry about what happened the other days over at slack.

please re-instate me when you have some time for that.

i'm most willing to learn more than i already know about systems
administration.

in fact, i must do that (i only know web-browser-level coding so far), in
order to make my company grow and flourish.

i will never repeat the mistakes i made the other day again.

On Fri, May 22, 2020 at 10:17 AM Robert Samuel Newson <rn...@apache.org>
wrote:

> Hi Rene,
>
> I ejected you from couchdb.slack.com for good reason, you were being rude
> and abusive towards myself and others after we had spend many hours trying
> to assist you.
>
> Everyone here, and in Slack, is volunteering their time, for free, to help
> users or potential users of CouchDB. None of us owe you our time or
> assistance and it has been withdrawn solely because of your behaviour.
>
> We are not expecting humility or deference from you or anyone else, only
> polite, thoughtful engagement with those seeking to help you.
>
> With all that said, and depending on your response to my feedback here, I
> am willing to reinstate you on Slack on a trial basis. Any further descent
> into abuse on your part and I will remove you from Slack permanently and
> from our mailing lists.
>
> Sincerely,
>
> Robert Samuel Newson
>
> Apache CouchDB PMC Member
> Member of the Apache Software Foundation
>
>
> > On 22 May 2020, at 02:38, Rene Veerman <se...@gmail.com> wrote:
> >
> > i need user rnewson to unblock me on the slack feed of couchdb though.. i
> > need his help to even test this.
> >
> > On Fri, May 22, 2020 at 12:57 AM Rene Veerman <se...@gmail.com>
> > wrote:
> >
> >> i've found some time on my company's agenda, and i *might* be able to
> >> look into this issue over the next few days :)
> >>
> >> On Wed, May 20, 2020 at 5:18 PM Rene Veerman <se...@gmail.com>
> >> wrote:
> >>
> >>> ehm, Bill & the rest of the couchdb team....
> >>>
> >>> i have a company to run.
> >>>
> >>> so i can't test the solution you provided, at this time.
> >>>
> >>> i don't know when i'll be able to. sorry.
> >>>
> >>>
> >>> On Wed, May 20, 2020 at 3:42 AM Rene Veerman <se...@gmail.com>
> >>> wrote:
> >>>
> >>>> thanks, Bill :)
> >>>>
> >>>> i'll look into it within the next few days :)
> >>>>
> >>>> On Fri, May 15, 2020 at 8:18 PM Bill Stephenson
> >>>> <bi...@cherrypc.com.invalid> wrote:
> >>>>
> >>>>> I don’t check into Reddit much but I saw this post there today that’s
> >>>>> worth checking into:
> >>>>>
> >>>>> CouchDB 3 setup on Ubuntu 18.04 <
> >>>>> https://konstruktor.ee/couchdb-setup-on-ubuntu/>
> >>>>>
> >>>>>
> >>>>>
> >>>>> Kindest Regards,
> >>>>>
> >>>>> Bill Stephenson
> >>>>> Tech Support
> >>>>> www.cherrypc.com <http://www.ezinvoice.com/>
> >>>>> 1-417-546-8390
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>> On May 2, 2020, at 9:38 PM, Bill Stephenson
> <bi...@cherrypc.com.INVALID>
> >>>>> wrote:
> >>>>>>
> >>>>>> Thank you Joan!
> >>>>>>
> >>>>>> I’ll look into both those suggestions when I get a chance and I’ll
> >>>>> report back on the results.
> >>>>>>
> >>>>>> Kindest Regards,
> >>>>>>
> >>>>>> Bill Stephenson
> >>>>>> Tech Support
> >>>>>> www.cherrypc.com <http://www.ezinvoice.com/>
> >>>>>> 1-417-546-8390
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>> On May 1, 2020, at 2:26 PM, Joan Touzet <wo...@apache.org> wrote:
> >>>>>>>
> >>>>>>> Hi Bill,
> >>>>>>>
> >>>>>>> haproxy should be as simple as installing the binary on your *NIX
> >>>>> platform, then using something similar to our shipped configuration:
> >>>>>>>
> >>>>>>>
> >>>>>
> https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
> >>>>>>>
> >>>>>>>
> >>>>>>> Also, I see this walkthrough is referenced elsewhere as working for
> >>>>> Let's Encrypt and CouchDB:
> >>>>>>>
> >>>>>>>
> >>>>>
> https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
> >>>>>>>
> >>>>>>> Hope they help,
> >>>>>>> Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet
> >>>>>>
> >>>>>
> >>>>>
>
>

Re: can't get couchdb to work on https

[Robert Samuel Newson <rn...@apache.org>]

Hi Rene,

I ejected you from couchdb.slack.com for good reason, you were being rude and abusive towards myself and others after we had spend many hours trying to assist you.

Everyone here, and in Slack, is volunteering their time, for free, to help users or potential users of CouchDB. None of us owe you our time or assistance and it has been withdrawn solely because of your behaviour.

We are not expecting humility or deference from you or anyone else, only polite, thoughtful engagement with those seeking to help you.

With all that said, and depending on your response to my feedback here, I am willing to reinstate you on Slack on a trial basis. Any further descent into abuse on your part and I will remove you from Slack permanently and from our mailing lists.

Sincerely,

Robert Samuel Newson

Apache CouchDB PMC Member
Member of the Apache Software Foundation


> On 22 May 2020, at 02:38, Rene Veerman <se...@gmail.com> wrote:
> 
> i need user rnewson to unblock me on the slack feed of couchdb though.. i
> need his help to even test this.
> 
> On Fri, May 22, 2020 at 12:57 AM Rene Veerman <se...@gmail.com>
> wrote:
> 
>> i've found some time on my company's agenda, and i *might* be able to
>> look into this issue over the next few days :)
>> 
>> On Wed, May 20, 2020 at 5:18 PM Rene Veerman <se...@gmail.com>
>> wrote:
>> 
>>> ehm, Bill & the rest of the couchdb team....
>>> 
>>> i have a company to run.
>>> 
>>> so i can't test the solution you provided, at this time.
>>> 
>>> i don't know when i'll be able to. sorry.
>>> 
>>> 
>>> On Wed, May 20, 2020 at 3:42 AM Rene Veerman <se...@gmail.com>
>>> wrote:
>>> 
>>>> thanks, Bill :)
>>>> 
>>>> i'll look into it within the next few days :)
>>>> 
>>>> On Fri, May 15, 2020 at 8:18 PM Bill Stephenson
>>>> <bi...@cherrypc.com.invalid> wrote:
>>>> 
>>>>> I don’t check into Reddit much but I saw this post there today that’s
>>>>> worth checking into:
>>>>> 
>>>>> CouchDB 3 setup on Ubuntu 18.04 <
>>>>> https://konstruktor.ee/couchdb-setup-on-ubuntu/>
>>>>> 
>>>>> 
>>>>> 
>>>>> Kindest Regards,
>>>>> 
>>>>> Bill Stephenson
>>>>> Tech Support
>>>>> www.cherrypc.com <http://www.ezinvoice.com/>
>>>>> 1-417-546-8390
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>>> On May 2, 2020, at 9:38 PM, Bill Stephenson <bi...@cherrypc.com.INVALID>
>>>>> wrote:
>>>>>> 
>>>>>> Thank you Joan!
>>>>>> 
>>>>>> I’ll look into both those suggestions when I get a chance and I’ll
>>>>> report back on the results.
>>>>>> 
>>>>>> Kindest Regards,
>>>>>> 
>>>>>> Bill Stephenson
>>>>>> Tech Support
>>>>>> www.cherrypc.com <http://www.ezinvoice.com/>
>>>>>> 1-417-546-8390
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>>> On May 1, 2020, at 2:26 PM, Joan Touzet <wo...@apache.org> wrote:
>>>>>>> 
>>>>>>> Hi Bill,
>>>>>>> 
>>>>>>> haproxy should be as simple as installing the binary on your *NIX
>>>>> platform, then using something similar to our shipped configuration:
>>>>>>> 
>>>>>>> 
>>>>> https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
>>>>>>> 
>>>>>>> 
>>>>>>> Also, I see this walkthrough is referenced elsewhere as working for
>>>>> Let's Encrypt and CouchDB:
>>>>>>> 
>>>>>>> 
>>>>> https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
>>>>>>> 
>>>>>>> Hope they help,
>>>>>>> Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet
>>>>>> 
>>>>> 
>>>>> 

Re: can't get couchdb to work on https

[Rene Veerman <se...@gmail.com>]

i need user rnewson to unblock me on the slack feed of couchdb though.. i
need his help to even test this.

On Fri, May 22, 2020 at 12:57 AM Rene Veerman <se...@gmail.com>
wrote:

> i've found some time on my company's agenda, and i *might* be able to
> look into this issue over the next few days :)
>
> On Wed, May 20, 2020 at 5:18 PM Rene Veerman <se...@gmail.com>
> wrote:
>
>> ehm, Bill & the rest of the couchdb team....
>>
>> i have a company to run.
>>
>> so i can't test the solution you provided, at this time.
>>
>> i don't know when i'll be able to. sorry.
>>
>>
>> On Wed, May 20, 2020 at 3:42 AM Rene Veerman <se...@gmail.com>
>> wrote:
>>
>>> thanks, Bill :)
>>>
>>> i'll look into it within the next few days :)
>>>
>>> On Fri, May 15, 2020 at 8:18 PM Bill Stephenson
>>> <bi...@cherrypc.com.invalid> wrote:
>>>
>>>> I don’t check into Reddit much but I saw this post there today that’s
>>>> worth checking into:
>>>>
>>>> CouchDB 3 setup on Ubuntu 18.04 <
>>>> https://konstruktor.ee/couchdb-setup-on-ubuntu/>
>>>>
>>>>
>>>>
>>>> Kindest Regards,
>>>>
>>>> Bill Stephenson
>>>> Tech Support
>>>> www.cherrypc.com <http://www.ezinvoice.com/>
>>>> 1-417-546-8390
>>>>
>>>>
>>>>
>>>>
>>>> > On May 2, 2020, at 9:38 PM, Bill Stephenson <bi...@cherrypc.com.INVALID>
>>>> wrote:
>>>> >
>>>> > Thank you Joan!
>>>> >
>>>> > I’ll look into both those suggestions when I get a chance and I’ll
>>>> report back on the results.
>>>> >
>>>> > Kindest Regards,
>>>> >
>>>> > Bill Stephenson
>>>> > Tech Support
>>>> > www.cherrypc.com <http://www.ezinvoice.com/>
>>>> > 1-417-546-8390
>>>> >
>>>> >
>>>> >
>>>> >
>>>> >> On May 1, 2020, at 2:26 PM, Joan Touzet <wo...@apache.org> wrote:
>>>> >>
>>>> >> Hi Bill,
>>>> >>
>>>> >> haproxy should be as simple as installing the binary on your *NIX
>>>> platform, then using something similar to our shipped configuration:
>>>> >>
>>>> >>
>>>> https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
>>>> >>
>>>> >>
>>>> >> Also, I see this walkthrough is referenced elsewhere as working for
>>>> Let's Encrypt and CouchDB:
>>>> >>
>>>> >>
>>>> https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
>>>> >>
>>>> >> Hope they help,
>>>> >> Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet
>>>> >
>>>>
>>>>

Re: can't get couchdb to work on https

[Rene Veerman <se...@gmail.com>]

i've found some time on my company's agenda, and i *might* be able to look
into this issue over the next few days :)

On Wed, May 20, 2020 at 5:18 PM Rene Veerman <se...@gmail.com>
wrote:

> ehm, Bill & the rest of the couchdb team....
>
> i have a company to run.
>
> so i can't test the solution you provided, at this time.
>
> i don't know when i'll be able to. sorry.
>
>
> On Wed, May 20, 2020 at 3:42 AM Rene Veerman <se...@gmail.com>
> wrote:
>
>> thanks, Bill :)
>>
>> i'll look into it within the next few days :)
>>
>> On Fri, May 15, 2020 at 8:18 PM Bill Stephenson <bi...@cherrypc.com.invalid>
>> wrote:
>>
>>> I don’t check into Reddit much but I saw this post there today that’s
>>> worth checking into:
>>>
>>> CouchDB 3 setup on Ubuntu 18.04 <
>>> https://konstruktor.ee/couchdb-setup-on-ubuntu/>
>>>
>>>
>>>
>>> Kindest Regards,
>>>
>>> Bill Stephenson
>>> Tech Support
>>> www.cherrypc.com <http://www.ezinvoice.com/>
>>> 1-417-546-8390
>>>
>>>
>>>
>>>
>>> > On May 2, 2020, at 9:38 PM, Bill Stephenson <bi...@cherrypc.com.INVALID>
>>> wrote:
>>> >
>>> > Thank you Joan!
>>> >
>>> > I’ll look into both those suggestions when I get a chance and I’ll
>>> report back on the results.
>>> >
>>> > Kindest Regards,
>>> >
>>> > Bill Stephenson
>>> > Tech Support
>>> > www.cherrypc.com <http://www.ezinvoice.com/>
>>> > 1-417-546-8390
>>> >
>>> >
>>> >
>>> >
>>> >> On May 1, 2020, at 2:26 PM, Joan Touzet <wo...@apache.org> wrote:
>>> >>
>>> >> Hi Bill,
>>> >>
>>> >> haproxy should be as simple as installing the binary on your *NIX
>>> platform, then using something similar to our shipped configuration:
>>> >>
>>> >>
>>> https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
>>> >>
>>> >>
>>> >> Also, I see this walkthrough is referenced elsewhere as working for
>>> Let's Encrypt and CouchDB:
>>> >>
>>> >>
>>> https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
>>> >>
>>> >> Hope they help,
>>> >> Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet
>>> >
>>>
>>>

Re: can't get couchdb to work on https

[Rene Veerman <se...@gmail.com>]

ehm, Bill & the rest of the couchdb team....

i have a company to run.

so i can't test the solution you provided, at this time.

i don't know when i'll be able to. sorry.


On Wed, May 20, 2020 at 3:42 AM Rene Veerman <se...@gmail.com>
wrote:

> thanks, Bill :)
>
> i'll look into it within the next few days :)
>
> On Fri, May 15, 2020 at 8:18 PM Bill Stephenson <bi...@cherrypc.com.invalid>
> wrote:
>
>> I don’t check into Reddit much but I saw this post there today that’s
>> worth checking into:
>>
>> CouchDB 3 setup on Ubuntu 18.04 <
>> https://konstruktor.ee/couchdb-setup-on-ubuntu/>
>>
>>
>>
>> Kindest Regards,
>>
>> Bill Stephenson
>> Tech Support
>> www.cherrypc.com <http://www.ezinvoice.com/>
>> 1-417-546-8390
>>
>>
>>
>>
>> > On May 2, 2020, at 9:38 PM, Bill Stephenson <bi...@cherrypc.com.INVALID>
>> wrote:
>> >
>> > Thank you Joan!
>> >
>> > I’ll look into both those suggestions when I get a chance and I’ll
>> report back on the results.
>> >
>> > Kindest Regards,
>> >
>> > Bill Stephenson
>> > Tech Support
>> > www.cherrypc.com <http://www.ezinvoice.com/>
>> > 1-417-546-8390
>> >
>> >
>> >
>> >
>> >> On May 1, 2020, at 2:26 PM, Joan Touzet <wo...@apache.org> wrote:
>> >>
>> >> Hi Bill,
>> >>
>> >> haproxy should be as simple as installing the binary on your *NIX
>> platform, then using something similar to our shipped configuration:
>> >>
>> >>
>> https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
>> >>
>> >>
>> >> Also, I see this walkthrough is referenced elsewhere as working for
>> Let's Encrypt and CouchDB:
>> >>
>> >>
>> https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
>> >>
>> >> Hope they help,
>> >> Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet
>> >
>>
>>

Re: can't get couchdb to work on https

[Rene Veerman <se...@gmail.com>]

thanks, Bill :)

i'll look into it within the next few days :)

On Fri, May 15, 2020 at 8:18 PM Bill Stephenson <bi...@cherrypc.com.invalid>
wrote:

> I don’t check into Reddit much but I saw this post there today that’s
> worth checking into:
>
> CouchDB 3 setup on Ubuntu 18.04 <
> https://konstruktor.ee/couchdb-setup-on-ubuntu/>
>
>
>
> Kindest Regards,
>
> Bill Stephenson
> Tech Support
> www.cherrypc.com <http://www.ezinvoice.com/>
> 1-417-546-8390
>
>
>
>
> > On May 2, 2020, at 9:38 PM, Bill Stephenson <bi...@cherrypc.com.INVALID>
> wrote:
> >
> > Thank you Joan!
> >
> > I’ll look into both those suggestions when I get a chance and I’ll
> report back on the results.
> >
> > Kindest Regards,
> >
> > Bill Stephenson
> > Tech Support
> > www.cherrypc.com <http://www.ezinvoice.com/>
> > 1-417-546-8390
> >
> >
> >
> >
> >> On May 1, 2020, at 2:26 PM, Joan Touzet <wo...@apache.org> wrote:
> >>
> >> Hi Bill,
> >>
> >> haproxy should be as simple as installing the binary on your *NIX
> platform, then using something similar to our shipped configuration:
> >>
> >>
> https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
> >>
> >>
> >> Also, I see this walkthrough is referenced elsewhere as working for
> Let's Encrypt and CouchDB:
> >>
> >>
> https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
> >>
> >> Hope they help,
> >> Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet
> >
>
>

Re: can't get couchdb to work on https

[Bill Stephenson <bi...@cherrypc.com.INVALID>]

I don’t check into Reddit much but I saw this post there today that’s worth checking into:

CouchDB 3 setup on Ubuntu 18.04 <https://konstruktor.ee/couchdb-setup-on-ubuntu/>



Kindest Regards,

Bill Stephenson
Tech Support
www.cherrypc.com <http://www.ezinvoice.com/>
1-417-546-8390




> On May 2, 2020, at 9:38 PM, Bill Stephenson <bi...@cherrypc.com.INVALID> wrote:
> 
> Thank you Joan!
> 
> I’ll look into both those suggestions when I get a chance and I’ll report back on the results.
> 
> Kindest Regards,
> 
> Bill Stephenson
> Tech Support
> www.cherrypc.com <http://www.ezinvoice.com/>
> 1-417-546-8390
> 
> 
> 
> 
>> On May 1, 2020, at 2:26 PM, Joan Touzet <wo...@apache.org> wrote:
>> 
>> Hi Bill,
>> 
>> haproxy should be as simple as installing the binary on your *NIX platform, then using something similar to our shipped configuration:
>> 
>> https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
>> 
>> 
>> Also, I see this walkthrough is referenced elsewhere as working for Let's Encrypt and CouchDB:
>> 
>> https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
>> 
>> Hope they help,
>> Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet
> 

Re: can't get couchdb to work on https

[Bill Stephenson <bi...@cherrypc.com.INVALID>]

Thank you Joan!

I’ll look into both those suggestions when I get a chance and I’ll report back on the results.

Kindest Regards,

Bill Stephenson
Tech Support
www.cherrypc.com <http://www.ezinvoice.com/>
1-417-546-8390




> On May 1, 2020, at 2:26 PM, Joan Touzet <wo...@apache.org> wrote:
> 
> Hi Bill,
> 
> haproxy should be as simple as installing the binary on your *NIX platform, then using something similar to our shipped configuration:
> 
> https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
> 
> 
> Also, I see this walkthrough is referenced elsewhere as working for Let's Encrypt and CouchDB:
> 
> https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
> 
> Hope they help,
> Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet

Re: can't get couchdb to work on https

[Joel Jucá <jo...@gmail.com>]

You can make this setup using Nginx too. I'm unsure about haproxy but Nginx
is quite trivial to setup.

On Fri, May 1, 2020 at 4:26 PM Joan Touzet <wo...@apache.org> wrote:

> Hi Bill,
>
> haproxy should be as simple as installing the binary on your *NIX
> platform, then using something similar to our shipped configuration:
>
>
> https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy
>
>
> Also, I see this walkthrough is referenced elsewhere as working for
> Let's Encrypt and CouchDB:
>
>
> https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/
>
> Hope they help,
> Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet
>
> On 2020-05-01 15:16, Bill Stephenson wrote:
> > FWIW, I tried the instructions I provided earlier this week and didn’t
> get them to work again. I don’t know if it’s a change made by Let’s Encrypt
> or I forget exactly what I did.
> >
> > I’ll go through the process setting up a Digital Ocean vps again as soon
> as I get some time because getting those certs configured has always been a
> bit of a pain and it’d be a good thing to nail that process down.
> >
> > If anyone has a list of instruction on setting up haproxy they can share
> I’d be glad to have them and give that a shot too.
> >
> >
> > Kindest Regards,
> >
> > Bill Stephenson
> > Tech Support
> > www.cherrypc.com <http://www.ezinvoice.com/>
> > 1-417-546-8390
> >
> >
> >
> >
> >> On Apr 30, 2020, at 3:56 PM, Joan Touzet <wo...@apache.org> wrote:
> >>
> >> On 2020-04-30 16:22, Rene Veerman wrote:
> >>> i'm really only looking for a quick and easy way to getting https to
> work
> >>> again..
> >>
> >> Bill Stephenson gave you a step-by-step that seemed reasonable to me.
> >>
> >>> do the creators of couchdb read this mailinglist?
> >>
> >> Yes.
> >>
> >> Most of us terminate SSL ahead of CouchDB at a reverse proxy (such as
> haproxy). Some of us have even contemplated dropping native SSL support in
> CouchDB entirely, because configuring it is a bit of a pain, as you've
> found. But it can be done, and it does work.
> >>
> >> For SSL in pure CouchDB, when I must, I use something like EasyRSA:
> >>
> >>   https://github.com/OpenVPN/easy-rsa
> >>
> >> to generate the certs, then munge them together and start it. It works
> OK. But I do this about once every 2 years max.
> >>
> >> -Joan "Erlang's SSL support isn't great" Touzet
> >>
> >>
> >>> On Sun, Apr 26, 2020 at 3:04 PM Joel Jucá <jo...@gmail.com>
> wrote:
> >>>> Rene,
> >>>>
> >>>> Your problem seems to be infrastructure-related, rather than CouchDB
> >>>> related. I would recommend you to read about Infrastructure as Code.
> This
> >>>> is a practice that allows a developer to declare its infrastructure
> (in
> >>>> your specific case, server configuration) and have some sort of
> >>>> reproducibility from it. Then, you could also understand every single
> >>>> change made to your server infrastructure - and even share it as a
> Gist,
> >>>> for instance, and have some sort of feedback/pull request directly on
> it.
> >>>>
> >>>> I would recommend you Ansible (
> >>>> https://www.ansible.com/resources/get-started).
> >>>> It's a great solution that allows you to declare your server
> configuration
> >>>> as YAML files and use it within Ansible CLI to reproduce the declared
> >>>> configuration on a targeted server (eg: your Ubuntu-powered CouchDB
> >>>> server).
> >>>>
> >>>> I've struggled a lot with server configuration back in 2010-2012 when
> I was
> >>>> a full-stack PHP/Drupal developer, and after discovering Ansible I
> could
> >>>> never imagine myself handling performing a complex task (server
> >>>> configuration) manually!
> >>>>
> >>>> I hope it helps you in some way.
> >>>>
> >>>> On Sat, Apr 25, 2020 at 6:28 PM Rene Veerman <seductiveapps@gmail.com
> >
> >>>> wrote:
> >>>>
> >>>>> yes, i did..
> >>>>>
> >>>>> On Sat, Apr 25, 2020 at 9:16 PM Bill Stephenson
> >>>> <bill@cherrypc.com.invalid
> >>>>>>
> >>>>> wrote:
> >>>>>
> >>>>>> Did you do a "sudo ufw allow 6984”?
> >>>>>>
> >>>>>>
> >>>>>> Kindest Regards,
> >>>>>>
> >>>>>> Bill Stephenson
> >>>>>> Tech Support
> >>>>>> www.cherrypc.com <http://www.ezinvoice.com/>
> >>>>>> 1-417-546-8390
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>> On Apr 25, 2020, at 9:28 AM, Rene Veerman <seductiveapps@gmail.com
> >
> >>>>>> wrote:
> >>>>>>>
> >>>>>>> also (FYI) : i have already entered the right port forwarding
> >>>> commands
> >>>>>> into
> >>>>>>> my ADSL modem..
> >>>>>>>
> >>>>>>> On Sat, Apr 25, 2020 at 4:21 PM Rene Veerman <
> >>>> seductiveapps@gmail.com>
> >>>>>>> wrote:
> >>>>>>>
> >>>>>>>> that gets me a 'connection refused' :
> >>>>>>>>
> >>>>>>>> ('albatross' === localhost === nicer.app)
> >>>>>>>>
> >>>>>>>> root@albatross:/opt/couchdb/letsencrypt# service couchdb stop
> >>>>>>>> root@albatross:/opt/couchdb/letsencrypt# telnet localhost 6984
> >>>>>>>> Trying 127.0.0.1...
> >>>>>>>> telnet: Unable to connect to remote host: Connection refused
> >>>>>>>> root@albatross:/opt/couchdb/letsencrypt# telnet nicer.app 6984
> >>>>>>>> Trying 127.0.0.1...
> >>>>>>>> Trying 82.161.37.94...
> >>>>>>>> telnet: Unable to connect to remote host: Connection refused
> >>>>>>>> root@albatross:/opt/couchdb/letsencrypt#
> >>>>>>>>
> >>>>>>>> On Sat, Apr 25, 2020 at 1:41 PM Florian Westreicher <
> >>>>>> stuff@meredrica.org>
> >>>>>>>> wrote:
> >>>>>>>>
> >>>>>>>>> Did you try to telnet to the port while couchdb is down? If there
> >>>> is
> >>>>> no
> >>>>>>>>> open port, telnet won't connect.
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>> On April 25, 2020 03:50:56 Rene Veerman <seductiveapps@gmail.com
> >
> >>>>>> wrote:
> >>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>> unfortunately that didn't fix things either. i'm still stuck at
> >>>> the
> >>>>>>>>>>> eaddrinuse error..
> >>>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> [info] 2020-04-25T01:49:15.730815Z couchdb@127.0.0.1 <0.232.0>
> >>>>>> --------
> >>>>>>>>>> Apache CouchDB has started on https://0.0.0.0:6984/
> >>>>>>>>>> [info] 2020-04-25T01:49:15.731032Z couchdb@127.0.0.1 <0.11.0>
> >>>>>> --------
> >>>>>>>>>> Application couch started on node 'couchdb@127.0.0.1'
> >>>>>>>>>> [info] 2020-04-25T01:49:15.731178Z couchdb@127.0.0.1 <0.11.0>
> >>>>>> --------
> >>>>>>>>>> Application ets_lru started on node 'couchdb@127.0.0.1'
> >>>>>>>>>> [notice] 2020-04-25T01:49:15.737605Z couchdb@127.0.0.1
> <0.284.0>
> >>>>>>>>> --------
> >>>>>>>>>> rexi_server : started servers
> >>>>>>>>>> [notice] 2020-04-25T01:49:15.738914Z couchdb@127.0.0.1
> <0.288.0>
> >>>>>>>>> --------
> >>>>>>>>>> rexi_buffer : started servers
> >>>>>>>>>> [info] 2020-04-25T01:49:15.739062Z couchdb@127.0.0.1 <0.11.0>
> >>>>>> --------
> >>>>>>>>>> Application rexi started on node 'couchdb@127.0.0.1'
> >>>>>>>>>> [notice] 2020-04-25T01:49:15.786354Z couchdb@127.0.0.1
> <0.318.0>
> >>>>>>>>> --------
> >>>>>>>>>> mem3_reshard_dbdoc start init()
> >>>>>>>>>> [notice] 2020-04-25T01:49:15.790014Z couchdb@127.0.0.1
> <0.320.0>
> >>>>>>>>> --------
> >>>>>>>>>> mem3_reshard start init()
> >>>>>>>>>> [notice] 2020-04-25T01:49:15.790112Z couchdb@127.0.0.1
> <0.321.0>
> >>>>>>>>> --------
> >>>>>>>>>> mem3_reshard db monitor <0.321.0> starting
> >>>>>>>>>> [notice] 2020-04-25T01:49:15.792025Z couchdb@127.0.0.1
> <0.320.0>
> >>>>>>>>> --------
> >>>>>>>>>> mem3_reshard starting reloading jobs
> >>>>>>>>>> [notice] 2020-04-25T01:49:15.792087Z couchdb@127.0.0.1
> <0.320.0>
> >>>>>>>>> --------
> >>>>>>>>>> mem3_reshard finished reloading jobs
> >>>>>>>>>> [info] 2020-04-25T01:49:15.792900Z couchdb@127.0.0.1 <0.11.0>
> >>>>>> --------
> >>>>>>>>>> Application mem3 started on node 'couchdb@127.0.0.1'
> >>>>>>>>>> [info] 2020-04-25T01:49:15.793024Z couchdb@127.0.0.1 <0.11.0>
> >>>>>> --------
> >>>>>>>>>> Application fabric started on node 'couchdb@127.0.0.1'
> >>>>>>>>>> [error] 2020-04-25T01:49:15.796505Z couchdb@127.0.0.1 <0.330.0>
> >>>>>>>>> --------
> >>>>>>>>>> CRASH REPORT Process  (<0.330.0>) with 0 neighbors exited with
> >>>>> reason:
> >>>>>>>>>> eaddrinuse at gen_server:init_it/6(line:349) <=
> >>>>>>>>>> proc_lib:init_p_do_apply/3(line:247); initial_call:
> >>>>>>>>>> {mochiweb_socket_server,init,['Argument__1']}, ancestors:
> >>>>>>>>>> [chttpd_sup,<0.327.0>], message_queue_len: 0, messages: [],
> links:
> >>>>>>>>>> [<0.328.0>], dictionary: [], trap_exit: true, status: running,
> >>>>>>>>> heap_size:
> >>>>>>>>>> 376, stack_size: 27, reductions: 990
> >>>>>>>>>> [error] 2020-04-25T01:49:15.796670Z couchdb@127.0.0.1 <0.328.0>
> >>>>>>>>> --------
> >>>>>>>>>> Supervisor chttpd_sup had child chttpd started with
> >>>>>> chttpd:start_link()
> >>>>>>>>> at
> >>>>>>>>>> undefined exit with reason eaddrinuse in context start_error
> >>>>>>>>>> [error] 2020-04-25T01:49:15.796942Z couchdb@127.0.0.1 <0.326.0>
> >>>>>>>>> --------
> >>>>>>>>>> CRASH REPORT Process  (<0.326.0>) with 0 neighbors exited with
> >>>>> reason:
> >>>>>>>>>>
> >>>>>>>>>
> >>>>>>
> >>>>>
> >>>>
> {{shutdown,{failed_to_start_child,chttpd,eaddrinuse}},{chttpd_app,start,[normal,[]]}}
> >>>>>>>>>> at application_master:init/4(line:134) <=
> >>>>>>>>>> proc_lib:init_p_do_apply/3(line:247); initial_call:
> >>>>>>>>>> {application_master,init,['Argument__1',...]}, ancestors:
> >>>>> [<0.325.0>],
> >>>>>>>>>> message_queue_len: 1, messages: [{'EXIT',<0.327.0>,normal}],
> >>>> links:
> >>>>>>>>>> [<0.325.0>,<0.11.0>], dictionary: [], trap_exit: true, status:
> >>>>>> running,
> >>>>>>>>>> heap_size: 376, stack_size: 27, reductions: 172
> >>>>>>>>>> [info] 2020-04-25T01:49:15.797060Z couchdb@127.0.0.1 <0.11.0>
> >>>>>> --------
> >>>>>>>>>> Application chttpd exited with reason:
> >>>>>>>>>>
> >>>>>>>>>
> >>>>>>
> >>>>>
> >>>>
> {{shutdown,{failed_to_start_child,chttpd,eaddrinuse}},{chttpd_app,start,[normal,[]]}}
> >>>>>>>>>> [info] 2020-04-25T01:49:17.882186Z couchdb@127.0.0.1 <0.11.0>
> >>>>>> --------
> >>>>>>>>>> Application couch_log started on node 'couchdb@127.0.0.1'
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>
> >>>>>>
> >>>>>
> >>>>
> >>>>
> >>>> --
> >>>> Joel Jucá
> >>>> joelwallis.com
> >>>>
> >
> >
>


-- 
Joel Jucá
joelwallis.com

Re: can't get couchdb to work on https

[Joan Touzet <wo...@apache.org>]

Hi Bill,

haproxy should be as simple as installing the binary on your *NIX 
platform, then using something similar to our shipped configuration:

https://docs.couchdb.org/en/latest/best-practices/reverse-proxies.html?highlight=haproxy#reverse-proxying-with-haproxy


Also, I see this walkthrough is referenced elsewhere as working for 
Let's Encrypt and CouchDB:

https://www.joshmorony.com/creating-a-couchdb-database-on-an-ubuntu-server-digital-ocean/

Hope they help,
Joan "3.0.1 and 3.1.0 out hopefully next week" Touzet

On 2020-05-01 15:16, Bill Stephenson wrote:
> FWIW, I tried the instructions I provided earlier this week and didn’t get them to work again. I don’t know if it’s a change made by Let’s Encrypt or I forget exactly what I did.
> 
> I’ll go through the process setting up a Digital Ocean vps again as soon as I get some time because getting those certs configured has always been a bit of a pain and it’d be a good thing to nail that process down.
> 
> If anyone has a list of instruction on setting up haproxy they can share I’d be glad to have them and give that a shot too.
> 
> 
> Kindest Regards,
> 
> Bill Stephenson
> Tech Support
> www.cherrypc.com <http://www.ezinvoice.com/>
> 1-417-546-8390
> 
> 
> 
> 
>> On Apr 30, 2020, at 3:56 PM, Joan Touzet <wo...@apache.org> wrote:
>>
>> On 2020-04-30 16:22, Rene Veerman wrote:
>>> i'm really only looking for a quick and easy way to getting https to work
>>> again..
>>
>> Bill Stephenson gave you a step-by-step that seemed reasonable to me.
>>
>>> do the creators of couchdb read this mailinglist?
>>
>> Yes.
>>
>> Most of us terminate SSL ahead of CouchDB at a reverse proxy (such as haproxy). Some of us have even contemplated dropping native SSL support in CouchDB entirely, because configuring it is a bit of a pain, as you've found. But it can be done, and it does work.
>>
>> For SSL in pure CouchDB, when I must, I use something like EasyRSA:
>>
>>   https://github.com/OpenVPN/easy-rsa
>>
>> to generate the certs, then munge them together and start it. It works OK. But I do this about once every 2 years max.
>>
>> -Joan "Erlang's SSL support isn't great" Touzet
>>
>>
>>> On Sun, Apr 26, 2020 at 3:04 PM Joel Jucá <jo...@gmail.com> wrote:
>>>> Rene,
>>>>
>>>> Your problem seems to be infrastructure-related, rather than CouchDB
>>>> related. I would recommend you to read about Infrastructure as Code. This
>>>> is a practice that allows a developer to declare its infrastructure (in
>>>> your specific case, server configuration) and have some sort of
>>>> reproducibility from it. Then, you could also understand every single
>>>> change made to your server infrastructure - and even share it as a Gist,
>>>> for instance, and have some sort of feedback/pull request directly on it.
>>>>
>>>> I would recommend you Ansible (
>>>> https://www.ansible.com/resources/get-started).
>>>> It's a great solution that allows you to declare your server configuration
>>>> as YAML files and use it within Ansible CLI to reproduce the declared
>>>> configuration on a targeted server (eg: your Ubuntu-powered CouchDB
>>>> server).
>>>>
>>>> I've struggled a lot with server configuration back in 2010-2012 when I was
>>>> a full-stack PHP/Drupal developer, and after discovering Ansible I could
>>>> never imagine myself handling performing a complex task (server
>>>> configuration) manually!
>>>>
>>>> I hope it helps you in some way.
>>>>
>>>> On Sat, Apr 25, 2020 at 6:28 PM Rene Veerman <se...@gmail.com>
>>>> wrote:
>>>>
>>>>> yes, i did..
>>>>>
>>>>> On Sat, Apr 25, 2020 at 9:16 PM Bill Stephenson
>>>> <bill@cherrypc.com.invalid
>>>>>>
>>>>> wrote:
>>>>>
>>>>>> Did you do a "sudo ufw allow 6984”?
>>>>>>
>>>>>>
>>>>>> Kindest Regards,
>>>>>>
>>>>>> Bill Stephenson
>>>>>> Tech Support
>>>>>> www.cherrypc.com <http://www.ezinvoice.com/>
>>>>>> 1-417-546-8390
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>> On Apr 25, 2020, at 9:28 AM, Rene Veerman <se...@gmail.com>
>>>>>> wrote:
>>>>>>>
>>>>>>> also (FYI) : i have already entered the right port forwarding
>>>> commands
>>>>>> into
>>>>>>> my ADSL modem..
>>>>>>>
>>>>>>> On Sat, Apr 25, 2020 at 4:21 PM Rene Veerman <
>>>> seductiveapps@gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> that gets me a 'connection refused' :
>>>>>>>>
>>>>>>>> ('albatross' === localhost === nicer.app)
>>>>>>>>
>>>>>>>> root@albatross:/opt/couchdb/letsencrypt# service couchdb stop
>>>>>>>> root@albatross:/opt/couchdb/letsencrypt# telnet localhost 6984
>>>>>>>> Trying 127.0.0.1...
>>>>>>>> telnet: Unable to connect to remote host: Connection refused
>>>>>>>> root@albatross:/opt/couchdb/letsencrypt# telnet nicer.app 6984
>>>>>>>> Trying 127.0.0.1...
>>>>>>>> Trying 82.161.37.94...
>>>>>>>> telnet: Unable to connect to remote host: Connection refused
>>>>>>>> root@albatross:/opt/couchdb/letsencrypt#
>>>>>>>>
>>>>>>>> On Sat, Apr 25, 2020 at 1:41 PM Florian Westreicher <
>>>>>> stuff@meredrica.org>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Did you try to telnet to the port while couchdb is down? If there
>>>> is
>>>>> no
>>>>>>>>> open port, telnet won't connect.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On April 25, 2020 03:50:56 Rene Veerman <se...@gmail.com>
>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> unfortunately that didn't fix things either. i'm still stuck at
>>>> the
>>>>>>>>>>> eaddrinuse error..
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> [info] 2020-04-25T01:49:15.730815Z couchdb@127.0.0.1 <0.232.0>
>>>>>> --------
>>>>>>>>>> Apache CouchDB has started on https://0.0.0.0:6984/
>>>>>>>>>> [info] 2020-04-25T01:49:15.731032Z couchdb@127.0.0.1 <0.11.0>
>>>>>> --------
>>>>>>>>>> Application couch started on node 'couchdb@127.0.0.1'
>>>>>>>>>> [info] 2020-04-25T01:49:15.731178Z couchdb@127.0.0.1 <0.11.0>
>>>>>> --------
>>>>>>>>>> Application ets_lru started on node 'couchdb@127.0.0.1'
>>>>>>>>>> [notice] 2020-04-25T01:49:15.737605Z couchdb@127.0.0.1 <0.284.0>
>>>>>>>>> --------
>>>>>>>>>> rexi_server : started servers
>>>>>>>>>> [notice] 2020-04-25T01:49:15.738914Z couchdb@127.0.0.1 <0.288.0>
>>>>>>>>> --------
>>>>>>>>>> rexi_buffer : started servers
>>>>>>>>>> [info] 2020-04-25T01:49:15.739062Z couchdb@127.0.0.1 <0.11.0>
>>>>>> --------
>>>>>>>>>> Application rexi started on node 'couchdb@127.0.0.1'
>>>>>>>>>> [notice] 2020-04-25T01:49:15.786354Z couchdb@127.0.0.1 <0.318.0>
>>>>>>>>> --------
>>>>>>>>>> mem3_reshard_dbdoc start init()
>>>>>>>>>> [notice] 2020-04-25T01:49:15.790014Z couchdb@127.0.0.1 <0.320.0>
>>>>>>>>> --------
>>>>>>>>>> mem3_reshard start init()
>>>>>>>>>> [notice] 2020-04-25T01:49:15.790112Z couchdb@127.0.0.1 <0.321.0>
>>>>>>>>> --------
>>>>>>>>>> mem3_reshard db monitor <0.321.0> starting
>>>>>>>>>> [notice] 2020-04-25T01:49:15.792025Z couchdb@127.0.0.1 <0.320.0>
>>>>>>>>> --------
>>>>>>>>>> mem3_reshard starting reloading jobs
>>>>>>>>>> [notice] 2020-04-25T01:49:15.792087Z couchdb@127.0.0.1 <0.320.0>
>>>>>>>>> --------
>>>>>>>>>> mem3_reshard finished reloading jobs
>>>>>>>>>> [info] 2020-04-25T01:49:15.792900Z couchdb@127.0.0.1 <0.11.0>
>>>>>> --------
>>>>>>>>>> Application mem3 started on node 'couchdb@127.0.0.1'
>>>>>>>>>> [info] 2020-04-25T01:49:15.793024Z couchdb@127.0.0.1 <0.11.0>
>>>>>> --------
>>>>>>>>>> Application fabric started on node 'couchdb@127.0.0.1'
>>>>>>>>>> [error] 2020-04-25T01:49:15.796505Z couchdb@127.0.0.1 <0.330.0>
>>>>>>>>> --------
>>>>>>>>>> CRASH REPORT Process  (<0.330.0>) with 0 neighbors exited with
>>>>> reason:
>>>>>>>>>> eaddrinuse at gen_server:init_it/6(line:349) <=
>>>>>>>>>> proc_lib:init_p_do_apply/3(line:247); initial_call:
>>>>>>>>>> {mochiweb_socket_server,init,['Argument__1']}, ancestors:
>>>>>>>>>> [chttpd_sup,<0.327.0>], message_queue_len: 0, messages: [], links:
>>>>>>>>>> [<0.328.0>], dictionary: [], trap_exit: true, status: running,
>>>>>>>>> heap_size:
>>>>>>>>>> 376, stack_size: 27, reductions: 990
>>>>>>>>>> [error] 2020-04-25T01:49:15.796670Z couchdb@127.0.0.1 <0.328.0>
>>>>>>>>> --------
>>>>>>>>>> Supervisor chttpd_sup had child chttpd started with
>>>>>> chttpd:start_link()
>>>>>>>>> at
>>>>>>>>>> undefined exit with reason eaddrinuse in context start_error
>>>>>>>>>> [error] 2020-04-25T01:49:15.796942Z couchdb@127.0.0.1 <0.326.0>
>>>>>>>>> --------
>>>>>>>>>> CRASH REPORT Process  (<0.326.0>) with 0 neighbors exited with
>>>>> reason:
>>>>>>>>>>
>>>>>>>>>
>>>>>>
>>>>>
>>>> {{shutdown,{failed_to_start_child,chttpd,eaddrinuse}},{chttpd_app,start,[normal,[]]}}
>>>>>>>>>> at application_master:init/4(line:134) <=
>>>>>>>>>> proc_lib:init_p_do_apply/3(line:247); initial_call:
>>>>>>>>>> {application_master,init,['Argument__1',...]}, ancestors:
>>>>> [<0.325.0>],
>>>>>>>>>> message_queue_len: 1, messages: [{'EXIT',<0.327.0>,normal}],
>>>> links:
>>>>>>>>>> [<0.325.0>,<0.11.0>], dictionary: [], trap_exit: true, status:
>>>>>> running,
>>>>>>>>>> heap_size: 376, stack_size: 27, reductions: 172
>>>>>>>>>> [info] 2020-04-25T01:49:15.797060Z couchdb@127.0.0.1 <0.11.0>
>>>>>> --------
>>>>>>>>>> Application chttpd exited with reason:
>>>>>>>>>>
>>>>>>>>>
>>>>>>
>>>>>
>>>> {{shutdown,{failed_to_start_child,chttpd,eaddrinuse}},{chttpd_app,start,[normal,[]]}}
>>>>>>>>>> [info] 2020-04-25T01:49:17.882186Z couchdb@127.0.0.1 <0.11.0>
>>>>>> --------
>>>>>>>>>> Application couch_log started on node 'couchdb@127.0.0.1'
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Joel Jucá
>>>> joelwallis.com
>>>>
> 
>