Problem when creating a case even after accepting the risks on the browser

Question

Problem when creating a case even after accepting the risks on the browser

Closed this issue a month ago · 7 comments

Hi,

I'm trying to use Volweb in production mode, but I still have this problem when i trying to create a case :

Logs :

volweb-platform | 2024-08-21 15:11:54,964 WARNING Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f4857da5450>: Failed to establish a new connection: [Errno -2] Name or service not known')': /b96a9415-547e-43fc-abf8-96bb66e67551
volweb-platform | 2024-08-21 15:11:55,442 WARNING Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f4857da53f0>: Failed to establish a new connection: [Errno -2] Name or service not known')': /b96a9415-547e-43fc-abf8-96bb66e67551
volweb-platform | 2024-08-21 15:11:56,299 WARNING Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f4857da4f10>: Failed to establish a new connection: [Errno -2] Name or service not known')': /b96a9415-547e-43fc-abf8-96bb66e67551
volweb-platform | 2024-08-21 15:11:57,947 WARNING Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f4857da4be0>: Failed to establish a new connection: [Errno -2] Name or service not known')': /b96a9415-547e-43fc-abf8-96bb66e67551
volweb-platform | 2024-08-21 15:12:01,207 WARNING Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f4857da59c0>: Failed to establish a new connection: [Errno -2] Name or service not known')': /b96a9415-547e-43fc-abf8-96bb66e67551
volweb-platform | 2024-08-21 15:12:01,302 ERROR Internal Server Error: /api/cases/
volweb-platform | 172.19.0.6:47752 - - [21/Aug/2024:15:12:01] "POST /api/cases/" 500 33
volweb_nginx | 172.18.187.195 - - [21/Aug/2024:15:12:01 +0000] "POST /api/cases/ HTTP/2.0" 500 33 "https://my-domain.com/cases/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36" "-"

However I use a self-signed certificate, I accepted the risk in the browser, I added the certificate as trusted certificate on the browser, I filled in the FQDN when signing the certificate but I still have the same problem

Thank you for your help

Answer 1 · 2024-09-04T16:51:54.000Z

I've now generated certificates using a trusted certificate authority and I'm still having the same problem.

Answer 2 · 2024-09-07T10:20:23.000Z

Hello,
Thank you for your interest to the VolWeb project.
It's seems that the error you encounter is coming from the initial configuration (env variables) you've set.
Would you be able to provide the env file you used ?

You may also check #13 beforehand, seems to be the same kind of issue.

Best regards.

Answer 3 · 2024-09-09T08:36:42.000Z

Hello,

Thank you for your feedback

I've already seen case number #13 but it didn't solve my problem,

I started with a self-signed certificate. I accepted the risks on the browser via https://my-domain.com:9000 , but it was still not working.

So I changed the self-signed certificate to one signed by a trusted authority, but it still didn't work.

Below is the content of my .env file:

#############VOLWEB PLATFORM INFORMATION#############

Change with the fqdn or IP of your volweb instance

CSRF_TRUSTED_ORIGINS=https://my-domain.com # Change me
DJANGO_SECRET=My_Secret_key

WEBSOCKET_URL=wss://my-domain.com # Change me

AWS_ENDPOINT_URL=https://my-domain.com:9000/ # Change me
AWS_ENDPOINT_HOST=my-domain.com:9000 # Change me
AWS_REGION="" # Don't change me if you are using MinIO and not AWS

AWS_ACCESS_KEY_ID=user # Change me with the MINIO/AWS ACL
AWS_SECRET_ACCESS_KEY=password # Change me with the MINIO/AWS ACL

######################################################

#################VOLWEB DATABASE######################
POSTGRES_USER=volwebuser
POSTGRES_PASSWORD=Volweb_password
POSTGRES_DB=volweb

DATABASE=postgres
DATABASE_HOST=volweb-postgresdb
DATABASE_PORT=5432
######################################################

BROKER_HOST=volweb-redis
BROKER_PORT=6379

Thank you

Answer 4 · 2024-09-11T16:17:29.000Z

Seems like there is a problem with the resolution of your domain.
This could come from the nginx configuration. Here are a few debugging tips:

Make sure to double check that the nginx configuration right.
Make sure that navigating to https://my-domain.com:9000/ and https://my-domain.com:9001/ works
Try using IP address instead of the fqdn for testing
Checkout issue #16 which propose an alternative solution to deploy VolWeb in production mode with a certificate signed by a trusted authority.

I will update the documentation and the initialization process in the next release to make it easier, thank you in advanced for your patience. 🙏

Answer 5 · 2024-09-23T09:43:08.000Z

I have checked the ngnix file and it is configured correctly.

I've followed all the different solutions in the other issues but this doesn't solve my problem. I still can't create a case.

I can create a case if I go through the admin interface (https://my-domain/admin), but not via the application directly.

And when I create a case via the admin interface, I can't upload evidence.

I'm still blocked.

I thought I'd made a mistake somewhere, so I deleted everything and started again, but I still have the same problem.

Thanks for your help.

Answer 6 · 2024-09-25T07:34:08.000Z

Hello,
I am sorry to read that you still have trouble getting the VolWeb platform up and healthy.

I will try to reproduce the issue with a setup like yours and provide a script to automate the setup process (bash/powershell).

Best regards.

Answer 7 · 2024-09-26T19:59:39.000Z

Hello there.
I wrote a quick script to get VolWeb started with a self signed certificate on the enhancement/install_script branch.

Usage:

cd VolWeb
git pull
git checkout enhancement/install_script
./install_volweb.sh

The IP indicated must be the same when signing the certificate.

Your issue likely arises from the network_mode: "host" setting used for the volweb-minio service. It removes the network isolation between the container and the Docker host. Therefore, containers don't use Docker's DNS system, which resolves service names.

Do you have the same setup as in issue #16 ? Meaning:

    volweb.yourdomain.com:443 -> volweb-platform:80 HTTP
    minio.yourdomain.com:443 -> volweb-minio:9001 (if you want to access the console)
    api.minio.yourdomain.com:443 -> volweb-minio:9000 (for the API used by volweb and the browser)

At the end of the day, if you are using a FQDN, you need to make sure that the volweb-platform can reach the minio instance and modify your nginx configuration according to your needs.

I'll provide a real case scenario soon.

Thanks,
Best regards.