MatterMost - PORT 443 Listen address BUG FOUND (USER ERROR)

ProductionNoob · January 24, 2022, 5:15pm

** My Yunohost Server**
Hardware: Linode 2CPU 4GBRAM 80GB HDD
YunoHost version: 4.3.6.2
I have access to my server : Through SSH, through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : No

ISSUE
Restoration/Upgrading with a configured listening port causes a failed to install/upgrade/restore.

EDIT - BUG FOUND - In system console > Web Server > Listen Address: 127.0.0.1:8065 . WHEN you change the port address to anything else other than 8065 and try to upgrade to a new Mattermost instance, both the upgrade and restore will fail… like down below. Mine was set to 443

[Error] Jan 24 18:32:57 mattermost[13901]: Error: Error starting server, err:listen tcp 127.0.0.1:443: bind: permission denied: listen tcp 127.0.0.1:443: bind: permission denied.

Solution
I downloaded the mattermost pre upgrade.tar from the backup section in Yunohost and decided to open it up and head over to /backup/config/ and edit config.json - I edited the ‘forwardport80to443’ to false
Letsencrpyt-connection from “TLS” to " "
Also listen address port was reverted to 8065. I did this by comparing this file to a working installation of mattermost. and changed those values that were prompted in the logs.

There are several other Config.jsons that you will need to open up, edit and make sure those values are taken care of.

FAILED UPGRADE LOGS HERE - https://paste.yunohost.org/raw/ewunosikih

FAILED RESTORE LOGS HERE - https://paste.yunohost.org/raw/gedeculuge

tituspijean · January 26, 2022, 6:37am

Welcome!

We clearly do not have the same definition of “not tweaking” your server.

It fails because port 443 is you used for SSL by NGINX, the web server for your whole server. 8065 is the internal port onto which your Mattermost server is served, and NGINX takes care of proxifying it.

Why did you need to change the port?

ProductionNoob · January 26, 2022, 5:03pm

I thought it was referring to ‘Yunohost’ itself. Now I know better. Thanks.

I’m a noobie, I don’t understand these systems yet.- So I wanted to ensure that all traffic was encrypted by using 443. I figured it wouldnt hurt if it did not work (I suspected so because it refused to issue me a lets encrypt… It is afterall provided my yunohost).

I had figured that out, obviously, the hard way. I Was thinking, why would mattermost work any ways if I changed to port 443 and why would it break when trying to restore/upgrade it.

Thanks.

tituspijean · January 26, 2022, 6:22pm

No worries, you had overall the good reflex asking for help.

Requests go that way:


Mattermost          <->  NGINX <-----> You/your visitors
(port 8095 for you,              SSL
internal only)                 port 443

Most likely you did not restart the Mattermost service, so your alteration was not taken into account. Backing up, restoring, upgrading scripts would restart the service, then you would discover the issue.

system · February 10, 2022, 6:22pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.