this post was submitted on 20 Jul 2023
7 points (88.9% liked)

Lemmy Support

4661 readers
67 users here now

Support / questions about Lemmy.

Matrix Space: #lemmy-space

founded 5 years ago
MODERATORS
 

I have tried the docker, ansible, and scratch methods. I have been troubleshooting for a month now. I have gotten nowhere. I need someone to help walk me through how to deploy a lemmy server because the guides are absolute trash.

Please help. I'm wasting money running this VPS and for literally nothing.

Edit: So, I've tried the ansible method, but I can't access my server this way. It just keeps saying "UNREACHABLE". I have generated a dozen keys, none of them work. I have NO PROBLEMS with ssh in Putty. I can use Putty all day. Putty works fine using my ssh key. Ansible does not. No amount of new keys has made any difference. I have countless keys in my stupid droplet because of this hacky garbage.

you are viewing a single comment's thread
view the rest of the comments
[–] ZMonster@lemmy.world 1 points 1 year ago (2 children)

Okay, I keep getting this question re: "reverse proxys", but I'm having trouble answering this because the guide does not use that language. There are no steps that direct me to edit, add, modify a "reverse proxy". So if there is a step in the guide that you know to be a "reverse proxy" then please tell me what it is. I am following the guides EXACTLY. There are a lot of missing steps, but most of these are things that were implied by the guide and not explicitly stated.

I have tried the docker method. I have gotten close with this, as in, I can use the IP to access the instance, but I have not been able to get the domain to work. My A record is set up correctly. I used lemmy-easy-deploy to get it working the first time and it DID, but that dev does not support instances made for actual deployment so many features just don't work. It's not feasible at all. But my domain DID work. So I know my A record is set up correctly.

I have tried the scratch method. That was a nightmare and nothing worked as expected. I am more than happy to try if you are willing to help me negotiate it.

I have tried the ansible method. My local PC will not connect to the server with ansible. I have created a dozen new keys and NONE of them work. Ansible WILL NOT CONNECT. I have been using Putty to access the server and it works flawlessly, all day, every day. So I obviously have a working key. Ansible is not working. It just keeps saying "UNREACHABLE". I have googled this and found no solution that even remotely addressed what I am trying to do.

I don't know what to do so you tell me and I'll fucking do it. Would you like me to start with the docker method? Would you like me to try the ansible method? Would you like me to try the scratch method? You tell me. I don't know. I don't care. I just want to get it working.

[–] BlackEco@lemmy.blackeco.com 1 points 1 year ago (1 children)

Is the server you're trying to deploy in a local network? Have you setup your ISP router to route ports 80 and 443 to your server? Or are you using Cloudflare Tunnel?

As for reverse proxy, it's usually Caddy or nginx-proxy to get a SSL certificate (for HTTPS) for your service.

[–] ZMonster@lemmy.world 1 points 1 year ago* (last edited 1 year ago) (2 children)

I am using digital ocean.

Have you setup your ISP router to route ports 80 and 443 to your server?

I don't know what that is. What is an ISP router? Is that a config file on my server? You really need to spell it out. I am following the guides. That is what I know. If you have a better guide that uses this verbiage then please send it. I am happy to learn.

And during the docker method, I was trying to set up nginx and the status is inactive. It will not start.

Here is the status message:

 Starting A high performance web server and a reverse proxy server...
 nginx[29280]: nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/my_domain_name/fullchain.pem": BIO_new_file() failed (SSL: error:80000002:system>
 nginx[29280]: nginx: configuration file /etc/nginx/nginx.conf test failed
 systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
 systemd[1]: nginx.service: Failed with result 'exit-code'.
 systemd[1]: Failed to start A high performance web server and a reverse proxy server.
[–] BlackEco@lemmy.blackeco.com 1 points 1 year ago* (last edited 1 year ago) (1 children)

ISP = Internet Service Provider, so your Telco provider. By ISP router I was meaning the box you use at home to connect to the Internet as I presumed you were self-hosting at home. But since you are on Digital Ocean this is irrelevant.

I'm not familiar with Digital Ocean, do you have access to a standard Linux box with SSH or are you using some sort of Web UI like cPanel to manage it?

[–] ZMonster@lemmy.world 1 points 1 year ago

Oh, so my router, 🤣 lol, my bad.

And yes, I use Putty to access the server currently. root@IP with an RSA key. It works perfectly on Putty. Ansible just will not connect. No idea what to do there. It just says "UNREACHABLE". I have added and removed a dozen or so keys generated on the WSL Ubuntu Ansible local machine and none of them work.

Look in /etc/nginx/nginx.conf, it probably includes ./sites-available/*.conf, look in there for ssl_certificate(_key) that mentions that fullchain.pem, remove/comment(#) and restart nginx. It may still bitch about not having a cert for ssl, in which case take that out of the listen directives too.

[–] whenever8186 1 points 1 year ago* (last edited 1 year ago)

There are 2 reverse proxies involved. One is Nginx which is used to front both the Lemmy UI and the Lemmy backend. That's what the 'proxy' container in the docker compose file is for. It seems to be a required component of the application stack as different request types to the same host FQDN are sent to different backends ('upstreams' in network speak). You could use Caddy here instead if you wanted, which is the point of this page: https://join-lemmy.org/docs/administration/caddy.html. However, that config doesn't work for the latest version of Caddy (you'll get an error about stuff being outside of the site block).

The other one (could either be Nginx again or Caddy or anything else you want instead) is to front the whole thing and provide TLS termination using Letsencrypt. This bit is explained here: https://join-lemmy.org/docs/administration/install_docker.html#reverse-proxy--webserver