Server resets connection with no data?

[rajid]

I followed these instructions to install a nightscout/mongodb site on a small Linux system I have (v20.04 LTS). The mondodb installed with no problems and the "start.sh" script starts up the site just fine with no errors. I configured it into "development" mode hoping to get some more logging, but that doesn't show anything. I see "Listening on port 80 null" and I can see (with "netstat -an" that it's, indeed, listening. When I try to connect, the connection is just reset and dropped! I tried from various browsers and even using "curl" on the system itself. The /etc/hostname is set as the same hostname as that used in BASE_URL. I even set "INSECURE_USE_HTTP=false" to try to reduce the things which could go wrong. Still, no logging of anything when I connect and no output. Any ideas?

[schmitzn]

Did you set up SSL as well? If so, please set PORT=443 and try it again. Re-reading my instructions I have to admit that it does not make sense to use port 80 together with SSL. I will correct this in the instructions. If you'd like to use a port different to the default, please notice that the port should also be added to the BASE_URL then (e.g. https://mydomain:1234 for port 1234).

[rajid]

Since I included "INSECURE_USE_HTTP=false", then SSL shouldn't be needed, however I did, indeed, setup SSL with a proper cert. I did include the port into the BASE_URL. Here's my env from start.sh (API secret and password xxx'ed out, of course):

export SSL_KEY=/home/raj/.acme.sh/rajlinux.mojostan.us/rajlinux.mojostan.us.key
export SSL_CERT=/home/raj/.acme.sh/rajlinux.mojostan.us/fullchain.cer
export SSL_CA=/home/raj/.acme.sh/rajlinux.mojostan.us/fullchain.cer

environment variables

export NODE_ENV="development"
export DISPLAY_UNITS="mg/dl"
export MONGO_CONNECTION="mongodb://kkelebek:xxxxxxxxx@localhost:27017/Nightscout"
export MONGO_COLLECTION=entries
export HOSTNAME=192.168.0.127
export BASE_URL="http://rajlinux.mojostan.us:80"
export PORT=80
export API_SECRET="xxxxxxxxx"
export INSECURE_USE_HTTP=true
export DEBUG_MINIFY=false

export PUMP_FIELDS="reservoir battery status"
export DEVICESTATUS_ADVANCED=true
export ENABLE="careportal iob cob openaps pump bwg rawbg basal"

export TIME_FORMAT=24

Yes, I'm using a 192.168/24 network address, but at this time I'm only expecting this to work inside my house. The hostname "rajlinux.mojostan.us" agrees with that IP address as does the cert.

Do you know of some way to turn on additional logging/debugging so that maybe I can see why it's closing the connection without doing anything? I looked through a lot of the code and don't see any additional debugging which could be turned on.

Thanks for your help!

[rajid]

Hmmm. Ok, setting the port to 443, and removing "export INSECURE_USE_HTTP=true", seems to make it work! Apparently, "INSECURE_USE_HTTP=true" doesn't actually work and the site MUST use SSL! Good to know! Sorry for having bothered you!

[Aiden-Xi]

Hmmm. Ok, setting the port to 443, and removing "export INSECURE_USE_HTTP=true", seems to make it work! Apparently, "INSECURE_USE_HTTP=true" doesn't actually work and the site MUST use SSL! Good to know! Sorry for having bothered you!

If you can paste your nginx configuration, I would be very grateful.

[schmitzn]

If you can paste your nginx configuration, I would be very grateful.

Sorry, I'm using it standalone on a separate port without nginx/apache. Maybe @rajid ?

[Aiden-Xi]

@rajid
If you can paste your nginx configuration, I would be very grateful.

[rajid]

Sorry for taking a while to reply. This issue was opened a long time back and I've moved on to other things since then. I needed to find the computer (a small Raspberry Pi) and get it back onto the net. Looking at my start.sh, it looks to me as though I'm running standalone as well. It simply invokes "node" with "server.js". "ps" doesn't show nginx or apache and I don't see them in /etc/init.d. Maybe I'm missing something. Here's my start.sh (passwords removed, of course):

#!/usr/bin/bash

export SSL_KEY=/home/raj/.acme.sh/nightscout.mojostan.us/nightscout.mojostan.us.key
export SSL_CERT=/home/raj/.acme.sh/nightscout.mojostan.us/fullchain.cer
export SSL_CA=/home/raj/.acme.sh/nightscout.mojostan.us/fullchain.cer

environment variables

export DISPLAY_UNITS="mg/dl"
#export MONGO_CONNECTION="mongodb://kkelebek:XXXXXXXXXXX@localhost:27017/Nightscout"
export MONGO_CONNECTION="mongodb://localhost:27017/heroku_9pp513zj"
export BASE_URL="https://nightscout.mojostan.us"
export PORT=443
export API_SECRET="XXXXXXXXXXX"

export PUMP_FIELDS="reservoir battery status"
export DEVICESTATUS_ADVANCED=true
export ENABLE="careportal iob cob openaps pump bwg rawbg basal bridge loop"
export BRIDGE_PASSWORD="XXXXXX"
export BRIDGE_USER_NAME="kelebek"

export TIME_FORMAT=24

start server

node --no-deprecation server.js

[Aiden-Xi]

@rajid Ok, thanks.

I have configured it now. But port 443 is not used directly, because this port is occupied by our k8s. The https configuration is not enabled in the start.sh file.
The following is my start.sh configuration file
`#!/usr/bin/bash

environment variables

export DISPLAY_UNITS="mmol"

S1 服务器远程连接 mongod

export MONGO_CONNECTION="mongodb://admin:[email protected]:27017/Nightscout"
export MONGO_COLLECTION=entries
export LANGUAGE=zh_cn

export HOSTNAME="127.0.0.1"
export BASE_URL="http://127.0.0.1:8001" # 有效
export PORT=8001
export INSECURE_USE_HTTP=true

export DEVICESTATUS_ADVANCED="true"
export DEBUG_MINIFY=false
export API_SECRET="E6CCUmFrrWUY2"
export PUMP_FIELDS="reservoir battery clock status device"
export TIME_FORMAT=24
export DEVICESTATUS_ADVANCED=true
export TIMEAGO_ENABLE_ALERTS=true
export DBSIZE_MAX=10240
export DBSIZE_WARN_PERCENTAGE=70
export DBSIZE_URGENT_PERCENTAGE=80
export THEME=colors

配置插件

export ENABLE="delta direction upbat devicestatus dbsize ar2 careportal iob food cob openaps pump bwg rawbg basal"
/root/.nvm/versions/node/v12.15.0/bin/node server.js
`

nginx.conf configuration file
user nginx; worker_processes 8; error_log /var/log/nginx/error.log; pid /run/nginx.pid; include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 4096; include /etc/nginx/mime.types; default_type application/octet-stream; include /etc/nginx/conf.d/*.conf; server { listen 80; listen [::]:80; server_name xx.xxx.com; root /usr/share/nginx/html; include /etc/nginx/default.d/*.conf; error_page 404 /404.html; location = /404.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name xx.xxx.com; ssl_certificate /etc/nginx/tls/1_xx.xxx.com.pem; ssl_certificate_key /etc/nginx/tls/2_xx.xxx.com.key; access_log /var/log/nginx/xx.xxx.com/access.log; error_log /var/log/nginx/xx.xxx.com/error.log; root /www/cgm/cgm-remote-monitor/; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location / { proxy_pass http://127.0.0.1:8001; } } }

The problem I have now is: I visit ns.xxx.com/profile?token=admin-xxxxxxx
Click Close in the upper right corner, the system will be redirected to ns.xxx.com, but authentication is required again here. I don’t want others to know my authentication key. I thought nginx can jump to ns.xxx.com?token=admin-xxxxx

Therefore, how should I configure my nginx? I did not find any relevant solutions on the Internet.