Hi, I successfully installed Retool on premise on my Google Cloud Platform but after finishing the configuration of SSL certificate the application start give me often this error: ERR_CONNECTION_REFUSED
It's impossible to use it because it happens very often.
It happens also that some page give and error like this Loading CSS chunk 656104 failed.
The firewall it’s correct, I really don’t know how to handle this issue.
2022/12/17 10:36:46 [warn] 161#161: conflicting server name "retool.volty.it" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "retool.volty.it" on 0.0.0.0:80, ignored
2022/12/17 10:36:46 [notice] 161#161: signal process started
2022/12/17 10:36:47 [warn] 191#191: conflicting server name "retool.volty.it" on 0.0.0.0:80, ignored
2022/12/17 10:36:47 [warn] 190#190: conflicting server name "retool.volty.it" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "retool.volty.it" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "retool.volty.it" on 0.0.0.0:80, ignored
2022/12/17 10:36:47 [emerg] 191#191: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2022/12/17 10:36:47 [emerg] 191#191: bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
2022/12/17 10:36:47 [emerg] 191#191: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2022/12/17 10:36:47 [emerg] 191#191: bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
2022/12/17 10:36:47 [emerg] 191#191: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2022/12/17 10:36:47 [emerg] 191#191: bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
2022/12/17 10:36:47 [emerg] 191#191: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2022/12/17 10:36:47 [emerg] 191#191: bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
2022/12/17 10:36:47 [emerg] 191#191: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2022/12/17 10:36:47 [emerg] 191#191: bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
2022/12/17 10:36:47 [emerg] 191#191: still could not bind()
Depends on which section of your docker-compose.yml you're referring to!
The image: nginx:latest is for the https-portal in your docker-compose.yml
I wonder if the issue is in the nginx's container's ability to issue the certificate. Specifically, it looks like the container might be having a problem confirming the DNS record which means the outbound request on port 80 might not be making it through. Can we try opening up port 80, restarting, and then checking the https-portal logs to see if that resolves the error?
Just to double check, have you opened up your instance's security group to port 80 from 0.0.0.0/0.
I do believe we need to keep this open to all port ranges. LetsEncrypt, the service that provides the certificate, doesn't provide a list of IPs that are needed (see their FAQ here). If locking down the list of outbound IP's is an important step, I'd recommend moving off of LetsEncrypt and switching to AWS as the certificate provider.