HTTPS not working on Self Hosted instance

Self Hosted Retool
1

I really hope someone can help me.

I am hosting Retool on an Azure Ubuntu VM that has complete open internet access. The initial deploy seemed to result in not having https, hence me wanting to ‘add it in’.

I noticed after the original deploy that docker-compose.yml had the https section commented out? I have uncommented that and redeployed but made no difference.

I see retoolonpremise_https-portal_1 is up when I run sudo docker-compose ps, so it should be there, right?

Would I need to redeploy completely, and if so how can I ensure the retool deploy would result in https?
The docs talk about steps to deploy with docker compose but nothing about https so if I follow those again I will get the same result as last time.

What is it I need to do to ensure https is enabled on an Azure Ubuntu VM with full internet access?

Any advice appreciated, please.

Thanks

2

The https-portal in docker-compose ps keeps showing as restarting. Looking in the logs I see this:

https-portal_1 | ========================================
https-portal_1 | HTTPS-PORTAL v1.3.0
https-portal_1 | ========================================
https-portal_1 |
https-portal_1 | [cont-init.d] 00-welcome: exited 0.
https-portal_1 | [cont-init.d] 10-persist-env: executing...
https-portal_1 | [cont-init.d] 10-persist-env: exited 0.
https-portal_1 | [cont-init.d] 20-setup: executing...
https-portal_1 | /opt/certs_manager/lib/nginx.rb:11:in 'initialize': No such file or directory @ rb_sysopen - /etc/nginx/conf.d/http://parexel-retool.eastus2.cloudapp.azure.com.conf (Errno::ENOENT)
https-portal_1 | from /opt/certs_manager/lib/nginx.rb:11:in 'open'
https-portal_1 | from /opt/certs_manager/lib/nginx.rb:11:in 'config_http'
https-portal_1 | from /opt/certs_manager/certs_manager.rb:53:in 'block (2 levels) in ensure_signed'
https-portal_1 | from /opt/certs_manager/certs_manager.rb:52:in 'each'
https-portal_1 | from /opt/certs_manager/certs_manager.rb:52:in 'block in ensure_signed'
https-portal_1 | from /opt/certs_manager/certs_manager.rb:77:in 'block in with_lock'
https-portal_1 | from /opt/certs_manager/certs_manager.rb:75:in 'open'
https-portal_1 | from /opt/certs_manager/certs_manager.rb:75:in 'with_lock'
https-portal_1 | from /opt/certs_manager/certs_manager.rb:51:in 'ensure_signed'
https-portal_1 | from /opt/certs_manager/certs_manager.rb:21:in 'setup'
https-portal_1 | from /etc/cont-init.d/20-setup:4:in ''
https-portal_1 | [cont-init.d] 20-setup: exited 1.
https-portal_1 | [cont-init.d] 30-set-docker-gen-status: executing...
https-portal_1 | [cont-init.d] 30-set-docker-gen-status: exited 0.
https-portal_1 | [cont-init.d] done.
https-portal_1 | [services.d] starting services
https-portal_1 | [services.d] done.
https-portal_1 | Starting crond ...
https-portal_1 | 2021/11/23 15:27:35 [emerg] 177#177: bind() to 0.0.0.0:80 failed (98: Address already in use)
https-portal_1 | nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
https-portal_1 | 2021/11/23 15:27:35 [emerg] 177#177: bind() to 0.0.0.0:80 failed (98: Address already in use)
https-portal_1 | nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
https-portal_1 | 2021/11/23 15:27:35 [emerg] 177#177: bind() to 0.0.0.0:80 failed (98: Address already in use)
https-portal_1 | nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
https-portal_1 | 2021/11/23 15:27:35 [emerg] 177#177: bind() to 0.0.0.0:80 failed (98: Address already in use)
https-portal_1 | nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
https-portal_1 | 2021/11/23 15:27:35 [emerg] 177#177: bind() to 0.0.0.0:80 failed (98: Address already in use)
https-portal_1 | nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
https-portal_1 | 2021/11/23 15:27:35 [emerg] 177#177: still could not bind()
https-portal_1 | nginx: [emerg] still could not bind()
https-portal_1 | [cont-finish.d] executing container finish scripts...
https-portal_1 | [cont-finish.d] done.
https-portal_1 | [s6-finish] syncing disks.
https-portal_1 | [s6-finish] sending all processes the TERM signal.

Any ideas?

3

Hey all, I just wanted to update this thread since it looks like this may have been resolved over intercom. This error was likely due to trying to use a default dns address provided by Azure (parexel-retool.eastus2.cloudapp.azure.com) -- these addresses are blocked from being able to get certificates by Let's Encrypt (the tool that we use to generate your SSL cert). If Azure provides a certificate, you can follow the instructions here to add it and not use a generated cert: https://docs.retool.com/docs/custom-certificate-for-ssl

Otherwise, you will need to set up your own DNS record and use that when following the instructions here: https://docs.retool.com/docs/obtaining-a-letsencrypt-ssl-certificate-when-using-docker

5

How did you solved the problem? I have installed retool on google cloud and my nginx is in a continuous restarting. I am going crazy, i cannot solve this error and retool in impossibile to use...

6

Here my problem Err_connection_refused