Clojurians Log v2
biff
just giving Biff a go… awesome documentation and I love the interactive project creation!
I didn’t get a sign in link in the console… the console wasn’t open when I clicked the sign in, but going back and clicking the sign in button with the console open didn’t generate it.
tried it in Safari (Chrome was the first case) and ditto.
I should clarify that I was looking in the browser console… maybe it’s meant to be the terminal… but not seeing anything there.
restarted app and launched the :8080 start page with the console open and see that I have an error of :8080/api/signed-in:1 Failed to load resource: the server responded with a status of 403 (Forbidden)
still the same issue (no link in the console) but I think the error has something to do with it.
I restarted everything and tried it in incognito mode in the browser to winnow the possibility extensions are interfering (although the Safari check basically determined that as I have few extensions in there) and I got ensure-signed-out.js:1 GET <http://localhost:8080/api/signed-in> net::ERR_ABORTED 403 (Forbidden)
I just scrolled back through this slack history and saw this issue mentioned before; I pasted the SHA mentioned there into deps.edn and restarted the app but I’m still getting the issue.
ok… restarted everything and this is the full error message before clicking the sign in button:
GET <http://localhost:8080/api/signed-in> 403 (Forbidden)
(anonymous) @ VM28:1
(anonymous) @ ensure-signed-out.js:1
The link will be printed to the terminal, not the browser console. I should reword that message.
the 403 from /api/signed-in is expected; it just means you haven't signed in yet. If the response was 200, you would get redirected away from the sign-in page. See https://github.com/jacobobryant/biff/blob/master/resources/biff/project/base/%7B%7Bdir%7D%7D/resources/www/js/ensure-signed-out.js and https://findka.com/biff/#check-if-signed-in.
When I run the example project and then hit the sign-in button, I get this in the terminal:
System started.
[:send-email
{:to "<mailto:abc@example.com|abc@example.com>",
:template :biff.auth/signin,
:data
{:biff.auth/link
"<http://localhost:8080/api/signin?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJiaWZmIiwiZXhwIjoxNjA1MjQ4NTA3LCJpYXQiOjE2MDUxNjIxMDcsImVtYWlsIjoiYWJjQGV4YW1wbGUuY29tIn0.corZo_5PcX4bvuVSCCcDmFbdCBcNC_ogtVn5DKr20JE>"}}]System started., right?If so, what's the output of curl -v <http://localhost:8080/api/signin-request> -F <mailto:email=abc@example.com|email=abc@example.com>? If successful, it should include this:
< HTTP/1.1 302 Found
< Location: <http://localhost:8080/signin-sent>I did get that output in the terminal, and thanks for the clarification.
Sorry for spamming the channel… I should have done it all in a thread (still getting up to speed with some aspects of Slack).
All working now! Nice choice with tailwind.css… I like it.
adding --staging to the end of the certbot command worked (in staging)… Congratulations! You have successfully enabled <https://pumpstats.blipsfrom.space>
https://community.letsencrypt.org/t/too-many-failed-authorizations-recently/91444
so, will wait an hour and try without --staging.
awesome
some certbot commands can also be run with --dry-run, too.
and…..
it worked!!
however, now getting an insecure site warning when going to the domain; but a 403 Forbidden error when overriding that via the browser dialogue.
nothing that needs working on now… just pasting the info here while it’s still fresh.
and just realized we’d stopped the biff process, too. 😉
heh. yeah, you'll want to run systemctl enable biff; systemctl start biff
also run systemctl restart nginx just in case
if you do cat /etc/nginx/sites-enabled/biff, are there lines that say # managed by Certbot ? just to double check that certbot edited the nginx config. If so, I would expect/hope the site will work without insecure site warnings (after you run the systemctl commands)
yep… server_name http://pumpstats.blipsfrom.space; # managed by Certbot listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/pumpstats.blipsfrom.space/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/pumpstats.blipsfrom.space/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } # managed by Certbot return 404; # managed by Certbot
you’re going (maybe) to hate me… I ran through another Biff setup, before realizing I’ve probably borked the current one.
I changed sed to perl in the one file.
but now I might need to try to reset the DO environment and do it all from scratch to recreate the situation.
which I don’t mind at all. but I might not tear the right things down.
I still have ssh access to the instance, however.
actually, it all looks ok… the new droplet has a different A record.
👍 I'd recommend at least running those systemctl command I gave above and see if you can load the site without getting security warnings
will do.
I had somehow missed some of the systemctl… messages you had pasted yesterday… just ran them and still getting a 403…
restarted nginx.
I’ll try them on my other Biff instance and report back.
hiccups… but people seldom add these totally necessary components (like letsencrypt) to their web frameworks and this is why… the battle is worth it!!
:thumbsup: btw I forgot I still need to look into that git-resolve-deps thing. I expect the 403 error to persist until that's fixed
no worries 🙂 glad it's all figured out!
Yeah, I switched to tailwind from bootstrap a month-ish ago and I've been really happy with it!