Production server login problem

I’ve been able to create a production server on an GCS instance, but I can’t seem to login. I can access the Gateway API, but my attempts to login always fail with no error in the GUI. If I examine the logs, I see line such as the following:

123.123.123.0 - zac@abcd.com [09/Mar/2019:05:24:31 +0000] "POST /api/management/v1/useradm/auth/login HTTP/2.0" 400 581 "https://server.myapp.com:9010/ui/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" "-" request ID "-" 0.000

Chrome debug I can see the following error:

VM96:1 Uncaught SyntaxError: Unexpected token < in JSON at position 0 at JSON.parse (<anonymous>) at main.js:1 at Request.callback (main.js:1) at Request.<anonymous> (main.js:1) at Request.Emitter.emit (main.js:1) at XMLHttpRequest.xhr.onreadystatechange (main.js:1)

Any idea what is going awry? It seems like it must be something simple, but I’m stymied. I added the user at the command prompt on the server after I installed it. I do note that I am using 9010 as the port to the outside world as 443 was already in use. I think that’s the only difference between my configuration and the one described in the production setup docs.

Thanks for any assistance,

-Zac

it’s the port that is the issue. when the mender-gui docker container starts it builds the ui and sets the rooturl into the main.js without the port number. i believe to fix this is to set the GATEWAY_PORT=9010 env on the mender-gui in docker compose.

No luck thus far. Here’s the change I made to docker-composer.yml:

    # mender-gui
    #
    mender-gui:
        image: mendersoftware/gui:1.7.0
        extends:
            file: common.yml
            service: mender-base
        networks:
            - mender
        environment:
            - INTEGRATION_VERSION
            - GATEWAY_PORT=9010
            - HOSTNAME=admin.myapp.com

It looked as if entrypoint.sh wants both the host and port set, so I provided both. This did change the behavior of the Mender web application…but it just made it so clicking the “login” button does nothing at all instead of throwing a 400 error. Is there a step I’m missing?

Thanks for the help,
-Zac

Actually, I got a little further by setting both GATEWAY_PORT and GATEWAY_IP, but of course then I get a failure because my generated certificate’s common name doesn’t match.

Well, I suppose GATEWAY_IP doesn’t actually need to be an IP. I’ll try the host name…

…and that took me right back to the original error :frowning:

There’s actually no difference in the error message, which already was using the correct request URL (with the 9010 port number).

So now I’m back to square one, I guess.

Changing ports is not that well tested. Maybe this bug is related? https://tracker.mender.io/browse/MEN-2174

It does look to be related. I cloned the mender-api-gateway-docker repo, made the author’s recommended changes to the nginx.conf, and ran the Makefile. I’m not entirely sure how to use the image which that Makefile created with the mender-server, though.

I seem to have gotten it working. I changed the docker_compose file to point to the tag of the version I created from the repo with the modified nginx.conf, and the final step was to change ALLOWED_HOSTS so that it includes both the host name and the port.