Issue changing default ports

arnoldas500 · November 29, 2022, 9:04pm

I am having issue changing the default port that open ondemand is running on. It runs without issue using the standard 80 and 443 but if I change “listen_addr_port: 8008” and or virtual host port “port: 8443” in /etc/ood/config/ood_portal.yml it doesn’t work.

Here are the main issues:
update /etc/ood/config/ood_portal.yml
sudo /opt/ood/ood-portal-generator/sbin/update_ood_portal --rpm
cd /etc/apache2/conf-enabled
rm ood-portal.conf
cp /etc/apache2/sites-available/ood-portal.conf ood-portal.conf
(have to do above steps becuase it doesnt automatically apply the settings to conf or sites enabled, not sure why)
sudo systemctl restart apache2

now can access under https://url:8443 → redirect to https://url:5554 for dex login, once logged in it redirects to https://url which doesn’t work and have to manually add in :8443 again. The other issue is when I run sudo netstat -tulpn | grep :443 and sudo netstat -tulpn | grep :80 it shows that they are still being used and if I kill what is running on those ports, ood on port 8443 no longer loads either, if I restart apache it starts using up port 80 and 443 again. I have also updated ports.conf under /etc/apache2 without luck.

I need ports 80 and 443 open for nginx ingress controller for k8s.

travert · November 29, 2022, 10:20pm

Hey sorry for the trouble. Would it be possible to post the unset ood_portal.yml settings currently to see how things are configured?

It’s strange you have to issue all those command though, it seems like something is not setup correctly if the portal generator command isn’t doing this for you.

arnoldas500 · November 29, 2022, 10:27pm

Yes I can post ood_portal.yml. This is the working one that is using ports 80 and 443 but with manually having to copy from /etc/apache2/sites-available/ood-portal.conf to /etc/apache2/conf-enabled after running sudo /opt/ood/ood-portal-generator/sbin/update_ood_portal --rpm

servername: xcitemain.asrc.albany.edu

ssl:
  - 'SSLCertificateFile "/etc/letsencrypt/live/xcitemain.asrc.albany.edu/fullchain.pem"'
  - 'SSLCertificateKeyFile "/etc/letsencrypt/live/xcitemain.asrc.albany.edu/privkey.pem"'
  - 'SSLCertificateChainFile "/etc/letsencrypt/live/xcitemain.asrc.albany.edu/chain.pem"'

rnode_uri: '/rnode'

dex:
  connectors:
    - type: ldap
      id: ldap
      name: LDAP
      config:
        host: 169.226.68.133:389
        insecureSkipVerify: true
        insecureNoSSL: true
        bindDN: cn=admin,dc=xcitedb,dc=asrc,dc=albany,dc=edu
        bindPW: ******
        userSearch:
          baseDN: ou=People,dc=xcitedb,dc=asrc,dc=albany,dc=edu
          filter: "(objectClass=posixAccount)"
          username: uid
          idAttr: uid
          emailAttr: mail
          nameAttr: gecos
          preferredUsernameAttr: uid
        groupSearch:
          baseDN: ou=Groups,dc=xcitedb,dc=asrc,dc=albany,dc=edu
          filter: "(objectClass=posixGroup)"
          userMatchers:
            - userAttr: DN
              groupAttr: member
          nameAttr: cn
  frontend:
    theme: ondemand
    dir: /usr/share/ondemand-dex/web

This is everything that is uncommented in the file unless I missed something.

jeff.ohrstrom · November 29, 2022, 10:39pm

You need to use these configurations.

port: 8443
listen_addr_port: 8443

You’ll also have to remove these Listen directives.

root@e5196870098d:/# grep -R Listen /etc/apache2/
/etc/apache2/ports.conf:Listen 80
/etc/apache2/ports.conf:        Listen 443
/etc/apache2/ports.conf:        Listen 443

There should be a symlink between /etc/apache2/sites-enabled/ood-portal.conf and /etc/apache2/sites-available/ood-portal.conf ood-portal.conf. Note it’s sites note conf, that’s not a typo, that’s a debian common practice for vhosts.

jeff.ohrstrom · November 29, 2022, 10:40pm

Well maybe there was a symlink when you installed. The copying may have overwritten it, but you should restore the symlink.

github.com

OSC/ondemand/blob/b71539a123ce6e6477f8e626dac820ba12b8e9f5/packaging/deb/rules#L59


      
          	rake package:version > $(DESTDIR)/opt/ood/VERSION
          	install -m 644 nginx_stage/share/nginx_stage_example.yml $(CONFIG_DIR)/nginx_stage.yml
          	install -m 640 ood-portal-generator/share/ood_portal_example.yml $(CONFIG_DIR)/ood_portal.yml
          	install -m 644 ood-portal-generator/share/maintenance.html $(APACHE_DIR)/public/maintenance/index.html
          	install -m 644 ood-portal-generator/share/need_auth.html $(APACHE_DIR)/public/need_auth.html
          	install -m 644 hooks/hook.env.example $(CONFIG_DIR)/hook.env
          	mkdir -p $(DESTDIR)/opt/ood/ondemand
          	install -m 644 packaging/files/enable.deb $(DESTDIR)/opt/ood/ondemand/enable
          
          	$(DESTDIR)/opt/ood/ood-portal-generator/sbin/update_ood_portal
          	cd $(APACHE_CONF_DIR)/sites-enabled && ln -sf ../sites-available/ood-portal.conf ./ood-portal.conf
          	sed -i 's|$(DESTDIR)||g' $(CONFIG_DIR)/ood_portal.sha256sum
          
          	mkdir -p $(DESTDIR)/var/tmp/ondemand-nginx
          	mkdir -p $(DESTDIR)/var/run/ondemand-nginx
          	mkdir -p $(DESTDIR)/var/lib/ondemand-nginx/config/puns
          	mkdir -p $(DESTDIR)/var/lib/ondemand-nginx/config/apps/sys
          	mkdir -p $(DESTDIR)/var/lib/ondemand-nginx/config/apps/usr
          	mkdir -p $(DESTDIR)/var/lib/ondemand-nginx/config/apps/dev
          
          override_dh_strip:

arnoldas500 · November 30, 2022, 2:43am

Thank you for the quick response. Did all of the above and almost everything is working. When restarting apache I get the following error:

systemctl status apache2.service
● apache2.service - The Apache HTTP Server
     Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
    Drop-In: /etc/systemd/system/apache2.service.d
             └─ood-portal.conf, ood.conf
     Active: failed (Result: exit-code) since Wed 2022-11-30 02:36:58 UTC; 59s ago
       Docs: https://httpd.apache.org/docs/2.4/
    Process: 2522601 ExecStartPre=/opt/ood/ood-portal-generator/sbin/update_ood_portal --rpm (code=exited, status=0/SUCCESS)
    Process: 2522611 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE)
      Tasks: 1 (limit: 154210)
     Memory: 216.0M
     CGroup: /system.slice/apache2.service
             └─2038902 /usr/sbin/apache2 -k start

Nov 30 02:36:58 xcitemain update_ood_portal[2522601]: No change in the Dex config.
Nov 30 02:36:58 xcitemain systemd[1]: apache2.service: Found left-over process 2038902 (apache2) in control group while starting unit. Ignoring.
Nov 30 02:36:58 xcitemain systemd[1]: This usually indicates unclean termination of a previous run, or service implementation deficiencies.
Nov 30 02:36:58 xcitemain apachectl[2522614]: AH00526: Syntax error on line 46 of /etc/apache2/sites-enabled/ood-portal.conf:
Nov 30 02:36:58 xcitemain apachectl[2522614]: Cannot define multiple Listeners on the same IP:port
Nov 30 02:36:58 xcitemain apachectl[2522611]: Action 'start' failed.
Nov 30 02:36:58 xcitemain apachectl[2522611]: The Apache error log may have more information.
Nov 30 02:36:58 xcitemain systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE
Nov 30 02:36:58 xcitemain systemd[1]: apache2.service: Failed with result 'exit-code'.
Nov 30 02:36:58 xcitemain systemd[1]: Failed to start The Apache HTTP Server.

I am able to fix this by commenting out line 46 :

#Listen 8443

and restarting apache. After this ood now runs on the 8443 port correctly but I assume I shouldn’t need to take this out manually?

arnoldas500 · November 30, 2022, 3:33am

after more digging it does not look like it is running correctly. It will open on https://url:8443 but netstat -tulpn | grep :80 and netstat -tulpn | grep :443 still show the ports being used. If I stop the processes using those ports, ood is shutdown as well.

jeff.ohrstrom · November 30, 2022, 2:16pm

Do you have this defined somewhere else in /etc/apache2?

arnoldas500 · November 30, 2022, 4:00pm

Something weird is going on. I switched to port 5443 for ood as a test, restart and run grep -R Listen /etc/apache2/ with results below:

grep -R Listen /etc/apache2/
/etc/apache2/sites-enabled/ood-portal.conf:# Listen should always be one of:
/etc/apache2/sites-enabled/ood-portal.conf:Listen 5443
/etc/apache2/sites-available/ood-portal.conf:# Listen should always be one of:
/etc/apache2/sites-available/ood-portal.conf:Listen 5443

but still showing that port 8443 is in use and if I kill what is running on port 8443 after switching for it to use 5443 it stops ood:

netstat -tulpn | grep :8443
tcp6       0      0 :::8443                 :::*                    LISTEN      16203/apache2

arnoldas500 · November 30, 2022, 4:14pm

Figured out the issue, cant have everything commented out in /etc/apache2/ports.conf. Need to switch the ports to listen to different ports so it wouldn’t automatically use the defaults (but still not sure where the defaults to use 8443 are set)

system · May 29, 2023, 4:14pm

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Changing Apache port Get Help ondemand2 , question	7	1104	May 26, 2022
Ubuntu installation stuck in default apache page Get Help ondemand2 , question	3	326	July 14, 2023
OOD 2.0.13 update_ood_portal and oidc configuration Get Help ondemand2 , question	8	861	May 26, 2022
Update_ood_portal Not working as expected in ODD 3 Get Help	7	230	February 11, 2024
Update_ood_portal script does not work Get Help	9	1075	May 26, 2022

Issue changing default ports

Related Topics