RCE deployment issues
235 views
Skip to first unread message
nagaedadm
Jun 22, 2022, 9:59:19 AM6/22/22
to Canvas LMS Users
Hi,
I have tried several options to host the Rich Content Editor on our AWS setup.
We are hosting an active site with the RCE but upgrading our staging site to a newer release tag is proving to be a real pain when getting the RCE working.
Initially, I had the RCE server (nginx reverse proxy + pm2 running the RCE API)
running behind an Application Load Balancer (ALB) where SSL termination took place before handing traffic to the nginx server (also hosting RCE). The reverse proxy appears to correctly receive traffic and hand it to RCE because the test page returns "Hello, from RCE Service".
Unfortunately this has made no difference to the Rich Content Editor on our site as uploading a test image to S3 times out.
We host our content on an S3 bucket and our current site works with the RCE implementation to upload images, docs etc... so I am not sure if this is an issue with the S3 bucket permissions or the RCE or the nginx reverse proxy config.
For a change, I stood up a standalone RCE server not behind the load balancer and running nginx with pm2 running the RCE node app.
Unfortunately this does not work with RCE in the LMS.
my s3 bucket is wide open (i know not advisable) but for the purpose of this diagnosis I am leaving it that way.
Does anyone have any advice? is there some special directive to allow for S3 in nginx?
nginx reverseproxy.conf
server {
listen 80;
server_name myserver;
rewrite ^ https://$host$request_uri permanent;
}
server {
listen 443 ssl;
server_name myserver;
ssl_certificate /etc/letsencrypt/live/myserver.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/myserver.com/privkey.pem;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
location / {
proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:3000;
proxy_read_timeout 90;
}
}
listen 80;
server_name myserver;
rewrite ^ https://$host$request_uri permanent;
}
server {
listen 443 ssl;
server_name myserver;
ssl_certificate /etc/letsencrypt/live/myserver.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/myserver.com/privkey.pem;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
location / {
proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:3000;
proxy_read_timeout 90;
}
}
nagaedadm
Jun 25, 2022, 8:29:34 AM6/25/22
to Canvas LMS Users
I've sorted this out - we are running the RCE on the same server as the LMS behind Apache proxypass.
Chris D.
Jun 25, 2022, 11:20:39 AM6/25/22
to Canvas LMS Users
Great! For me, I use Nginx instead of Apache.
Reply all
Reply to author
Forward
0 new messages