Blank page after login page refresh

[grzegorz.o...@gmail.com]

Hi,

I have a taiga installation on one of my servers: Ubuntu+nginx+ssl(self_signed_cert). The issue I'm having is that I can access the page and log into taiga only from the workstation I used to set taiga up (and only from the same user account).

All other boxes on my LAN (all ubuntu), can access and display the login page only once. After supplying user/pass nothing happens and If I reload the page it becomes all blank (after rm -rf .firefox I can display the login page again).
I'm having this issue with latest Firefox and Chrome as well.

I'm tempted to blame my SSL setup (one of the other boxes worked on the first day I set taiga up - it broke some time later).

Any ideas what's wrong? Any magical about:config params I need to be using?

Thanks
Greg

[Alejandro Alonso]

Hello Greg,

It sounds like your front (taiga-front) is trying to connect to localhost, so it works when you are in the same box but doesn't from the others. Could you check yor taiga-front/conf/main.json and your browser console to check where is making the requests?

Regards,

--

Alejandro Alonso Fernández   CIO & Co-founder alejandr...@kaleidos.net  | Tel: (+34) 627263808 | (+34) 913562995 www.kaleidos.net/FC8EAC/

[grzegorz.o...@gmail.com]

Hi Alejandro,

Thanks for a quick reply.
Let me clarify my initial post a little.

I can only access the site that is set up on a server, but only from one workstation and only one user account of that system, not the server itself. It's the workstation from where I was setting up taiga remotely. My more recent discovery is that if I copy my firefox profile or whole ~/.mozilla directory to another user's home directory, I can then access taiga from that user account, so my guess is: I have something strange in my firefox settings or maybe some *.js file in cache that is not being downloaded anymore when using other workstations/user accounts, and the only reason I have it working on my first workstation is because I was using it to test taiga after each step of deployment (especially before setting up SSL).

Regards
Greg

[Jesús Espino]

Hi Greg,

Maybe the problem in the self-signed SSL certificate. You can use any
certificate, but your browser must trust this certificate to allow
AJAX requests to the API, then, probably your problem is related to
unaccepted certificate from taiga-back or taiga-front in your other
clients.

You have to be able to access your taiga-back instance using ssl and
the certificate must be accepted (Firefox normally allow you to accept
it permanently, but i chrome is more dificult to add it to the
accepted certificates).

Another check you can do is configure it for not use ssl, and try, if
works, the problem is in the SSL.

Regards.

> --
> You received this message because you are subscribed to the Google Groups
> "taigaio" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to taigaio+u...@googlegroups.com.
> To post to this group, send email to tai...@googlegroups.com.
> To view this discussion on the web, visit
> https://groups.google.com/d/msgid/taigaio/376347fb-7f6b-4541-892f-6e388cda8faf%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.

[grzegorz.o...@gmail.com]

I removed the self-signed certificate and created my own CA. Imported it's cert to my Firefox local storage so it does not complain about my taiga host certificate. I'm still having the issue.
When I disable SSL it works flawlessly.

Is there a document describing how to enable ssl after you have production deployment running according to setup-production.adoc?

My ssl-enabling modifications below:

taiga-front main.json:
"api": "https://taiga.mydomain/api/v1/"

taiga-back settings/local.py
MEDIA_URL = "https://taiga.mydomain/media/"
STATIC_URL = "https://taiga.mydomain/static/"
ADMIN_MEDIA_PREFIX = "https://taiga.mydomain/static/admin/"
SITES["front"]["domain"] = "taiga.mydomain"

nginx-taiga.config:
ssl    on;
ssl_certificate    /etc/nginx/ssl/taiga_bundle.crt;
ssl_certificate_key /etc/nginx/ssl/taiga.key;

ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers         HIGH:!aNULL:!MD5;


Regards
Greg

[Jesús Espino]

Your SSL configuration looks right. This is how SSL is configured with
Taiga. We haven't specific documentation for SSL configuration,
because it's out of the scope of Taiga, it must works as any other web
application, hasn't a special setup (anyway I think we can put a
warning in the setup guide about the self-signed certificated and AJAX
requests).

Can you open your javascript console, try to login, and copy&paste
error or warnings here?

Anyway a going to try to configure locally SSL with my own CA and with
a self-signed certificate.

Regards

> --
> You received this message because you are subscribed to the Google Groups
> "taigaio" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to taigaio+u...@googlegroups.com.
> To post to this group, send email to tai...@googlegroups.com.
> To view this discussion on the web, visit

> https://groups.google.com/d/msgid/taigaio/54516067-4542-4ac7-8006-338edc36477d%40googlegroups.com.

[Jesús Espino]

Hi Greg,

I have tried it on the vagrant installation, It's working for me, but
after 1 important change, i have added the "eventsUrl" configuration
to the taiga-front/conf/main.json with the value
"wss://localhost:8888/events" (wss means websockets with ssl)

This is a bug, the websockets service always must be optional, in
fact, a not existing web socket service don't break the app, but an
existing websocket service without ssl in a ssl configured
taiga-front, break the taiga-front app. I will add it as a bug and
will be resolved in the next realease.

Can you confirm if after changing the taiga-front/conf/main.json and
running gulp deploy works?

Thanks for your patience.

Regards

[grzegorz.o...@gmail.com]

Yes, that was it, thanks :)

Additional 's' in 'ws' did the trick. Although I don't think I have websockets service running - there was only a 'TODO' in Events installation section of setup-production.adoc so I skipped it. How can I set that up?

[Jesús Espino]

The taiga-events service is completely optional, is for
"pseudo-realtime updates", depending on which section you are, the app
is suscribed to certain events through web sockets, and when one of
this events come, the app refresh the data.

Well, It isn't documented yet, have a little bit of work, may work
with postgres pub/sub, or with rabbitmq (this option is our option in
producción environment). The example configuration use postgres and
may be enough for the most of the cases.

You can clone the repository, create a virtualenv for it (or reuse the
taiga-back virtualenv), install the requierements.txt, copy
example.conf.py to config.py, change at least the secret_key to the
same of your taiga-back settings SECRET_KEY and run python run.py -f
config.py. Then you can put the websocket service behind the nginx
proxy (with some special configuration for websockets).

To verify everything is working you can open 2 kanban of the same
project at the same time and change something in one, and view how is
updated in the other one. This works in kanban, backlog, taskboard and
issues, probably in the future be present in other parts of the app.

Regards.

> --
> You received this message because you are subscribed to the Google Groups
> "taigaio" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to taigaio+u...@googlegroups.com.
> To post to this group, send email to tai...@googlegroups.com.
> To view this discussion on the web, visit

> https://groups.google.com/d/msgid/taigaio/3cc6b5ff-72ec-4602-8535-f1bb0e92e1c5%40googlegroups.com.