Ok I broke something on my saidit install. Pastebin shows section of admin config I was working on when I broke the UI :(

submitted by portcity from (pastebin.com)

sorted by:
top
newinsightfulfun
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (32 children)

Happy weekend!

Regarding the SSL cert permissions, can you show me the output of:

$ sudo ls -l /etc/letsencrypt/live/portcity.online/privkey.pem

This file is the one we need to chown and chmod (like here).

Regarding reddit configuration, yes, you only need development.update and it's all setup for you. And you can only run make ini from the right directory. See https://github.com/libertysoft3/saidit#updating-configuration

[–]portcity[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (31 children)

> sudo ls -l /etc/letsencrypt/live/portcity.online/privkey.pem

This is the output:

lrwxrwxrwx 1 root root 42 Jul 20 01:48 /etc/letsencrypt/live/portcity.online/privkey.pem -> ../../archive/portcity.online/privkey1.pem

And as for development.update ... when I nano it, I notice that it's far shorter in length than example.ini (even though I've run make ini after closing development.update). Is it ok if I just copy/paste the contents of example.ini into development.update?

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (30 children)

Try this:

$ sudo chown -h reddit:ssl-cert /etc/letsencrypt/live/portcity.online/privkey.pem
$ sudo chmod g+r /etc/letsencrypt/live/portcity.online/privkey.pem

Then test again with the ls -l.

it's far shorter in length than example.ini

This is an override system. example.ini and development.update are combined into development.ini which reddit actually looks at. so only edit development.update, and only copy in the things that you want to change. If you leave example.ini unmodified, then it is easy for new features and configurations to be introduced, it's in the git repo.

[–]portcity[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (29 children)

Ok those new chown/chmods worked. Thanks!

I just copied some stuff from example.ini into development.update, and after I saved and closed development.update, I ran make ini. This is what I got: reddit@redditclone:~$ make ini make: *** No rule to make target `ini'. Stop.

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (28 children)

What directory are you in when you run 'make ini'? You have to be in 'r2'.

[–]portcity[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Yeah that worked :)

[–]portcity[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (26 children)

Ok, a bit of progress: after copying the chat features from example.ini into development.update and futzing with them a bit, the chat box has changed from saying "reddit.local" to this mysterious link:

https://portcity.online:2053/?tls=true&lockchannel&autologin&user=VtFOG9xkX3JrlbYFog00RJnWW5HxmM&al-password=sAUfvG5XAgKOpR1xyzNFp9Mlk8KR1G&autoconnect&nick=portcity&username=portcity&realname=portcity&join=%23%255BDEV%255D%2520saidit

Does that mean anything to you? You could just look at it at https://portcity.online if that's easier.

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (25 children)

That's good, your reddit is trying to load TheLounge chat in an iframe in the sidebar. TheLounge needs its SSL cert configured then it will load properly.

[–]portcity[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (24 children)

This is what I have in theLounge config: key: "/etc/ssl/private/ssl-cert-snakeoil.key", certificate: "/etc/ssl/certs/ssl-cert-snakeoil.pem",

And those are the same as what I have in the Unrealircd config so I'm not sure what I need to change here?

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (23 children)

Both thelounge and unreal should have your real SSL cert configured. Snakeoil is the self signed Reddit default one. Just update the paths like you already did for nginx.

[–]portcity[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (22 children)

Ok, I changed both thelounge and unreal ssl certs ... now I'm getting permission denied again when I try to start unreal:

[warning] Failed to load SSL certificate /etc/letsencrypt/live/portcity.online/fullchain.pem error:0200100D:system library:fopen:Permission denied

I ran the chown and chmod you gave me earlier today multiple times on that certificate above and it didn't work. Could it have something to do with the fact that now i'm in user: chatuser (instead of user: reddit)?

Here is ls -l output:

chatuser@redditclone:~/unrealircd$ sudo ls -l /etc/letsencrypt/live/portcity.online/fullchain.pem lrwxrwxrwx 1 reddit ssl-cert 44 Jul 20 01:48 /etc/letsencrypt/live/portcity.online/fullchain.pem -> ../../archive/portcity.online/fullchain1.pem