Regarding GatewayST Setup

mitexleo · February 25, 2023, 10:45am

Is there anything else I should look at ?

mitexleo · February 25, 2023, 10:49am

It works only if I run as root. Im actually runnning gateway as root on my previous server too ! But i dont see any error message like this one.

Alexey · February 26, 2023, 3:43am

I think the reason is not applying variables during cronjob executing.
You can fix it this way: linux - Where can I set environment variables that crontab will use? - Stack Overflow, or provide the path to the config.yaml with option --config-dir, i.e.

gateway run --config-dir=/home/USER/.local/share/storj/gateway

please note - you need to provide an absolute path, not relative.

mitexleo · March 3, 2023, 3:02am

Okay … Just done setting up on my new server. But everything seems same !

I forgot to mention one thing.

If Run gateway run everything looks perfect.
But the problem only occurs when I run it as a systemd service. This is weird …

``
[Unit]

Description=Gateway ST

After=syslog.target

[Service]

ExecStart=/usr/local/bin/gateway run --access Aj… --website

Restart=on-failure

#User=root

[Install]

WantedBy=multi-user.target

``

I’m using same config for another server. Which is working fine.

mitexleo · March 3, 2023, 3:05am

By the way, I did setup Gateway on that server as root.

mitexleo · March 3, 2023, 3:16am

If I obtain the credentials by running gateway run … then use those leaving the systemd service as is. Will it work ?

Alexey · March 3, 2023, 4:31am

This way it doesn’t work, you can skip the --access option and provide the path to the config.yaml instead with the option --config-dir, the path must be an absolute, and the user running this service should have an access to this path and config.yaml in particular.

mitexleo · March 3, 2023, 8:46am

Tried and got this …

Error: gateway configuration: failed parsing access config: uplink: invalid access grant format

Alexey · March 3, 2023, 8:55am

Seems you placed an API Key instead of access grant, or did not specify it at all in the provided config.yaml (or maybe your user cannot access it or path is wrong).
If you want to generate an access grant locally, not in web UI, you may to do so, but need to run gateway setup first and follow the CLI wizard. For the root user you need to run it with sudo, i.e. sudo gateway setup

mitexleo · March 3, 2023, 9:21am

If wanna run the setup again. How can I remove the config ? Is it enough to remove the config.yaml ?

mitexleo · March 3, 2023, 8:18pm

I’ve generated a new access grant from Sattelite and used that to setup again … But its same… I dunno How I should try ! I even tried to setup with GatewayMT. That is also not working.

Alexey · March 4, 2023, 1:27am

Could you please show your current run command?
And does it work, if you run it manually?

Also just commenting out of User clause does not change anything - it will try to execute as root. If you want to use a specific user, you must provide it and its group, see example: How to run systemd service as specific user and group in Linux | GoLinuxCloud

mitexleo · March 4, 2023, 1:55am

Thanks for the article…
Everything is working fine now…

Here’s my systemd service file in case anyone need:

[Unit]
Description=Gateway ST
After=network.target
[Service]
User=ubuntu
Group=ubuntu
ExecStart=/usr/local/bin/gateway run --access 1jAfVgQBb5.... --website
Restart=on-failure
#User=root
[Install]
WantedBy=multi-user.target

Alexey · March 4, 2023, 2:34am

By the way, you still uses an --access option instead of --config-dir, the current version of GatewayST ignores it with the run command, and uses their default config instead.
But if this service is working even when you did not specify a path to the config file, probably it applying variables and know the default path. In this case your run command can look like

ExecStart=/usr/local/bin/gateway run --website

mitexleo · March 4, 2023, 2:48am

Ah, Sorry ! Forgot about that. Now, its fine.

Could you please tell me if my Caddy config is okay ?
I’m getting Error 400 Malformed host header error.

reverse_proxy /nixone/* 127.0.0.1:7777 {
  header_up X-Real-IP {remote}
  header_up X-Forwarded-For {remote}
  header_up X-Forwarded-Proto {scheme}
  header_up Host {http.host}
}

mitexleo · March 4, 2023, 2:49am

Here’s full config;

cdn.nixorigin.one {
  reverse_proxy /nixone/* 127.0.0.1:7777 {
    header_up X-Real-IP {remote}
    header_up X-Forwarded-For {remote}
    header_up X-Forwarded-Proto {scheme}
    header_up Host {http.host}
  }
}

Alexey · March 4, 2023, 3:23am

I have no experience with this reverse proxy, sorry.

However, since GatewayST doesn’t support TLS, it can handle only HTTP requests, not HTTPS.
To land an HTTPS traffic, your reverse proxy must listen an https traffic with a valid certificate, but you should not pass Proto to the GatewayST, it should remain HTTP.

mitexleo · March 4, 2023, 3:24am

Okay … Won’t pass proto. Lets see how it goes !

mitexleo · March 4, 2023, 3:29am

What does this mean ?

mitexleo · March 4, 2023, 3:30am

Sorry, that file actually doesn’t exist !

Everything is fine now …

Thanks for your help , Alexy !