locked
Issues with new installation on Ubuntu, 503 Service Unavailable RRS feed

  • Question

  • User1148966005 posted

    I have a stock, nearly unmodified Visual Studio template ASP.NET Core application I am struggling to run on Ubuntu 18.04. I've followed this guide: https://docs.microsoft.com/en-gb/aspnet/core/host-and-deploy/linux-apache?view=aspnetcore-3.1.

    After a while of hitting and missing I managed to make ASP.NET service run. However when I visit my page I'm seeing a 503 Service Unavailable error.

    My Apache config:

    <IfModule mod_ssl.c>
    <VirtualHost *:80>
            ServerName example.com
            Redirect / https://example.com
            Redirect /panel https://example.com/panel
            Redirect /privacy https://example.com/privacy
    </VirtualHost>
    
    <VirtualHost *:443>
            ServerName example.com
            DocumentRoot /var/www/
            ServerAdmin admin@example.com
    
            RewriteEngine On
            ErrorLog "/var/log/apache2/rewrite"
            LogLevel alert rewrite:trace6
    
            # ASP.NET application
            # launchSettings.json is configured to listen on this port
            ProxyPass /panel https://localhost:33138/
            ProxyPassReverse /panel https://localhost:33138/
    
            ProxyPass /api/socket ws://localhost:44909/api/socket
            ProxyPassReverse /api/socket ws://localhost:44909/api/socket
    
            ProxyPass /pgadmin4 !
            ProxyPass /privacy !
            ProxyPass /contact !
            ProxyPass /panel !
    
            ProxyPass / http://localhost:44909/
            ProxyPassReverse / http://localhost:44909/
    
            SSLEngine on
            SSLOptions +StrictRequire
            SSLProtocol TLSv1
            ServerAlias example.com
            SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
            SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
            Include /etc/letsencrypt/options-ssl-apache.conf
    </VirtualHost>
    </IfModule>
    

    This is the result of systemctl status tpanel (my ASP daemon):

    ● tpanel.service - a .NET Core 3.1 server
       Loaded: loaded (/etc/systemd/system/tpanel.service; disabled; vendor preset: enabled)
       Active: active (running) since Fri 2019-12-13 10:16:21 CET; 4h 1min ago
     Main PID: 2765 (dotnet)
        Tasks: 16 (limit: 4915)
       CGroup: /system.slice/tpanel.service
               └─2765 /usr/bin/dotnet /var/www/TPanel/publish/TPanel.dll
    
    Dec 13 10:16:22 vps-example dotnet[2765]: info: Microsoft.Hosting.Lifetime[0]
    Dec 13 10:16:22 vps-example dotnet[2765]:       Now listening on: http://localhost:5000
    Dec 13 10:16:22 vps-example dotnet[2765]: info: Microsoft.Hosting.Lifetime[0]
    Dec 13 10:16:22 vps-example dotnet[2765]:       Now listening on: https://localhost:5001
    Dec 13 10:16:22 vps-example dotnet[2765]: info: Microsoft.Hosting.Lifetime[0]
    Dec 13 10:16:22 vps-example dotnet[2765]:       Application started. Press Ctrl+C to shut down.
    Dec 13 10:16:22 vps-example dotnet[2765]: info: Microsoft.Hosting.Lifetime[0]
    Dec 13 10:16:22 vps-example dotnet[2765]:       Hosting environment: Production
    Dec 13 10:16:22 vps-example dotnet[2765]: info: Microsoft.Hosting.Lifetime[0]
    Dec 13 10:16:22 vps-example dotnet[2765]:       Content root path: /var/www/TPanel/publish
    

    launchSettings.json:

    {
      "iisSettings": {
        "windowsAuthentication": false, 
        "anonymousAuthentication": true, 
        "iisExpress": {
          "applicationUrl": "http://localhost:50015",
          "sslPort": 44313
        }
      },
      "profiles": {
        "IIS Express": {
          "commandName": "IISExpress",
          "launchBrowser": true,
          "environmentVariables": {
            "ASPNETCORE_ENVIRONMENT": "Development"
          }
        },
        "TPanel": {
          "commandName": "TPanel",
          "launchBrowser": true,
          "environmentVariables": {
            "ASPNETCORE_ENVIRONMENT": "Development"
          },
          "applicationUrl": "http://localhost:33138"
        }
      }
    }
    

    But like I said, when I go to example.com/panel I see 503 error. Other parts of my website work well.

    Other info:

    • I have another unrelated application running that made use of 5001 port, I replaced it with something else though so it shouldn't be a problem
    • It doesn't seem to matter whether I set the port of my application to 33138 or 5001, both on apache and application, it doesn't change anything

    </div> </div>

    Friday, December 13, 2019 1:44 PM

Answers

  • User1148966005 posted

    Okay, I'm stupid. I realized that I made Kestrel only listen on localhost. Replacing localhost with * fixed it.

    Now I just need to configure HTTPS, but I think I'll manage from here.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, December 18, 2019 8:46 AM

All replies

  • User-474980206 posted

    Apache is just reverse proving to the running asp.net application. Apache does not start the asp.net core application. Typically you’d run it as a daemon. The launch setting are only used by visual studio to start the .net application.

    how are you starting the asp.net core application, and configuring the ports it listens on?

    Saturday, December 14, 2019 11:44 PM
  • User-704723795 posted

    Here's something to try, no promises if it will work. 

    run this at a command prompt:

    setsebool -P httpd_can_network_connect 1

    SELinux settings sometimes prevent making network connections. It's doing it's job, but can be annoying because the first time I discovered it I was chasing all of the obvious things in my application, Nginx, firewall etc. 

    Let me know if it works! 

    Sunday, December 15, 2019 10:36 PM
  • User1148966005 posted

    I don't have SELinux, so I suppose this isn't the culprit. I'm not a Linux expert though, but I'd prefer not to install new packages if I don't need them (yet?).

    Monday, December 16, 2019 11:41 AM
  • User1148966005 posted

    I just realized that I'm supposed to change settings using appsettings.json, for example. So this is what I currently have in appsettings.json:

    {
      "AllowedHosts": "*",
      "ConnectionStrings": {
        "DefaultConnection": "[redacted]"
      },
      "Logging": {
        "LogLevel": {
          "Default": "Information",
          "Microsoft": "Warning",
          "Microsoft.Hosting.Lifetime": "Information"
        }
      },
      "urls": "https://localhost:33138/"
    }

    So it now runs on 33138 port, to which Apache is supposed to direct to if I go to https://localhost:33138. Now the problem is that I get a "500 Internal Server Error".

    Monday, December 16, 2019 11:44 AM
  • User-704723795 posted

    It isn't just for SELinux, that's what hung me up also. Some hosts install it on Ubuntu as well. Most of the time Ubuntu uses Apparmor, but sometimes I've seen the SELinux module installed. 

    If Apparmor is blocking it, you should see that in /var/log/syslog. 


    Monday, December 16, 2019 4:31 PM
  • User-474980206 posted

    on the linux server you should be able to access 

    https://localhost:33138/

    directly using curl or browser if one is installed. you also need to add logging so you can debug these errors. 

    Monday, December 16, 2019 6:08 PM
  • User1148966005 posted

    I tried using lynx to localhost:33138 and it loads website content correctly, it only responds with 500 error if I lynx http://localhost/panel. Outside of the server if I connect directly to the port, my connection is refused. Could it be that Kestrel doesn't allow remote connections for some reason?
    As for logging, I fail to understand how to enable logging. I configured my daemon for Development environment, but /logs is empty.

    Unfortunately, SELinux settings are not what causes this. This command replied that SELinux is disabled, and so didn't do anything.

    Tuesday, December 17, 2019 9:18 AM
  • User1148966005 posted

    Okay, I'm stupid. I realized that I made Kestrel only listen on localhost. Replacing localhost with * fixed it.

    Now I just need to configure HTTPS, but I think I'll manage from here.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, December 18, 2019 8:46 AM