Issues with new installation on Ubuntu, 503 Service Unavailable

Question

User1148966005 posted

I have a stock, nearly unmodified Visual Studio template ASP.NET Core application I am struggling to run on Ubuntu 18.04. I've followed this guide: https://docs.microsoft.com/en-gb/aspnet/core/host-and-deploy/linux-apache?view=aspnetcore-3.1.

After a while of hitting and missing I managed to make ASP.NET service run. However when I visit my page I'm seeing a 503 Service Unavailable error.

My Apache config:

<IfModule mod_ssl.c>
<VirtualHost *:80>
        ServerName example.com
        Redirect / https://example.com
        Redirect /panel https://example.com/panel
        Redirect /privacy https://example.com/privacy
</VirtualHost>

<VirtualHost *:443>
        ServerName example.com
        DocumentRoot /var/www/
        ServerAdmin admin@example.com

        RewriteEngine On
        ErrorLog "/var/log/apache2/rewrite"
        LogLevel alert rewrite:trace6

        # ASP.NET application
        # launchSettings.json is configured to listen on this port
        ProxyPass /panel https://localhost:33138/
        ProxyPassReverse /panel https://localhost:33138/

        ProxyPass /api/socket ws://localhost:44909/api/socket
        ProxyPassReverse /api/socket ws://localhost:44909/api/socket

        ProxyPass /pgadmin4 !
        ProxyPass /privacy !
        ProxyPass /contact !
        ProxyPass /panel !

        ProxyPass / http://localhost:44909/
        ProxyPassReverse / http://localhost:44909/

        SSLEngine on
        SSLOptions +StrictRequire
        SSLProtocol TLSv1
        ServerAlias example.com
        SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

This is the result of systemctl status tpanel (my ASP daemon):

● tpanel.service - a .NET Core 3.1 server
   Loaded: loaded (/etc/systemd/system/tpanel.service; disabled; vendor preset: enabled)
   Active: active (running) since Fri 2019-12-13 10:16:21 CET; 4h 1min ago
 Main PID: 2765 (dotnet)
    Tasks: 16 (limit: 4915)
   CGroup: /system.slice/tpanel.service
           └─2765 /usr/bin/dotnet /var/www/TPanel/publish/TPanel.dll

Dec 13 10:16:22 vps-example dotnet[2765]: info: Microsoft.Hosting.Lifetime[0]
Dec 13 10:16:22 vps-example dotnet[2765]:       Now listening on: http://localhost:5000
Dec 13 10:16:22 vps-example dotnet[2765]: info: Microsoft.Hosting.Lifetime[0]
Dec 13 10:16:22 vps-example dotnet[2765]:       Now listening on: https://localhost:5001
Dec 13 10:16:22 vps-example dotnet[2765]: info: Microsoft.Hosting.Lifetime[0]
Dec 13 10:16:22 vps-example dotnet[2765]:       Application started. Press Ctrl+C to shut down.
Dec 13 10:16:22 vps-example dotnet[2765]: info: Microsoft.Hosting.Lifetime[0]
Dec 13 10:16:22 vps-example dotnet[2765]:       Hosting environment: Production
Dec 13 10:16:22 vps-example dotnet[2765]: info: Microsoft.Hosting.Lifetime[0]
Dec 13 10:16:22 vps-example dotnet[2765]:       Content root path: /var/www/TPanel/publish

launchSettings.json:

{
  "iisSettings": {
    "windowsAuthentication": false, 
    "anonymousAuthentication": true, 
    "iisExpress": {
      "applicationUrl": "http://localhost:50015",
      "sslPort": 44313
    }
  },
  "profiles": {
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "TPanel": {
      "commandName": "TPanel",
      "launchBrowser": true,
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      },
      "applicationUrl": "http://localhost:33138"
    }
  }
}

But like I said, when I go to example.com/panel I see 503 error. Other parts of my website work well.

Other info:

• I have another unrelated application running that made use of 5001 port, I replaced it with something else though so it shouldn't be a problem
• It doesn't seem to matter whether I set the port of my application to 33138 or 5001, both on apache and application, it doesn't change anything

</div> </div>

Answer 1

User-474980206 posted

Apache is just reverse proving to the running asp.net application. Apache does not start the asp.net core application. Typically you’d run it as a daemon. The launch setting are only used by visual studio to start the .net application.

how are you starting the asp.net core application, and configuring the ports it listens on?

Answer 2

User-704723795 posted

Here's something to try, no promises if it will work. 

run this at a command prompt:

setsebool -P httpd_can_network_connect 1

SELinux settings sometimes prevent making network connections. It's doing it's job, but can be annoying because the first time I discovered it I was chasing all of the obvious things in my application, Nginx, firewall etc. 

Let me know if it works! 

Answer 3

User1148966005 posted

I don't have SELinux, so I suppose this isn't the culprit. I'm not a Linux expert though, but I'd prefer not to install new packages if I don't need them (yet?).

Answer 4

User1148966005 posted

I just realized that I'm supposed to change settings using appsettings.json, for example. So this is what I currently have in appsettings.json:

{
  "AllowedHosts": "*",
  "ConnectionStrings": {
    "DefaultConnection": "[redacted]"
  },
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },
  "urls": "https://localhost:33138/"
}

So it now runs on 33138 port, to which Apache is supposed to direct to if I go to https://localhost:33138. Now the problem is that I get a "500 Internal Server Error".

Answer 5

User-704723795 posted

It isn't just for SELinux, that's what hung me up also. Some hosts install it on Ubuntu as well. Most of the time Ubuntu uses Apparmor, but sometimes I've seen the SELinux module installed. 

If Apparmor is blocking it, you should see that in /var/log/syslog. 

Answer 6

User-474980206 posted

on the linux server you should be able to access 

https://localhost:33138/

directly using curl or browser if one is installed. you also need to add logging so you can debug these errors. 

Answer 7

User1148966005 posted

I tried using lynx to localhost:33138 and it loads website content correctly, it only responds with 500 error if I lynx http://localhost/panel. Outside of the server if I connect directly to the port, my connection is refused. Could it be that Kestrel doesn't allow remote connections for some reason?
As for logging, I fail to understand how to enable logging. I configured my daemon for Development environment, but /logs is empty.

Unfortunately, SELinux settings are not what causes this. This command replied that SELinux is disabled, and so didn't do anything.

Answer 8

User1148966005 posted

Okay, I'm stupid. I realized that I made Kestrel only listen on localhost. Replacing localhost with * fixed it.

Now I just need to configure HTTPS, but I think I'll manage from here.