Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Waiting for zitadel to be ready loop, with quickstart script #2834

Open
luc-caspar opened this issue Nov 2, 2024 · 3 comments
Open

Waiting for zitadel to be ready loop, with quickstart script #2834

luc-caspar opened this issue Nov 2, 2024 · 3 comments
Labels
self-hosting

Comments

@luc-caspar
Copy link

Describe the problem

Created a new AWS instance with Ubuntu 24.04.1, 1 CPU and 2Go of memory to test the latest version of Netbird.
After installing curl, jq, and docker, I downloaded the getting-started-with-zitadel.sh script.
When running said script, it get stuck in a loop waiting for zitadel to be ready, with the following message:

Waiting for Zitadel to become ready  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Host ec2-15-152-0-84.ap-northeast-3.compute.amazonaws.com:443 was resolved.
* IPv6: (none)
* IPv4: 172.31.32.216
*   Trying 172.31.32.216:443...
* Connected to ec2-15-152-0-84.ap-northeast-3.compute.amazonaws.com (172.31.32.216) port 443
* ALPN: curl offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
{ [5 bytes data]
* TLSv1.3 (IN), TLS alert, internal error (592):
{ [2 bytes data]
* OpenSSL/3.0.13: error:0A000438:SSL routines::tlsv1 alert internal error
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
* Closing connection
curl: (35) OpenSSL/3.0.13: error:0A000438:SSL routines::tlsv1 alert internal error

Unable to connect to Zitadel for more than 45s, please check the output above, your firewall rules and the caddy container logs to confirm if there are any issues provisioning TLS certificates

To Reproduce

Go through the self-hosting quickstart guide using ubuntu 22.04 on an AWS instance.

Expected behavior

Access to the management console and all of Netbird's features.

Are you using NetBird Cloud?

No, self-hosted.

NetBird version

latest (0.31.0 at the time of writing).

Screenshots

image

Additional context

I have already tried the solution provided in issue #1709 to no avail.
If relevant, here are the caddy.log
@mlsmaycon
Copy link
Collaborator

The error message suggests checking the firewall, can you confirm that you've followed the requirements section of the guide and checked the Caddy container logs?

Unable to connect to Zitadel for more than 45s, please check the output above, your firewall 
rules and the caddy container logs to confirm if there are any issues provisioning TLS certificates

@luc-caspar
Copy link
Author

@mlsmaycon Thank you for your answer.
On the machine itself, no firewall is running. Instead, I am relying on AWS security group to punch holes where necessary. This is the list of currently open ports:
image
As for the caddy logs, they are the same as the ones I provided in the original post.

@yblis
Copy link

yblis commented Nov 9, 2024

Hello, I have the same problem on a new VPN, even with the firewall disabled.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
self-hosting
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mgarces @mlsmaycon @yblis @luc-caspar