Unable to deploy production server while following admin guide

chris0320

I'm trying to deploy CryptPad on a virtual host. I'm following the admin guide from https://docs.cryptpad.org/en/admin_guide/installation.html but am struggling to setup Nginx.

I've setup a separate user and group for cryptpad, but I suspect I am using the wrong webroot on the acme.sh command line. Every time I try to issue the SSL certs, I get an error about the connection being refused. The admin guide doesn't seem to specify what webroot setting I should be using. I don't think that it's a firewall issue since I can reach the default Nginx page through visiting the site's IP address.

Can anyone offer any suggestions for how to proceed? Thank you in advance!

David

Hello @chris0320 maybe our tutorial on TLS certificates will help you set things up correctly. Could you try to follow it and let us know if it helps?

chris0320

I was able to setup the TLS certs by following the tutorial provided, but now I am getting a 403 Forbidden webpage when I try to visit my CryptPad instance. From the command line, the files under /home/cryptpad/cryptpad seem to be publicly readable, so I'm not sure what is causing the error...

When I look at the /var/log/nginx/error.log file I see recent entries that start out like this:

2025/01/10 11:56:38 [error] 96876#96876: *21 open() "/home/cryptpad/cryptpad/customize.dist//.git/config" failed (13: Permission denied)

2025/01/10 11:56:38 [crit] 96876#96876: *21 stat() "/home/cryptpad/cryptpad/customize//.git/config" failed (13: Permission denied)

2025/01/10 11:50:30 [error] 96876#96876: *7 "/home/cryptpad/cryptpad/customize.dist//index.html" is forbidden (13: Permission denied)

There are many other similar lines in the error.log file.

Any ideas for how I can proceed?

chris0320

I found a solution to my problem while browsing Nginx issues on Stack Overflow. I added:

user cryptpad;

to my /etc/nginx/nginx.conf file. Since this virtual machine will be used only for CryptPad, this seems to be a workable solution.

Many thanks, @David, for your help with my earlier problem!

AlexQ

Hello @chris0320 , thanks for the feedback / solution and a late welcoem to the forum.

If you need no further help in this thread then please "close" it by marking one of the posts as the solution, so I would say either your last posting or the one David.
If possible please post the part of your nginx-conf (maybe not 1 line, but with some additanal context lines of the conf) where you added "user cryptpad;" so that others can learn from your solution and so that others can comment your solution, if it is missing something.

Thanks and success