Failing to connect Commento with PostgreSQL

Hello, I’m trying to connect Commento to PostgreSQL. Hopefully someone who’s reading this is familiar with what Commento is, but if not I’ll briefly explain. I’ve been transferring a blog over onto Hugo, which took a bit of learning, but is well worth the effort. I now have my own personal theme, which is nice. The only downside is that because it’s a static site generator there’s no straightforward way to integrate blog comments. Commento is one of the apps that gets you there. There is the option of connecting your site to Commento’s online database, but honestly I can’t afford to be paying a monthly fee for that as long as it’s only a small-scale enterprise, and so I’m trying to install Commento myself (and anyway I like working things out by myself).

The idea is that you create a database with PostgreSQL (which I haven’t used before, but I have used MySQL, so there’s no mystery), and then you install Commento, which is supposed to interact between the db and the website. The online instructions for installing Commento don’t say anything in particular about any required settings for the db, so I just created something completely blank:

CREATE DATABASE "commento";
CREATE USER commento-user WITH PASSWORD 'blablablapassword';
GRANT ALL PRIVILEGES ON DATABASE "commento" TO commento-user;

Then I’ve added a reverse proxy redirect from NGinX to the Commento instance, using this block of code:

location /commento {
   proxy_pass http://localhost:34567; 
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto $scheme;
}

(Insert any port there - just picking random ports for security reasons)

OK, and then I tried to follow these instructions, using Docker Compose to install the application. Before starting the installation, I configured the docker-compose.yml file. This is where I’m really not sure that I’ve got it right (I can’t see what would be wrong with the previous two settings):

version: '3'
services:
  server:
    image: registry.gitlab.com/commento/commento:latest
    ports:
      - 34567:8080
    environment:
      COMMENTO_ORIGIN: https://hugoblogtest.local/commento
      COMMENTO_PORT: 8080
      COMMENTO_POSTGRES: postgres://commento-user:blablablapassword@db:5432/commento?sslmode=disable
    depends_on:
      - db
  db:
    image: postgres
    environment:
      POSTGRES_DB: commento
      POSTGRES_USER: commento-user
      POSTGRES_PASSWORD: blablablapassword
    volumes:
      - ./docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
volumes:
  postgres_data_volume:

OK, and then when I run the docker-compose command:

sudo docker-compose -f docker-compose.yml up

…this happens .

sudo docker-compose -f docker-compose.yml up                                                                                                       !10187
Starting commento_db_1 ... done
Starting commento_server_1 ... done
Attaching to commento_db_1, commento_server_1
db_1      |
db_1      | PostgreSQL Database directory appears to contain a database; Skipping initialization
db_1      |
db_1      | 2024-10-01 21:39:02.998 UTC [1] LOG:  starting PostgreSQL 17.0 (Debian 17.0-1.pgdg120+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit
db_1      | 2024-10-01 21:39:02.998 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
db_1      | 2024-10-01 21:39:02.998 UTC [1] LOG:  listening on IPv6 address "::", port 5432
db_1      | 2024-10-01 21:39:03.004 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
db_1      | 2024-10-01 21:39:03.018 UTC [28] LOG:  database system was shut down at 2024-10-01 21:31:49 UTC
db_1      | 2024-10-01 21:39:03.033 UTC [1] LOG:  database system is ready to accept connections
server_1  | 2024/10/01 21:39:03 [INFO] version.go:13 versionPrint(): starting Commento
server_1  | 2024/10/01 21:39:03 [INFO] database_connect.go:20 dbConnect(): opening connection to postgres: postgres://commento-user:redacted@db:5432/commento?sslmode=disable
server_1  | 2024/10/01 21:39:03 [ERROR] database_connect.go:31 dbConnect(): cannot talk to postgres, retrying in 10 seconds (4 attempts left): pq: unknown authentication response: 10
server_1  | 2024/10/01 21:39:13 [INFO] database_connect.go:20 dbConnect(): opening connection to postgres: postgres://commento-user:redacted@db:5432/commento?sslmode=disable
server_1  | 2024/10/01 21:39:13 [ERROR] database_connect.go:31 dbConnect(): cannot talk to postgres, retrying in 10 seconds (3 attempts left): pq: unknown authentication response: 10
server_1  | 2024/10/01 21:39:23 [INFO] database_connect.go:20 dbConnect(): opening connection to postgres: postgres://commento-user:redacted@db:5432/commento?sslmode=disable
server_1  | 2024/10/01 21:39:23 [ERROR] database_connect.go:31 dbConnect(): cannot talk to postgres, retrying in 10 seconds (2 attempts left): pq: unknown authentication response: 10

Clearly failing every time. I spent a whole evening going crazy with it, going round and round in circles asking ChatGPT what was going on, but in my experience going round and round in circles with AI is worse than going round in circles by yourself! And so here I am now.

Any ideas here? I also tried deleting the database, and changing the user to the postgres superuser, with the notion that maybe Commento needs to create the database “in its own image”, but that didn’t work either.

Probably you are using latest version of Postgres wich uses scram-sha-256 for autthentication by default, but the driver Commento uses to connect to Postgres may be older.

Follow the steps in the link below to change your Postgres to use md5 instead.

https://stackoverflow.com/questions/64210167/unable-to-connect-to-postgres-db-due-to-the-authentication-type-10-is-not-suppor

i cannot help you with the connectivity issue, but that dash in the user name makes me nervous

if you really want to use a dash, you’ll have to enclose the name in doublequotes, every time you use it, and be aware it’s case sensitive (unquoted identifiers are not)

i suggest using an underscore instead

Hi, and thanks. I tried following all of that, and it’s no good. After trying to change those authentication settings in the config files, and failing, I actually went back to an older VM, with an older version, where everything is done by md5, so there shouldn’t be any authentification problem. But there still is, so… I don’t know, honestly.

The thing is (and maybe I should have mentioned this previously), that this application is installed within Docker, which i didn’t know anything about before. At the moment it’s driving me nuts, and I can only assume that it’s Docker which is the problem here. The vapour trail of logs and failed connections is too long and confusing perhaps to be of any use, unless someone here really knows a lot about Docker??? Honestly, I’m just lost here!!!

Yes, unfortunately that’s not the issue here, but thanks for the warning anyway :

Analysing logs sounds like a good job for AI. You could sign up for a ChatGPT account (it’s free) then copy/paste the logs into the chat and see if it can spot anything. It doesn’t always work, but oftentimes it’ll spot something you’ve missed, or will at least be able to point you in the right direction.

With this setup Postgres should create the user itself on the first startup. There is no reason to do that manually.

I would try completely resetting the container, wiping all data, and then start it again to see if that works

docker compose down -v db
docker compose up -d

I’ve been doing that! As I said in the first post, gonig round and round and round in circles with ChatGPT. Yes, it’s great when it sees the problem nice and quickly, but actually it can be damaging when it sends you round the houses tinkering with a million things that turn out to be irrelevant Sometimes it does more harm than good, but anyway that’s also our responsibility as the human in the room to keep it from going off on tangents.

So you’re saying to delete the database on Postgresql, and try creating it from Docker? I have actually tried that . I tried creating it as the postgres superuser, as I assumed that it wouldn’t give permissions to the specifically created user. Anyway, that also didn’t work. But I suppose maybe I’ll try it again at some point. I need a day or two off this anyway. My eyes are boggling!

As far as I know you don’t need to manually create any users. The Postgres docker container creates one on startup, based on the environment variables it’s passed in the compose file. That’s enough. No need to manually do anything more.

Finally got it working.

Run the composer up, twice

Notice how commento run the migrations:

image1076×443 138 KB

And the table that commento created in the DB:

image531×554 29.8 KB

Here is the composer yaml, notice the md5.
Of course you’ll use your own username, password, ports, etc.

version: "3.8"
services:
  commento:
    image: registry.gitlab.com/commento/commento:latest
    ports:
      - "8080:8080"
    environment:
      COMMENTO_ORIGIN: http://localhost:8080/commento
      COMMENTO_PORT: 8080
      COMMENTO_POSTGRES: postgres://zensei:hemlock1@db:5432/commento?sslmode=disable
    depends_on:
      - db
    networks:
      my-network:
        aliases:
          - postgres
  db:
    image: postgres
    container_name: local_pgdb
    restart: always
    ports:
      - "5431:5432"
    environment:
      POSTGRES_INITDB_ARGS: "-A md5"
      POSTGRES_USER: zensei
      POSTGRES_PASSWORD: hemlock1
      POSTGRES_DB: commento
    volumes:
      - local_pgdata:/var/lib/postgresql/commento_data
    networks:
      my-network:
        aliases:
          - postgres

volumes:
  local_pgdata:

networks:
  my-network:
    driver: bridge

Good luck.

Ah thanks, that looks like good research

Well, I’ll come back to it when I’ve recovered from the AI vortex in which I went round and round and round again trying to figure that stuff out

I just found the necessary energy to do this again (it sucked everything out of me last time), and I’ll say THANK YOU SOOOOOOOOOOOOOO MUCH . I haven’t tried testing it from the website itself yet, but the container has finally started successfully, and that is ABSOLUTELY THE ONLY THING that I care about at the moment. This thing half-killed me last time

Ah, but please don’t close the thread just yet, Dear Admins!

I’m able to start the container, which is a massive step from last time, but it’s still failing to connect with the db. Here’s my adapted .yaml file. I got a yellow warning about stating a version number, so I removed that line. I also changed it to map from a random port to 8080, just for security reasons, but I’ve just tried changing that back to 8080 to see if that was the issue, and that doesn’t work either. Not sure if there’s something in the Nginx config that’s wrong, so I’ll put that straight after this:

services:
  commento:
    image: registry.gitlab.com/commento/commento:latest
    ports:
      - "34567:8080"  # External port 34567 mapped to internal 8080
    environment:
      COMMENTO_ORIGIN: https://meff.local/commento
      COMMENTO_PORT: 8080
      COMMENTO_POSTGRES: postgres://commento_user:pswd@db:5432/commento4meff?sslmode=disable
    depends_on:
      - db
    networks:
      my-network:
        aliases:
          - postgres
  db:
    image: postgres
    container_name: local_pgdb
    restart: always
    ports:
      - "5431:5432"
    environment:
      POSTGRES_INITDB_ARGS: "-A md5"
      POSTGRES_USER: commento_user
      POSTGRES_PASSWORD: pswd
      POSTGRES_DB: commento4meff
    volumes:
      - local_pgdata:/var/lib/postgresql/commento_data
    networks:
      my-network:
        aliases:
          - postgres

volumes:
  local_pgdata:

networks:
  my-network:
    driver: bridge

Relevant Nginx redirect here:

    # Forward Commento requests to the new port
    location /commento {
        proxy_pass https://meff.local:34567;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

And maybe I should add the call from the Hugo template for the script:

<div id="commento">
	<script defer src="/commento/js/commento.js"></script>
</div>

Nothing at all shows up on the website, but anyway the container starts, and it’s showing in green in VSCode, until it times out, after twenty or thirty seconds, because of this

2024/10/30 15:45:19 [INFO] database_connect.go:20 dbConnect(): opening connection to postgres: postgres://commento_user:redacted@db:5432/commento4meff?sslmode=disable
2024/10/30 15:45:19 [ERROR] database_connect.go:31 dbConnect(): cannot talk to postgres, retrying in 10 seconds (1 attempts left): pq: unknown authentication response: 10
2024/10/30 15:45:29 [INFO] database_connect.go:20 dbConnect(): opening connection to postgres: postgres://commento_user:redacted@db:5432/commento4meff?sslmode=disable
2024/10/30 15:45:29 [ERROR] database_connect.go:31 dbConnect(): cannot talk to postgres, retrying in 10 seconds (0 attempts left): pq: unknown authentication response: 10
2024/10/30 15:45:39 [INFO] database_connect.go:20 dbConnect(): opening connection to postgres: postgres://commento_user:redacted@db:5432/commento4meff?sslmode=disable
2024/10/30 15:45:39 [ERROR] database_connect.go:35 dbConnect(): cannot talk to postgres, last attempt failed: pq: unknown authentication response: 10
fatal error: pq: unknown authentication response: 10

To be precise - there are two processes within the container, and viewing from VSCode, the postgres process remains stable in green, and it’s the commento process that shuts down.

image437×130 9.78 KB

So if there’s still something missing there, there are two config files:

sudo find / -name pg_hba.conf                                                                     [~]
/var/lib/docker/volumes/commento4meff_postgres_data_volume/_data/pg_hba.conf
/etc/postgresql/12/main/pg_hba.conf

Presumably it’s the first one that I need to look at here? If so, here it is, and md5 is explicitly required in it (because of the settings given in the yaml file?)

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     trust
# IPv4 local connections:
host    all             all             127.0.0.1/32            trust
# IPv6 local connections:
host    all             all             ::1/128                 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local   replication     all                                     trust
host    replication     all             127.0.0.1/32            trust
host    replication     all             ::1/128                 trust

host all all all md5

Interesting everything seems to be correct.

It appears that your database is not running or running under different port.

Can you put your log showing the database starting, listening, etc in here. Similar to this:

image690×284 149 KB

See how it is telling me is up an listening and commento connecting to it?.

Hi again,

Yes, I’m getting pretty exhausted again! Going round and round with ChatGPT, as before, and no clarity. But anyway, I’m glad to hear that you find it interesting :~) That will continue to give me hope!

The DB logfile looks clean:

sudo docker logs local_pgdb                                                                       [~]
The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.

The database cluster will be initialized with locale "en_US.utf8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".

Data page checksums are disabled.

fixing permissions on existing directory /var/lib/postgresql/data ... ok
creating subdirectories ... ok
selecting dynamic shared memory implementation ... posix
selecting default max_connections ... 100
selecting default shared_buffers ... 128MB
selecting default time zone ... Etc/UTC
creating configuration files ... ok
running bootstrap script ... ok
performing post-bootstrap initialization ... ok
syncing data to disk ... ok

Success. You can now start the database server using:

    pg_ctl -D /var/lib/postgresql/data -l logfile start

waiting for server to start....2024-10-30 23:49:33.784 UTC [48] LOG:  starting PostgreSQL 14.13 (Debian 14.13-1.pgdg120+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit
2024-10-30 23:49:33.786 UTC [48] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2024-10-30 23:49:33.793 UTC [49] LOG:  database system was shut down at 2024-10-30 23:49:33 UTC
2024-10-30 23:49:33.798 UTC [48] LOG:  database system is ready to accept connections
 done
server started
CREATE DATABASE


/usr/local/bin/docker-entrypoint.sh: ignoring /docker-entrypoint-initdb.d/*

2024-10-30 23:49:34.179 UTC [48] LOG:  received fast shutdown request
waiting for server to shut down....2024-10-30 23:49:34.182 UTC [48] LOG:  aborting any active transactions
2024-10-30 23:49:34.185 UTC [48] LOG:  background worker "logical replication launcher" (PID 55) exited with exit code 1
2024-10-30 23:49:34.185 UTC [50] LOG:  shutting down
2024-10-30 23:49:34.200 UTC [48] LOG:  database system is shut down
 done
server stopped

PostgreSQL init process complete; ready for start up.

2024-10-30 23:49:34.299 UTC [1] LOG:  starting PostgreSQL 14.13 (Debian 14.13-1.pgdg120+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit
2024-10-30 23:49:34.299 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
2024-10-30 23:49:34.301 UTC [1] LOG:  listening on IPv6 address "::", port 5432
2024-10-30 23:49:34.306 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2024-10-30 23:49:34.311 UTC [63] LOG:  database system was shut down at 2024-10-30 23:49:34 UTC
2024-10-30 23:49:34.316 UTC [1] LOG:  database system is ready to accept connections

And here’s the commento logfile at present:

sudo docker logs commento4meff-commento-1                                                         [~]
2024/10/30 23:49:32 [INFO] version.go:13 versionPrint(): starting Commento 
2024/10/30 23:49:32 [INFO] database_connect.go:20 dbConnect(): opening connection to postgres: postgres://commento_user:redacted@db:5432/commento4meff?sslmode=disable
wait-for-it.sh: Finished waiting for db:5432
2024/10/30 23:49:32 [ERROR] database_connect.go:31 dbConnect(): cannot talk to postgres, retrying in 10 seconds (4 attempts left): dial tcp 172.19.0.2:5432: connect: connection refused
2024/10/30 23:49:42 [INFO] database_connect.go:20 dbConnect(): opening connection to postgres: postgres://commento_user:redacted@db:5432/commento4meff?sslmode=disable
2024/10/30 23:49:42 [INFO] database_migrate.go:47 migrateFromDir(): 0 migrations already installed, looking for more
2024/10/30 23:49:42 [INFO] database_migrate.go:89 migrateFromDir(): 30 new migrations completed (30 total)
2024/10/30 23:49:42 [WARNING] smtp_configure.go:17 smtpConfigure(): smtp not configured, no emails will be sent
2024/10/30 23:49:42 [INFO] smtp_templates.go:43 smtpTemplatesLoad(): loading templates: [confirm-hex reset-hex domain-export domain-export-error]
2024/10/30 23:49:42 [INFO] sigint.go:22 sigintCleanupSetup(): setting up SIGINT cleanup
2024/10/30 23:49:42 [INFO] router.go:32 routesServe(): starting server on 0.0.0.0:8080

ChatGPT is telling me that it is successfully connecting, and indeed I can log into the db as commento_user from within the container, like this:

sudo docker exec -it local_pgdb /bin/bash                                          
root@5915ef64c7ad:/# psql -U commento_user -d commento4meff
Password for user commento_user: 
psql (14.13 (Debian 14.13-1.pgdg120+1))
Type "help" for help.

commento4meff=# \l
                                          List of databases
     Name      |     Owner     | Encoding |  Collate   |   Ctype    |        Access privileges        
---------------+---------------+----------+------------+------------+---------------------------------
 commento4meff | commento_user | UTF8     | en_US.utf8 | en_US.utf8 | 
 postgres      | commento_user | UTF8     | en_US.utf8 | en_US.utf8 | 
 template0     | commento_user | UTF8     | en_US.utf8 | en_US.utf8 | =c/commento_user               +
               |               |          |            |            | commento_user=CTc/commento_user
 template1     | commento_user | UTF8     | en_US.utf8 | en_US.utf8 | =c/commento_user               +
               |               |          |            |            | commento_user=CTc/commento_user
(4 rows)

But I’m not seeing anything on the website, and the various brute force attempts to see the commento stuff, i.e these from the browser:

http://localhost:34567/
https://meff.local:34567/

and these from the command line:

curl https://meff.local:34567/api/ping
curl http://localhost:34567/api/ping

… all of them fail. The curl commands give me this:

➜ curl https://meff.local:34567/api/ping                                                            [~]
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
➜  curl http://localhost:34567/api/ping                                                            ⏎ [~]
404 page not found

and the attempts from the browser give me this:

An error occurred during a connection to meff.local:34567. SSL received a record that exceeded the maximum permissible length.

and for localhost:34567, just a:

404 page not found

I’m sure you know that ChatGPT gets very annoying sometimes with these so-called hallucinations, and I’m pretty sure that reverting to localhost:34567 isn’t the way to go if you’re accessing commento on a live and hopefully secure server. But maybe I’m showing some ignorance there.

Anyway, just to clarify where I am, I tried specifying the version of postgresql to one that commento will supposedly recognise (ChatGPT said version 14, so that’s what you see in the yaml) Also, ChatGPT has told me to download wait-for-it.sh in order to ensure that commento waits for the db to be ready before trying to connect (I think, at least, that that is what it’s doing, if I’ve understood properly). Here, I’ll paste the current state of the yaml file, plus wait-for-it.sh (which I had to change a lot, because supposedly the Docker container can’t work with a bash file - says ChatGPT). And then, and then… I’ll sleep - I can’t look at this any more tonight But thanks for your help anyway

First the .yaml file

services:
  commento:
    image: registry.gitlab.com/commento/commento:latest
    ports:
      - "34567:8080"  # External port 34567 mapped to internal 8080
    environment:
      COMMENTO_ORIGIN: https://meff.local/commento
      COMMENTO_PORT: 8080
      COMMENTO_POSTGRES: postgres://commento_user:pswd@db:5432/commento4meff?sslmode=disable
    depends_on:
      - db
    entrypoint: ["/bin/sh", "-c", "/wait-for-it.sh db:5432 -- ls && ./commento"]
    volumes:
      - ./wait-for-it.sh:/wait-for-it.sh  # Mount the script at the root
    networks:
      my-network:
        aliases:
          - postgres
  db:
    image: postgres:14
    container_name: local_pgdb
    restart: always
    ports:
      - "5431:5432"
    environment:
      POSTGRES_INITDB_ARGS: "-A md5"
      POSTGRES_USER: commento_user
      POSTGRES_PASSWORD: pswd
      POSTGRES_DB: commento4meff
    volumes:
      - local_pgdata:/var/lib/postgresql/commento_data
    networks:
      my-network:
        aliases:
          - postgres

volumes:
  local_pgdata:

networks:
  my-network:
    driver: bridge

And here’s wait-for-it.sh:

#!/bin/sh
# Use this script to test if a given TCP host/port are available

WAITFORIT_cmdname=${0##*/}

echoerr() {
    if [ "$WAITFORIT_QUIET" -ne 1 ]; then
        echo "$@" 1>&2
    fi
}

usage() {
    cat << USAGE >&2
Usage:
    $WAITFORIT_cmdname host:port [-s] [-t timeout] [-- command args]
    -h HOST | --host=HOST       Host or IP under test
    -p PORT | --port=PORT       TCP port under test
    -s | --strict               Only execute subcommand if the test succeeds
    -q | --quiet                Don't output any status messages
    -t TIMEOUT | --timeout=TIMEOUT
                                Timeout in seconds, zero for no timeout
    -- COMMAND ARGS             Execute command with args after the test finishes
USAGE
    exit 1
}

# Process arguments
while [ "$#" -gt 0 ]; do
    case "$1" in
        *:*) 
            WAITFORIT_HOST="${1%:*}"
            WAITFORIT_PORT="${1#*:}"
            shift
            ;;
        -q | --quiet) WAITFORIT_QUIET=1; shift ;;
        -s | --strict) WAITFORIT_STRICT=1; shift ;;
        -h) WAITFORIT_HOST="$2"; shift 2 ;;
        --host=*) WAITFORIT_HOST="${1#*=}"; shift ;;
        -p) WAITFORIT_PORT="$2"; shift 2 ;;
        --port=*) WAITFORIT_PORT="${1#*=}"; shift ;;
        -t) WAITFORIT_TIMEOUT="$2"; shift 2 ;;
        --timeout=*) WAITFORIT_TIMEOUT="${1#*=}"; shift ;;
        --) shift; WAITFORIT_CLI="$@"; break ;;
        --help) usage ;;
        *) echoerr "Unknown argument: $1"; usage ;;
    esac
done

# Ensure required arguments are provided
if [ -z "$WAITFORIT_HOST" ] || [ -z "$WAITFORIT_PORT" ]; then
    echoerr "Error: you need to provide a host and port to test."
    usage
fi

# Run the check
nc -z "$WAITFORIT_HOST" "$WAITFORIT_PORT"
WAITFORIT_RESULT=$?

echo "wait-for-it.sh: Finished waiting for $WAITFORIT_HOST:$WAITFORIT_PORT"

There is nothing wrong with your yaml. Put it back.

Change this:

COMMENTO_ORIGIN: https://meff.local/commento

To this:

COMMENTO_ORIGIN: https://meff.local

I got the sucker running in my computer:

http://localhost:8080/login

image1194×701 27.7 KB

OK, I’ve got it working on the local test server at least. For whatever reason within Commento, it just seems not to work if you put the actual domain name in COMMENTO_ORIGIN, so in the end I’m using the loopback address, and redirecting to that address from Nginx, like this. I don’t think that using the loopback address is going to work out too well on a remote server, though, is it? It’s a stickytape solution, but it’ll have to do for now. I’ve got other things to do!

Let’s not say that the problem is solved until I’ve got this all working on a remote server, eh. Not sure whether I’ll get this up online within the next month (ie before the thread closes), but anyway I’ll open up a new thread referring back to this one if I do run into trouble with that. Once again, thanks very much indeed for the help.

  services:
    commento:
      image: registry.gitlab.com/commento/commento:latest
      ports:
        - "34567:8080"  # External port 34567 mapped to internal 8080
      environment:
        COMMENTO_ORIGIN: http://127.0.0.1:34567 
        COMMENTO_PORT: 8080
        COMMENTO_POSTGRES: postgres://commento_user:pswd@db:5432/commento4meff?sslmode=disable
      depends_on:
        - db
      networks:
        my-network:
          aliases:
            - postgres
    db:
      image: postgres
      container_name: local_pgdb
      restart: always
      ports:
        - "5431:5432"
      environment:
        POSTGRES_INITDB_ARGS: "-A md5"
        POSTGRES_USER: commento_user
        POSTGRES_PASSWORD: pswd
        POSTGRES_DB: commento4meff
      volumes:
        - local_pgdata:/var/lib/postgresql/commento_data
      networks:
        my-network:
          aliases:
            - postgres

  volumes:
    local_pgdata:

  networks:
    my-network:
      driver: bridge

# Redirect http://www.meff.local to http://meff.local
server {
    listen 80;
    server_name www.meff.local;
    return 301 http://meff.local$request_uri;
}

# Set up a map to control redirection
map "$server_port" $should_redirect {
    default 1;                # Redirect to HTTPS by default
    "1313" 0;                 # Don't redirect for port 1313 (draft site)
    "34567" 0;                # Don't redirect for Commento's port 34567
}

# Redirect HTTP to HTTPS, except for ports 1313 and 34567
server {
    listen 80;
    server_name meff.local;

    location / {
        if ($should_redirect) {
            return 301 https://meff.local$request_uri;
        }
    }

    # Forward Commento requests to the appropriate internal port
    location /commento/ {
        proxy_pass http://127.0.0.1:34567/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

# Redirect https://www.meff.local to https://meff.local
server {
    listen 443 ssl;
    server_name www.meff.local;

    ssl_certificate /etc/ssl/certs/meff.crt;
    ssl_certificate_key /etc/ssl/private/meff.key;
    return 301 https://meff.local$request_uri;
}

# Serve the main site over HTTPS
server {
    listen 443 ssl;
    server_name meff.local;

    ssl_certificate /etc/ssl/certs/meff.crt;
    ssl_certificate_key /etc/ssl/private/meff.key;

    root /var/www/meff/public;
    index index.html;

    location / {
        try_files $uri $uri/ =404;
    }

    # Forward Commento requests over HTTPS
    location /commento/ {
        proxy_pass http://127.0.0.1:34567/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

One more line that needed changing. On closing down and restarting the container, the data was lost from the db, so I had to add the correct path to ensure that it would be preserved.

The Commento documentation just doesn’t tell you any of this, but there’s a straightforward reason for that, I suppose. They want you to pay the monthly subscription for them to host your comments. That’s fair enough, I guess.

services:
  commento:
    image: registry.gitlab.com/commento/commento:latest
    ports:
      - "34567:8080"  # External port 34567 mapped to internal 8080
    environment:
      COMMENTO_ORIGIN: http://127.0.0.1:34567 
      COMMENTO_PORT: 8080
      COMMENTO_POSTGRES: postgres://commento_user:pswd@db:5432/commento4meff?sslmode=disable
    depends_on:
      - db
    networks:
      my-network:
        aliases:
          - postgres

  db:
    image: postgres
    container_name: local_pgdb
    restart: always
    ports:
      - "5431:5432"  # External port 5431 mapped to internal 5432
    environment:
      POSTGRES_INITDB_ARGS: "-A md5"
      POSTGRES_USER: commento_user
      POSTGRES_PASSWORD: pswd
      POSTGRES_DB: commento4meff
    volumes:
      - local_pgdata:/var/lib/postgresql/data  # Correct volume mount for data persistence
    networks:
      my-network:
        aliases:
          - postgres

volumes:
  local_pgdata:  # Define the local_pgdata volume

networks:
  my-network:
    driver: bridge  # Define the custom bridge network

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.