No connection

[Hunv]

Hi,

I just installed Owntracks on my server yesterday. The server installed is not exposed to the Internet directly but behind a firewall and a reverse proxy.
On installation I didn't state a mail address to disable let's encrypt and configured my reverse proxy to do the SSL things as well as receive the (anyway optional) traffic on http/https and Forward it to my owntracks server.
The MQTT port 8883 is forwarded directly.
I can access the frontend via Internet and my configured domain.

My problem is, that the app cannot connect to the app. In the firewall I see the traffic is going through. On the server I don't see anything listening on 0.0.0.0:8883 using ss -l.
There is just something listening on 127.0.0.1:1883 which turned out to be the mosquito broker. I am now unsure what should be and what the issue may be.
All of the three services are running.
Btw: when I change to HTTP connection instead of MQTT nothing changes.
Reading the MQTT messages on the server I just see the ones from otrec.

Any ideas?

[jpmens]

Nothing is listening on the MQTT TLS port (0.0.0.0:8883) because you disabled Let's Encrypt and we can thus not configure it for the Mosquitto broker which is now listening on :1883 as you've already determined.

If you configure your devices to use non-TLS MQTT to that port, and your firewall is correctly configured to redirect to your OwnTracks server you should see data, also log entries for Mosquitto.

[Hunv]

OK that works. I see the data in the mosquitto broker now after I reconfigured the mosquito config to listen on 0.0.0.0:1883.
There is also an option to use WebSockets. Would that help? My expectation would be, that in that case the data is send via https to the server, which would be my reverse proxy. That one will "unpack" the https and forward the http to the OwnTracks server. Does it works that way (in theory)? Because in practice this is not working the same way I do it for a couple of regular websites.

[jpmens]

Our OwnTracks Recorder can also have positions sent to it via HTTP (not Websockets), and our apps (iOS and Android) support HTTP as well.

Do note, however, that a) support for multiple Friends is more difficult with HTTP and b) many of us think MQTT (over TLS) is the more reliable protocol to use with our apps.

[Hunv]

I'm just thinking about the best method I have that is in best case encrypted.
I cannot use let's encrypt behind the reverse proxy because the reverse proxy is already doing it and is handling all of that requests. So the let's encrypt handling will never reach the OT server.
If I would use HTTP(S), the reverse proxy can handle the SSL certificate.

Another thing is: Should the position be visible in realtime in the "Frontend"-map? I see my position in the live map (if something is sent since I opened it). At the moment it is empty for me.

[jpmens]

Should the position be visible in realtime in the "Frontend"-map?

when Frontend loads new data, the positions will be visible, but it doesn't refresh by itself. I see my position in the live map (if something is sent since I opened it). At the moment it is empty for me. that's unclear to me: what is empty? Verify that data is being received and stored by Recorder by checking files in /var/spool/owntracks/recorder/store/rec/<username>/<devicename>/YYYY-mm.rec That's the data the Recorder API uses to populate the maps.

[Hunv]

OK, that was a bit confusing:
I see myself on the live map but I see nothing on the "Frontend" map - even after refresh.
In the file of the recorder are several coordinates with the current timestamp.

[jpmens]

Please check the following: 1. that you've selected a generous timeframe in Frontend 2. also that you see a list of users / devices (right hand top of Frontend) 3. do you see a version number of owntracks/recorder in Frontend (tap (i) on top right)? What does it say?

[Hunv]

Hi,

1. I use the standard timeframe (1 month from now to the past)
2. In the right combobox I just have "Show all"
3. It says

[owntracks/frontend] (2.15.3)
[owntracks/recorder] (Loading version...)

4. When I open the Frontend page, the page is always fully zoomed in the sea at the south of Ghana. I think this is just the "middle" of the map and the default if there is nothing else to focus on?

[jpmens]

Sorry you're having trouble with this. I fear that during our last release of the Recorder we got the startup script wrong, at least that's what it's looking like.

Please start reading the steps in this issue and see whether they apply to your situation as well. In particular:

1. is the Recorder actually running and providing data
2. is the baseUrl in Frontend's config correct?

[Hunv]

Hi,

1. Yes, it is running
2. Yes and no. The URL was http:// but it actually is https:// due to the reverse proxy. If you access http:// you will automatically redirected to https://. But the Reverse Proxy itself is talking with HTTP (no S) to the OwnTracks server.
   It was like baseUrl: "http://myserver.de/owntracks", and I added the s and restarted the server after. I don't know if that should be enough but actually it changed everything and I see my path now on the Frontend page.
   I am aware, that I need to change the /usr/share/nginx/html/owntracks/frontend/config/config.js file on every reconfiguration.

[jpmens]

Thanks for the feedback and glad you got it working.