Admin UI not found

Hi @paredescedric3

As I can see you are trying to run Admin UI but are not able to access it, I have asked @balaji-alluru to check the logs shared by you and provide you with a solution.

Best Regards,
Team MOSIP

@sanchi-singh24 /@balaji-alluru

Hellooo, Any updates po Ma’am/Sirs

Hi @paredescedric3
Please share the full logs of angular console and contents of config.json file so that we can find the issue.

Thanks and Regards,
Team MOSIP

Hello @balaji-alluru Here is the config.json

{
“baseUrl”: "https://api-internal.mosipnginx.epldtcloudlab.com/v1/",
“adminUrl”: “/”,
“primaryLangCode”: “eng”,
“secondaryLangCode”: “fra”,
“validateToken”: “authmanager/authorize/admin/validateToken”,
“login”: “admin/login/”,
“logout”: “admin/logout/user”,
“templateRepoUrl”: “/templates/”
}

and for the angular console, may we know where it is located?

The nginx log shows that it is looking for the admin-ui in
`

/usr/share/nginx/html/admin-ui

`

Your Nginx config is not correct. its not redirecting the request to the actual pod.

Hello @gsasikumar

user www-data;
worker_processes auto;
pid /run/nginx.pid;
#include /etc/nginx/modules-enabled/*.conf;
load_module modules/ngx_stream_module.so;

events {
worker_connections 768;
multi_accept on;
}

http {

##
# Basic Settings
##
proxy_buffer_size  128k;
proxy_buffers  4 256k;
proxy_busy_buffers_size 256k;
client_max_body_size 30m; # Biometrics may there in the request.



sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;



# server_names_hash_bucket_size 64;
# server_name_in_redirect off;



#include /etc/nginx/mime.types;
#default_type application/octet-stream;



##
# SSL Settings
##



#ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
#ssl_prefer_server_ciphers on;



##
# Logging Settings
##



access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;



##
# Gzip Settings
##



gzip on;



# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;



##
# Virtual Host Configs
##



# Comment out these lines, otherwise the default servers and settings in these locations will also get imported
#include /etc/nginx/conf.d/*.conf;
#include /etc/nginx/sites-enabled/*;



upstream myPublicIngressUpstream {
    server 192.168.60.10:30080;
            server 192.168.60.11:30080;
            server 192.168.60.12:30080;
            server 192.168.60.13:30080;
            server 192.168.60.14:30080;
            server 192.168.60.15:30080;
            server Public-IP:30080;
}



upstream myInternalIngressUpstream {
    server 192.168.60.10:31080;
            server 192.168.60.11:31080;
            server 192.168.60.12:31080;
            server 192.168.60.13:31080;
            server 192.168.60.14:31080;
            server 192.168.60.15:31080;



}



upstream myMinioIngressUpstream {
    server 192.168.60.10:30900;
            server 192.168.60.11:30900;
            server 192.168.60.12:30900;
            server 192.168.60.13:30900;
            server 192.168.60.14:30900;
            server 192.168.60.15:30900;



}



ssl_certificate /etc/letsencrypt/live/mosipnginx.xyz.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mosipnginx.xyz.com/privkey.pem;



server{
    listen 192.168.60.9:9000 ssl;



    location / {
        proxy_pass                      http://myMinioIngressUpstream;
        proxy_http_version              1.1;
        proxy_set_header                Upgrade $http_upgrade;
        proxy_set_header                Connection "upgrade";
        proxy_set_header                Host $host;
        proxy_set_header                Referer $http_referer;
        proxy_set_header                X-Real-IP $remote_addr;
        proxy_set_header                X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header                X-Forwarded-Proto $scheme;
        proxy_pass_request_headers      on;
    }
}



server{
    listen 192.168.60.9:443 ssl default;



     location /admin-ui/ {
            alias /usr/share/nginx/html/;
            try_files $uri $uri/ /index.html;
    }



    location /v1/packetcreator/ {
        proxy_pass                      http://myInternalIngressUpstream;
        proxy_http_version              1.1;
        proxy_set_header                Upgrade $http_upgrade;
        proxy_set_header                Connection "upgrade";
        proxy_set_header                Host $host;
        proxy_set_header                Referer $http_referer;
        proxy_set_header                X-Real-IP $remote_addr;
        proxy_set_header                X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header                X-Forwarded-Proto $scheme;
        proxy_pass_request_headers      on;
        proxy_connect_timeout           600;
        proxy_send_timeout              600;
        proxy_read_timeout              600;
        send_timeout                    600;
    }



    location / {
        proxy_pass                      http://myInternalIngressUpstream;
        proxy_http_version              1.1;
        proxy_set_header                Upgrade $http_upgrade;
        proxy_set_header                Connection "upgrade";
        proxy_set_header                Host $host;
        proxy_set_header                Referer $http_referer;
        proxy_set_header                X-Real-IP $remote_addr;
        proxy_set_header                X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header                X-Forwarded-Proto $scheme;
        proxy_pass_request_headers      on;
    }
}





 # this server section is for  accessing MOSIP API's publically over the internet.
 # initially the same remains commented till the testing and improvement and customisation is in progress.
 # once after go-live call the same section neded to be  uncommented
server{
    listen 443 ssl;
    server_name  mosipnginx.epldtcloudlab.com;



    location / {
        proxy_pass                      http://myPublicIngressUpstream;
        proxy_http_version              1.1;
        proxy_set_header                Upgrade $http_upgrade;
        proxy_set_header                Connection "upgrade";
        proxy_set_header                Host $host;
        proxy_set_header                Referer $http_referer;
        proxy_set_header                X-Real-IP $remote_addr;
        proxy_set_header                X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header                X-Forwarded-Proto $scheme;
        proxy_pass_request_headers      on;
    }
}

}

stream {
# this section of servers is for tcp proxying
# add multiple servers one for each port, and proxy them to mosip cluster internal loadbalancer
# like postgres, activemq, etc
upstream myPostgresIngressUpstream {
server 192.168.60.10:31432;
server 192.168.60.11:31432;
server 192.168.60.12:31432;
server 192.168.60.13:31432;
server 192.168.60.14:31432;
server 192.168.60.15:31432;

}



upstream myActivemqIngressUpstream {
  server 192.168.60.10:31616;
            server 192.168.60.11:31616;
            server 192.168.60.12:31616;
            server 192.168.60.13:31616;
            server 192.168.60.14:31616;
            server 192.168.60.15:31616;



}



server{
    listen 192.168.60.9:5432;
    proxy_pass myPostgresIngressUpstream;
}
server{
    listen 192.168.60.9:61616;
    proxy_pass myActivemqIngressUpstream;
}

}

here is our nginx.conf

@paredescedric3 you nginx configurtaion for mosip cluster is incorrect now.

we dont need below mentioned server section:

server{
    listen 192.168.60.9:443 ssl default;



     location /admin-ui/ {
            alias /usr/share/nginx/html/;
            try_files $uri $uri/ /index.html;
    }

also you are trying to access wrong url. It should be https://admin.{your domain name}/

e.g. https://admin.collab.mosip.net/

It dont need admin-ui to be appendend at the end in default configuration.

1 Like

Hello @ckm007

We already removed the admin ui it is still not working

Hello @ckm007

please advise what to check, Thanks :smiley:

Hello @ckm007

Will appreciate for feedback here Thanks

after removing the admin-ui did we restart the nginx server there?

Check your nginx.xonf. Are you using the right domain name?

image

Looking at your first post, try

admin.mosipnginx.epldtcloudlab.com

1 Like

Hi @rcsampang / @ckm007

We already use the correct URL, but admin-ui still not working it has an error related to this

Hi @karlxix I hope you don’t mind If we retrace the steps you have taken.

This server is running on a separate VM and configured as a reverse proxy server as per documentation ? The global config is set and the DNS settings are mapped?

Are you doing this on-prem ?

AWS ?

If all these configurations are set and DNS settings are mapped, you have to use your main base URL / domain which in your case should be mosipnginx.epldtcloudlab.com

If you are doing this on-prem and the DNS settings are not mapped used your internal IP - IP address of your nginx reverse proxu server

Hi @rcsampang

We are doing this on-prem with DNS, I did revert it back to using the private IP of nginx mosip.

Here is the sample error when accessing admin

There is an issue with api-internal

We have open it for public, so you could test
https://admin.epldtcloudlab.com/

Is is the same error while using the private internal IP?

I noticed that the domain you opened for the public is different from the one you are previously using - admin.epldtcloudlab.com vs. mosipnginx.epldtcloudlab.com

Can you try opening to the public the domain mosipnginx.epldtcloudlab.com instead?

BTW what page is showing when you try to access the private IP or the domain on a browser? If nginx is correctly configured, this should show a page with links to MOSIP modules. It should show something similar to MOSIP Collab sandbox https://collab.mosip.net/

Hi @rcsampang

If you open this one you will be redirected to the landing page
publicly available > https://mosipnginx.epldtcloudlab.com/

Accessing via the private IP of mosip nginx fails

Okay. One possible cause of error is that there is inconsistency in your domain name settings.

Hovering over the links of the modules point to epldtcloudlab.com as your installation-domain. Try changing that to mosipnginx.epldtcloudlab.com so that it points to your nginx reverse proxy server. This is done by editing your global config map.

For example edit config map setting
k8s-infra/mosip/global_configmap.yaml

apiVersion: v1
kind: ConfigMap
metadata:
name: global
namespace: default
data:
installation-name: mosipnginx
installation-domain: mosipnginx.epldtcloudlab.com
mosip-version: master
mosip-api-host: api.mosipnginx.epldtcloudlab.com
mosip-api-internal-host: api-internal.mosipnginx.epldtcloudlab.com
mosip-prereg-host: prereg.mosipnginx.epldtcloudlab.com
mosip-admin-host: admin.mosipnginx.epldtcloudlab.com

You might have to restart the modules config, admin, pmp, and other related modules.
In my case I restarted all MOSIP modules following the sequence stated in the documentation - same sequence followed during installation of the modules.

Another thing, aside from mosipnginx.epldtcloudlab.com SSL certificate, do you also have a wildcard domain SSL Certificate *.mosipnginx.epldtcloudlab.com that points to your nginx reverse proxy server ?

***Ignore the error when using the private IP, this is expected if you setup the domain name in your config map settings instead of the private IP.

HI @rcsampang ,

We already apply this cofig-map & restarted mosip services
image
but upon checking only the default config-map is changed, per module config-map didn’t change.

Can we just go to each modules and change the configmap? or is there a betterway to do this?