Hello,
as a regular Wapt user, I recently noticed that installing Wapt on a new machine (via GPO with waptdeploy) no longer works.
It's difficult to say precisely which version (I'd say 1.6, but I also migrated from Debian to Stretch around the same time).
I upgraded Wapt to 1.7.3.3,
following the documentation here: https://www.wapt.fr/fr/doc/wapt-common- ... s-not-work.
As a result,
I recreated my GPOs (just in case, with the latest version of waptdeploy) for startup and shutdown to install Wapt.
I already had a GPO for network waiting, which is set up beforehand.
Waptdeploy works if run locally from the command line after defining a proxy in Internet Explorer with *.mylocaldomain as the proxy exception.
I created a GPO that defines these settings in Internet Explorer.
Wapt still won't install. In gpresult, the GPOs aren't being rejected.
I also tried specifying the server address in the GPO, using both HTTP and HTTPS, but there was no change.
When I shut down the computer, I get the following message:
trying http://wapt.mondomainlocal/wapt/waptagent.exe
wapt agent path c:\window\temp\waptagent.exe
wget new waptagent from http://wapt.mondomainlocal/wapt/waptagent.exe
trying to reach http://wapt.mondomainlocal/wapt/waptagent.exe...
Reachable, downloading...
Error trying to get http://wapt.mondomainlocal/wapt/waptagent.exe :Unable to download "http://wapt.mondomainlocal/wapt/waptagent.exe",
HTTP status: 503.
Error 503 seems to indicate that the server cannot access the request.
Do you have any ideas?
waptdeploy no longer works
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Hello,
I continued my investigation. The nginx service seems to be the culprit. I modified it to be in debug mode for errors.
Here's what I get when attempting to deploy from a workstation via GPO:
2019/02/27 10:11:29 [debug] 9003#9003: *3695 recv() not ready (11: Resource temporarily unavailable)
I should mention that the server is far from being overloaded. The wapt web pages work perfectly, and waptdeploy, launched locally with the hash, correctly retrieves waptagent.exe and runs the installation to completion. I suspect a modification of the configuration files during a Debian upgrade.
I haven't seen any major changes compared to what's indicated in the documentation:
https://www.wapt.fr/fr/doc/wapt-configu ... ring-nginx
Here is my config file /etc/nginx/sites-enabled/site-enabled/wapt.conf
server {
listen 80;
listen 443 ssl;
server_name _;
ssl_certificate "/opt/wapt/waptserver/ssl/cert.pem";
ssl_certificate_key "/opt/wapt/waptserver/ssl/key.pem";
ssl_protocols TLSv1.2;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_staplingon;
ssl_stapling_verify on;
ssl_session_cache none;
ssl_session_tickets off;
gzip_min_length 1000;
gzip_buffers 4 8k;
gzip_http_version 1.0;
gzip_disable "msie6";
gzip_types text/plain text/css application/json;
gzip_vary on;
indexindex.html;
location /static {
alias "/opt/wapt/waptserver/static";
}
location ~ ^/wapt.* {
proxy_set_header Cache-Control "store, no-cache, must-revalidate, post-check=0, pre-check=0";
proxy_set_header Pragma "no-cache";
proxy_set_header Expires "Sun, 19 Nov 1978 05:00:00 GMT";
root "/var/www";
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 4096m;
client_body_timeout 1800;
location /add_host_kerberos {
return 403;
}
location ~ ^/(api/v3/upload_packages|api/v3/upload_hosts/|upload_waptsetup) {
proxy_pass http://127.0.0.1:8080;
client_max_body_size 4096m;
client_body_timeout 1800;
}
location /wapt-host/Packages {
return 403;
}
location / {
proxy_pass http://127.0.0.1:8080;
}
location /socket.io {
proxy_http_version 1.1;
proxy_bufferingoff;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://127.0.0.1:8080/socket.io;
}
}
and the file /etc/nginx/nginx.conf
user www-data;
worker_processes self;
pid /run/nginx.pid;
worker_rlimit_nofile 32768;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
}
http {
sendfileon;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log debug;
gzip on;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
If an nginx specialist happens to be around, I'd appreciate their advice...
I continued my investigation. The nginx service seems to be the culprit. I modified it to be in debug mode for errors.
Here's what I get when attempting to deploy from a workstation via GPO:
2019/02/27 10:11:29 [debug] 9003#9003: *3695 recv() not ready (11: Resource temporarily unavailable)
I should mention that the server is far from being overloaded. The wapt web pages work perfectly, and waptdeploy, launched locally with the hash, correctly retrieves waptagent.exe and runs the installation to completion. I suspect a modification of the configuration files during a Debian upgrade.
I haven't seen any major changes compared to what's indicated in the documentation:
https://www.wapt.fr/fr/doc/wapt-configu ... ring-nginx
Here is my config file /etc/nginx/sites-enabled/site-enabled/wapt.conf
server {
listen 80;
listen 443 ssl;
server_name _;
ssl_certificate "/opt/wapt/waptserver/ssl/cert.pem";
ssl_certificate_key "/opt/wapt/waptserver/ssl/key.pem";
ssl_protocols TLSv1.2;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_staplingon;
ssl_stapling_verify on;
ssl_session_cache none;
ssl_session_tickets off;
gzip_min_length 1000;
gzip_buffers 4 8k;
gzip_http_version 1.0;
gzip_disable "msie6";
gzip_types text/plain text/css application/json;
gzip_vary on;
indexindex.html;
location /static {
alias "/opt/wapt/waptserver/static";
}
location ~ ^/wapt.* {
proxy_set_header Cache-Control "store, no-cache, must-revalidate, post-check=0, pre-check=0";
proxy_set_header Pragma "no-cache";
proxy_set_header Expires "Sun, 19 Nov 1978 05:00:00 GMT";
root "/var/www";
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 4096m;
client_body_timeout 1800;
location /add_host_kerberos {
return 403;
}
location ~ ^/(api/v3/upload_packages|api/v3/upload_hosts/|upload_waptsetup) {
proxy_pass http://127.0.0.1:8080;
client_max_body_size 4096m;
client_body_timeout 1800;
}
location /wapt-host/Packages {
return 403;
}
location / {
proxy_pass http://127.0.0.1:8080;
}
location /socket.io {
proxy_http_version 1.1;
proxy_bufferingoff;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://127.0.0.1:8080/socket.io;
}
}
and the file /etc/nginx/nginx.conf
user www-data;
worker_processes self;
pid /run/nginx.pid;
worker_rlimit_nofile 32768;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
}
http {
sendfileon;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log debug;
gzip on;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
If an nginx specialist happens to be around, I'd appreciate their advice...
waptdeploy is not following HTTP redirects; this may be the source of the problem.
You should either switch to HTTPS for your repository configuration on clients (repo_url=https://...)
or explicitly specify the download URL to waptdeploy:
`waptdeploy ... --waptsetupurl=https://wapt.mylocaldomain/
You should either switch to HTTPS for your repository configuration on clients (repo_url=https://...)
or explicitly specify the download URL to waptdeploy:
`waptdeploy ... --waptsetupurl=https://wapt.mylocaldomain/
Tranquil IT
Good morning,
Thank you for your reply, but I have already tried those solutions.
Currently, in system shutdown GPO, I have this as an argument for waptdeploy (adding the arguments one by one without change)
Thank you for your reply, but I have already tried those solutions.
Currently, in system shutdown GPO, I have this as an argument for waptdeploy (adding the arguments one by one without change)
Code: Select all
--hash=lehash --minversion=1.7.3.5 --wait=15 --waptsetupurl=https://fqdnduserveur/wapt/waptagent.exe --setupargs=/dnsdomain=nomdudomaine --setupargs=/wapt_server=https://fqdnduserveur --setupargs=/repo_url=https://fqdnduserveur/wapt
